com.entrust.toolkit.credentials

Class KeychainCertProperties

java.lang.Object

com.entrust.toolkit.credentials.KeychainCertProperties

public class KeychainCertProperties
extends java.lang.Object

A KeychainCertProperties is used by KeychainCertProperties to cache and retrieve the certificate properties in the Mac local machine. Certificate properties hold important information that assists in the use and management of a user's certificates. Certificate properties are not part of the actual certificate, but instead are attached to certificates stored on the user's machine. The certificate properties file is saved under Mac user's application support folder. The format of full path of file name is in the following format. //CertPropCache// is retrieved through Keychain JNI. The Keychain JNI call Apple API to obtain the application support folder. is SHA 256 hashed issuer DN of the user's certificate. The file name is SHA 256 hashed Entrust Key ID. Entrust Key ID consists the PEM encoding of the user's certificate issuer DN, concatenated with the user's certificate serial number. Here is an example of the full path of the certificate properties: /Users/jsmith/Library/Application Support/EESD_SecurityProvider/CertPropCache/F121B0E00D93AAE47CF6634F8D7347CBF2A65FD7A51C21CB4BBFAE0595E24E48/8078B99D91BF59C2F66C7975D08243DFAD04D164DA5DB22C5233385206958993 The file format is IniFile. The existing IniFile implementation in JavaTK makes easy to read and write the file.

Since:

9.0

Constructor Summary

Constructors

Constructor and Description
KeychainCertProperties(Name issuerDN, java.math.BigInteger serialNumber) Create a new KeychainCertProperties object
KeychainCertProperties(X509Certificate certificate) Create a new KeychainCertProperties object

Method Summary

Modifier and Type	Method and Description
void	delete() Delete certificate properties file from the local machine.
java.lang.String	getCertDefinitionPolicyCertDN() Retrieve the DN of the certificate definition policy certificate.
java.lang.String	getCertDefnName() Retrieve the name of certificate definition.
int	getCertManagementState() Retrieve the certificate management state
int	getCertPublicationPending() Retrieve the certificate publication pending certificate property
java.lang.String	getEntrustSecurityStore() Retrieve the EPF full file path name or roaming ID
EntrustEventIdentifier	getEventIdentifier() Retrieve the event identifier.
byte	getEventIndicator() Retrieve the event indicator
java.lang.String	getFriendlyName() Retrieve the certificate friendly name
java.lang.String	getKeychainContainerName() Retrieve the key container name certificate property.
java.lang.String	getMappedContainerName() Retrieve the mapped container name certificate property.
byte[]	getRoleIDPKIXMessage() Retrieve PKIX message.
java.lang.String	getRolePolicyCertDN() Retrieve the DN of the role policy certificate.
int	getSecurityStoreType() Retrieve the digital ID security store type
int	getSecurityStoreTypeWithoutDefault() Retrieve the digital ID security store type
java.lang.String	getTokenID() Retrieve the tokenID certificate property.
boolean	isCertArchived() Check to see if the certificate is archived.
boolean	isKeyUpdateNotAllowed() Retrieve the key update not allowed flag
boolean	isReadonlyDigitalID() Check to see if the certificate management state is read only digital ID.
void	setCertArchived(boolean archived) Set the flag if the certificate is archived.
void	setCertDefinitionPolicyCertDN(java.lang.String policyCertDN) Set the DN of the certificate definition policy certificate.
void	setCertDefnName(java.lang.String certDefnName) Set the name of certificate definition.
void	setCertManagementState(int certManagementState) Set the certificate management state certificate property
void	setCertPublicationPending(int certPubPending) Set the certificate publication pending certificate property
void	setEntrustSecurityStore(java.lang.String securityStore) Set the EPF full file path name or roaming ID
void	setEventIdentifier(EntrustEventIdentifier eventIdentifier) Set the event identifier.
void	setEventIndicator(byte indicator) Set the event indicator
void	setFriendlyName(java.lang.String friendlyName) Set the certificate friendly name certificate property.
void	setKeychainContainerName(java.lang.String containerName) Set the key container name certificate property.
void	setKeyUpdateNotAllowed(boolean keyUpdatesNotAllowed) Set the key update not allowed flag.
void	setMappedContainerName(java.lang.String mappedContainerName) Set the mapped container name certificate property.
void	setRoleIDPKIXMessage(byte[] roleIDPKIXMessage) Set PKIX message which can obtain the role ID.
void	setRolePolicyCertDN(java.lang.String policyCertDN) Set the DN of the role policy certificate.
void	setSecurityStoreType(int storeType) Set the digital ID security store type
void	setTokenID(java.lang.String tokenID) Set the tokenID property.
boolean	shouldPerformUpdateSilently() Check to see if the certificate management state is perform update silently.
void	write() Write the certificate properties in the file.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

