A B C D E F G H I L M N O P R S T U V

A

ASYNC_CIPHER_MODE - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

RSA algorithm, no block chaining mode (not a block-cipher) and PKCS1 padding, which is recommended to be used in conjunction with RSA

authenticate(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationHandler

dispatcher function that initializes the diffie-hellman key agreement session, checks the request for the correct protocol and calls the actual handler functions.

B

bufferHandler - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

build(XrootdBucket...) - Static method in class org.dcache.xrootd.plugins.authn.gsi.GSIBucketContainerBuilder

buildContainer() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIBucketContainerBuilder

buildContainer() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler.CertRequestBuckets

buildContainer() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler.CertResponseBuckets

buildContainer() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler.CertRequestBuckets

buildContainer() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler.PxyreqResponseBuckets

C

cancelHandshake() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

cancelOutstandingProxyRequest() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

CertChainValidatorProvider - Class in org.dcache.xrootd.plugins.authn.gsi

The intention here is to limit this class to one shared instance per domain.

CertChainValidatorProvider(Properties) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.CertChainValidatorProvider

CertRequestBuckets(String, Optional<Integer>) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler.CertRequestBuckets

CertRequestBuckets(XrootdBucket, String, byte[], XrootdSecurityProtocol.BucketType, String, String, String) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler.CertRequestBuckets

CertResponseBuckets(XrootdBucket, byte[], XrootdSecurityProtocol.BucketType, Optional<String>, Optional<String>, String, String) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler.CertResponseBuckets

certToPEM(X509Certificate) - Static method in class org.dcache.xrootd.plugins.authn.gsi.CertUtil

Encodes to PEM format with default X.509 certificate header/footer

CertUtil - Class in org.dcache.xrootd.plugins.authn.gsi

CertUtil - convenience methods for certificate processing

CertUtil() - Constructor for class org.dcache.xrootd.plugins.authn.gsi.CertUtil

chainToPEM(Iterable<X509Certificate>) - Static method in class org.dcache.xrootd.plugins.authn.gsi.CertUtil

challenge - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

CHALLENGE_BYTES - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

checkCaIdentities(String[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

checkIdentity(X509Certificate, String) - Static method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

cipher - Variable in class org.dcache.xrootd.plugins.authn.gsi.RSASession

client - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

computeHash(MessageDigest, X500Principal) - Static method in class org.dcache.xrootd.plugins.authn.gsi.CertUtil

Computes the hash from the principal, using the passed-in digest (usually MD5).

computeMD5Hash(X500Principal) - Static method in class org.dcache.xrootd.plugins.authn.gsi.CertUtil

Convenience method to compute a openssl-compatible md5 hash

createCertificate(byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

createFactory(String, Properties) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationProvider

createFactory(String, Properties) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationProvider

createHandler(ProxyDelegationClient) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationFactory

createHandler() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationFactory

CredentialLoader - Class in org.dcache.xrootd.plugins.authn.gsi

Loads and stores credentials based on certificate .pems on the local disk.

CredentialLoader(Properties, X509CertChainValidator) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.CredentialLoader

credentialManager - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

CRYPTO_MODE - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

CRYPTO_MODE_NO_PAD - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

D

decrypt(byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.DHBufferHandler

decrypt(String, String, int, byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.DHSession

decrypt(byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.RSASession

decryptMainBucketWithSessionKey(Map<XrootdSecurityProtocol.BucketType, XrootdBucket>, String) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Assumes the dhSession has been finalized.

DHBufferHandler - Class in org.dcache.xrootd.plugins.authn.gsi

Uses established shared secret from a Diffie Hellman session to encrypt or decrypt the buffer.

DHBufferHandler(DHSession, String, String, int) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.DHBufferHandler

dhParams(boolean) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

DHSession - Class in org.dcache.xrootd.plugins.authn.gsi

This class represents a Diffie-Hellman (DH) session.

DHSession(boolean, int) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.DHSession

Construct new Diffie-Hellman key exchange session

dhSession - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

doOnAuthenticationResponse(ChannelHandlerContext, InboundAuthenticationResponse) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationHandler

E

encrypt(byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.DHBufferHandler

encrypt(String, String, int, byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.DHSession

encrypt(byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.RSASession

extractChain(Map<XrootdSecurityProtocol.BucketType, XrootdBucket>) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Pull out the string content of the kXRS_x509 bucket and convert it into a cert chain.

