Class HsmPkiCredentialContainer
java.lang.Object
se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
se.swedenconnect.security.credential.container.AbstractKeyStorePkiCredentialContainer
se.swedenconnect.security.credential.container.HsmPkiCredentialContainer
- All Implemented Interfaces:
PkiCredentialContainer
Implements a
PkiCredentialContainer based on a HSM.- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
Fields inherited from class se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
DEFAULT_SUPPORTED_KEY_TYPES -
Constructor Summary
ConstructorsConstructorDescriptionHsmPkiCredentialContainer(String p11ConfigurationFile, String hsmPin) Constructor accepting a PKCS#11 configuration file for getting the PKCS#11 provider.HsmPkiCredentialContainer(Provider p11Provider, String hsmPin) Constructor for the default PKCS11 credential container where keys are stored in a HSM slot.HsmPkiCredentialContainer(Pkcs11Configuration p11Configuration, String hsmPin) Constructor accepting aPkcs11Configurationobject for getting the PKCS#11 provider. -
Method Summary
Modifier and TypeMethodDescriptionprotected KeyStorecreateKeyStore(Provider provider, char[] password) Creates the key store used to store generated keys.getCredentialFromAlias(String alias) Gets the credential for a specific alias from the credential container.Methods inherited from class se.swedenconnect.security.credential.container.AbstractKeyStorePkiCredentialContainer
deleteCredential, generateCredential, getAlgorithmName, getCredential, getExpiryTime, getKeyStore, getPassword, getX500Name, listCredentialsMethods inherited from class se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
cleanup, generateAlias, getKeyGeneratorFactory, getKeyValidity, getProvider, isExpired, setKeyValidity, setSupportedKeyTypes
-
Constructor Details
-
HsmPkiCredentialContainer
Constructor for the default PKCS11 credential container where keys are stored in a HSM slot.- Parameters:
p11Provider- the provider that provides access to the HSM key slot used to generate and store keyshsmPin- the PIN for the associated HSM slot- Throws:
KeyStoreException- error initiating the HSM slot key store
-
HsmPkiCredentialContainer
public HsmPkiCredentialContainer(Pkcs11Configuration p11Configuration, String hsmPin) throws KeyStoreException Constructor accepting aPkcs11Configurationobject for getting the PKCS#11 provider.- Parameters:
p11Configuration- the PKCS#11 configurationhsmPin- the PIN for the HSM slot- Throws:
KeyStoreException- error initiating the HSM slot key store
-
HsmPkiCredentialContainer
public HsmPkiCredentialContainer(String p11ConfigurationFile, String hsmPin) throws KeyStoreException Constructor accepting a PKCS#11 configuration file for getting the PKCS#11 provider.- Parameters:
p11ConfigurationFile- the full path to the PKCS#11 configuration filehsmPin- the PIN for the HSM slot- Throws:
KeyStoreException- error initiating the HSM slot key store
-
-
Method Details
-
createKeyStore
Creates the key store used to store generated keys.- Specified by:
createKeyStorein classAbstractKeyStorePkiCredentialContainer- Parameters:
provider- the provider for the key storepassword- the password for the key store- Returns:
- key store
- Throws:
KeyStoreException- error creating the key store
-
getCredentialFromAlias
Gets the credential for a specific alias from the credential container.- Specified by:
getCredentialFromAliasin classAbstractKeyStorePkiCredentialContainer- Parameters:
alias- the alias of the credential to get- Returns:
- credential for the specified alias
- Throws:
PkiCredentialContainerException- for errors obtaining the requested credential
-