KeychainCertProperties

public KeychainCertProperties(X509Certificate certificate)
                       throws KeychainException

Create a new KeychainCertProperties object

Parameters:

certificate - The certificate is attached to the certificate properties.

Throws:

KeychainException - If failed to hash key ID

KeychainCertProperties

public KeychainCertProperties(Name issuerDN,
                              java.math.BigInteger serialNumber)
                       throws KeychainException

Create a new KeychainCertProperties object

Parameters:

issuerDN - The issuer DN of the certificate which is attached to the certificate properties.

serialNumber - The serial number of the certificate which is attached to the certificate properties.

Throws:

KeychainException - if failed to hash key ID

Method Detail

write

public void write()
           throws java.io.IOException

Write the certificate properties in the file.

Throws:

java.io.IOException - if failed to write the certificate properties to the file.

delete

public void delete()

Delete certificate properties file from the local machine.

setKeychainContainerName

public void setKeychainContainerName(java.lang.String containerName)

Set the key container name certificate property.

Parameters:

containerName - the value of key container name.

getKeychainContainerName

public java.lang.String getKeychainContainerName()

Retrieve the key container name certificate property.

Returns:

the value of the key container name property if it exists. Otherwise it returns null.

setRolePolicyCertDN

public void setRolePolicyCertDN(java.lang.String policyCertDN)

Set the DN of the role policy certificate.

Parameters:

policyCertDN - the DN of the role policy certificate

getRolePolicyCertDN

public java.lang.String getRolePolicyCertDN()

Retrieve the DN of the role policy certificate.

Returns:

the DN of the role policy certificate if it exists. Otherwise it returns null.

setCertDefinitionPolicyCertDN

public void setCertDefinitionPolicyCertDN(java.lang.String policyCertDN)

Set the DN of the certificate definition policy certificate.

Parameters:

policyCertDN - the DN of the certificate definition policy certificate

getCertDefinitionPolicyCertDN

public java.lang.String getCertDefinitionPolicyCertDN()

Retrieve the DN of the certificate definition policy certificate.

Returns:

the DN of the certificate definition policy certificate if it exists. Otherwise it returns null.

setCertDefnName

public void setCertDefnName(java.lang.String certDefnName)

Set the name of certificate definition.

Parameters:

certDefnName - the name of certificate definition

getCertDefnName

public java.lang.String getCertDefnName()

Retrieve the name of certificate definition.

Returns:

the name of certificate definition

setEventIdentifier

public void setEventIdentifier(EntrustEventIdentifier eventIdentifier)

Set the event identifier.

Parameters:

eventIdentifier - the value of event identifier

getEventIdentifier

public EntrustEventIdentifier getEventIdentifier()

Retrieve the event identifier.

Returns:

the event identifier if it exists. Otherwise it returns null.

setEventIndicator

public void setEventIndicator(byte indicator)

Set the event indicator

Parameters:

indicator - the value of event indicator

getEventIndicator

public byte getEventIndicator()

Retrieve the event indicator

Returns:

the value of the event indicator if it exists. Otherwise it returns 0.

setRoleIDPKIXMessage

public void setRoleIDPKIXMessage(byte[] roleIDPKIXMessage)

Set PKIX message which can obtain the role ID.

