com.intel.crypto
Class ClientCertificateChain
- java.lang.Object
-
- com.intel.crypto.ClientCertificateChain
-
public abstract class ClientCertificateChain extends java.lang.Object
This class represents a Client Certificate Chain. Certificates should be added to the certificate chain from leaf to root and used by
SslSession
as the client certificate chain to authenticate the client to the server during establishment of a secure connection to a remote SSL server.
-
-
Method Summary
Methods Modifier and Type Method and Description abstract void
addCertificate(byte[] input, short inputIndex, short inputLength)
Adds a single X.509 v3 certificate in DER encoded format to the client certificate chainstatic ClientCertificateChain
create()
A factory method returning a new client certificate chain instanceabstract void
destroy()
Destroy this certificate store instance removing certificates that are not referenced by any other certificate store freeing system resourcesstatic short
getMaxCertificateCount()
Returns the maximum number of certificates allowed in the chain (including the leaf itself).static short
getMaxCertificateLength()
Returns the maximum size in bytes allowed for a single certificatestatic short
getMaxLeafPrivateKeyLength()
Returns the maximum size of leaf's private keyabstract void
setLeafPrivateKey(byte[] input, short inputIndex, short inputLength)
Sets the private key which corresponds to the leaf certificate added to the chain The private key should be encoded in PKCS #1 format and up to 4096 bits
-
-
-
Method Detail
-
create
public static ClientCertificateChain create()
A factory method returning a new client certificate chain instance- Throws:
OutOfResourcesException
- if the system's maximum allowed number of certificate stores/chains was exceeded
-
destroy
public abstract void destroy() throws CryptoException
Destroy this certificate store instance removing certificates that are not referenced by any other certificate store freeing system resources- Throws:
IllegalUseException
- if called more than onceCryptoException
- if an internal error occurred
-
getMaxCertificateLength
public static short getMaxCertificateLength()
Returns the maximum size in bytes allowed for a single certificate- Returns:
- The maximum size in bytes allowed for a single certificate
-
getMaxCertificateCount
public static short getMaxCertificateCount()
Returns the maximum number of certificates allowed in the chain (including the leaf itself).- Returns:
- the maximal number of certificates in the chain
-
getMaxLeafPrivateKeyLength
public static short getMaxLeafPrivateKeyLength()
Returns the maximum size of leaf's private key- Returns:
- The maximum size of leaf's private key
-
addCertificate
public abstract void addCertificate(byte[] input, short inputIndex, short inputLength) throws CryptoException
Adds a single X.509 v3 certificate in DER encoded format to the client certificate chain- Parameters:
input
- the certificate bufferinputIndex
- the start index in the certificate bufferinputLength
- the length of the certificate- Throws:
IllegalUseException
- ifdestroy()
was previously calledIllegalParameterException
- if the certificate format is invalid or there are illegal parametersOutOfResourcesException
- if the certificate store space reached its maximum capacity or if the certificate chain reached its maximum capacitygetMaxCertificateCount()
CryptoException
- if an internal error occurred
-
setLeafPrivateKey
public abstract void setLeafPrivateKey(byte[] input, short inputIndex, short inputLength) throws CryptoException
Sets the private key which corresponds to the leaf certificate added to the chain The private key should be encoded in PKCS #1 format and up to 4096 bits- Parameters:
input
- the certificate bufferinputIndex
- the start index in the certificate bufferinputLength
- the length of the certificate- Throws:
IllegalUseException
- ifdestroy()
was previously calledIllegalParameterException
- if the certificate format is invalid or there are illegal parametersOutOfResourcesException
- if the certificate store space reached its maximum capacityCryptoException
- if an internal error occurred
-
-