Package org.apache.sshd.common.config.keys

Class OpenSshCertificateImpl

java.lang.Object
org.apache.sshd.common.config.keys.OpenSshCertificateImpl
All Implemented Interfaces:
Serializable, Key, PrivateKey, PublicKey, Destroyable, OpenSshCertificate, SshPublicKey
public class OpenSshCertificateImpl extends Object implements OpenSshCertificate
Author:
Apache MINA SSHD Project
See Also:

  • Constructor Details

    • OpenSshCertificateImpl

      public OpenSshCertificateImpl()

  • Method Details

    • getRawKeyType

      public String getRawKeyType()
      Description copied from interface: OpenSshCertificate
      Retrieves the raw SSH key type of this certificate.
      Specified by:
      getRawKeyType in interface OpenSshCertificate
      Returns:
      the key type, for instance "ssh-rsa" for a "ssh-rsa-cert-v01@openssh.com" certificate

    • getNonce

      public byte[] getNonce()
      Description copied from interface: OpenSshCertificate
      Retrieves the nonce of this certificate.
      Specified by:
      getNonce in interface OpenSshCertificate
      Returns:
      the nonce.

    • getKeyType

      public String getKeyType()
      Description copied from interface: SshPublicKey
      Retrieves the SSH key type.
      Specified by:
      getKeyType in interface SshPublicKey
      Returns:
      the SSH key type, never null.

    • getCertPubKey

      public PublicKey getCertPubKey()
      Description copied from interface: OpenSshCertificate
      Retrieves the certified public key.
      Specified by:
      getCertPubKey in interface OpenSshCertificate
      Returns:
      the PublicKey

    • getSerial

      public long getSerial()
      Description copied from interface: OpenSshCertificate
      Retrieves the serial number of this certificate.
      Specified by:
      getSerial in interface OpenSshCertificate
      Returns:
      the serial number

    • getType

      public OpenSshCertificate.Type getType()
      Description copied from interface: OpenSshCertificate
      Retrieves the type of certificate.
      Specified by:
      getType in interface OpenSshCertificate
      Returns:
      the OpenSshCertificate.Type

    • getId

      public String getId()
      Description copied from interface: OpenSshCertificate
      Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.
      Specified by:
      getId in interface OpenSshCertificate
      Returns:
      the id; never null but may be empty.

    • getPrincipals

      public Collection<String> getPrincipals()
      Description copied from interface: OpenSshCertificate
      Retrieves the principals mentioned in the certificate.
      Specified by:
      getPrincipals in interface OpenSshCertificate
      Returns:
      the collection of principals, never null but possibly empty

    • getValidAfter

      public long getValidAfter()
      Description copied from interface: OpenSshCertificate
      Retrieves the time in number of seconds since the Instant.EPOCH at which this certificate becomes or became valid.
      Specified by:
      getValidAfter in interface OpenSshCertificate
      Returns:
      the number of seconds since the Instant.EPOCH as an unsigned 64bit value
      See Also:

    • getValidBefore

      public long getValidBefore()
      Description copied from interface: OpenSshCertificate
      Retrieves the time in number of seconds since the Instant.EPOCH at which this certificate becomes or became invalid.
      Specified by:
      getValidBefore in interface OpenSshCertificate
      Returns:
      the number of seconds since the Instant.EPOCH as an unsigned 64bit value
      See Also:

    • getCriticalOptions

      public List<OpenSshCertificate.CertificateOption> getCriticalOptions()
      Description copied from interface: OpenSshCertificate
      Retrieves the critical options set in the certificate.
      Specified by:
      getCriticalOptions in interface OpenSshCertificate
      Returns:
      the critical options as an unmodifiable list, never null but possibly empty
      See Also:

    • getCriticalOptionsMap

      public SortedMap<String,String> getCriticalOptionsMap()
      Description copied from interface: OpenSshCertificate
      Retrieves the critical options set in the certificate.
      Specified by:
      getCriticalOptionsMap in interface OpenSshCertificate
      Returns:
      the critical options as an unmodifiable map, never null but possibly empty

    • getExtensions

      public List<OpenSshCertificate.CertificateOption> getExtensions()
      Description copied from interface: OpenSshCertificate
      Retrieves the extensions set in the certificate.
      Specified by:
      getExtensions in interface OpenSshCertificate
      Returns:
      the extensions as an unmodifiable list, never null but possibly empty
      See Also:

    • getExtensionsMap

      public SortedMap<String,String> getExtensionsMap()
      Description copied from interface: OpenSshCertificate
      Retrieves the extensions set in the certificate.
      Specified by:
      getExtensionsMap in interface OpenSshCertificate
      Returns:
      the extensions as an unmodifiable map, never null but possibly empty

    • getReserved

      public String getReserved()
      Description copied from interface: OpenSshCertificate
      Retrieves the "reserved" field of the certificate. OpenSSH currently doesn't use it and ignores it.
      Specified by:
      getReserved in interface OpenSshCertificate
      Returns:
      the "reserved" field.

