com.pega.pegarules.pub.util

Interface KeyStoreUtils

public interface KeyStoreUtils

This interface contains utility methods for keystore instance

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	COPYRIGHT
static java.lang.String	VERSION

Method Summary

Modifier and Type	Method and Description
java.util.List<byte[]>	getAllCertificates(java.lang.String keystoreName) Get all certificates from given keystore
java.lang.String	getAndValidateJWKByURL(java.lang.String keystoreName, java.lang.String jwkURI) Validate the keystore against the URL passed and return a JWKSet if validation is successful.
java.lang.String	getBase64EncodedThumbprintFromKeystore(java.lang.String keystoreName, java.lang.String alias, boolean isSha256ThumbprintHeader) Returns base 64 representation of thumbprint bytes given a keystore and alias
java.security.cert.Certificate	getCertificate(java.lang.String keystoreName, java.lang.String alias) Get certificate from given keystore and alias
java.lang.String	getCertificateAlias(java.lang.String keystoreName, java.security.cert.Certificate cert)
byte[]	getCertificateByAlias(java.lang.String keystoreName, java.lang.String alias)
java.security.cert.X509Certificate	getCertificateFromTrustStoreByIssuerNameSerial(java.lang.String trustStoreName, java.lang.String issuerName, java.math.BigInteger serialNumber)
java.security.cert.X509Certificate	getCertificateFromTrustStoreBySKI(java.lang.String trustStoreName, byte[] ski)
java.lang.String	getCertificateIssuerNameAndSerialByAlias(java.lang.String keystoreName, java.lang.String alias) Gets the Issuer Name and serial number based on keystrename and alias.
java.security.cert.Certificate	getCertificateUsingThumbprint(byte[] currentthumbPrint, java.lang.String keystoreName, boolean isSha256ThumbprintHeader) Gets the certificate corresponding to a given certificate thumbprint represented in the form of bytes.
long	getDataPageReloadTime(ClipboardPage dataPage) Calculate data page reload time from input datapage instance
long	getDataPageReloadTime(ClipboardPage dataPage, PRThread pThread) Calculate data page reload time from input datapage instance
java.lang.String	getJWKKeyStore(ClipboardPage keystore) Get JWK Keys in JSON string format using the keystore data instance clipboard page
java.lang.String	getJWKKeyStore(ClipboardPage keystore, PRThread prThread) Get JWK Keys in JSON string format using the keystore data instance clipboard page
java.lang.String	getJWKKeyStore(java.lang.String keystoreName) Given the keystoreName, return JWK keys in JSon string format.
java.lang.String	getJWKKeyStore(java.lang.String keystoreName, PRThread prThread) Given the keystoreName, return JWK keys in JSon string format.
java.security.Key	getKey(java.lang.String keystoreName, java.lang.String alias, java.lang.String password)
java.security.KeyStore	getKeystore(ClipboardPage keystore) Get the java.security.Keystore instance using the keystore data instance clipboard page
java.security.KeyStore	getKeystore(ClipboardPage keystore, PRThread prThread) Create the java.security.Keystore instance using the keystore data instance clipboard page
java.security.KeyStore	getKeystore(java.lang.String keystoreName) Given the keystoreName, return java.security.Keystore instance.
java.security.KeyStore	getKeystore(java.lang.String keystoreName, PRThread prThread) Given the keystoreName, return java.security.Keystore instance.
java.util.List<java.lang.String>	getKeyStoreAliases(java.lang.String keystoreName) Gets the keystore alias list.
ClipboardPage	getKeystoreInstance(java.lang.String keystoreName) Returns the Keystore instance for the given keystoreName
ClipboardPage	getKeystoreInstance(java.lang.String keystoreName, PRThread pThread) Returns the Keystore instance for the given keystoreName.
java.lang.String	getKeystoreSourceLocationType(java.lang.String aKeyStoreName)
java.lang.String	getKID(java.lang.String keystoreName, java.lang.String alias) API to get KID for the given keystore and alias
java.security.PublicKey	getPublicKey(java.lang.String truststore, java.lang.String alias) Get PublicKey for the given KID or Alias
void	invalidateKeyStore(java.lang.String aKeyStoreName) Remove given keystore from cache immediately.
boolean	isKeystoreSourceLocationKMS(ClipboardPage aKeyStorePage)
boolean	isKeystoreSourceLocationKMS(java.lang.String aKeyStoreName)
boolean	isPublicKeyPresent(java.lang.String aKeystoreName, java.nio.ByteBuffer publicKeyEncodedBytes) checks if a given public key is present in the keystore cache.
void	loadKeystore(java.io.InputStream aKeystore) Just pass keystore input stream to keystore layer.
boolean	validate(PublicAPI tools, ClipboardPage myStepPage) API to validate keystore properties

Field Detail

COPYRIGHT

static final java.lang.String COPYRIGHT

See Also:

Constant Field Values

VERSION

static final java.lang.String VERSION

Method Detail

getKeystore

java.security.KeyStore getKeystore(java.lang.String keystoreName)

Given the keystoreName, return java.security.Keystore instance. This method uses mThread context to return keystore.

