Class TrustEngine

java.lang.Object
org.eclipse.osgi.service.security.TrustEngine

public abstract class TrustEngine extends Object
A TrustEngine is used to establish the authenticity of a Certificate chain.

Clients may implement this interface.

Since:
3.4
  • Constructor Details

    • TrustEngine

      public TrustEngine()
  • Method Details

    • findTrustAnchor

      public abstract Certificate findTrustAnchor(Certificate[] chain) throws IOException
      Returns the certificate trust anchor contained in the specified chain which was used to establish the authenticity of the chain. If no trust anchor is found in the chain then null is returned.
      Parameters:
      chain - - a complete or incomplete certificate chain, implementations *MAY* complete chains
      Returns:
      - the certificate trust anchor used to establish authenticity
      Throws:
      IOException - if there is a problem connecting to the backing store
    • addTrustAnchor

      public String addTrustAnchor(Certificate anchor, String alias) throws IOException, GeneralSecurityException
      Add a trust anchor point to this trust engine. A trust anchor implies that a certificate, and any of its children, is to be considered trusted. If null is used as the alias then an alias will be generated based on the trust anchor certificate.
      Parameters:
      anchor - - the certificate to add as an anchor point
      alias - - a unique and human-readable 'friendly name' which can be used to reference the certificate. A null value may be used.
      Returns:
      the alias used to store the entry
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
      IllegalArgumentException - if the alias or anchor already exist in this trust engine
    • doAddTrustAnchor

      protected abstract String doAddTrustAnchor(Certificate anchor, String alias) throws IOException, GeneralSecurityException
      Add a trust anchor point to this trust engine. A trust anchor implies that a certificate, and any of its children, is to be considered trusted. If null is used as the alias then an alias will be generated based on the trust anchor certificate.
      Parameters:
      anchor - - the certificate to add as an anchor point
      alias - - a unique and human-readable 'friendly name' which can be used to reference the certificate. A null value may be used.
      Returns:
      the alias used to store the entry
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
      IllegalArgumentException - if the alias or anchor already exist in this trust engine
    • removeTrustAnchor

      public final void removeTrustAnchor(Certificate anchor) throws IOException, GeneralSecurityException
      Remove a trust anchor point from the engine, based on the certificate itself.
      Parameters:
      anchor - - the certificate to be removed
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
    • doRemoveTrustAnchor

      protected abstract void doRemoveTrustAnchor(Certificate anchor) throws IOException, GeneralSecurityException
      Remove a trust anchor point from the engine, based on the certificate itself.
      Parameters:
      anchor - - the certificate to be removed
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
    • removeTrustAnchor

      public void removeTrustAnchor(String alias) throws IOException, GeneralSecurityException
      Remove a trust anchor point from the engine, based on the human readable "friendly name"
      Parameters:
      alias - - the name of the trust anchor
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
    • doRemoveTrustAnchor

      protected abstract void doRemoveTrustAnchor(String alias) throws IOException, GeneralSecurityException
      Remove a trust anchor point from the engine, based on the human readable "friendly name"
      Parameters:
      alias - - the name of the trust anchor
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
    • getTrustAnchor

      public abstract Certificate getTrustAnchor(String alias) throws IOException, GeneralSecurityException
      Return the certificate associated with the unique "friendly name" in the engine.
      Parameters:
      alias - - the friendly name
      Returns:
      the associated trust anchor
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
    • getAliases

      public abstract String[] getAliases() throws IOException, GeneralSecurityException
      Return the list of friendly name aliases for the TrustAnchors installed in the engine.
      Returns:
      string[] - the list of friendly name aliases
      Throws:
      IOException - if there is a problem connecting to the backing store
      GeneralSecurityException - if there is a certificate problem
    • isReadOnly

      public abstract boolean isReadOnly()
      Return a value indicate whether this trust engine is read-only.
      Returns:
      true if this trust engine is read-only false otherwise.
    • getName

      public abstract String getName()
      Return a representation string of this trust engine
      Returns:
      a string