CertificationAuthorities

java.lang.Object
- it.trento.comune.j4sign.verification.CertificationAuthorities

```
public class CertificationAuthorities
extends java.lang.Object
```
CA (Certification Authorities) that issue digital certificates
(also called digital passports, X.509 certificates, or public-key certificates).
This class allows you to add, delete and get information about CA.
It also puts in service a CRL manager that verifies and controls certificates revocation lists.

Rappresenta la lista delle CA (Certification Authorities) riconosciute dal sistema
Fornisce i metodi di verifica dei certificati e di controllo delle CRL

Author:

Francesco Cendron

Field Summary

Fields
Modifier and Type	Field and Description
`private boolean`	`alwaysCrlUpdate`
`private java.lang.String`	`auth`
`private java.util.HashMap`	`authorities`
`private boolean`	`debug`
`private java.util.logging.Logger`	`log`
`private java.lang.String`	`message`
`private boolean`	`useproxy`

Constructor Summary

Constructors
Constructor and Description
`CertificationAuthorities()` Instatiate the class with an empty list of CA.
`CertificationAuthorities(java.io.File caDir)` This loads CA certificates in the specified dir No debug message is shown Carica i certificati delle CA dai file presenti nella directory specificata.
`CertificationAuthorities(java.io.File caDir, boolean debug)` This loads CA certificates in the specified dir Carica i certificati delle CA dai file presenti nella directory specificata
`CertificationAuthorities(java.io.InputStream is)` This loads CA certificates from a ZIP file.
`CertificationAuthorities(java.io.InputStream is, boolean debug)` This loads CA certificates from a ZIP file Carica i certificati delle CA da file ZIP

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`addCertificateAuthority(byte[] cert)` Add the specified CA certificate to CA list: certificate can be coded base64 or DER.
`void`	`addCertificateAuthority(java.security.cert.X509Certificate cert)` Add the specified CA certificate to CA list.
`byte[]`	`getBytesFromPath(java.lang.String fileName)` Returns a bytearray of the file at the given path fileName Restituisce un array di byte corrispondenti al file nella posizione fileName
`java.util.Collection`	`getCA()` Returns a Collection of CA Fornisce una Collection delle CA riconosciute
`java.security.cert.X509Certificate`	`getCACertificate(java.security.Principal caName)` Return the CA certificate specified as caName Restituisce il certificato della CA specificata da `caName` se presente nelle CA di root.
`java.security.cert.X509Certificate`	`getCACertificate(java.lang.String caName)` Return the CA certificate specified as caName Restituisce il certificato della CA specificata da `caName` se presente nelle CA di root.
`java.util.Set`	`getCANames()` Returns the CA list as a Set of String Fornisce la lista delle CA riconosciute sotto forma di Set di stringhe
`int`	`getCANumber()` Returns the number of CA Restituisce il numero delle CA riconosciute dall'applicazione
`java.lang.String`	`getMessage()` Return the possible error message of the last CRL verification Restituisce l'eventuale messaggio di errore relativo all'ultima operazione di verifica effettuata
`boolean`	`isAccepted(java.security.cert.X509Certificate userCert)` Verifies the the given certificate is issued by a CA Verifica se il certificato e' stato emesso da una delle CA riconosciute
`private void`	`loadFromStream(java.io.InputStream is)` This loads CA certificates from a ZIP file present at the specified URL.
`static java.security.cert.Certificate`	`readCert(byte[] certByte)` Reads and generates certificate from a sequence of bytes in DER or base64 Legge un certificato Certificate da una sequenza di bytes in DER o base64 e genera il certificato
`void`	`removeCertificateAuthority(java.security.Principal caName)` Remove the specified CA from the list of CA Rimuove dalla lista delle CA riconosciute la CA specificata da caName
`void`	`save()` Save certificates in authorities Salva i certificati in authorities
`void`	`setAlwaysCRLUpdate(boolean b)` Set CRL control and update mode.
`void`	`setDebug(boolean debug)` Activate or discactivate debug messages Attiva o disattiva i messaggi di debug
`protected void`	`setMessage(java.lang.String message)` Set the possible error message Memorizza la descrizione dell'ultimo errore registrato durante la verifica
`private java.lang.String`	`toCNNames(java.lang.String DN)` Convert DN to CN
`void`	`updateCRL(java.security.Principal caName)` Update CRL of specified CA Aggiorna la CRL relativa alla CA in oggetto
`boolean`	`verify(java.security.cert.X509Certificate userCert)` Verifies that this certificate was signed using the private key that corresponds to the public key of an accepted CA at the current date.
`boolean`	`verify(java.security.cert.X509Certificate userCert, java.util.Date date)` Verifies that this certificate was signed using the private key that corresponds to the public key of an accepted CA at the given date.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - log
```
private java.util.logging.Logger log
```
  - debug
```
private boolean debug
```
  - useproxy
```
private boolean useproxy
```
  - alwaysCrlUpdate
```
private boolean alwaysCrlUpdate
```
  - auth
```
private java.lang.String auth
```
  - authorities
```
private java.util.HashMap authorities
```
  - message
```
private java.lang.String message
```
- Constructor Detail
  - CertificationAuthorities
```
public CertificationAuthorities()
```
    Instatiate the class with an empty list of CA. If you need to add a CA, use
    the addCertificateAuthority method.
    
