OpenSshCertificate (Base API 3.0.7 API)

java.lang.Object
- com.sshtools.common.publickey.OpenSshCertificate

All Implemented Interfaces:

SshPublicKey, SecureComponent

Direct Known Subclasses:

OpenSshEcdsaCertificate, OpenSshEd25519Certificate, OpenSshRsaCertificate
```
public abstract class OpenSshCertificate
extends java.lang.Object
implements SshPublicKey
```
To generate a key that supports this use ssh-keygen -s ca_key -I 2 -n lee,kelly -z 12345 -O force-command=ls -O source-address=192.168.82.0/24 -O no-port-forwarding user_key.pub

Author:

lee

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`OPTION_FORCE_COMMAND`
`static java.lang.String`	`OPTION_SOURCE_ADDRESS`
`static java.lang.String`	`PERMIT_AGENT_FORWARDING`
`static java.lang.String`	`PERMIT_PORT_FORWARDING`
`static java.lang.String`	`PERMIT_USER_PTY`
`static java.lang.String`	`PERMIT_USER_RC`
`static java.lang.String`	`PERMIT_X11_FORWARDING`
`protected SshPublicKey`	`publicKey`
`static int`	`SSH_CERT_TYPE_HOST`
`static int`	`SSH_CERT_TYPE_USER`

Constructor Summary

Constructors
Constructor and Description

OpenSshCertificate()

Constructors
Constructor and Description
`OpenSshCertificate()`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`protected void`	`decodeCertificate(com.sshtools.common.util.ByteArrayReader reader)`
`protected abstract void`	`decodePublicKey(com.sshtools.common.util.ByteArrayReader reader)`
`protected void`	`encodeCertificate(com.sshtools.common.util.ByteArrayWriter writer)`
`java.util.Map<java.lang.String,java.lang.String>`	`getCriticalOptions()` Deprecated. Process CertificateExtension values directly.
`java.util.List<CriticalOption>`	`getCriticalOptionsList()`
`byte[]`	`getEncoded()` Encode the public key into a blob of binary data, the encoded result will be passed into init to recreate the key.
`java.lang.String`	`getEncodingAlgorithm()` The algorithm name used in the encoding of the public key
`CertificateExtension`	`getExtension(java.lang.String key)`
`java.util.List<java.lang.String>`	`getExtensions()` Deprecated. Process CertificateExtension values directly.
`java.util.List<CertificateExtension>`	`getExtensionsList()`
`java.util.Map<java.lang.String,java.lang.String>`	`getExtensionsMap()` Deprecated. Process CertificateExtension values directly.
`java.lang.String`	`getFingerprint()` Return an SSH fingerprint of the public key
`java.lang.String`	`getForcedCommand()`
`java.lang.String`	`getKeyId()`
`java.util.List<java.lang.String>`	`getPrincipals()`
`com.sshtools.common.util.UnsignedInteger64`	`getSerial()`
`SshPublicKey`	`getSignedBy()`
`SshPublicKey`	`getSignedKey()`
`java.util.Set<java.lang.String>`	`getSourceAddresses()`
`int`	`getType()`
`java.util.Date`	`getValidAfter()`
`java.util.Date`	`getValidBefore()`
`void`	`init(byte[] blob, int start, int len)` Initialize the public key from a blob of binary data.
`boolean`	`isForceCommand()`
`boolean`	`isHostCertificate()`
`boolean`	`isUserCertificate()`
`void`	`sign(SshPublicKey publicKey, com.sshtools.common.util.UnsignedInteger64 serial, int type, java.lang.String keyId, java.util.List<java.lang.String> validPrincipals, com.sshtools.common.util.UnsignedInteger64 validAfter, com.sshtools.common.util.UnsignedInteger64 validBefore, java.util.List<CriticalOption> criticalOptions, java.util.List<CertificateExtension> extensions, SshKeyPair signingKey)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.sshtools.common.ssh.components.SshPublicKey
getAlgorithm, getBitLength, getJCEPublicKey, getSigningAlgorithm, isCertificate, test, verifySignature

Methods inherited from interface com.sshtools.common.ssh.SecureComponent
getPriority, getSecurityLevel

Field Detail

SSH_CERT_TYPE_USER
```
public static final int SSH_CERT_TYPE_USER
```
See Also:

Constant Field Values

SSH_CERT_TYPE_HOST
```
public static final int SSH_CERT_TYPE_HOST
```
See Also:

Constant Field Values

PERMIT_X11_FORWARDING

public static final java.lang.String PERMIT_X11_FORWARDING

See Also:: Constant Field Values

PERMIT_PORT_FORWARDING

public static final java.lang.String PERMIT_PORT_FORWARDING

See Also:: Constant Field Values

PERMIT_AGENT_FORWARDING

public static final java.lang.String PERMIT_AGENT_FORWARDING

See Also:: Constant Field Values

PERMIT_USER_PTY

public static final java.lang.String PERMIT_USER_PTY

See Also:: Constant Field Values

PERMIT_USER_RC

public static final java.lang.String PERMIT_USER_RC

See Also:: Constant Field Values

OPTION_FORCE_COMMAND

public static final java.lang.String OPTION_FORCE_COMMAND

See Also:: Constant Field Values

OPTION_SOURCE_ADDRESS

public static final java.lang.String OPTION_SOURCE_ADDRESS

See Also:: Constant Field Values

publicKey
```
protected SshPublicKey publicKey
```

Constructor Detail
- OpenSshCertificate
```
public OpenSshCertificate()
```

Method Detail

getEncodingAlgorithm
```
public java.lang.String getEncodingAlgorithm()
```
Description copied from interface: SshPublicKey