F

finaliseKeyAgreement(String) - Method in class org.dcache.xrootd.plugins.authn.gsi.DHSession

finalizeDelegatedProxy(X509Certificate[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

Attempts to store the new proxy.

finalizeSessionKey(Map<XrootdSecurityProtocol.BucketType, XrootdBucket>, XrootdSecurityProtocol.BucketType) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

For the pre-4.9 protocol, the DH client params are sent in the clear (unsigned) in the kXRS_puk bucket.

findSessionIVLen(String) - Static method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

fromPEM(String, String, String) - Static method in class org.dcache.xrootd.plugins.authn.gsi.CertUtil

Decodes PEM by removing the given header and footer, and decodes the inner content with base64.

G

generateChallengeString() - Static method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Generate a new challenge string to be used in server-client communication

getBuckets() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIBucketContainer

getCertChainValidator() - Method in class org.dcache.xrootd.plugins.authn.gsi.CertChainValidatorProvider

getCertChainValidator() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

getClientCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

getClientCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

getClientCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

getClientOpts() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

getClientOpts() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

getClientOpts() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

getDecrypter() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationHandler

getDecrypter() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

getDescription() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationFactory

getEncodedDHMaterial() - Method in class org.dcache.xrootd.plugins.authn.gsi.DHSession

getHostCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.CredentialLoader

getHostCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

getIssuerHashes() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

getName() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationFactory

getProtocol() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationHandler

getProtocolVersion() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

getProtocolVersion() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

getProtocolVersion() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

getProtocolVersion() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

getProtocolVersion() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ServerRequestHandler

getProxy() - Method in class org.dcache.xrootd.plugins.authn.gsi.CredentialLoader

getProxy() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

getSenderPublicKey() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

getSignedProxyRequest(byte[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

Client-side method.

getSigverEncoder(XrootdTpcClient) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

getSize() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIBucketContainer

getSubject() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationHandler

getSyncCipherMode() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

getSyncCipherMode() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

getSyncCipherMode() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

getSyncCipherMode() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

getSyncCipherMode() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ServerRequestHandler

GSIAuthenticationFactory - Class in org.dcache.xrootd.plugins.authn.gsi

Authentication factory that returns GSI security handlers.

GSIAuthenticationFactory(Properties) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationFactory

GSIAuthenticationHandler - Class in org.dcache.xrootd.plugins.authn.gsi

Handler for xrootd-security message exchange based on the GSI protocol.

GSIAuthenticationHandler(GSICredentialManager) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationHandler

GSIAuthenticationProvider - Class in org.dcache.xrootd.plugins.authn.gsi

GSIAuthenticationProvider() - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationProvider

GSIBucketContainer - Class in org.dcache.xrootd.plugins.authn.gsi

Utility wrapper around bucket list.

GSIBucketContainer(List<XrootdBucket>, int) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIBucketContainer

GSIBucketContainerBuilder - Class in org.dcache.xrootd.plugins.authn.gsi

Convenience utility for building bucket containers.

GSIBucketContainerBuilder() - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIBucketContainerBuilder

GSIClientAuthenticationFactory - Class in org.dcache.xrootd.plugins.authn.gsi

Authentication factory that returns GSI security handlers to add to the third-party client channel pipeline.

GSIClientAuthenticationFactory(Properties) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationFactory

GSIClientAuthenticationHandler - Class in org.dcache.xrootd.plugins.authn.gsi

Client-side handler mirroring the server-side GSIAuthenticationHandler.

GSIClientAuthenticationHandler(GSICredentialManager) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationHandler

GSIClientAuthenticationProvider - Class in org.dcache.xrootd.plugins.authn.gsi

GSIClientAuthenticationProvider() - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationProvider

GSIClientRequestHandler - Class in org.dcache.xrootd.plugins.authn.gsi

GSIClientRequestHandler(GSICredentialManager, XrootdTpcClient) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

GSIClientRequestHandler.CertRequestBuckets - Class in org.dcache.xrootd.plugins.authn.gsi

GSIClientRequestHandler.CertResponseBuckets - Class in org.dcache.xrootd.plugins.authn.gsi

GSICredentialManager - Class in org.dcache.xrootd.plugins.authn.gsi

The component which provides credential management and related support to the request handlers.