    Istanzia la classe con una lista delle CA vuota. Occorre usare esplicitamente il metodo addCertificateAuthority per inserire nella lista le CA volute.
  - CertificationAuthorities
```
public CertificationAuthorities(java.io.File caDir,
                        boolean debug)
                         throws java.security.GeneralSecurityException,
                                java.io.IOException
```
    This loads CA certificates in the specified dir
    
    Carica i certificati delle CA dai file presenti nella directory specificata
    
    Parameters:
    caDir - dir containing CA certificates in DER o base64
    debug - if true, it showa debug messages during certificates reading
    
    Throws:
    
    java.security.GeneralSecurityException - if no CA is loaded
    
    java.io.IOException
  - CertificationAuthorities
```
public CertificationAuthorities(java.io.File caDir)
                         throws java.security.GeneralSecurityException,
                                java.io.IOException
```
    This loads CA certificates in the specified dir
    No debug message is shown
    Carica i certificati delle CA dai file presenti nella directory specificata.
    Non vengono visualizzati i messaggi di debug
    
    Parameters:
    caDir - dir containing CA certificates in DER o base64
    
    Throws:
    
    java.security.GeneralSecurityException - if no CA is loaded
    
    java.io.IOException
  - CertificationAuthorities
```
public CertificationAuthorities(java.io.InputStream is,
                        boolean debug)
                         throws java.security.GeneralSecurityException,
                                java.io.IOException
```
    This loads CA certificates from a ZIP file
    
    Carica i certificati delle CA da file ZIP
    
    Parameters:
    is - stream relative to ZIP file containing "valid" CA
    debug - if true, it shows debug messages during ZIP file parsing
    
    Throws:
    
    java.security.GeneralSecurityException - if no CA is loaded
    
    java.io.IOException - any error during ZIP file reading
  - CertificationAuthorities
```
public CertificationAuthorities(java.io.InputStream is)
                         throws java.security.GeneralSecurityException,
                                java.io.IOException
```
    This loads CA certificates from a ZIP file.
    No debug message is shown.
    Carica i certificati delle CA da file ZIP
    
    Parameters:
    is - stream relative to ZIP file containing "valid" CA
    
    Throws:
    
    java.security.GeneralSecurityException - if no CA is loaded
    
    java.io.IOException - any error during ZIP file reading
- Method Detail
  - loadFromStream
```
private void loadFromStream(java.io.InputStream is)
                     throws java.io.IOException
```
    This loads CA certificates from a ZIP file present at the specified URL.
    No debug message is shown.
    Carica i certificati delle CA da un file ZIP presente all'indirizzo specificato
    
