Class TrustedCertificatesStore


  • public class TrustedCertificatesStore
    extends java.lang.Object
    Trusted certificates storage class to be used to configure trusted certificates in a particular way.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addCATrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
      Add collection of certificates to be trusted to be CA certificates.
      void addCrlTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
      Add collection of certificates to be trusted for CRL signing.
      void addGenerallyTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
      Add collection of certificates to be trusted for any possible usage.
      void addOcspTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
      Add collection of certificates to be trusted for OCSP response signing.
      void addTimestampTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
      Add collection of certificates to be trusted for timestamping.
      java.util.Collection<java.security.cert.Certificate> getAllTrustedCertificates()
      Get all the certificates, which where provided to this storage as trusted certificate.
      java.security.cert.Certificate getCertificateTrustedForCA​(java.lang.String certificateName)
      Get certificate, if any, which is trusted to be a CA, which corresponds to the provided certificate name.
      java.security.cert.Certificate getCertificateTrustedForCrl​(java.lang.String certificateName)
      Get certificate, if any, which is trusted for CRL generation, which corresponds to the provided certificate name.
      java.security.cert.Certificate getCertificateTrustedForOcsp​(java.lang.String certificateName)
      Get certificate, if any, which is trusted for OCSP response generation, which corresponds to the provided certificate name.
      java.security.cert.Certificate getCertificateTrustedForTimestamp​(java.lang.String certificateName)
      Get certificate, if any, which is trusted for timestamp generation, which corresponds to the provided certificate name.
      java.security.cert.Certificate getGenerallyTrustedCertificate​(java.lang.String certificateName)
      Get certificate, if any, which is trusted for any usage, which corresponds to the provided certificate name.
      java.security.cert.Certificate getKnownCertificate​(java.lang.String certificateName)
      Get certificate, if any, which corresponds to the provided certificate name.
      boolean isCertificateGenerallyTrusted​(java.security.cert.Certificate certificate)
      Check if provided certificate is configured to be trusted for any purpose.
      boolean isCertificateTrustedForCA​(java.security.cert.Certificate certificate)
      Check if provided certificate is configured to be trusted to be CA.
      boolean isCertificateTrustedForCrl​(java.security.cert.Certificate certificate)
      Check if provided certificate is configured to be trusted for CRL generation.
      boolean isCertificateTrustedForOcsp​(java.security.cert.Certificate certificate)
      Check if provided certificate is configured to be trusted for OCSP response generation.
      boolean isCertificateTrustedForTimestamp​(java.security.cert.Certificate certificate)
      Check if provided certificate is configured to be trusted for timestamp generation.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • generallyTrustedCertificates

        private final java.util.Map<java.lang.String,​java.security.cert.Certificate> generallyTrustedCertificates
      • ocspTrustedCertificates

        private final java.util.Map<java.lang.String,​java.security.cert.Certificate> ocspTrustedCertificates
      • timestampTrustedCertificates

        private final java.util.Map<java.lang.String,​java.security.cert.Certificate> timestampTrustedCertificates
      • crlTrustedCertificates

        private final java.util.Map<java.lang.String,​java.security.cert.Certificate> crlTrustedCertificates
      • caTrustedCertificates

        private final java.util.Map<java.lang.String,​java.security.cert.Certificate> caTrustedCertificates
    • Constructor Detail

      • TrustedCertificatesStore

        public TrustedCertificatesStore()
    • Method Detail

      • addGenerallyTrustedCertificates

        public void addGenerallyTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
        Add collection of certificates to be trusted for any possible usage.
        Parameters:
        certificates - Collection of Certificate instances
      • addOcspTrustedCertificates

        public void addOcspTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
        Add collection of certificates to be trusted for OCSP response signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for OCSP response generation.
        Parameters:
        certificates - Collection of Certificate instances
      • addCrlTrustedCertificates

        public void addCrlTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
        Add collection of certificates to be trusted for CRL signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for CRL generation.
        Parameters:
        certificates - Collection of Certificate instances
      • addTimestampTrustedCertificates

        public void addTimestampTrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
        Add collection of certificates to be trusted for timestamping. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for timestamp generation.
        Parameters:
        certificates - Collection of Certificate instances
      • addCATrustedCertificates