GSICredentialManager(Properties, CredentialLoader, X509CertChainValidator) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

GSIPost49ClientRequestHandler - Class in org.dcache.xrootd.plugins.authn.gsi.post49

GSIPost49ClientRequestHandler(GSICredentialManager, XrootdTpcClient) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

GSIPost49ClientRequestHandler.PxyreqResponseBuckets - Class in org.dcache.xrootd.plugins.authn.gsi.post49

GSIPost49ServerRequestHandler - Class in org.dcache.xrootd.plugins.authn.gsi.post49

Implementation of server side of GSI handshake according to XrootD 4.9+.

GSIPost49ServerRequestHandler(Subject, GSICredentialManager) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

GSIPre49ClientRequestHandler - Class in org.dcache.xrootd.plugins.authn.gsi.pre49

GSIPre49ClientRequestHandler(GSICredentialManager, XrootdTpcClient) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

GSIPre49ServerRequestHandler - Class in org.dcache.xrootd.plugins.authn.gsi.pre49

Implementation of server side of GSI handshake prior to XrootD 4.9.

GSIPre49ServerRequestHandler(Subject, GSICredentialManager) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ServerRequestHandler

GSIRequestHandler - Class in org.dcache.xrootd.plugins.authn.gsi

Shared settings and functionality for processing both client and server GSI authentication requests.

GSIRequestHandler(GSICredentialManager) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

GSIServerRequestHandler - Class in org.dcache.xrootd.plugins.authn.gsi

GSIServerRequestHandler(Subject, GSICredentialManager) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

GSIServerRequestHandler.CertRequestBuckets - Class in org.dcache.xrootd.plugins.authn.gsi

H

handleCertReqStep() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

Handle certreq step.

handleCertReqStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

handleCertReqStep(AuthenticationRequest, boolean, XrootdSecurityProtocol.BucketType) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

Handle the kXGC_certreq step.

handleCertReqStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

handleCertReqStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ServerRequestHandler

handleCertStep(InboundAuthenticationResponse, ChannelHandlerContext) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

handleCertStep(InboundAuthenticationResponse, ChannelHandlerContext, XrootdSecurityProtocol.BucketType, boolean, Optional<String>, Optional<String>) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

The processing of this step differs between versions only in these details: (A) the bucket containing DH params: pre-4.9 = kXRS_puk, 4.9 = kXRS_cipher (B) DH parameters are signed using the private key: pre-4.9 no, 4.9 yes (C) the public key of the client is included in a separate bucket: pre-4.9 no, 4.9 in kXRS_puk (D) a username bucket is included pre-4.9 no, 4.9 yes Otherwise, all the following must be done: - validate cipher and digest - extract and validate the server certificate - verify the rtag challenge sent previously - finalize the dh session from the dh params sent by server - create the main bucket with signed challenge, new challenge and serialized certificate of client - add buckets for cipher, digest, dhParams, and optionally publicKey and username.

handleCertStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

handleCertStep(InboundAuthenticationResponse, ChannelHandlerContext) - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

handleCertStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

Handle the second step (reply by client to authmore).

handleCertStep(InboundAuthenticationResponse, ChannelHandlerContext) - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

handleCertStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ServerRequestHandler

Handle the second step (reply by client to authmore).

handleSigPxyStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

handleSigPxyStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

Decrypt main bucket, check signed rtag, and then use included signed certificate to finalize proxy (and send to the credential store).

handleSigPxyStep(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ServerRequestHandler

I

initializeForDecryption(PublicKey) - Method in class org.dcache.xrootd.plugins.authn.gsi.RSASession

Prepare rsaCipher for decryption using received public key.

initializeForEncryption(PrivateKey) - Method in class org.dcache.xrootd.plugins.authn.gsi.RSASession

Prepare rsaCipher for encryption using local private key.

isCompleted() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationHandler

isFinished(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

isFinished(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

isFinished(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ServerRequestHandler

isRequestExpired() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

L

lastRequest - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

loadClientCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

loadClientCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

loadClientCredential() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

LOGGER - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIAuthenticationHandler

