com.entrust.toolkit.x509.jsse

Class JSSEEntrustManagerFactoryParameters

java.lang.Object

com.entrust.toolkit.x509.jsse.JSSEEntrustManagerFactoryParameters

All Implemented Interfaces:

javax.net.ssl.ManagerFactoryParameters

public class JSSEEntrustManagerFactoryParameters
extends java.lang.Object
implements javax.net.ssl.ManagerFactoryParameters

The JSSEEntrustManagerFactoryParameters class is used to initialize the JSSEX509TrustManagerFactory class so that the JSSEX509TrustManager can access the following parameters:

• KeyStore - Used to obtain access to the trusted certificates
• LDAPDirectory - Used to retrieve certificates and CRLS which are required for chain validation but are not contained in the KeyStore
• ClientSettings - Used to specify PKI ClientSettings which may be used during chain validation

For example, to intialize the JSSE509TrustManager the following code could be used:

  eks = KeyStore.getInstance("Entrust");
  eks.load(new FileInputStream(ksIniFile), password.toCharArray());
             
  TrustManagerFactory tmf = TrustManagerFactory.getInstance(
       TrustManagerFactory.getDefaultAlgorithm(), "IAIK_JSSE");
  
  //Pass in the KeyStore, Directory and ClientSettings
  JSSEEntrustManagerFactoryParameters parameters = 
       new JSSEEntrustManagerFactoryParameters(eks, directory, clientSettings);

  // For convienance, the KSIniFile can also be used to extract the directory information
  // JSSEEntrustManagerFactoryParameters parameters = 
  //     new JSSEEntrustManagerFactoryParameters(eks,new FileInputStream(ksIniFile), password);

 
  // Initialize the TrustManagerFactory with the JSSEEntrustManagerFactoryParameters
  tmf.init(parameters);
 

Since:

7.2 patch

Constructor Summary

Constructors

Constructor and Description
JSSEEntrustManagerFactoryParameters(java.security.KeyStore ks, java.io.InputStream KSIniFile, SecureStringBuffer password) Get the directory setting from the KSIniFile.
JSSEEntrustManagerFactoryParameters(java.security.KeyStore ks, LdapDirectory directory, ClientSettings clientSettings) Set the parameters which will be used by the X509TrustManagerFactory

Method Summary

Modifier and Type	Method and Description
ClientSettings	getClientSettings() Return the ClientSettings stored by this class
LdapDirectory	getDirectory() Return the Directory stored by this class
java.security.KeyStore	getKeyStore() Returns the KeyStore stored by this class
void	setClientSettings(ClientSettings settings) Set the ClientSettings which may be used as part of certificate validation
void	setDirectory(LdapDirectory directory) Set the LDAP Directory which is used to lookup certificates and CRLS for certificate validation.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JSSEEntrustManagerFactoryParameters

public JSSEEntrustManagerFactoryParameters(java.security.KeyStore ks,
                                           LdapDirectory directory,
                                           ClientSettings clientSettings)

Set the parameters which will be used by the X509TrustManagerFactory

Parameters:

ks - the KeyStore

directory - the LDAPDirectory used to retrieve certificates and CRL's

clientSettings - the ClientSettings. If null is passed in a default ClientSetting will be used.

Since:

7.2 patch

JSSEEntrustManagerFactoryParameters

public JSSEEntrustManagerFactoryParameters(java.security.KeyStore ks,
                                           java.io.InputStream KSIniFile,
                                           SecureStringBuffer password)
                                    throws java.security.NoSuchAlgorithmException,
                                           java.io.IOException,
                                           java.security.KeyStoreException,
                                           java.security.cert.CertificateException

Get the directory setting from the KSIniFile. A default ClientSettings will be used. If a specific ClientSetting is required, call the JSSEEntrustManagerFactoryParameters(KeyStore, LdapDirectory, ClientSettings) constructor. The

Parameters:

ks - which contains the certificates

KSIniFile - the inputstream containing the KSIniFile which is used to extract the Directory information

password - The SecureStringBuffer used to protect the KSIniFile.

Throws:

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.KeyStoreException

java.security.cert.CertificateException

Method Detail

setDirectory

public void setDirectory(LdapDirectory directory)

Set the LDAP Directory which is used to lookup certificates and CRLS for certificate validation.

Parameters:

directory - the LDAP directory

setClientSettings

public void setClientSettings(ClientSettings settings)

Set the ClientSettings which may be used as part of certificate validation

Parameters:

settings - The ClientSettings

getKeyStore

public java.security.KeyStore getKeyStore()

Returns the KeyStore stored by this class

Returns:

the KeyStore

getDirectory

public LdapDirectory getDirectory()

Return the Directory stored by this class

Returns:

the Directory

getClientSettings

public ClientSettings getClientSettings()

Return the ClientSettings stored by this class

Returns:

the ClientSettings