    Parameters:
    url - URL where you can fin ZIP file containg CA
    debug - if true, it shows debug messages during ZIP file downloading and parsing
    
    Throws:
    
    java.io.IOException
    
    java.security.GeneralSecurityException - if no CA is loaded
    
    java.io.IOException - any error during ZIP file reading
  - getCANumber
```
public int getCANumber()
```
    Returns the number of CA Restituisce il numero delle CA riconosciute dall'applicazione
    
    Returns:
    the number of CA
  - getCANames
```
public java.util.Set getCANames()
```
    Returns the CA list as a Set of String Fornisce la lista delle CA riconosciute sotto forma di Set di stringhe
    
    Returns:
    the list of CA
  - getCA
```
public java.util.Collection getCA()
```
    Returns a Collection of CA Fornisce una Collection delle CA riconosciute
    
    Returns:
    Collection of CA
  - getCACertificate
```
public java.security.cert.X509Certificate getCACertificate(java.security.Principal caName)
                                                    throws java.security.GeneralSecurityException
```
    Return the CA certificate specified as caName Restituisce il certificato della CA specificata da caName se presente nelle CA di root.
    
    Parameters:
    caName - Principal DN of CA
    
    Returns:
    certificate CA X.509 , null if CA is not present
    
    Throws:
    
    java.security.GeneralSecurityException
  - getCACertificate
```
public java.security.cert.X509Certificate getCACertificate(java.lang.String caName)
                                                    throws java.security.GeneralSecurityException
```
    Return the CA certificate specified as caName Restituisce il certificato della CA specificata da caName se presente nelle CA di root.
    
    Parameters:
    caName - String DN of CA
    
    Returns:
    certificate CA X.509 , null if CA is not present
    
    Throws:
    
    java.security.GeneralSecurityException
  - isAccepted
```
public boolean isAccepted(java.security.cert.X509Certificate userCert)
```
    Verifies the the given certificate is issued by a CA Verifica se il certificato e' stato emesso da una delle CA riconosciute
    
    Parameters:
    userCert - certificate to verify
    
    Returns:
    true if the given certificate is issued by a CA, false otherwise
  - verify
```
public boolean verify(java.security.cert.X509Certificate userCert)
               throws java.security.GeneralSecurityException
```
    Verifies that this certificate was signed using the private key that corresponds to the public key of an accepted CA at the current date. Verifica l'autenticita' del certificato alla data corrente.
    A differenza del metodo verify che ha come parametro signatureInfo, in questo caso la verifica si ferma al primo step che fallisce: la descrizione dell'errore si ricava con il metodo getMessage
    
    Parameters:
    userCert - certficate to verify
    
    Returns:
    true certificate is OK
    
    Throws:
    
    java.security.GeneralSecurityException
  - verify
```
public boolean verify(java.security.cert.X509Certificate userCert,
             java.util.Date date)
               throws java.security.GeneralSecurityException
```
    Verifies that this certificate was signed using the private key that corresponds to the public key of an accepted CA at the given date.
    
    Parameters:
    userCert - certficate to verify
    date - Date the given date
    
    Returns:
    true certificate is OK
    
    Throws:
    
    java.security.GeneralSecurityException
  - setAlwaysCRLUpdate
```
public void setAlwaysCRLUpdate(boolean b)
```
    Set CRL control and update mode. If flag is set to true, CRL is downloaded at each verification. Imposta la modalita' di controllo ed aggiornamento delle CRL. Se il flag viene impostato a true la CRL viene scaricata ad ogni operazione di verifica.
    Nel caso di verifica di un file firmato, la CRL viene scaricata una sola volta anche se sono piu' certificati della stessa CA
    
    Parameters:
    b - if true, CRL is downloaded at each verification.
  - getMessage
```
public java.lang.String getMessage()
```
    Return the possible error message of the last CRL verification Restituisce l'eventuale messaggio di errore relativo all'ultima operazione di verifica effettuata
    
