Class OpenSshCertificateImpl
java.lang.Object
org.apache.sshd.common.config.keys.OpenSshCertificateImpl
- All Implemented Interfaces:
Serializable,Key,PrivateKey,PublicKey,Destroyable,OpenSshCertificate
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate
OpenSshCertificate.CertificateOption, OpenSshCertificate.Type -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate PublicKeyprivate PublicKeyprivate List<OpenSshCertificate.CertificateOption> private List<OpenSshCertificate.CertificateOption> private Stringprivate Stringprivate byte[]private byte[]private Collection<String> private Stringprivate longprivate static final longprivate byte[]private intprivate longprivate longFields inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate
INFINITY, MIN_EPOCH -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionRetrieves the CA public key of this certificate.Retrieves the certified public key.Retrieves the critical options set in the certificate.byte[]Retrieves the extensions set in the certificate.getId()Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.Retrieves the SSH key type of this certificate.byte[]Retrieves the raw byte content of the certificate, minus the signature.byte[]getNonce()Retrieves the nonce of this certificate.Retrieves the principals mentioned in the certificate.Retrieves the raw SSH key type of this certificate.byte[]Retrieves the raw signature bytes, without the signature algorithm.Retrieves the "reserved" field of the certificate.longRetrieves the serial number of this certificate.byte[]Retrieves the signature of the certificate, including the signature algorithm.Retrieves the signature algorithm used for the signature.getType()Retrieves the type of certificate.longRetrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became valid.longRetrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became invalid.voidsetCaPubKey(PublicKey caPubKey) voidsetCertPubKey(PublicKey certificatePublicKey) voidsetCriticalOptions(List<OpenSshCertificate.CertificateOption> criticalOptions) voidsetExtensions(List<OpenSshCertificate.CertificateOption> extensions) voidvoidsetKeyType(String keyType) voidsetMessage(byte[] message) voidsetNonce(byte[] nonce) voidsetPrincipals(Collection<String> principals) voidsetReserved(String reserved) voidsetSerial(long serial) voidsetSignature(byte[] signature) voidvoidsetValidAfter(long validAfter) voidsetValidAfter(Instant validAfter) If null, usesOpenSshCertificate.MIN_EPOCHvoidsetValidBefore(long validBefore) voidsetValidBefore(Instant validBefore) If null, usesOpenSshCertificate.INFINITYprivate static StringtoDate(long timestamp) toString()Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface javax.security.auth.Destroyable
destroy, isDestroyed
-
Field Details
-
serialVersionUID
private static final long serialVersionUID- See Also:
-
keyType
-
nonce
private byte[] nonce -
certificatePublicKey
-
serial
private long serial -
type
private int type -
id
-
principals
-
validAfter
private long validAfter -
validBefore
private long validBefore -
criticalOptions
-
extensions
-
reserved
-
caPubKey
-
message
private byte[] message -
signature
private byte[] signature
-
-
Constructor Details
-
OpenSshCertificateImpl
public OpenSshCertificateImpl()
-
-
Method Details
-
getRawKeyType
Description copied from interface:OpenSshCertificateRetrieves the raw SSH key type of this certificate.- Specified by:
getRawKeyTypein interfaceOpenSshCertificate- Returns:
- the key type, for instance "ssh-rsa" for a "ssh-rsa-cert-v01@openssh.com" certificate
-
getNonce
public byte[] getNonce()Description copied from interface:OpenSshCertificateRetrieves the nonce of this certificate.- Specified by:
getNoncein interfaceOpenSshCertificate- Returns:
- the nonce.
-
getKeyType
Description copied from interface:OpenSshCertificateRetrieves the SSH key type of this certificate.- Specified by:
getKeyTypein interfaceOpenSshCertificate- Returns:
- the key type, for instance "ssh-rsa-cert-v01@openssh.com"
-
getCertPubKey
Description copied from interface:OpenSshCertificateRetrieves the certified public key.- Specified by:
getCertPubKeyin interfaceOpenSshCertificate- Returns:
- the
PublicKey
-
getSerial
public long getSerial()Description copied from interface:OpenSshCertificateRetrieves the serial number of this certificate.- Specified by:
getSerialin interfaceOpenSshCertificate- Returns:
- the serial number
-
getType
Description copied from interface:OpenSshCertificateRetrieves the type of certificate.- Specified by:
getTypein interfaceOpenSshCertificate- Returns:
- the
OpenSshCertificate.Type
-
getId
Description copied from interface:OpenSshCertificateRetrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.- Specified by:
getIdin interfaceOpenSshCertificate- Returns:
- the id; never
nullbut may be empty.