Parameters:

roleIDPKIXMessage - the value of PKIX message

getRoleIDPKIXMessage

public byte[] getRoleIDPKIXMessage()

Retrieve PKIX message.

Returns:

the value of PKIX message if it exists. Otherwise it returns null.

setKeyUpdateNotAllowed

public void setKeyUpdateNotAllowed(boolean keyUpdatesNotAllowed)

Set the key update not allowed flag.

Parameters:

keyUpdatesNotAllowed - the key update not allowed flag

isKeyUpdateNotAllowed

public boolean isKeyUpdateNotAllowed()

Retrieve the key update not allowed flag

Returns:

the key update not allowed flag

setCertPublicationPending

public void setCertPublicationPending(int certPubPending)

Set the certificate publication pending certificate property

Parameters:

certPubPending - the value of the certificate publication pending

getCertPublicationPending

public int getCertPublicationPending()

Retrieve the certificate publication pending certificate property

Returns:

the value of the certificate publication pending

setCertManagementState

public void setCertManagementState(int certManagementState)

Set the certificate management state certificate property

Parameters:

certManagementState - the value of the certificate management state

getCertManagementState

public int getCertManagementState()

Retrieve the certificate management state

Returns:

the value of the certificate management state

shouldPerformUpdateSilently

public boolean shouldPerformUpdateSilently()

Check to see if the certificate management state is perform update silently.

Returns:

true if the certificate management state is perform update silently, otherwise it is false.

isReadonlyDigitalID

public boolean isReadonlyDigitalID()

Check to see if the certificate management state is read only digital ID.

Returns:

true if the certificate management state is read only digital ID, otherwise it is false.

setMappedContainerName

public void setMappedContainerName(java.lang.String mappedContainerName)

Set the mapped container name certificate property.

Parameters:

mappedContainerName - the value of the mapped container name

getMappedContainerName

public java.lang.String getMappedContainerName()

Retrieve the mapped container name certificate property.

Returns:

the value of the mapped container name certificate property if it exists. Otherwise it returns null.

setCertArchived

public void setCertArchived(boolean archived)

Set the flag if the certificate is archived.

Parameters:

archived - the certificate archive flag

isCertArchived

public boolean isCertArchived()

Check to see if the certificate is archived.

Returns:

true if the certificate is archived, otherwise return false.

setFriendlyName

public void setFriendlyName(java.lang.String friendlyName)

Set the certificate friendly name certificate property.

Parameters:

friendlyName - the certificate friendly name

getFriendlyName

public java.lang.String getFriendlyName()

Retrieve the certificate friendly name

Returns:

the certificate friendly name if it exists. Otherwise it returns null.

setSecurityStoreType

public void setSecurityStoreType(int storeType)

Set the digital ID security store type

Parameters:

storeType - the digital ID security store type

getSecurityStoreType

public int getSecurityStoreType()

Retrieve the digital ID security store type

Returns:

the digital ID security store type. If it does not exist, return 0 (EPF)

getSecurityStoreTypeWithoutDefault

public int getSecurityStoreTypeWithoutDefault()

Retrieve the digital ID security store type

Returns:

the digital ID security store type. If it does not exist, return -1 (unknown)

setEntrustSecurityStore

public void setEntrustSecurityStore(java.lang.String securityStore)

Set the EPF full file path name or roaming ID

Parameters:

securityStore - the EPF full file path name or roaming ID

getEntrustSecurityStore

public java.lang.String getEntrustSecurityStore()

Retrieve the EPF full file path name or roaming ID

Returns:

the EPF full file path name or roaming ID if it exists. Otherwise it returns null.

setTokenID

public void setTokenID(java.lang.String tokenID)

Set the tokenID property.

Parameters:

tokenID - the value of tokenID.

getTokenID

public java.lang.String getTokenID()

Retrieve the tokenID certificate property.

Returns:

the value of the tokenID property if it exists. Otherwise it returns null.