Parameters:

keystoreName -

Returns:

an instance of java.security.Keystore. Throw PRRuntimeException if failed to get keystore

getKeystore

java.security.KeyStore getKeystore(java.lang.String keystoreName,
                                   PRThread prThread)

Given the keystoreName, return java.security.Keystore instance. This method use input prThread context to return keystore.

Parameters:

keystoreName -

prThread - provides requestor context

Returns:

an instance of java.security.Keystore. Throw PRRuntimeException if failed to get keystore.

getJWKKeyStore

java.lang.String getJWKKeyStore(java.lang.String keystoreName)

Given the keystoreName, return JWK keys in JSon string format. This method uses mThread context to return JWK keys.

Parameters:

keystoreName -

Returns:

return JWK keys in JSon string format.Throw PRRuntimeException if failed to get JWK keys.

getJWKKeyStore

java.lang.String getJWKKeyStore(java.lang.String keystoreName,
                                PRThread prThread)

Given the keystoreName, return JWK keys in JSon string format. This method use input prThread requestor context to return JWK keys.

Parameters:

keystoreName -

prThread - provides requestor context

Returns:

return JWK keys in JSon string format.Throw PRRuntimeException if failed to get JWK keys.

getKeyStoreAliases

java.util.List<java.lang.String> getKeyStoreAliases(java.lang.String keystoreName)

Gets the keystore alias list.

Parameters:

keystoreName - key store Name

Returns:

alias List. Throw PRRuntimeException if failed to get given keystore and its aliases

getAllCertificates

java.util.List<byte[]> getAllCertificates(java.lang.String keystoreName)

Get all certificates from given keystore

Parameters:

keystoreName - Name of the keystore

Returns:

List of encoded certificates as a byte array. Returns empty list if keystore does not have any certificates. Throw PRRuntimeException if failed to get given keystore

getCertificate

java.security.cert.Certificate getCertificate(java.lang.String keystoreName,
                                              java.lang.String alias)

Get certificate from given keystore and alias

Parameters:

keystoreName - Name of the keystore

alias - certificate alias

Returns:

Return Certificate. Returns null if the given alias does not have certificate

getKeystore

java.security.KeyStore getKeystore(ClipboardPage keystore)

Get the java.security.Keystore instance using the keystore data instance clipboard page

Parameters:

keystore - the PRPC keystore data instance clipboard page

Returns:

an instance of java.security.Keystore corresponding to the keystore information sent. Throw PRRuntimeException if failed to get given keystore

getKeystore

java.security.KeyStore getKeystore(ClipboardPage keystore,
                                   PRThread prThread)

Create the java.security.Keystore instance using the keystore data instance clipboard page

Parameters:

keystore - the PRPC keystore data instance clipboard page

prThread - provides requestor context

Returns:

an instance of java.security.Keystore corresponding to the keystore information sent. Throw PRRuntimeException if failed to get given keystore

getJWKKeyStore

java.lang.String getJWKKeyStore(ClipboardPage keystore)

Get JWK Keys in JSON string format using the keystore data instance clipboard page

Parameters:

keystore - the PRPC keystore data instance clipboard page

Returns:

JWK Keys in JSON string format. Throw PRRuntimeException if failed to get given keystore

getJWKKeyStore

java.lang.String getJWKKeyStore(ClipboardPage keystore,
                                PRThread prThread)

Get JWK Keys in JSON string format using the keystore data instance clipboard page

Parameters:

keystore - the PRPC keystore data instance clipboard page

prThread - provides requestor context

Returns:

JWK Keys in JSON string format. Throw PRRuntimeException if failed to get given keystore

getCertificateByAlias

byte[] getCertificateByAlias(java.lang.String keystoreName,
                             java.lang.String alias)

getKeystoreInstance

ClipboardPage getKeystoreInstance(java.lang.String keystoreName)
                           throws DatabaseException

Returns the Keystore instance for the given keystoreName

Parameters:

keystoreName -

Returns:

Returns the Keystore instance ClipboardPage

Throws:

DatabaseException

getKeystoreInstance

ClipboardPage getKeystoreInstance(java.lang.String keystoreName,
                                  PRThread pThread)
                           throws DatabaseException

Returns the Keystore instance for the given keystoreName.

Parameters:

keystoreName -

pThread - provides requestor context

Returns:

Returns the Keystore instance ClipboardPage

Throws:

DatabaseException

getCertificateIssuerNameAndSerialByAlias

java.lang.String getCertificateIssuerNameAndSerialByAlias(java.lang.String keystoreName,
                                                          java.lang.String alias)

Gets the Issuer Name and serial number based on keystrename and alias. If no certificates are found returns null.

