Security Objects Service provides an interface for the security objects service, that allows access to the security objects (keys and certificates) in the configuration. It also allows a new keystore to be created containing a subset of the security objects in the configuration.

Method Description

KeyStore getKeyStore(Set<String> aliases, char[] password)

Returns a new key store that is a subset of this one, with just the keys or certificates with the given aliases. Note that this method will never return SSH keys as they need additional decoding in order to be used. The explicit SSH methods in RDK2.1 should be used instead.

Parameters:

  • aliases - the aliases of the keys or certificates to go in the new key store.
  • password - the password for the keys in the new key store.

Exceptions:

  • IOException - if there is an IO error with the new key store.
  • GeneralSecurityException - if there is an error loading one of the security objects with the given aliases.

Key getKey(String name)

Retrieves a key from Rhapsody's security provider.

Parameters:

  • name - the name of the key to retrieve.

Exceptions:

  • KeyNotFoundException - if the specified key could not be found.
  • GeneralSecurityException - if there is an error loading the key.

Certificate getCertificate(String name)

Retrieves a certificate from Rhapsody's security provider.

Parameters:

  • name - the name of the key to retrieve

Exceptions:

  • CertificateNotFoundException - if the specified certificate could not be found.
  • GeneralSecurityException - if there is an error loading the key.

Certificate[] getCertificateChain(String name)

Retrieves a certificate chain from Rhapsody's security provider. If these are X509 certificates (almost certainly the case) then the certificate chain will be reordered if necessary prior to returning them.

Parameters:

  • name - the name of the certificate chain to retrieve.

Exceptions:

  • CertificateNotFoundException - if the specified certificate could not be found.
  • GeneralSecurityException - if there is an error loading the key.

X509Certificate getCertificate(X500Principal subject)

Retrieves a certificate from Rhapsody's security provider with the specified subject.

Parameters:

  • subject.

Exceptions:

  • CertificateNotFoundException - if the specified certificate could not be found.
  • GeneralSecurityException - if there is an error loading the key.

Save

Save