The algorithm name used in the encoding of the public key

Specified by:

getEncodingAlgorithm in interface SshPublicKey

isUserCertificate
```
public boolean isUserCertificate()
```

isHostCertificate
```
public boolean isHostCertificate()
```

getSignedKey
```
public SshPublicKey getSignedKey()
```

getFingerprint
```
public final java.lang.String getFingerprint()
                                      throws SshException
```
Description copied from interface: SshPublicKey

Return an SSH fingerprint of the public key

Specified by:

getFingerprint in interface SshPublicKey

Returns:

String

Throws:

SshException

init
```
public void init(byte[] blob,
                 int start,
                 int len)
          throws SshException
```
Description copied from interface: SshPublicKey

Initialize the public key from a blob of binary data.

Specified by:

init in interface SshPublicKey

Throws:

SshException

getEncoded
```
public byte[] getEncoded()
                  throws SshException
```
Description copied from interface: SshPublicKey

Encode the public key into a blob of binary data, the encoded result will be passed into init to recreate the key.

Specified by:

getEncoded in interface SshPublicKey

Returns:

an encoded byte array

Throws:

SshException

decodePublicKey

protected abstract void decodePublicKey(com.sshtools.common.util.ByteArrayReader reader)
                                 throws java.io.IOException,
                                        SshException

Throws:: java.io.IOException; SshException

encodeCertificate

protected void encodeCertificate(com.sshtools.common.util.ByteArrayWriter writer)
                          throws java.io.IOException,
                                 SshException

Throws:: java.io.IOException; SshException

getExtension

public CertificateExtension getExtension(java.lang.String key)

decodeCertificate

protected void decodeCertificate(com.sshtools.common.util.ByteArrayReader reader)
                          throws java.io.IOException,
                                 SshException

Throws:: java.io.IOException; SshException

sign

public void sign(SshPublicKey publicKey,
                 com.sshtools.common.util.UnsignedInteger64 serial,
                 int type,
                 java.lang.String keyId,
                 java.util.List<java.lang.String> validPrincipals,
                 com.sshtools.common.util.UnsignedInteger64 validAfter,
                 com.sshtools.common.util.UnsignedInteger64 validBefore,
                 java.util.List<CriticalOption> criticalOptions,
                 java.util.List<CertificateExtension> extensions,
                 SshKeyPair signingKey)
          throws SshException

Throws:: SshException

getSignedBy
```
public SshPublicKey getSignedBy()
```

getType
```
public int getType()
```

getPrincipals

public java.util.List<java.lang.String> getPrincipals()

getExtensions
```
@Deprecated
public java.util.List<java.lang.String> getExtensions()
```
Deprecated. Process CertificateExtension values directly.

Returns:

getCriticalOptionsList

public java.util.List<CriticalOption> getCriticalOptionsList()

getExtensionsList

public java.util.List<CertificateExtension> getExtensionsList()

getExtensionsMap
```
public java.util.Map<java.lang.String,java.lang.String> getExtensionsMap()
```
Deprecated. Process CertificateExtension values directly.

Returns:

isForceCommand
```
public boolean isForceCommand()
```

getForcedCommand

public java.lang.String getForcedCommand()

getSourceAddresses

public java.util.Set<java.lang.String> getSourceAddresses()

getValidBefore

public java.util.Date getValidBefore()

getValidAfter
```
public java.util.Date getValidAfter()
```

getSerial

public com.sshtools.common.util.UnsignedInteger64 getSerial()

getKeyId
```
public java.lang.String getKeyId()
```

getCriticalOptions
```
public java.util.Map<java.lang.String,java.lang.String> getCriticalOptions()
```
Deprecated. Process CertificateExtension values directly.

Returns:

Class OpenSshCertificate

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface com.sshtools.common.ssh.components.SshPublicKey

Methods inherited from interface com.sshtools.common.ssh.SecureComponent

Field Detail

SSH_CERT_TYPE_USER

SSH_CERT_TYPE_HOST

PERMIT_X11_FORWARDING

PERMIT_PORT_FORWARDING

PERMIT_AGENT_FORWARDING

PERMIT_USER_PTY

PERMIT_USER_RC

OPTION_FORCE_COMMAND

OPTION_SOURCE_ADDRESS

publicKey

Constructor Detail

OpenSshCertificate

Method Detail

getEncodingAlgorithm

isUserCertificate

isHostCertificate

getSignedKey

getFingerprint

init

getEncoded

decodePublicKey

encodeCertificate

getExtension

decodeCertificate

sign

getSignedBy

getType

getPrincipals

getExtensions

getCriticalOptionsList

getExtensionsList

getExtensionsMap

isForceCommand

getForcedCommand

getSourceAddresses

getValidBefore

getValidAfter

getSerial

getKeyId

getCriticalOptions