Class Index | File Index

Classes


Class X509CertificateStore

Class that abstracts a certificate, request and key store for a X509 PKI.
Defined in: X509CertificateStore.js.

Class Summary
Constructor Attributes Constructor Name and Description
 
X509CertificateStore(DAOFactory)
Create an object to access a X509 certificate store.
Method Summary
Method Attributes Method Name and Description
 
deletePrivateKey(pathOrHolderId, name)
Remove private key
 
deleteRequest(pathOrHolderId, keyId)
Remove request
 
generateKeyPair(pathOrHolderId, name, algo, prk, puk)
Generate key pair
 
Return a suitable crypto object.
 
getCurrentCertificate(pathOrHolderId)
Get current certificate for given path or holderId
 
Get current certificate for given path or holderId
 
Get current key id
 
getPrivateKeyByKeyId(pathOrHolderId, keyId)
Get a private key in the certificate store
 
getPrivateKeyByName(pathOrHolderId, name)
Get a private key in the certificate store
 
getRequest(pathOrHolderId, keyId)
Return request for given keyId
 
getSigner(pathOrHolderId, keyId)
Get the signer identified by the keyId
 
importCertificate(cert, makeCurrent)
Import a certificate that can be validated by one of certificates in the database.
 
listHolders(pathOrHolderId)
List certificate holders for a given PKI element
 
newSigner(pathOrHolderId, name, puk, keyblob)
Create new signer based on key pair generated externally
<static>  
X509CertificateStore.nthElementOf(path, n)
Return the n-element of the path
<static>  
X509CertificateStore.parentPathOf(path)
Strip the last element of the path, effectively defining the parent within the path
 
storeCertificate(pathOrHolderId, cert, makeCurrent, srId)
Store a certificate in the certificate store
 
storeRequest(pathOrHolderId, req)
Store a certificate request in the certificate store
Class Detail
X509CertificateStore(DAOFactory)
Create an object to access a X509 certificate store.
Parameters:
{DAOFactory} DAOFactory
the factory that can create data access objects for persistent information
Method Detail
{boolean} deletePrivateKey(pathOrHolderId, name)
Remove private key
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{String} name
the unique name of the signer in the holder context
Returns:
true is deleted

{boolean} deleteRequest(pathOrHolderId, keyId)
Remove request
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{ByteString} keyId
the unique keyId of the request in the holder context
Returns:
true is deleted

{ByteString} generateKeyPair(pathOrHolderId, name, algo, prk, puk)
Generate key pair
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{String} name
the unique name of the signer in the holder context
{Number} algo
the key generation algorithm (Crypto.EC or Crypto.RSA)
{Key} prk
the private key template
{Key} puk
the public key template
Returns:
the subject key identifier

{Crypto} getCrypto()
Return a suitable crypto object. This may be overwritten by derived classes
Returns:
the Crypto object

{X509} getCurrentCertificate(pathOrHolderId)
Get current certificate for given path or holderId
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
Returns:
the current certificate or null if none defined

{X509} getCurrentCertificateAndSigner(pathOrHolderId)
Get current certificate for given path or holderId
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
Returns:
the current certificate or null if none defined

{ByteString} getCurrentKeyIdAndCertificate(pathOrHolderId)
Get current key id
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
Returns:
the current key id or null if none defined

{Key} getPrivateKeyByKeyId(pathOrHolderId, keyId)
Get a private key in the certificate store
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{ByteString} keyId
the unique key identifier
Returns:
the private key or null if not found

{Key} getPrivateKeyByName(pathOrHolderId, name)
Get a private key in the certificate store
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{String} name
the unique name of the signer in the holder context
Returns:
the private key or null if not found

{PKCS10} getRequest(pathOrHolderId, keyId)
Return request for given keyId
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{ByteString} keyId
the unique keyId of the request in the holder context
Returns:
the request or null

{Signer} getSigner(pathOrHolderId, keyId)
Get the signer identified by the keyId
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{ByteString} keyId
the key identifier
Returns:
this Signer object

{Certificate} importCertificate(cert, makeCurrent)
Import a certificate that can be validated by one of certificates in the database.
Parameters:
{X509} cert
the certificate
{Boolean} makeCurrent
true if this certificate becomes the current certificate
Returns:
the Certificate entry from the database or null

{String[]} listHolders(pathOrHolderId)
List certificate holders for a given PKI element
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
Returns:
a list of holder ids, possibly empty

{ByteString} newSigner(pathOrHolderId, name, puk, keyblob)
Create new signer based on key pair generated externally
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{String} name
the unique name of the signer in the holder context
{Key} puk
the public key
{ByteString} keyblob
the wrapped private key
Returns:
the subject key identifier

<static> {String} X509CertificateStore.nthElementOf(path, n)
Return the n-element of the path
Parameters:
{String} path
the path to return the last element from
n
Returns:
the last path element or null for the root

<static> {String} X509CertificateStore.parentPathOf(path)
Strip the last element of the path, effectively defining the parent within the path
Parameters:
{String} path
the path to strip the last element from
Returns:
the parent path or null for the root

{Certificate} storeCertificate(pathOrHolderId, cert, makeCurrent, srId)
Store a certificate in the certificate store
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{X509} cert
the certificate
{Boolean} makeCurrent
true if this certificate becomes the current certificate
srId
Returns:
the Certificate entry from the database or null

{ByteString} storeRequest(pathOrHolderId, req)
Store a certificate request in the certificate store
Parameters:
{String/Number} pathOrHolderId
the relative path of the PKI element (e.g. "/UTCVCA1/UTDVCA1") or the holderId from the database
{PKCS10} req
the request
Returns:
the request's keyId

Documentation generated by JsDoc Toolkit 2.4.0 on Wed Sep 21 2022 14:23:16 GMT+0200 (CEST)