LOGGER - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

LOGGER - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

LOGGER - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

LOGGER - Static variable in class org.dcache.xrootd.plugins.authn.gsi.RSASession

M

MAX_TIME_SKEW - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Maximum request time skew.

maxDecryptionBlockSize - Variable in class org.dcache.xrootd.plugins.authn.gsi.RSASession

maxEncryptionBlockSize - Variable in class org.dcache.xrootd.plugins.authn.gsi.RSASession

N

noPadding - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

O

org.dcache.xrootd.plugins.authn.gsi - package org.dcache.xrootd.plugins.authn.gsi

org.dcache.xrootd.plugins.authn.gsi.post49 - package org.dcache.xrootd.plugins.authn.gsi.post49

org.dcache.xrootd.plugins.authn.gsi.pre49 - package org.dcache.xrootd.plugins.authn.gsi.pre49

P

postProcessMainBucket(Map<XrootdSecurityProtocol.BucketType, XrootdBucket>, Optional<String>, int) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Generate a new challenge string.

prepareSerializedProxyRequest(X509Certificate[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

Server-side method.

prepend(X509Certificate, X509Certificate[]) - Static method in class org.dcache.xrootd.plugins.authn.gsi.CertUtil

Rebuild the cert chain by adding the new cert in first position.

processRSAVerification(Map<XrootdSecurityProtocol.BucketType, XrootdBucket>, Optional<PublicKey>) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

PROTO_PRE_DELEGATION - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

PROTO_WITH_DELEGATION - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

PROTOCOL - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

PROTOCOL_VERSION - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

PUBLIC_KEY_ALGORITHM - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

For use in encoding/decoding X509 public keys.

PUBLIC_KEY_FOOTER - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

PUBLIC_KEY_HEADER - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

PxyreqResponseBuckets(XrootdBucket) - Constructor for class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler.PxyreqResponseBuckets

R

RANDOM - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

rsaSession - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

RSASession - Class in org.dcache.xrootd.plugins.authn.gsi

This class is necessitated by the fact that the new GSI protocol requires encryption and decryption of the arbitrarily long Diffie-Hellman encoded parameters.

RSASession() - Constructor for class org.dcache.xrootd.plugins.authn.gsi.RSASession

S

sendAuthenticationRequest(ChannelHandlerContext) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationHandler

SESSION_IV_DELIM - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Random session IV.

SESSION_IV_LEN - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

setClient(XrootdTpcClient) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientAuthenticationHandler

setIssuerHashesFromCredential(X509Credential) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

setPaddedKey(boolean) - Method in class org.dcache.xrootd.plugins.authn.gsi.DHSession

setProxyDelegationClient(ProxyDelegationClient) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSICredentialManager

setSessionIVLen(int) - Method in class org.dcache.xrootd.plugins.authn.gsi.DHSession

subject - Variable in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

SUPPORTED_CIPHER_ALGORITHM - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

we limit ourselves to AES-128 with CBC blockmode.

SUPPORTED_DIGESTS - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

SYNC_CIPHER_BLOCKSIZE - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Blocksize in bytes

SYNC_CIPHER_MODE_PADDED - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Sync cipher mode supported by the server.

SYNC_CIPHER_MODE_UNPADDED - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

SYNC_CIPHER_NAME - Static variable in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

T

toPEM(byte[], String, String) - Static method in class org.dcache.xrootd.plugins.authn.gsi.CertUtil

Encodes to PEM.

U

updateLastRequest() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

usePadded() - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

usePadded() - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

usePadded() - Method in class org.dcache.xrootd.plugins.authn.gsi.pre49.GSIPre49ClientRequestHandler

V

validateCertificate(InboundAuthenticationResponse) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

validateCiphers(InboundAuthenticationResponse) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

validateCiphers(String[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

validateCiphers(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

validateCiphers(InboundAuthenticationResponse) - Method in class org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ClientRequestHandler

validateCryptoMode(String) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

validateDigests(InboundAuthenticationResponse) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIClientRequestHandler

validateDigests(String[]) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

validateDigests(AuthenticationRequest) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

verifySignedRTag(Map<XrootdSecurityProtocol.BucketType, XrootdBucket>) - Method in class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

From the main bucket extract the challenge tag signed by the sender.

A B C D E F G H I L M N O P R S T U V