Class AbstractPkiCredentialContainer
java.lang.Object
se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
- All Implemented Interfaces:
PkiCredentialContainer
- Direct Known Subclasses:
AbstractKeyStorePkiCredentialContainer
,InMemoryPkiCredentialContainer
public abstract class AbstractPkiCredentialContainer
extends Object
implements PkiCredentialContainer
Abstract implementation of the
PkiCredentialContainer
interface.- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String[]
The key gen types (seeKeyGenType
) that are supported by default. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
cleanup()
Traverses through all credentials in the multi credential key store and delets the expired ones.protected BigInteger
Overridable function to generate the unique alias for each generated key.protected KeyPairGeneratorFactory
getKeyGeneratorFactory
(String keyTypeName) Gets aKeyPairGeneratorFactory
that can be used to generate key pairs given the suppliedkeyTypeName
.protected Duration
Gets the key validity.protected Provider
Gets the security provider used by the container.protected boolean
Checks if the entry identified withalias
is expired.void
setKeyValidity
(Duration keyValidity) Assigns the duration for the validity of generated credentials.void
setSupportedKeyTypes
(List<String> supportedKeyTypes) Assigns the key types that this container supports.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface se.swedenconnect.security.credential.container.PkiCredentialContainer
deleteCredential, generateCredential, getCredential, getExpiryTime, listCredentials
-
Field Details
-
DEFAULT_SUPPORTED_KEY_TYPES
The key gen types (seeKeyGenType
) that are supported by default. To change this, usesetSupportedKeyTypes(List)
.
-
-
Constructor Details
-
AbstractPkiCredentialContainer
Constructor.- Parameters:
provider
- the provider that is used to create and manage keys
-
-
Method Details
-
generateAlias
Overridable function to generate the unique alias for each generated key.- Returns:
BigInteger
key alias
-
cleanup
Traverses through all credentials in the multi credential key store and delets the expired ones.- Specified by:
cleanup
in interfacePkiCredentialContainer
- Throws:
PkiCredentialContainerException
- error performing cleanup
-
isExpired
Checks if the entry identified withalias
is expired.- Parameters:
alias
- the key entry alias- Returns:
- true if the entry has expired, and false otherwise
- Throws:
PkiCredentialContainerException
- for errors getting the entry
-
setKeyValidity
Assigns the duration for the validity of generated credentials.If supplied with
null
the generated key pairs will never expire. In these cases each generated credential must be manually deleted usingPkiCredentialContainer.deleteCredential(String)
.- Specified by:
setKeyValidity
in interfacePkiCredentialContainer
- Parameters:
keyValidity
- the validity
-
getKeyValidity
Gets the key validity. A value ofnull
means that credentials never expire.- Returns:
- the validity, or null
-
setSupportedKeyTypes
Assigns the key types that this container supports. The default isDEFAULT_SUPPORTED_KEY_TYPES
.- Specified by:
setSupportedKeyTypes
in interfacePkiCredentialContainer
- Parameters:
supportedKeyTypes
- a list of supported key types
-
getProvider
Gets the security provider used by the container.- Returns:
- the provider
-
getKeyGeneratorFactory
@Nonnull protected KeyPairGeneratorFactory getKeyGeneratorFactory(@Nonnull String keyTypeName) throws NoSuchAlgorithmException Gets aKeyPairGeneratorFactory
that can be used to generate key pairs given the suppliedkeyTypeName
.- Parameters:
keyTypeName
- the key type name- Returns:
- a KeyPairGeneratorFactory
- Throws:
NoSuchAlgorithmException
- if no match is found
-