|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
Object | +--CVCCA
Class supporting a certification authority that can issue CVC certificates
for the EAC protocol.
Defined in cvcca.js
| Field Summary | |
Object |
certstore
|
Object |
countryseq
|
Object |
crypto
|
Object |
holderId
|
Object |
keyspec
|
Object |
parentId
|
Object |
path
|
Object |
taAlgorithmIdentifier
|
<static> Object |
testPath
|
| Constructor Summary | |
CVCCA(<Crypto> crypto, <CVCertificateStore> certstore, holderId, parentId, <String> path)
Creates a new CVC-CA instance |
|
| Method Summary | |
CVC
|
counterSignRequest(request)
Counter-sign a request |
CVC
|
generateCertificate(<CVC> req, <Object> policy)
Generate certificate for certificate request |
CVC
|
generateInitialRequest(<PublicKeyReference> car)
Generate an initial certificate request |
CVC
|
generateRequest(<PublicKeyReference> car, forceinitial, <boolean> signinitial)
Generate a certificate request |
CVC
|
generateRequestHSM(<PublicKeyReference> car, forceinitial, <boolean> signinitial)
Generate a certificate request using a SmartCard-HSM based private key |
CVC
|
generateRequestPKCS8(<PublicKeyReference> car, forceinitial, <boolean> signinitial)
Generate a certificate request using a PKCS#8 based private key |
CVC
|
generateSignedInitialRequest(<PublicKeyReference> car)
Generate a signed initial certificate request |
Key
|
getAuthenticPublicKey(<PublicKeyReference> chr)
Return authentic public key with domain parameter for a given CHR subordinate to the CA |
Object
|
getCertificateList(<PublicKeyReference> fromCAR)
Returns a list of relevant certificates. |
CVC
|
getIssuedCertificate(<PublicKeyReference> chr)
Return certificate issued by this CA |
void
|
importCertificate(<CVC> cert)
Import a certificate into the certificate store and make it the current certificate |
Object
|
importCertificates(<CVC[]> certs)
Import a list of certificates into the certificate store |
boolean
|
isOperational()
Returns true if this CA is operational. |
boolean
|
isRootCA()
Returns true if this is a root CA |
void
|
setCountryCodeForSequence(<String> countryseq)
Set country code to be included in sequence number of public key reference |
void
|
setKeySpec(<Key> keyparam, <ByteString> algorithm)
Sets the key specification for generating requests |
void
|
setRemovePreviousKey(<boolean> removePreviousKey)
Set flags that controls the removal of the previous key if the certificate for the new key is imported |
void
|
storeCertificate(<CVC> cert)
Store issued certificate |
<static> void
|
test()
|
| Field Detail |
Object certstore
Object countryseq
Object crypto
Object holderId
Object keyspec
Object parentId
Object path
Object taAlgorithmIdentifier
<static> Object testPath
| Constructor Detail |
CVCCA(<Crypto> crypto, <CVCertificateStore> certstore, holderId, parentId, <String> path)
crypto - the crypto provider to use
certstore - the certificate store to use
path - the path of holderIDs (eg. "/UTCVCA/UTDVCA/UTTERM")
| Method Detail |
CVC counterSignRequest(request)
req - the initial request
CVC generateCertificate(<CVC> req, <Object> policy)
Certificate contents is defined through the policy object:
var policy = { certificateValidityDays: 2,
chatRoleOID: new ByteString("id-IS", OID),
chatRights: new ByteString("E3", HEX),
includeDomainParameter: true,
extensions: []
};
req - the certificate request
policy - the object with policy settings
CVC generateInitialRequest(<PublicKeyReference> car)
car - the CA at which this request is addressed
CVC generateRequest(<PublicKeyReference> car, forceinitial, <boolean> signinitial)
car - the CA at which this request is addressed
signinitial - sign with initial key (sequence = 00000)
forceInitial - force an initial request, even if a current certificate is available
CVC generateRequestHSM(<PublicKeyReference> car, forceinitial, <boolean> signinitial)
car - the CA at which this request is addressed
signinitial - sign with initial key (sequence = 00000)
forceInitial - force an initial request, even if a current certificate is available
CVC generateRequestPKCS8(<PublicKeyReference> car, forceinitial, <boolean> signinitial)
car - the CA at which this request is addressed
signinitial - sign with initial key (sequence = 00000)
forceInitial - force an initial request, even if a current certificate is available
CVC generateSignedInitialRequest(<PublicKeyReference> car)
car - the CA at which this request is addressed
Key getAuthenticPublicKey(<PublicKeyReference> chr)
chr - the certificate holder reference
Object getCertificateList(<PublicKeyReference> fromCAR)
If the CA is the root CA, then all self-signed and link certificates are returned.
If the CA is a DVCA, then all certificates of the associated root and the current DVCA certificate is returned.
fromCAR - the optional starting point for the list if not a root CA
CVC getIssuedCertificate(<PublicKeyReference> chr)
chr - the certificate holder reference
void importCertificate(<CVC> cert)
cert - the certificate
Object importCertificates(<CVC[]> certs)
certs - the list of certificates
boolean isOperational()
boolean isRootCA()
void setCountryCodeForSequence(<String> countryseq)
countryseq - the two character country code
void setKeySpec(<Key> keyparam, <ByteString> algorithm)
keyparam - a key object containing key parameters (e.g. EC Curve)
algorithm - the terminal authentication algorithm object identifier
void setRemovePreviousKey(<boolean> removePreviousKey)
removePreviousKey - true to remove, false to keep
void storeCertificate(<CVC> cert)
cert - a newly issued certificate
<static> void test()
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||