Class AbstractPkiCredentialContainer
java.lang.Object
se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
- All Implemented Interfaces:
PkiCredentialContainer
- Direct Known Subclasses:
AbstractKeyStorePkiCredentialContainer,InMemoryPkiCredentialContainer
public abstract class AbstractPkiCredentialContainer
extends Object
implements PkiCredentialContainer
Abstract implementation of the
PkiCredentialContainer interface.- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String[]The key gen types (seeKeyGenType) that are supported by default. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidcleanup()Traverses through all credentials in the multi credential key store and delets the expired ones.protected BigIntegerOverridable function to generate the unique alias for each generated key.protected KeyPairGeneratorFactorygetKeyGeneratorFactory(String keyTypeName) Gets aKeyPairGeneratorFactorythat can be used to generate key pairs given the suppliedkeyTypeName.protected DurationGets the key validity.protected ProviderGets the security provider used by the container.protected booleanChecks if the entry identified withaliasis expired.voidsetKeyValidity(Duration keyValidity) Assigns the duration for the validity of generated credentials.voidsetSupportedKeyTypes(List<String> supportedKeyTypes) Assigns the key types that this container supports.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface se.swedenconnect.security.credential.container.PkiCredentialContainer
deleteCredential, generateCredential, getCredential, getExpiryTime, listCredentials
-
Field Details
-
DEFAULT_SUPPORTED_KEY_TYPES
The key gen types (seeKeyGenType) that are supported by default. To change this, usesetSupportedKeyTypes(List).
-
-
Constructor Details
-
AbstractPkiCredentialContainer
Constructor.- Parameters:
provider- the provider that is used to create and manage keys
-
-
Method Details
-
generateAlias
Overridable function to generate the unique alias for each generated key.- Returns:
BigIntegerkey alias
-
cleanup
Traverses through all credentials in the multi credential key store and delets the expired ones.- Specified by:
cleanupin interfacePkiCredentialContainer- Throws:
PkiCredentialContainerException- error performing cleanup
-
isExpired
Checks if the entry identified withaliasis expired.- Parameters:
alias- the key entry alias- Returns:
- true if the entry has expired, and false otherwise
- Throws:
PkiCredentialContainerException- for errors getting the entry
-
setKeyValidity
Assigns the duration for the validity of generated credentials.If supplied with
nullthe generated key pairs will never expire. In these cases each generated credential must be manually deleted usingPkiCredentialContainer.deleteCredential(String).- Specified by:
setKeyValidityin interfacePkiCredentialContainer- Parameters:
keyValidity- the validity
-
getKeyValidity
Gets the key validity. A value ofnullmeans that credentials never expire.- Returns:
- the validity, or null
-
setSupportedKeyTypes
Assigns the key types that this container supports. The default isDEFAULT_SUPPORTED_KEY_TYPES.- Specified by:
setSupportedKeyTypesin interfacePkiCredentialContainer- Parameters:
supportedKeyTypes- a list of supported key types
-
getProvider
Gets the security provider used by the container.- Returns:
- the provider
-
getKeyGeneratorFactory
@Nonnull protected KeyPairGeneratorFactory getKeyGeneratorFactory(@Nonnull String keyTypeName) throws NoSuchAlgorithmException Gets aKeyPairGeneratorFactorythat can be used to generate key pairs given the suppliedkeyTypeName.- Parameters:
keyTypeName- the key type name- Returns:
- a KeyPairGeneratorFactory
- Throws:
NoSuchAlgorithmException- if no match is found
-