This class represents the ACCerts extension which may be present in the AC.
Creates an empty ACCerts object.
Creates an ACCerts starting from a sequence.
AttributeCertificateInfo ::= SEQUENCE {
version AttCertVersion -- version is v2,
holder Holder,
issuer AttCertIssuer,
signature AlgorithmIdentifier,
serialNumber CertificateSerialNumber,
attrCertValidityPeriod AttCertValidityPeriod,
attributes SEQUENCE OF Attribute,
issuerUniqueID UniqueIdentifier OPTIONAL,
extensions Extensions OPTIONAL
}
AttCertVersion ::= INTEGER { v2(1) }
The intent of this class is to represent the ACTargets extension which
may be present in the AC.
Creates an ACTargets from a sequence.
Validator class capable of validating an Attribute Certificate
and verify its signature against a trust store of Attribute
Authority certificates.
Manually adds a certificate to the list.
Adds a FQAN to the list of requested FQANs.
Adds a target to the list of targets for this VOMSRequestOptions
object.
Shadow implementation of AttributeCertificateInfo from
BouncyCastle
A shadow implementation of the non-working BouncyCastle implementation
of X.509 Attribute Certificates
Shadow implementation of AttributeCertificateInfo from
BouncyCastle
This calss represents an Attribute Holder object.
Creates an AttributeHolder object from a Sequence.
Reads all certificates from given files, accepts binary form of DER encoded certs and
the Base64 form of the DER encoded certs (PEM).
Creates a new instance of CertReader.
Creates a new instance of CertReader with the
specified provider.
Creates a new instance of CertReader with the
specified provider
Lists all the files in the given directory that end with
a certain ending.
Creates new FileIterator and searches the first match.
The list of files in the directory.
Finds out the index of the client cert in a certificate chain.
Finds the record in the signing policy which deals with the specified
issuer.
Finds the record in the signing policy which deals with the specified
issuer, starting from a specified record.
Finds the next matching file in the list of files.
Parses and assembles Fully Qualified Attribute Names
(FQANs) used by VOMS.
This class represents the GenericAttributes extension which may be found
in the AC.
Creates a FullAttributes object from a sequence.
This class represents the single Generic Attribute.
Creates a GenericAttributes object from a sequence.
Returns an array of issuer candidates, by performing a name
comparison of the AC's issuer and the subject names of the
certificates in the trust store.
Gets an array of candidate issuer certificates for an AC with the
given issuer and belonging to the given VO.
Returns candidates to the role of signer of an AC with he given
issuer and of the give VO.
Direct access to the Attribute Certificate is going to
be removed.
Extracts the AC from the VOMS response.
Extracts the AC from the VOMS response.
Gets the AccessIDCA from the current record.
Gets the AuthorityKeyIdentifier extension form the passed certificate.
Returns a list of the AttributeHolders.
Gets a list of Generic Attributes.
Returns a list of the attributes matching the provided OID.
Gets the basename of a file.
Gets the BasicConstraints extension form the passed certificate.
Gets the certificates that signed the AC, if the ACCerts extension
is present.
Gets the CondSubjects from the current record.
Extracts the textual data from the VOMS response.
Makes a DERObject representation.
Makes a DERObject representation.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Makes a DERObject representation.
Makes a DERObject representation.
Makes a DERObject representation.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Returns the allowed subject/issuer DN sequences for this file.
Gets a copy of the Generic Attributes extension.
Gets the Grantor of these attributes.
This method extracts group name information from the FQAN passed as argument.
Gets the MD5 hash value of the given byte array.
Gets the MD5 hash value of the given principal.
Gets the MD5 hash value of the subject of the given certificate.
Gets the MD5 hash value of the issuer of the given CRL.
Gets the MD5 hash value of the given principal.
Returns an String representation of the AC holder.
Returns an OpenSSL-style representation of the AC holder.
Returns the hostName of the issuing VOMS server.
Returns the address of the issuing VOMS server, on the form <host>:<port>
static variant of the constructor.
Static variant of the constructor.
Static variant of the constructor.
Static variant of the constructor.
Static variant of the constructor.
Create an Attribute Certificate from a input stream containing
DER-encoded data
Returns an OpenSSL-style representation of the AC issuer.
Returns an OpenSSL-style representation of the AC issuer.
Used to get the file listing, the list of files matching
the definition in constructor.
Gets the LSC file corresponding to the given VO, for the given
server.
Returns the LSCFile corresponding to the VO and Host specified.
