Package org.intermine.web.security
Class KeySigner
- java.lang.Object
-
- org.intermine.web.security.KeySigner
-
public class KeySigner extends java.lang.Object
Issue certificates for keys we trust.- Author:
- Alex Kalderimis
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description class
KeySigner.SigningException
Errors thrown when signing certificates.
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
DEFAULT_ALGORITHM
The default algorithm to use
-
Constructor Summary
Constructors Constructor Description KeySigner(java.security.PrivateKey signingKey, java.lang.String dn, int days, java.lang.String algorithm)
Build a new signer.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.security.cert.X509Certificate
generateCertificate(java.lang.String subject, java.security.PublicKey key)
Create a self-signed X.509 Certificate Should be eventually replaced with X509v3CertificateBuilder.
-
-
-
Field Detail
-
DEFAULT_ALGORITHM
public static final java.lang.String DEFAULT_ALGORITHM
The default algorithm to use- See Also:
- Constant Field Values
-
-
Constructor Detail
-
KeySigner
public KeySigner(java.security.PrivateKey signingKey, java.lang.String dn, int days, java.lang.String algorithm)
Build a new signer.- Parameters:
signingKey
- Our key that we use to sign the other keys with.dn
- the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"days
- The number of days we issue certificates for.algorithm
- The signing algorithm we use.
-
-
Method Detail
-
generateCertificate
public java.security.cert.X509Certificate generateCertificate(java.lang.String subject, java.security.PublicKey key) throws KeySigner.SigningException
Create a self-signed X.509 Certificate Should be eventually replaced with X509v3CertificateBuilder.- Parameters:
subject
- Who we trust.key
- The key we are asserting that we trust.- Returns:
- A certificate wrapping the key, signed by us.
- Throws:
KeySigner.SigningException
- If we cannot generate the certificate for some reason.
-
-