Parameters:

keystoreName -

alias -

Returns:

String

validate

boolean validate(PublicAPI tools,
                 ClipboardPage myStepPage)

API to validate keystore properties

Parameters:

tools -

myStepPage -

Returns:

true if validation of rule form passes else return false

getKID

java.lang.String getKID(java.lang.String keystoreName,
                        java.lang.String alias)

API to get KID for the given keystore and alias

Parameters:

keystoreName -

alias -

Returns:

returns KID. Retruns null if alias does not exist. Throw PRRuntimeException if failed to get given keystore

loadKeystore

void loadKeystore(java.io.InputStream aKeystore)

Just pass keystore input stream to keystore layer. Keystore password will be retrieved from keystore rule form and validated. If validation fails, PRRuntimeException will be thrown

Parameters:

aKeystore -

getDataPageReloadTime

long getDataPageReloadTime(ClipboardPage dataPage)

Calculate data page reload time from input datapage instance

Parameters:

dataPage -

Returns:

data page reload time in seconds

getDataPageReloadTime

long getDataPageReloadTime(ClipboardPage dataPage,
                           PRThread pThread)

Calculate data page reload time from input datapage instance

Parameters:

dataPage -

pThread - provides requestor context

Returns:

data page reload time in seconds

invalidateKeyStore

void invalidateKeyStore(java.lang.String aKeyStoreName)

Remove given keystore from cache immediately. To perform this operation the requestor must have pzCanManageKeyStoreCache privilege

Parameters:

aKeyStoreName -

getPublicKey

java.security.PublicKey getPublicKey(java.lang.String truststore,
                                     java.lang.String alias)
                              throws DatabaseException,
                                     java.security.KeyStoreException

Get PublicKey for the given KID or Alias

Parameters:

truststore -

alias - , it can be alias or KID

Returns:

return Publickey. Returns null if there is no alias or no PublicKey associated with alias

Throws:

DatabaseException

java.security.KeyStoreException

getKey

java.security.Key getKey(java.lang.String keystoreName,
                         java.lang.String alias,
                         java.lang.String password)

Parameters:

keystoreName -

alias -

password -

Returns:

key. Returns null if alias not associated with the key entry(PrivateKeyEntry & SecretKeyEntry).

isPublicKeyPresent

boolean isPublicKeyPresent(java.lang.String aKeystoreName,
                           java.nio.ByteBuffer publicKeyEncodedBytes)

checks if a given public key is present in the keystore cache.

Parameters:

aKeystoreName -

publicKeyEncodedBytes -

Returns:

boolean

getAndValidateJWKByURL

java.lang.String getAndValidateJWKByURL(java.lang.String keystoreName,
                                        java.lang.String jwkURI)

Validate the keystore against the URL passed and return a JWKSet if validation is successful.

Parameters:

keystoreName -

jwkURI -

Returns:

JWKSet

getCertificateUsingThumbprint

java.security.cert.Certificate getCertificateUsingThumbprint(byte[] currentthumbPrint,
                                                             java.lang.String keystoreName,
                                                             boolean isSha256ThumbprintHeader)
                                                      throws java.io.IOException

Gets the certificate corresponding to a given certificate thumbprint represented in the form of bytes.

Parameters:

currentthumbPrint -

keystoreName -

isSha256ThumbprintHeader -

Returns:

certificate corresponding to the thumbprint bytes.

Throws:

java.io.IOException

getBase64EncodedThumbprintFromKeystore

java.lang.String getBase64EncodedThumbprintFromKeystore(java.lang.String keystoreName,
                                                        java.lang.String alias,
                                                        boolean isSha256ThumbprintHeader)

Returns base 64 representation of thumbprint bytes given a keystore and alias

Parameters:

keystoreName -

alias -

isSha256ThumbprintHeader -

Returns:

base 64 representation of thumbprint bytes given a keystore and alias

getKeystoreSourceLocationType

java.lang.String getKeystoreSourceLocationType(java.lang.String aKeyStoreName)

Parameters:

aKeyStoreName -

Returns:

keystore source location type. Returns null if input keystore is invalide

isKeystoreSourceLocationKMS

boolean isKeystoreSourceLocationKMS(java.lang.String aKeyStoreName)

Parameters:

aKeyStoreName -

Returns:

true if input keystore source location is KMS. Otherwise return false

isKeystoreSourceLocationKMS

boolean isKeystoreSourceLocationKMS(ClipboardPage aKeyStorePage)

Parameters:

aKeyStorePage -

Returns:

true if input keystore source location is KMS. Otherwise return false

getCertificateFromTrustStoreByIssuerNameSerial

java.security.cert.X509Certificate getCertificateFromTrustStoreByIssuerNameSerial(java.lang.String trustStoreName,
                                                                                  java.lang.String issuerName,
                                                                                  java.math.BigInteger serialNumber)

Parameters:

trustStoreName -

issuerName -

serialNumber -

Returns:

certificate

getCertificateFromTrustStoreBySKI

java.security.cert.X509Certificate getCertificateFromTrustStoreBySKI(java.lang.String trustStoreName,
                                                                     byte[] ski)
                                                              throws java.io.IOException

Parameters:

trustStoreName -

ski -

Returns:

certificate

Throws:

java.io.IOException

getCertificateAlias

java.lang.String getCertificateAlias(java.lang.String keystoreName,
                                     java.security.cert.Certificate cert)

Parameters:

keystoreName -

cert -

Returns:

alias