Package org.eclipse.osgi.service.security

Class TrustEngine

  • public abstract class TrustEngine
extends java.lang.Object
    A TrustEngine is used to establish the authenticity of a Certificate chain.

    Clients may implement this interface.

    Since:
    3.4

    • Constructor Summary

      Constructors 
      Constructor Description
      TrustEngine()  

    • Method Summary

      All Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String addTrustAnchor​(java.security.cert.Certificate anchor, java.lang.String alias)
      Add a trust anchor point to this trust engine.
      protected abstract java.lang.String doAddTrustAnchor​(java.security.cert.Certificate anchor, java.lang.String alias)
      Add a trust anchor point to this trust engine.
      protected abstract void doRemoveTrustAnchor​(java.lang.String alias)
      Remove a trust anchor point from the engine, based on the human readable "friendly name"
      protected abstract void doRemoveTrustAnchor​(java.security.cert.Certificate anchor)
      Remove a trust anchor point from the engine, based on the certificate itself.
      abstract java.security.cert.Certificate findTrustAnchor​(java.security.cert.Certificate[] chain)
      Returns the certificate trust anchor contained in the specified chain which was used to establish the authenticity of the chain.
      abstract java.lang.String[] getAliases()
      Return the list of friendly name aliases for the TrustAnchors installed in the engine.
      abstract java.lang.String getName()
      Return a representation string of this trust engine
      abstract java.security.cert.Certificate getTrustAnchor​(java.lang.String alias)
      Return the certificate associated with the unique "friendly name" in the engine.
      abstract boolean isReadOnly()
      Return a value indicate whether this trust engine is read-only.
      void removeTrustAnchor​(java.lang.String alias)
      Remove a trust anchor point from the engine, based on the human readable "friendly name"
      void removeTrustAnchor​(java.security.cert.Certificate anchor)
      Remove a trust anchor point from the engine, based on the certificate itself.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • TrustEngine

        public TrustEngine()

    • Method Detail

      • findTrustAnchor

        public abstract java.security.cert.Certificate findTrustAnchor​(java.security.cert.Certificate[] chain)
                                                        throws java.io.IOException
        Returns the certificate trust anchor contained in the specified chain which was used to establish the authenticity of the chain. If no trust anchor is found in the chain then null is returned.
        Parameters:
        chain - - a complete or incomplete certificate chain, implementations *MAY* complete chains
        Returns:
        - the certificate trust anchor used to establish authenticity
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store

      • addTrustAnchor

        public java.lang.String addTrustAnchor​(java.security.cert.Certificate anchor,
                                       java.lang.String alias)
                                throws java.io.IOException,
                                       java.security.GeneralSecurityException
        Add a trust anchor point to this trust engine. A trust anchor implies that a certificate, and any of its children, is to be considered trusted. If null is used as the alias then an alias will be generated based on the trust anchor certificate.
        Parameters:
        anchor - - the certificate to add as an anchor point
        alias - - a unique and human-readable 'friendly name' which can be used to reference the certificate. A null value may be used.
        Returns:
        the alias used to store the entry
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem
        java.lang.IllegalArgumentException - if the alias or anchor already exist in this trust engine

      • doAddTrustAnchor

        protected abstract java.lang.String doAddTrustAnchor​(java.security.cert.Certificate anchor,
                                                     java.lang.String alias)
                                              throws java.io.IOException,
                                                     java.security.GeneralSecurityException
        Add a trust anchor point to this trust engine. A trust anchor implies that a certificate, and any of its children, is to be considered trusted. If null is used as the alias then an alias will be generated based on the trust anchor certificate.
        Parameters:
        anchor - - the certificate to add as an anchor point
        alias - - a unique and human-readable 'friendly name' which can be used to reference the certificate. A null value may be used.
        Returns:
        the alias used to store the entry
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem
        java.lang.IllegalArgumentException - if the alias or anchor already exist in this trust engine

      • removeTrustAnchor

        public final void removeTrustAnchor​(java.security.cert.Certificate anchor)
                             throws java.io.IOException,
                                    java.security.GeneralSecurityException
        Remove a trust anchor point from the engine, based on the certificate itself.
        Parameters:
        anchor - - the certificate to be removed
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem

      • doRemoveTrustAnchor

        protected abstract void doRemoveTrustAnchor​(java.security.cert.Certificate anchor)
                                     throws java.io.IOException,
                                            java.security.GeneralSecurityException
        Remove a trust anchor point from the engine, based on the certificate itself.
        Parameters:
        anchor - - the certificate to be removed
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem

      • removeTrustAnchor

        public void removeTrustAnchor​(java.lang.String alias)
                       throws java.io.IOException,
                              java.security.GeneralSecurityException
        Remove a trust anchor point from the engine, based on the human readable "friendly name"
        Parameters:
        alias - - the name of the trust anchor
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem

      • doRemoveTrustAnchor

        protected abstract void doRemoveTrustAnchor​(java.lang.String alias)
                                     throws java.io.IOException,
                                            java.security.GeneralSecurityException
        Remove a trust anchor point from the engine, based on the human readable "friendly name"
        Parameters:
        alias - - the name of the trust anchor
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem

      • getTrustAnchor

        public abstract java.security.cert.Certificate getTrustAnchor​(java.lang.String alias)
                                                       throws java.io.IOException,
                                                              java.security.GeneralSecurityException
        Return the certificate associated with the unique "friendly name" in the engine.
        Parameters:
        alias - - the friendly name
        Returns:
        the associated trust anchor
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem

      • getAliases

        public abstract java.lang.String[] getAliases()
                                       throws java.io.IOException,
                                              java.security.GeneralSecurityException
        Return the list of friendly name aliases for the TrustAnchors installed in the engine.
        Returns:
        string[] - the list of friendly name aliases
        Throws:
        java.io.IOException - if there is a problem connecting to the backing store
        java.security.GeneralSecurityException - if there is a certificate problem

      • isReadOnly

        public abstract boolean isReadOnly()
        Return a value indicate whether this trust engine is read-only.
        Returns:
        true if this trust engine is read-only false otherwise.

      • getName

        public abstract java.lang.String getName()
        Return a representation string of this trust engine
        Returns:
        a string