diff options
Diffstat (limited to 'src/com/isode/stroke/tls/CAPICertificate.java')
-rw-r--r-- | src/com/isode/stroke/tls/CAPICertificate.java | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/src/com/isode/stroke/tls/CAPICertificate.java b/src/com/isode/stroke/tls/CAPICertificate.java new file mode 100644 index 0000000..2609a82 --- /dev/null +++ b/src/com/isode/stroke/tls/CAPICertificate.java @@ -0,0 +1,80 @@ +/* Copyright (c) 2013, Isode Limited, London, England. + * All rights reserved. + * + * Acquisition and use of this software and related materials for any + * purpose requires a written licence agreement from Isode Limited, + * or a written licence from an organisation licensed by Isode Limited Limited + * to grant such a licence. + * + */ + +package com.isode.stroke.tls; + +import java.security.cert.X509Certificate; + +import com.isode.stroke.base.NotNull; +import com.isode.stroke.tls.java.CAPIConstants; + +/** + * CAPICertificate objects refer to certificate/key pairs that are held by + * CAPI. A CAPICertificate itself doesn't have any key information inside + * it. It doesn't make sense to use these on platforms other than Windows. + */ +public class CAPICertificate extends CertificateWithKey { + + + private X509Certificate x509Certificate = null; + private String keyStoreName = null; + + @Override + public boolean isNull() { + return (x509Certificate == null); + } + + /** + * Construct a new object. Note that the constructor does not perform any + * checking that the specified certificate exists or is usable. Such a + * check will take place if/when the certificate and key are needed (for + * example, to establish a TLS connection), and it will be at this stage + * that any prompts may appear to insert a smartcard or enter a PIN etc.. + * + * + * @param x509Certificate an X509Certificate corresponding to a certificate + * that is available in certificate object which has been read from + * CAPI. Must not be null. + * + * @param keyStoreName the name of the Windows keystore containing this + * certificate. This may be null, in which case a search will be made of + * all the stores named in {@link CAPIConstants#knownSunMSCAPIKeyStores} + * and the first match used. + */ + public CAPICertificate(X509Certificate x509Certificate, String keyStoreName) { + NotNull.exceptIfNull(x509Certificate,"x509Certificate"); + this.x509Certificate = x509Certificate; + this.keyStoreName = keyStoreName; + } + + @Override + public String toString() { + return "CAPICertificate in " + + (keyStoreName == null ? "unspecified keystore" : keyStoreName) + + " for " + x509Certificate.getSubjectDN(); + } + + /** + * Return the X509Certificate associated with this object + * @return the X509Certificate, which will never be null. + */ + public X509Certificate getX509Certificate() { + return x509Certificate; + } + + /** + * Return the name of the KeyStore associated with this object, if any. + * @return the KeyStore name, which may be null + */ + public String getKeyStoreName() { + return keyStoreName; + } + +} |