Class PkiCredentialFactoryBean
java.lang.Object
org.springframework.beans.factory.config.AbstractFactoryBean<PkiCredential>
se.swedenconnect.security.credential.factory.PkiCredentialFactoryBean
- All Implemented Interfaces:
Aware
,BeanClassLoaderAware
,BeanFactoryAware
,DisposableBean
,FactoryBean<PkiCredential>
,InitializingBean
A utility factory that can create any type of
PkiCredential
class defined in this module.
The logic is as follows:
- A
BasicCredential
object is created if both a private key and a certificate has been assigned (setPrivateKey(Resource)
andsetCertificate(Resource)
). - A
Pkcs11Credential
object is created if the PKCS#11 configuration, alias and PIN (or key password) are set (setPkcs11Configuration(String)
,setAlias(String)
,setPin(char[])
). If type is set (setType(String)
), this must be set to "PKCS11". - A
KeyStoreCredential
object is created if the keystore resource, the password and alias are set (setResource(Resource)
,setPassword(char[])
,setAlias(String)
). - If none of the above matches an error is thrown.
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
Fields inherited from class org.springframework.beans.factory.config.AbstractFactoryBean
logger
Fields inherited from interface org.springframework.beans.factory.FactoryBean
OBJECT_TYPE_ATTRIBUTE
-
Constructor Summary
ConstructorDescriptionDefault constructor.Constructor that initializes the factory from the supplied credential configuration properties object. -
Method Summary
Modifier and TypeMethodDescriptionvoid
protected PkiCredential
void
destroy()
Class<?>
void
Assigns the keystore alias to the entry holding the key pair.void
setCertificate
(Resource certificate) Assigns the resource holding the certificate part of the credential (optional since the certificate may be part of a keystore).void
setCertificates
(List<Resource> certificates) Assigns the list of resources holding the certificate chain that part of the credential (optional since the certificate may be part of a keystore).void
setKeyPassword
(char[] keyPassword) Assigns the password to unlock the private key from the keystore.void
Assigns the name of the credential.void
setPassword
(char[] password) Assigns the keystore password.void
setPin
(char[] pin) Assigns the PIN.void
setPkcs11Configuration
(String pkcs11Configuration) Assigns the PKCS#11 configuration file to use.void
setPrivateKey
(Resource privateKey) Assigns the resource holding the private key part of the credential (optional since the key may be part of a keystore).void
setProvider
(String provider) Assigns the name of the security provider to use when creating the KeyStore instance.void
setResource
(Resource resource) Assigns the resource to the keystore containing the credential.void
Assigns the type of keystore.Methods inherited from class org.springframework.beans.factory.config.AbstractFactoryBean
destroyInstance, getBeanFactory, getBeanTypeConverter, getEarlySingletonInterfaces, getObject, isSingleton, setBeanClassLoader, setBeanFactory, setSingleton
-
Constructor Details
-
PkiCredentialFactoryBean
public PkiCredentialFactoryBean()Default constructor. -
PkiCredentialFactoryBean
Constructor that initializes the factory from the supplied credential configuration properties object.- Parameters:
properties
- credential configuration properties
-
-
Method Details
-
createInstance
- Specified by:
createInstance
in classAbstractFactoryBean<PkiCredential>
- Throws:
Exception
-
getObjectType
- Specified by:
getObjectType
in interfaceFactoryBean<PkiCredential>
- Specified by:
getObjectType
in classAbstractFactoryBean<PkiCredential>
-
setName
Assigns the name of the credential.- Parameters:
name
- the credential name
-
setCertificate
Assigns the resource holding the certificate part of the credential (optional since the certificate may be part of a keystore).- Parameters:
certificate
- certificate resource
-
setCertificates
Assigns the list of resources holding the certificate chain that part of the credential (optional since the certificate may be part of a keystore). If used, the entity certificate must be the first element.- Parameters:
certificates
- a list of certificate resources
-
setPrivateKey
Assigns the resource holding the private key part of the credential (optional since the key may be part of a keystore).- Parameters:
privateKey
- private key resource
-
setResource
Assigns the resource to the keystore containing the credential.- Parameters:
resource
- the keystore resource
-
setPassword
public void setPassword(char[] password) Assigns the keystore password.- Parameters:
password
- keystore password
-
setType
Assigns the type of keystore.- Parameters:
type
- the keystore type
-
setProvider
Assigns the name of the security provider to use when creating the KeyStore instance.- Parameters:
provider
- security provider name
-
setPkcs11Configuration
Assigns the PKCS#11 configuration file to use.- Parameters:
pkcs11Configuration
- PKCS#11 configuration file (full path)
-
setAlias
Assigns the keystore alias to the entry holding the key pair.- Parameters:
alias
- keystore alias
-
setKeyPassword
public void setKeyPassword(char[] keyPassword) Assigns the password to unlock the private key from the keystore.- Parameters:
keyPassword
- the key password
-
setPin
public void setPin(char[] pin) Assigns the PIN. The same as keyPassword (used mainly for PKCS#11 credentials).- Parameters:
pin
- the PIN
-
afterPropertiesSet
- Specified by:
afterPropertiesSet
in interfaceInitializingBean
- Overrides:
afterPropertiesSet
in classAbstractFactoryBean<PkiCredential>
- Throws:
Exception
-
destroy
- Specified by:
destroy
in interfaceDisposableBean
- Overrides:
destroy
in classAbstractFactoryBean<PkiCredential>
- Throws:
Exception
-