Package org.italiangrid.voms.asn1
Class VOMSACGenerator
java.lang.Object
org.italiangrid.voms.asn1.VOMSACGenerator
- All Implemented Interfaces:
VOMSConstants
A generator for VOMS Attribute Certificates (ACs).
This class provides methods for creating VOMS ACs with customizable properties, including optional extensions and fake signature bits for testing purposes.
It uses BouncyCastle for cryptographic operations and supports various extensions required for VOMS attribute certificates.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enum
Enumeration defining various properties that can influence the generation of VOMS Attribute Certificates. -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final EnumSet
<VOMSACGenerator.ACGenerationProperties> Default generation properties (none enabled).static final org.bouncycastle.asn1.ASN1ObjectIdentifier
Fake extension OID used in testing.Fields inherited from interface org.italiangrid.voms.asn1.VOMSConstants
VOMS_CERTS_OID, VOMS_EXTENSION_OID, VOMS_FQANS_OID, VOMS_GENERIC_ATTRS_OID, VOMS_HANDLED_EXTENSIONS
-
Constructor Summary
ConstructorsConstructorDescriptionVOMSACGenerator
(eu.emi.security.authn.x509.X509Credential aaCredential) Constructs a VOMSACGenerator with the given credential. -
Method Summary
Modifier and TypeMethodDescriptionorg.bouncycastle.cert.X509AttributeCertificateHolder
generateVOMSAttributeCertificate
(EnumSet<VOMSACGenerator.ACGenerationProperties> generationProperties, List<String> fqans, List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert, BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) Generates a VOMS attribute certificate with the specified properties.org.bouncycastle.cert.X509AttributeCertificateHolder
generateVOMSAttributeCertificate
(List<String> fqans, List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert, BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) Generates a VOMS attribute certificate with the given properties.eu.emi.security.authn.x509.proxy.CertificateExtension
generateVOMSExtension
(List<org.bouncycastle.cert.X509AttributeCertificateHolder> acs) Generates a VOMS certificate extension.
-
Field Details
-
defaultGenerationProperties
Default generation properties (none enabled). -
FAKE_EXT_OID
public static final org.bouncycastle.asn1.ASN1ObjectIdentifier FAKE_EXT_OIDFake extension OID used in testing.
-
-
Constructor Details
-
VOMSACGenerator
public VOMSACGenerator(eu.emi.security.authn.x509.X509Credential aaCredential) Constructs a VOMSACGenerator with the given credential.- Parameters:
aaCredential
- the attribute authority credential
-
-
Method Details
-
generateVOMSAttributeCertificate
public org.bouncycastle.cert.X509AttributeCertificateHolder generateVOMSAttributeCertificate(List<String> fqans, List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert, BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) throws VOMSError Generates a VOMS attribute certificate with the given properties.- Parameters:
fqans
- the list of Fully Qualified Attribute Names (FQANs)gas
- the list of generic attributestargets
- the list of target restrictionsholderCert
- the X.509 certificate of the holderserialNumber
- the serial number of the ACnotBefore
- the start of the AC validity periodnotAfter
- the end of the AC validity periodvoName
- the VO namehost
- the VOMS server hostnameport
- the VOMS server port- Returns:
- the generated X.509 attribute certificate
- Throws:
VOMSError
- if certificate generation fails
-
generateVOMSAttributeCertificate
public org.bouncycastle.cert.X509AttributeCertificateHolder generateVOMSAttributeCertificate(EnumSet<VOMSACGenerator.ACGenerationProperties> generationProperties, List<String> fqans, List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert, BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) throws VOMSError Generates a VOMS attribute certificate with the specified properties.- Parameters:
generationProperties
- the properties influencing AC generationfqans
- the list of Fully Qualified Attribute Names (FQANs)gas
- the list of generic attributestargets
- the list of target restrictionsholderCert
- the X.509 certificate of the holderserialNumber
- the serial number of the ACnotBefore
- the start of the AC validity periodnotAfter
- the end of the AC validity periodvoName
- the VO namehost
- the VOMS server hostnameport
- the VOMS server port- Returns:
- the generated X.509 attribute certificate
- Throws:
VOMSError
- if certificate generation fails
-
generateVOMSExtension
public eu.emi.security.authn.x509.proxy.CertificateExtension generateVOMSExtension(List<org.bouncycastle.cert.X509AttributeCertificateHolder> acs) Generates a VOMS certificate extension.- Parameters:
acs
- the list of X.509 attribute certificates- Returns:
- the generated certificate extension
-