    • getCaPubKey

      public PublicKey getCaPubKey()
      Description copied from interface: OpenSshCertificate
      Retrieves the CA public key of this certificate.
      Specified by:
      getCaPubKey in interface OpenSshCertificate
      Returns:
      the PublicKey

    • getMessage

      public byte[] getMessage()
      Description copied from interface: OpenSshCertificate
      Retrieves the raw byte content of the certificate, minus the signature. This is the data that was signed.
      Specified by:
      getMessage in interface OpenSshCertificate
      Returns:
      the part of the certificate raw data that was signed

    • getSignature

      public byte[] getSignature()
      Description copied from interface: OpenSshCertificate
      Retrieves the signature of the certificate, including the signature algorithm.
      Specified by:
      getSignature in interface OpenSshCertificate
      Returns:
      the signature bytes
      See Also:

    • getRawSignature

      public byte[] getRawSignature()
      Description copied from interface: OpenSshCertificate
      Retrieves the raw signature bytes, without the signature algorithm.
      Specified by:
      getRawSignature in interface OpenSshCertificate
      Returns:
      the signature bytes
      See Also:

    • getSignatureAlgorithm

      public String getSignatureAlgorithm()
      Description copied from interface: OpenSshCertificate
      Retrieves the signature algorithm used for the signature.
      Specified by:
      getSignatureAlgorithm in interface OpenSshCertificate
      Returns:
      the signature algorithm as recorded in the certificate

    • getAlgorithm

      public String getAlgorithm()
      Specified by:
      getAlgorithm in interface Key

    • getFormat

      public String getFormat()
      Specified by:
      getFormat in interface Key

    • getEncoded

      public byte[] getEncoded()
      Specified by:
      getEncoded in interface Key

    • setKeyType

      public void setKeyType(String keyType)

    • setNonce

      public void setNonce(byte[] nonce)

    • setCertPubKey

      public void setCertPubKey(PublicKey certificatePublicKey)

    • setSerial

      public void setSerial(long serial)

    • setType

      public void setType(OpenSshCertificate.Type type)

    • setId

      public void setId(String id)

    • setPrincipals

      public void setPrincipals(Collection<String> principals)

    • setValidAfter

      public void setValidAfter(long validAfter)

    • setValidAfter

      public void setValidAfter(Instant validAfter)
      If null, uses OpenSshCertificate.MIN_EPOCH
      Parameters:
      validAfter - Instant to use for validAfter

    • setValidBefore

      public void setValidBefore(long validBefore)

    • setValidBefore

      public void setValidBefore(Instant validBefore)
      If null, uses OpenSshCertificate.INFINITY
      Parameters:
      validBefore - Instant to use for validBefore

    • setCriticalOptions

      public void setCriticalOptions(List<OpenSshCertificate.CertificateOption> criticalOptions)
      Sets the critical options of the certificate, overriding any options set earlier.
      Parameters:
      criticalOptions - to set; may be null or empty to remove all previously set options

    • setCriticalOptions

      public void setCriticalOptions(Map<String,String> criticalOptions)
      Sets the critical options of the certificate, overriding any options set earlier.
      Parameters:
      criticalOptions - to set; may be null or empty to remove all previously set options

    • addCriticalOption

      public boolean addCriticalOption(String name, String value)
      Adds a critical option to the certificate, or removes it if value == null. To add an option with an empty value, use an empty string as value. If the certificate already has an option with the given name it is replaced.
      Parameters:
      name - of the option to set
      value - of the option
      Returns:
      true if the map did not contain the name; false if it did

    • setExtensions

      public void setExtensions(List<OpenSshCertificate.CertificateOption> extensions)
      Sets the extensions of the certificate, overriding any extensions set earlier.
      Parameters:
      extensions - to set; may be null or empty to remove all previously set extensions

    • setExtensions

      public void setExtensions(Map<String,String> extensions)
      Sets the extensions of the certificate, overriding any extensions set earlier.
      Parameters:
      extensions - to set; may be null or empty to remove all previously set extensions

    • addExtension

      public boolean addExtension(String name, String value)
      Adds an extension to the certificate, or removes it if value == null. To add an extension with an empty value, use an empty string as value. If the certificate already has an extension with the given name it is replaced.
      Parameters:
      name - of the extension to set
      value - of the extension
      Returns:
      true if the map did not contain the name; false if it did

    • setReserved

      public void setReserved(String reserved)

    • setCaPubKey

      public void setCaPubKey(PublicKey caPubKey)

    • setMessage

      public void setMessage(byte[] message)

    • setSignature

      public void setSignature(byte[] signature)

    • toString

      public String toString()
      Overrides:
      toString in class Object