Class InMemoryPkiCredentialContainer
java.lang.Object
se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
se.swedenconnect.security.credential.container.InMemoryPkiCredentialContainer
- All Implemented Interfaces:
PkiCredentialContainer
An in-memory implementation of the
PkiCredentialContainer
interface.- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
Fields inherited from class se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
DEFAULT_SUPPORTED_KEY_TYPES
-
Constructor Summary
ConstructorDescriptionInMemoryPkiCredentialContainer
(String providerName) Constructor loading the security provider identified byproviderName
.InMemoryPkiCredentialContainer
(Provider provider) Constructor. -
Method Summary
Modifier and TypeMethodDescriptionvoid
deleteCredential
(String alias) Deletes the credential specified by the supplied alias.generateCredential
(String keyTypeName) Generates a key pair and self-issued certificate for a new credential in the container.getCredential
(String alias) Gets the credential for a specific alias from the credential container.getExpiryTime
(String alias) Gets the expiry time of the credential specified by alias.Gets all available credential aliases from the multi credential key store.Methods inherited from class se.swedenconnect.security.credential.container.AbstractPkiCredentialContainer
cleanup, generateAlias, getKeyGeneratorFactory, getKeyValidity, getProvider, isExpired, setKeyValidity, setSupportedKeyTypes
-
Constructor Details
-
InMemoryPkiCredentialContainer
Constructor loading the security provider identified byproviderName
.- Parameters:
providerName
- the name of the security provider
-
InMemoryPkiCredentialContainer
Constructor.- Parameters:
provider
- the provider that is used to create and manage keys
-
-
Method Details
-
generateCredential
Generates a key pair and self-issued certificate for a new credential in the container.Note that self-issued certificates may be replaced after a credential has been generated. This is typically done after a CA has issued a certificate for the key pair.
- Parameters:
keyTypeName
- the id of the type of key to generate as provided byKeyGenType
- Returns:
- the alias for the generated key
- Throws:
KeyException
- on errors generating the keyNoSuchAlgorithmException
- if the requested algorithm or key type is not supported
-
getCredential
Gets the credential for a specific alias from the credential container.- Parameters:
alias
- the alias of the credential to get- Returns:
- credential for the specified alias
- Throws:
PkiCredentialContainerException
- for errors obtaining the requested credential
-
deleteCredential
Deletes the credential specified by the supplied alias.The "normal" way of deleting a credential is to invoke its
DisposableBean.destroy()
method. The {code deleteCredential} method is mainly for internal (and external) container maintenance.- Parameters:
alias
- the alias of the credential to delete
-
getExpiryTime
Gets the expiry time of the credential specified by alias.- Parameters:
alias
- alias of the requested credential- Returns:
- expiry time for the specified credential or null if the credential never expires
- Throws:
PkiCredentialContainerException
- error obtaining the expiry time
-
listCredentials
Gets all available credential aliases from the multi credential key store.- Returns:
- list of credential aliases
-