ProxyGeneratorHelper (canl 2.5.0 API)

java.lang.Object
- eu.emi.security.authn.x509.helpers.proxy.ProxyGeneratorHelper

```
public class ProxyGeneratorHelper
extends Object
```
Actual implementation of the Proxy generation. The object is for one use only, i.e. it should not be reused to generate first certificate. It is strongly suggested to use ProxyGenerator.

Author:

K. Benedyczak

Constructor Summary

Constructors
Constructor and Description

ProxyGeneratorHelper()

Constructors
Constructor and Description
`ProxyGeneratorHelper()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static BigInteger`	`establishSerial(BaseProxyCertificateOptions param)` For LEGACY proxies returns the serial from the issuing certificate.
`ProxyCertificate`	`generate(ProxyCertificateOptions param, PrivateKey privateKey)` Generate the proxy certificate object from the local certificate.
`X509Certificate[]`	`generate(ProxyRequestOptions param, PrivateKey privateKey)` Generate the proxy certificate object from the received Certificate Signing Request.
`static X500Name`	`generateDN(X500Principal parentSubject, ProxyType type, boolean limited, BigInteger serial)` Generate a correct DN for the proxy, depending on its type.
`static KeyPair`	`generateKeyPair(int len)`
`static Integer`	`getChainKeyUsage(X509Certificate[] chain)` If the input chain has no KeyUsage extension null is returned.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ProxyGeneratorHelper
```
public ProxyGeneratorHelper()
```
- Method Detail
  - generate
```
public ProxyCertificate generate(ProxyCertificateOptions param,
                                 PrivateKey privateKey)
                          throws InvalidKeyException,
                                 SignatureException,
                                 NoSuchAlgorithmException,
                                 CertificateParsingException,
                                 IOException
```
    Generate the proxy certificate object from the local certificate.
    
    Parameters:
    
    param - proxy parameters
    
    privateKey - key to sign the proxy
    
    Returns:
    
    a newly created proxy certificate, wrapped together with a private key if it was also generated.
    
    Throws:
    
    InvalidKeyException - invalid key exception
    
    SignatureException - signature exception
    
    NoSuchAlgorithmException - no such algorithm exception
    
    CertificateParsingException - certificate parsing exception
    
    IOException - IO exception
  - generate
```
public X509Certificate[] generate(ProxyRequestOptions param,
                                  PrivateKey privateKey)
                           throws InvalidKeyException,
                                  SignatureException,
                                  NoSuchAlgorithmException,
                                  CertificateParsingException,
                                  IOException
```
    Generate the proxy certificate object from the received Certificate Signing Request.
    
    Parameters:
    
    param - proxy parameters
    
    privateKey - key to sign the proxy
    
    Returns:
    
    chain with the new proxy on the first position
    
    Throws:
    
    InvalidKeyException - invalid key exception
    
    SignatureException - signature exception
    
    NoSuchAlgorithmException - no such algorithm exception
    
    CertificateParsingException - certificate encoding exception
    
    IOException - IO exception
  - getChainKeyUsage
```
public static Integer getChainKeyUsage(X509Certificate[] chain)
```
    If the input chain has no KeyUsage extension null is returned. If at least one certificate in the chain has the Key Usage extension then a KeyUsage is returned which contains bitwise AND of KeyUsage flags from all certificates. The CA certificates are ignored in the computation.
    
    Parameters:
    
    chain - certificate chain
    
    Returns:
    
    chain key usage
  - establishSerial
```
public static BigInteger establishSerial(BaseProxyCertificateOptions param)
```
    For LEGACY proxies returns the serial from the issuing certificate. For the Draft/rfc proxies returns the manually set serial, or generateas a random one if not set.
    
    Parameters:
    
    param - proxy certificate options
    
    Returns:
    
    serial number
  - generateDN
```
public static X500Name generateDN(X500Principal parentSubject,
                                  ProxyType type,
                                  boolean limited,
                                  BigInteger serial)
```
    Generate a correct DN for the proxy, depending on its type.
    
    Parameters:
    
    parentSubject - parent subject
    
    type - proxy type
    
    limited - true if limited proxy
    
    serial - serial number
    
    Returns:
    
    generated proxy DN
  - generateKeyPair
```
public static KeyPair generateKeyPair(int len)
```

Class ProxyGeneratorHelper

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

ProxyGeneratorHelper

Method Detail

generate

generate

getChainKeyUsage

establishSerial

generateDN

generateKeyPair