Gets the name of the attribute
Returns the basename of the file from which this was loaded.
Gets the basename of the file from which this was loaded.
Returns the end date of the AC validity.
Return the start date of the AC validity.
Gets an OpenSSL-style representation of a principal.
Returns the port on which the issuing VOMS server is listening
Gets the PosRights from the current record.
Gets the qualifier of the attribute
This method is used to parse a VOMS response from an input stream.
This method extracts the role name information from the FQAN passed as argument.
Returns the serial number of the AC.
Returns the signature of the AC.
Gets the SubjectKeyIdentifier extension form the passed certificate.
Gets the list of targets.
Gets the targets of this AC.
This method returs the user certificate loaded in this UserCredentials
.
This method returs the user certificate chain loaded in this UserCredentials
.
This method returs the user credential openssl private key.
Gets the value of the attribute
Extracts the version from the VOMS response.
Implementation of IetfAttrSyntax
as specified
by RFC3281.
The index of the next match in the fileList.
Static instance constructor for a UserCredentials
.
Static instance constructor for a UserCredentials
.
Static instance constructor for a UserCredentials
.
Static instance constructor for a UserCredentials
.
Static instance constructor for a UserCredentials
.
Checks if the passed certificate is a CA certificate.
This methods checks that the FQAN passed as argument identifies a voms group.
Checks the given X509 certificate to see if it is the holder of the AC.
Checks the given X509 certificate to see if it is the issuer of the AC.
Checks if the passed certificate is a proxy certificate.
This methods checks that the FQAN passed as argument identifies a qualified voms role, i.e.,
a role defined in the context of a voms group.
This methods checks that the FQAN passed as argument identifies a voms role.
Synonym for validAt(null)
Checks if the Attribute is valid.
Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it
Copyright (c) Members of the EGEE Collaboration.
Parses a voms response reading from a given input stream.
This class provides utility methods that are used for parsing, matching voms
FQANs (Fully Qualified Attribute Names).
PKIStore is the class serving to store all the components of a common PKI
installation, i.e.: CA certificates, CRLs, Signing policy files...
This is equivalent to PKIStore(dir, type, true)
Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it
Copyright (c) Members of the EGEE Collaboration.
Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it
Copyright (c) Members of the EGEE Collaboration.
Checks if the give certificate is self-issued.
This method is used to send a request to a VOMS server.
Changes the aggressive mode of the store.
Sets the indicate record as the current record.
Sets the lifetime for this VOMSRequestOptions
object.
Sets the ordering string of this VOMSRequestOptions
object.
Sets the list of requested FQANs for this VOMSRequestOptions
object.
Sets the list of targets (i.e., host where the requested ACs will be valid) for this
VOMSRequestOptions
object.
The purpose of this class is to represent a *.signing_policy file.
Loads a *.signing_policy file.
Skips empty lines in the stream.
Skips everything in front of "-----BEGIN" in the stream.
Prepares a BufferedInputStream to read either a certificate or a CRL
from it.
Stops refreshing the store.
Checks if the AC was valid at the provided timestamp.
Checks if the AC was valid at the provided timestamp.
Verifies the signature of the AC using the provided signature key
Representation of the authorization information (VO, server address
and list of Fully Qualified Attribute Names, or FQANs) contained in
a VOMS attribute certificate.
Parses the contents of an attribute certificate.
NOTE: Cryptographic signatures, time stamps etc.
This class implements a decoder for the non-standard Base-64 algorithm used
by voms.
This class is used to decode VOMS error messages contained in a VOMS
response.
This class implements support for vomses configuration files and directories.
Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it
Copyright (c) Members of the EGEE Collaboration.
This class is used to decode VOMS error messages contained in a VOMS
response.
This class implements the XML parsing of responses produced by VOMS servers.
This class manages the client-side communication protocol with the VOMS server.
Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it
Copyright (c) Members of the EGEE Collaboration.
This class implements the voms-proxy-init functionality.
This class builds VOMS XML requests starting from VOMSRequestOptions
objects.
This class represents options that constitute VOMS requests.
This class is used to parse and represent VOMS server responses.
Builds a VOMSResponse starting from a DOM an XML document (see Document
).
This class represents information about a remote voms server as found
in vomses configuration files.
A VOMSServerMap
organizes voms servers found in vomses configuration files
in map keyed by vo.
The VOMSSocket
class is used to manage the creation of the gsi socket used for communication with
the VOMS server.
Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it
Copyright (c) Members of the EGEE Collaboration.
This class is used to decode VOMS error messages contained in a VOMS
response.