Package se.swedenconnect.security.credential

Interface PkiCredential

All Superinterfaces:

DisposableBean, InitializingBean

All Known Subinterfaces:

ReloadablePkiCredential

All Known Implementing Classes:

AbstractPkiCredential, AbstractReloadablePkiCredential, BasicCredential, KeyStoreCredential, Pkcs11Credential

public interface PkiCredential
extends InitializingBean, DisposableBean

A representation of a PKI key pair that holds a private key and a X.509 certificate (or just a public key).

Author:

Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)

Method Summary

Modifier and Type	Method	Description
X509Certificate	getCertificate()	Gets the certificate holding the public key of the key pair.
List<X509Certificate>	getCertificateChain()	Gets a certificate chain for the credential, where the first element is the entity certificate (getCertificate()).
String	getName()	Gets the name of the credential.
PrivateKey	getPrivateKey()	Gets the private key.
PublicKey	getPublicKey()	Gets the public key.
default void	init()	The init method is here just because it is a nicer name for afterPropertiesSet.
default boolean	isHardwareCredential()	Predicate that tells whether this credential resides in a hardware module.
void	setCertificate(X509Certificate certificate)	Assigns a certificate to an already created credential holding only a key pair.
void	setCertificateChain(List<X509Certificate> certificates)	Assigns a certificate chain to an already created credential holding only a key pair.

Methods inherited from interface org.springframework.beans.factory.DisposableBean

destroy

Methods inherited from interface org.springframework.beans.factory.InitializingBean

afterPropertiesSet

Method Details

getPublicKey

PublicKey getPublicKey()

Gets the public key.

Returns:

the public key

getCertificate

X509Certificate getCertificate()

Gets the certificate holding the public key of the key pair. May be null depending on whether certificates are handled by the implementing class.

Returns:

the certificate, or null if no certificate is configured for the credential

setCertificate

void setCertificate(X509Certificate certificate)

Assigns a certificate to an already created credential holding only a key pair. It is the caller's responsibility to ensure that the certificate matches the present private key.

Parameters:

certificate - the certificate to add

getCertificateChain

List<X509Certificate> getCertificateChain()

Gets a certificate chain for the credential, where the first element is the entity certificate (getCertificate()). If no certificate is configured for the credential an empty list is returned.

Returns:

a list of certificates, or an empty list

setCertificateChain

void setCertificateChain(List<X509Certificate> certificates)

Assigns a certificate chain to an already created credential holding only a key pair. The entity certificate is placed first in the list. It is the caller's responsibility to ensure that the certificate matches the present private key.

Parameters:

certificates - the chain

getPrivateKey

PrivateKey getPrivateKey()

Gets the private key.

Returns:

the private key

getName

String getName()

Gets the name of the credential.

Returns:

the name

isHardwareCredential

default boolean isHardwareCredential()

Predicate that tells whether this credential resides in a hardware module.

Returns:

true if the credential resides in a hardware module and false otherwise

init

default void init()
           throws Exception

The init method is here just because it is a nicer name for afterPropertiesSet. Should be manually invoked if the instance is not instantiated as a Spring bean.

Throws:

Exception - for init errors