Package se.swedenconnect.security.credential.container

Class InMemoryPkiCredentialContainer

java.lang.Object
se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
se.swedenconnect.security.credential.container.InMemoryPkiCredentialContainer
All Implemented Interfaces:
PkiCredentialContainer
public class InMemoryPkiCredentialContainer extends AbstractPkiCredentialContainer
An in-memory implementation of the PkiCredentialContainer interface.
Author:
Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)

  • Constructor Details

    • InMemoryPkiCredentialContainer

      public InMemoryPkiCredentialContainer(String providerName)
      Constructor loading the security provider identified by providerName.
      Parameters:
      providerName - the name of the security provider

    • InMemoryPkiCredentialContainer

      public InMemoryPkiCredentialContainer(Provider provider)
      Constructor.
      Parameters:
      provider - the provider that is used to create and manage keys

  • Method Details

    • generateCredential

      public String generateCredential(String keyTypeName) throws KeyException, NoSuchAlgorithmException
      Generates a key pair and self-issued certificate for a new credential in the container.

      Note that self-issued certificates may be replaced after a credential has been generated. This is typically done after a CA has issued a certificate for the key pair.

      Parameters:
      keyTypeName - the id of the type of key to generate as provided by KeyGenType
      Returns:
      the alias for the generated key
      Throws:
      KeyException - on errors generating the key
      NoSuchAlgorithmException - if the requested algorithm or key type is not supported

    • getCredential

      public PkiCredential getCredential(String alias) throws PkiCredentialContainerException
      Gets the credential for a specific alias from the credential container.
      Parameters:
      alias - the alias of the credential to get
      Returns:
      credential for the specified alias
      Throws:
      PkiCredentialContainerException - for errors obtaining the requested credential

    • deleteCredential

      public void deleteCredential(String alias)
      Deletes the credential specified by the supplied alias.

      The "normal" way of deleting a credential is to invoke its DisposableBean.destroy() method. The {code deleteCredential} method is mainly for internal (and external) container maintenance.

      Parameters:
      alias - the alias of the credential to delete

    • getExpiryTime

      public Instant getExpiryTime(String alias) throws PkiCredentialContainerException
      Gets the expiry time of the credential specified by alias.
      Parameters:
      alias - alias of the requested credential
      Returns:
      expiry time for the specified credential or null if the credential never expires
      Throws:
      PkiCredentialContainerException - error obtaining the expiry time

    • listCredentials

      public List<String> listCredentials()
      Gets all available credential aliases from the multi credential key store.
      Returns:
      list of credential aliases