-
getPrincipals
Description copied from interface:OpenSshCertificateRetrieves the principals mentioned in the certificate.- Specified by:
getPrincipalsin interfaceOpenSshCertificate- Returns:
- the collection of principals, never
nullbut possibly empty
-
getValidAfter
public long getValidAfter()Description copied from interface:OpenSshCertificateRetrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became valid.- Specified by:
getValidAfterin interfaceOpenSshCertificate- Returns:
- the number of seconds since the
Instant.EPOCHas an unsigned 64bit value - See Also:
-
getValidBefore
public long getValidBefore()Description copied from interface:OpenSshCertificateRetrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became invalid.- Specified by:
getValidBeforein interfaceOpenSshCertificate- Returns:
- the number of seconds since the
Instant.EPOCHas an unsigned 64bit value - See Also:
-
getCriticalOptions
Description copied from interface:OpenSshCertificateRetrieves the critical options set in the certificate.- Specified by:
getCriticalOptionsin interfaceOpenSshCertificate- Returns:
- the critical options as a list, never
nullbut possibly empty
-
getExtensions
Description copied from interface:OpenSshCertificateRetrieves the extensions set in the certificate.- Specified by:
getExtensionsin interfaceOpenSshCertificate- Returns:
- the extensions as a list, never
nullbut possibly empty
-
getReserved
Description copied from interface:OpenSshCertificateRetrieves the "reserved" field of the certificate. OpenSSH currently doesn't use it and ignores it.- Specified by:
getReservedin interfaceOpenSshCertificate- Returns:
- the "reserved" field.
-
getCaPubKey
Description copied from interface:OpenSshCertificateRetrieves the CA public key of this certificate.- Specified by:
getCaPubKeyin interfaceOpenSshCertificate- Returns:
- the
PublicKey
-
getMessage
public byte[] getMessage()Description copied from interface:OpenSshCertificateRetrieves the raw byte content of the certificate, minus the signature. This is the data that was signed.- Specified by:
getMessagein interfaceOpenSshCertificate- Returns:
- the part of the certificate raw data that was signed
-
getSignature
public byte[] getSignature()Description copied from interface:OpenSshCertificateRetrieves the signature of the certificate, including the signature algorithm.- Specified by:
getSignaturein interfaceOpenSshCertificate- Returns:
- the signature bytes
- See Also:
-
getRawSignature
public byte[] getRawSignature()Description copied from interface:OpenSshCertificateRetrieves the raw signature bytes, without the signature algorithm.- Specified by:
getRawSignaturein interfaceOpenSshCertificate- Returns:
- the signature bytes
- See Also:
-
getSignatureAlgorithm
Description copied from interface:OpenSshCertificateRetrieves the signature algorithm used for the signature.- Specified by:
getSignatureAlgorithmin interfaceOpenSshCertificate- Returns:
- the signature algorithm as recorded in the certificate
-
getAlgorithm
- Specified by:
getAlgorithmin interfaceKey
-
getFormat
-
getEncoded
public byte[] getEncoded()- Specified by:
getEncodedin interfaceKey
-
setKeyType
-
setNonce
public void setNonce(byte[] nonce) -
setCertPubKey
-
setSerial
public void setSerial(long serial) -
setType
-
setId
-
setPrincipals
-
setValidAfter
public void setValidAfter(long validAfter) -
setValidAfter
If null, usesOpenSshCertificate.MIN_EPOCH- Parameters:
validAfter-Instantto use for validAfter
-
setValidBefore
public void setValidBefore(long validBefore) -
setValidBefore
If null, usesOpenSshCertificate.INFINITY- Parameters:
validBefore-Instantto use for validBefore
-
setCriticalOptions
-
setExtensions
-
setReserved
-
setCaPubKey
-
setMessage
public void setMessage(byte[] message) -
setSignature
public void setSignature(byte[] signature) -
toDate
-
toString
-