Intel

Developer Zone

ClientCertificateChain

com.intel.crypto

Class ClientCertificateChain

  • java.lang.Object
    • com.intel.crypto.ClientCertificateChain


  • public abstract class ClientCertificateChain
    extends java.lang.Object

    This class represents a Client Certificate Chain. Certificates should be added to the certificate chain from leaf to root and used by SslSession as the client certificate chain to authenticate the client to the server during establishment of a secure connection to a remote SSL server.

    • Method Summary

      Methods
      Modifier and Type Method and Description
      abstract void addCertificate(byte[] input, short inputIndex, short inputLength)
      Adds a single X.509 v3 certificate in DER encoded format to the client certificate chain
      static ClientCertificateChain create()
      A factory method returning a new client certificate chain instance
      abstract void destroy()
      Destroy this certificate store instance removing certificates that are not referenced by any other certificate store freeing system resources
      static short getMaxCertificateCount()
      Returns the maximum number of certificates allowed in the chain (including the leaf itself).
      static short getMaxCertificateLength()
      Returns the maximum size in bytes allowed for a single certificate
      static short getMaxLeafPrivateKeyLength()
      Returns the maximum size of leaf's private key
      abstract void setLeafPrivateKey(byte[] input, short inputIndex, short inputLength)
      Sets the private key which corresponds to the leaf certificate added to the chain The private key should be encoded in PKCS #1 format and up to 4096 bits
      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, toString
    • Method Detail

      • create

        public static ClientCertificateChain create()
        A factory method returning a new client certificate chain instance
        Throws:
        OutOfResourcesException - if the system's maximum allowed number of certificate stores/chains was exceeded
      • destroy

        public abstract void destroy()
                              throws CryptoException
        Destroy this certificate store instance removing certificates that are not referenced by any other certificate store freeing system resources
        Throws:
        IllegalUseException - if called more than once
        CryptoException - if an internal error occurred
      • getMaxCertificateLength

        public static short getMaxCertificateLength()
        Returns the maximum size in bytes allowed for a single certificate
        Returns:
        The maximum size in bytes allowed for a single certificate
      • getMaxCertificateCount

        public static short getMaxCertificateCount()
        Returns the maximum number of certificates allowed in the chain (including the leaf itself).
        Returns:
        the maximal number of certificates in the chain
      • getMaxLeafPrivateKeyLength

        public static short getMaxLeafPrivateKeyLength()
        Returns the maximum size of leaf's private key
        Returns:
        The maximum size of leaf's private key
      • addCertificate

        public abstract void addCertificate(byte[] input,
                          short inputIndex,
                          short inputLength)
                                     throws CryptoException
        Adds a single X.509 v3 certificate in DER encoded format to the client certificate chain
        Parameters:
        input - the certificate buffer
        inputIndex - the start index in the certificate buffer
        inputLength - the length of the certificate
        Throws:
        IllegalUseException - if destroy() was previously called
        IllegalParameterException - if the certificate format is invalid or there are illegal parameters
        OutOfResourcesException - if the certificate store space reached its maximum capacity or if the certificate chain reached its maximum capacity getMaxCertificateCount()
        CryptoException - if an internal error occurred
      • setLeafPrivateKey

        public abstract void setLeafPrivateKey(byte[] input,
                             short inputIndex,
                             short inputLength)
                                        throws CryptoException
        Sets the private key which corresponds to the leaf certificate added to the chain The private key should be encoded in PKCS #1 format and up to 4096 bits
        Parameters:
        input - the certificate buffer
        inputIndex - the start index in the certificate buffer
        inputLength - the length of the certificate
        Throws:
        IllegalUseException - if destroy() was previously called
        IllegalParameterException - if the certificate format is invalid or there are illegal parameters
        OutOfResourcesException - if the certificate store space reached its maximum capacity
        CryptoException - if an internal error occurred