Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Jitsi: the OpenSource Java VoIP and Instant Messaging client.
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

net.java.sip.communicator.service.certificate
Interface CertificateService

All Known Implementing Classes:
CertificateServiceImpl
public interface CertificateService

A service which implementors will ask the user for permission for the certificates which are for some reason not valid and not globally trusted.

Author:
Damian Minkov, Ingo Bauersachs

Field Summary
static int DO_NOT_TRUST
          Result of user interaction.
static String PNAME_ALWAYS_TRUST
          Property for always trust mode.
static String PNAME_CLIENTAUTH_CERTCONFIG_BASE
          The property name prefix of all client authentication configurations.
static String PNAME_NO_USER_INTERACTION
          When set to true, the certificate check is performed.
static String PNAME_TRUSTSTORE_FILE
          Property that is being applied to the system property javax.net.ssl.trustStore
static String PNAME_TRUSTSTORE_PASSWORD
          Property that is being applied to the system property javax.net.ssl.trustStorePassword
static String PNAME_TRUSTSTORE_TYPE
          Property that is being applied to the system property javax.net.ssl.trustStoreType
static int TRUST_ALWAYS
          Result of user interaction.
static int TRUST_THIS_SESSION_ONLY
          Result of user interaction.
 
Method Summary
 void addCertificateToTrust(Certificate cert, String trustFor, int trustMode)
          Adds a certificate to the local trust store.
 List<CertificateConfigEntry> getClientAuthCertificateConfigs()
          Returns all saved CertificateConfigEntrys.
 SSLContext getSSLContext()
          Get an SSL Context that validates certificates based on the JRE default check and asks the user when the JRE check fails.
 SSLContext getSSLContext(KeyManager[] keyManagers, X509TrustManager trustManager)
          Get an SSL Context with the specified trustmanager.
 SSLContext getSSLContext(String clientCertConfig, X509TrustManager trustManager)
          Get an SSL Context with the specified trustmanager.
 SSLContext getSSLContext(X509TrustManager trustManager)
          Get an SSL Context with the specified trustmanager.
 List<KeyStoreType> getSupportedKeyStoreTypes()
          Gets a list of all supported KeyStore types.
 X509TrustManager getTrustManager(Iterable<String> identitiesToTest)
          Creates a trustmanager that validates the certificate based on the JRE default check and asks the user when the JRE check fails.
 X509TrustManager getTrustManager(Iterable<String> identitiesToTest, CertificateMatcher clientVerifier, CertificateMatcher serverVerifier)
          Creates a trustmanager that validates the certificate based on the JRE default check and asks the user when the JRE check fails.
 X509TrustManager getTrustManager(String identityToTest)
           
 X509TrustManager getTrustManager(String identityToTest, CertificateMatcher clientVerifier, CertificateMatcher serverVerifier)
           
 void removeClientAuthCertificateConfig(String id)
          Deletes a saved CertificateConfigEntry.
 void setClientAuthCertificateConfig(CertificateConfigEntry entry)
          Saves or updates the passed CertificateConfigEntry to the config.
 

Field Detail

PNAME_ALWAYS_TRUST

static final String PNAME_ALWAYS_TRUST
Property for always trust mode. When enabled certificate check is skipped.

See Also:
Constant Field Values

PNAME_NO_USER_INTERACTION

static final String PNAME_NO_USER_INTERACTION
When set to true, the certificate check is performed. If the check fails the user is not asked and the error is directly reported to the calling service.

See Also:
Constant Field Values

PNAME_CLIENTAUTH_CERTCONFIG_BASE

static final String PNAME_CLIENTAUTH_CERTCONFIG_BASE
The property name prefix of all client authentication configurations.

See Also:
Constant Field Values

PNAME_TRUSTSTORE_TYPE

static final String PNAME_TRUSTSTORE_TYPE
Property that is being applied to the system property javax.net.ssl.trustStoreType

See Also:
Constant Field Values

PNAME_TRUSTSTORE_FILE

static final String PNAME_TRUSTSTORE_FILE
Property that is being applied to the system property javax.net.ssl.trustStore

See Also:
Constant Field Values

PNAME_TRUSTSTORE_PASSWORD

static final String PNAME_TRUSTSTORE_PASSWORD
Property that is being applied to the system property javax.net.ssl.trustStorePassword

See Also:
Constant Field Values

DO_NOT_TRUST

static final int DO_NOT_TRUST
Result of user interaction. User does not trust this certificate.

See Also:
Constant Field Values

TRUST_ALWAYS

static final int TRUST_ALWAYS
Result of user interaction. User will always trust this certificate.

See Also:
Constant Field Values

TRUST_THIS_SESSION_ONLY

static final int TRUST_THIS_SESSION_ONLY
Result of user interaction. User will trust this certificate only for the current session.

See Also:
Constant Field Values
Method Detail

getClientAuthCertificateConfigs

List<CertificateConfigEntry> getClientAuthCertificateConfigs()
Returns all saved CertificateConfigEntrys.

Returns:
List of the saved authentication configurations.

removeClientAuthCertificateConfig

void removeClientAuthCertificateConfig(String id)
Deletes a saved CertificateConfigEntry.