        public void addCATrustedCertificates​(java.util.Collection<java.security.cert.Certificate> certificates)
        Add collection of certificates to be trusted to be CA certificates. These certificates are considered to be valid trust anchors for certificate generation.
        Parameters:
        certificates - Collection of Certificate instances
      • isCertificateGenerallyTrusted

        public boolean isCertificateGenerallyTrusted​(java.security.cert.Certificate certificate)
        Check if provided certificate is configured to be trusted for any purpose.
        Parameters:
        certificate - Certificate to be checked
        Returns:
        true is provided certificate is generally trusted, false otherwise
      • isCertificateTrustedForOcsp

        public boolean isCertificateTrustedForOcsp​(java.security.cert.Certificate certificate)
        Check if provided certificate is configured to be trusted for OCSP response generation.
        Parameters:
        certificate - Certificate to be checked
        Returns:
        true is provided certificate is trusted for OCSP generation, false otherwise
      • isCertificateTrustedForCrl

        public boolean isCertificateTrustedForCrl​(java.security.cert.Certificate certificate)
        Check if provided certificate is configured to be trusted for CRL generation.
        Parameters:
        certificate - Certificate to be checked
        Returns:
        true is provided certificate is trusted for CRL generation, false otherwise
      • isCertificateTrustedForTimestamp

        public boolean isCertificateTrustedForTimestamp​(java.security.cert.Certificate certificate)
        Check if provided certificate is configured to be trusted for timestamp generation.
        Parameters:
        certificate - Certificate to be checked
        Returns:
        true is provided certificate is trusted for timestamp generation, false otherwise
      • isCertificateTrustedForCA

        public boolean isCertificateTrustedForCA​(java.security.cert.Certificate certificate)
        Check if provided certificate is configured to be trusted to be CA.
        Parameters:
        certificate - Certificate to be checked
        Returns:
        true is provided certificate is trusted for certificates generation, false otherwise
      • getGenerallyTrustedCertificate

        public java.security.cert.Certificate getGenerallyTrustedCertificate​(java.lang.String certificateName)
        Get certificate, if any, which is trusted for any usage, which corresponds to the provided certificate name.
        Parameters:
        certificateName - String certificate name
        Returns:
        Certificate which corresponds to the provided certificate name
      • getCertificateTrustedForOcsp

        public java.security.cert.Certificate getCertificateTrustedForOcsp​(java.lang.String certificateName)
        Get certificate, if any, which is trusted for OCSP response generation, which corresponds to the provided certificate name.
        Parameters:
        certificateName - String certificate name
        Returns:
        Certificate which corresponds to the provided certificate name
      • getCertificateTrustedForCrl

        public java.security.cert.Certificate getCertificateTrustedForCrl​(java.lang.String certificateName)
        Get certificate, if any, which is trusted for CRL generation, which corresponds to the provided certificate name.
        Parameters:
        certificateName - String certificate name
        Returns:
        Certificate which corresponds to the provided certificate name
      • getCertificateTrustedForTimestamp

        public java.security.cert.Certificate getCertificateTrustedForTimestamp​(java.lang.String certificateName)
        Get certificate, if any, which is trusted for timestamp generation, which corresponds to the provided certificate name.
        Parameters:
        certificateName - String certificate name
        Returns:
        Certificate which corresponds to the provided certificate name
      • getCertificateTrustedForCA

        public java.security.cert.Certificate getCertificateTrustedForCA​(java.lang.String certificateName)
        Get certificate, if any, which is trusted to be a CA, which corresponds to the provided certificate name.
        Parameters:
        certificateName - String certificate name
        Returns:
        Certificate which corresponds to the provided certificate name
      • getKnownCertificate

        public java.security.cert.Certificate getKnownCertificate​(java.lang.String certificateName)
        Get certificate, if any, which corresponds to the provided certificate name.
        Parameters:
        certificateName - String certificate name
        Returns:
        Certificate which corresponds to the provided certificate name
      • getAllTrustedCertificates

        public java.util.Collection<java.security.cert.Certificate> getAllTrustedCertificates()
        Get all the certificates, which where provided to this storage as trusted certificate.
        Returns:
        Collection of Certificate instances