    Returns:
    description of the last CRL verification error
  - setMessage
```
protected void setMessage(java.lang.String message)
```
    Set the possible error message Memorizza la descrizione dell'ultimo errore registrato durante la verifica
    
    Parameters:
    message - description of the last CRL verification error
  - updateCRL
```
public void updateCRL(java.security.Principal caName)
```
    Update CRL of specified CA Aggiorna la CRL relativa alla CA in oggetto
    
    Parameters:
    caName - DN of CA
  - save
```
public void save()
          throws java.lang.Exception
```
    Save certificates in authorities Salva i certificati in authorities
    
    Throws:
    
    java.lang.Exception
  - toCNNames
```
private java.lang.String toCNNames(java.lang.String DN)
```
    Convert DN to CN
    
    Parameters:
    DN - String
    
    Returns:
    String
  - addCertificateAuthority
```
public void addCertificateAuthority(byte[] cert)
                             throws java.security.GeneralSecurityException
```
    Add the specified CA certificate to CA list: certificate can be coded base64 or DER. Aggiunge alla lista delle CA riconosciute la CA specificata dal certificato cert il certificato pu� essere in base64 o in formato DER
    
    Parameters:
    cert - CA certificate
    
    Throws:
    
    java.security.GeneralSecurityException - if any error occurs during certificate parsing or if certificate is not issued by a valid CA
  - addCertificateAuthority
```
public void addCertificateAuthority(java.security.cert.X509Certificate cert)
                             throws java.security.GeneralSecurityException
```
    Add the specified CA certificate to CA list. Aggiunge alla lista delle CA riconosciute la CA specificata dal certificato cert il certificato pu� essere in base64 o in formato DER
    
    Parameters:
    cert - CA certificate
    
    Throws:
    
    java.security.GeneralSecurityException - if any error occurs during certificate parsing or if certificate is not issued by a valid CA
  - readCert
```
public static java.security.cert.Certificate readCert(byte[] certByte)
                                               throws java.security.GeneralSecurityException
```
    Reads and generates certificate from a sequence of bytes in DER or base64 Legge un certificato Certificate da una sequenza di bytes in DER o base64 e genera il certificato
    
    Parameters:
    certByte - sequence of bytes
    
    Returns:
    Certificate
    
    Throws:
    
    java.security.GeneralSecurityException - if any error occurs during certificate parsing
  - getBytesFromPath
```
public byte[] getBytesFromPath(java.lang.String fileName)
                        throws java.io.IOException
```
    Returns a bytearray of the file at the given path fileName Restituisce un array di byte corrispondenti al file nella posizione fileName
    
    Parameters:
    fileName - Path del file
    
    Returns:
    byte[]
    
    Throws:
    
    java.io.IOException - if any error occurs while reading file
  - removeCertificateAuthority
```
public void removeCertificateAuthority(java.security.Principal caName)
```
    Remove the specified CA from the list of CA Rimuove dalla lista delle CA riconosciute la CA specificata da caName
    
    Parameters:
    caName - DN of thr CA to remove
  - setDebug
```
public void setDebug(boolean debug)
```
    Activate or discactivate debug messages Attiva o disattiva i messaggi di debug
    
    Parameters:
    debug - if true, it shows debug messages

Class CertificationAuthorities

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

log

debug

useproxy

alwaysCrlUpdate

auth

authorities

message

Constructor Detail

CertificationAuthorities

CertificationAuthorities

CertificationAuthorities

CertificationAuthorities

CertificationAuthorities

Method Detail

loadFromStream

getCANumber

getCANames

getCA

getCACertificate

getCACertificate

isAccepted

verify

verify

setAlwaysCRLUpdate

getMessage

setMessage

updateCRL

save

toCNNames

addCertificateAuthority

addCertificateAuthority

readCert

getBytesFromPath

removeCertificateAuthority

setDebug