Parameters:
id - The ID (CertificateConfigEntry.getId()) of the entry to delete.

setClientAuthCertificateConfig

void setClientAuthCertificateConfig(CertificateConfigEntry entry)
Saves or updates the passed CertificateConfigEntry to the config. If CertificateConfigEntry.getId() returns null, a new entry is created.

Parameters:
entry - The @see CertificateConfigEntry to save or update.

getSupportedKeyStoreTypes

List<KeyStoreType> getSupportedKeyStoreTypes()
Gets a list of all supported KeyStore types.

Returns:
a list of all supported KeyStore types.

getSSLContext

SSLContext getSSLContext()
                         throws GeneralSecurityException
Get an SSL Context that validates certificates based on the JRE default check and asks the user when the JRE check fails. CAUTION: Only the certificate itself is validated, no check is performed whether it is valid for a specific server or client.

Returns:
An SSL context based on a user confirming trust manager.
Throws:
GeneralSecurityException

getSSLContext

SSLContext getSSLContext(X509TrustManager trustManager)
                         throws GeneralSecurityException
Get an SSL Context with the specified trustmanager.

Parameters:
trustManager - The trustmanager that will be used by the created SSLContext
Returns:
An SSL context based on the supplied trust manager.
Throws:
GeneralSecurityException

getSSLContext

SSLContext getSSLContext(String clientCertConfig,
                         X509TrustManager trustManager)
                         throws GeneralSecurityException
Get an SSL Context with the specified trustmanager.

Parameters:
clientCertConfig - The ID of a client certificate configuration entry that is to be used when the server asks for a client TLS certificate
trustManager - The trustmanager that will be used by the created SSLContext
Returns:
An SSL context based on the supplied trust manager.
Throws:
GeneralSecurityException

getSSLContext

SSLContext getSSLContext(KeyManager[] keyManagers,
                         X509TrustManager trustManager)
                         throws GeneralSecurityException
Get an SSL Context with the specified trustmanager.

Parameters:
keyManagers - The key manager(s) to be used for client authentication
trustManager - The trustmanager that will be used by the created SSLContext
Returns:
An SSL context based on the supplied trust manager.
Throws:
GeneralSecurityException

getTrustManager

X509TrustManager getTrustManager(Iterable<String> identitiesToTest)
                                 throws GeneralSecurityException
Creates a trustmanager that validates the certificate based on the JRE default check and asks the user when the JRE check fails. When null is passed as the identityToTest then no check is performed whether the certificate is valid for a specific server or client. The passed identities are checked by applying a behavior similar to the on regular browsers use.

Parameters:
identitiesToTest - when not null, the values are assumed to be hostnames for invocations of checkServerTrusted and e-mail addresses for invocations of checkClientTrusted
Returns:
TrustManager to use in an SSLContext
Throws:
GeneralSecurityException

getTrustManager

X509TrustManager getTrustManager(String identityToTest)
                                 throws GeneralSecurityException
Parameters:
identityToTest - when not null, the value is assumed to be a hostname for invocations of checkServerTrusted and an e-mail address for invocations of checkClientTrusted
Returns:
TrustManager to use in an SSLContext
Throws:
GeneralSecurityException
See Also:
getTrustManager(Iterable)

getTrustManager

X509TrustManager getTrustManager(String identityToTest,
                                 CertificateMatcher clientVerifier,
                                 CertificateMatcher serverVerifier)
                                 throws GeneralSecurityException
Parameters:
identityToTest - The identity to match against the supplied verifiers.
clientVerifier - The verifier to use in calls to checkClientTrusted
serverVerifier - The verifier to use in calls to checkServerTrusted
Returns:
TrustManager to use in an SSLContext
Throws:
GeneralSecurityException
See Also:
getTrustManager(Iterable, CertificateMatcher, CertificateMatcher)

getTrustManager

X509TrustManager getTrustManager(Iterable<String> identitiesToTest,
                                 CertificateMatcher clientVerifier,
                                 CertificateMatcher serverVerifier)
                                 throws GeneralSecurityException
Creates a trustmanager that validates the certificate based on the JRE default check and asks the user when the JRE check fails. When null is passed as the identityToTest then no check is performed whether the certificate is valid for a specific server or client.

Parameters:
identitiesToTest - The identities to match against the supplied verifiers.
clientVerifier - The verifier to use in calls to checkClientTrusted
serverVerifier - The verifier to use in calls to checkServerTrusted
Returns:
TrustManager to use in an SSLContext
Throws:
GeneralSecurityException

addCertificateToTrust

void addCertificateToTrust(Certificate cert,
                           String trustFor,
                           int trustMode)
                           throws CertificateException
Adds a certificate to the local trust store.

Parameters:
cert - The certificate to add to the trust store.
trustFor -
trustMode - Whether to trust the certificate permanently or only for the current session.
Throws:
CertificateException - when the thumbprint could not be calculated
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Jitsi: the OpenSource Java VoIP and Instant Messaging client.
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Jitsi, the OpenSource Java VoIP and Instant Messaging client.
Distributable under LGPL license.