Class PkiCredentialFactoryBean
java.lang.Object
org.springframework.beans.factory.config.AbstractFactoryBean<PkiCredential>
se.swedenconnect.security.credential.factory.PkiCredentialFactoryBean
- All Implemented Interfaces:
Aware,BeanClassLoaderAware,BeanFactoryAware,DisposableBean,FactoryBean<PkiCredential>,InitializingBean
A utility factory that can create any type of
PkiCredential class defined in this module.
The logic is as follows:
- A
BasicCredentialobject is created if both a private key and a certificate has been assigned (setPrivateKey(Resource)andsetCertificate(Resource)). - A
Pkcs11Credentialobject is created if the PKCS#11 configuration, alias and PIN (or key password) are set (setPkcs11Configuration(String),setAlias(String),setPin(char[])). If type is set (setType(String)), this must be set to "PKCS11". - A
KeyStoreCredentialobject is created if the keystore resource, the password and alias are set (setResource(Resource),setPassword(char[]),setAlias(String)). - If none of the above matches an error is thrown.
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
Fields inherited from class org.springframework.beans.factory.config.AbstractFactoryBean
loggerFields inherited from interface org.springframework.beans.factory.FactoryBean
OBJECT_TYPE_ATTRIBUTE -
Constructor Summary
ConstructorsConstructorDescriptionDefault constructor.Constructor that initializes the factory from the supplied credential configuration properties object. -
Method Summary
Modifier and TypeMethodDescriptionvoidprotected PkiCredentialvoiddestroy()Class<?>voidAssigns the keystore alias to the entry holding the key pair.voidsetCertificate(Resource certificate) Assigns the resource holding the certificate part of the credential (optional since the certificate may be part of a keystore).voidsetCertificates(List<Resource> certificates) Assigns the list of resources holding the certificate chain that part of the credential (optional since the certificate may be part of a keystore).voidsetKeyPassword(char[] keyPassword) Assigns the password to unlock the private key from the keystore.voidAssigns the name of the credential.voidsetPassword(char[] password) Assigns the keystore password.voidsetPin(char[] pin) Assigns the PIN.voidsetPkcs11Configuration(String pkcs11Configuration) Assigns the PKCS#11 configuration file to use.voidsetPrivateKey(Resource privateKey) Assigns the resource holding the private key part of the credential (optional since the key may be part of a keystore).voidsetProvider(String provider) Assigns the name of the security provider to use when creating the KeyStore instance.voidsetResource(Resource resource) Assigns the resource to the keystore containing the credential.voidAssigns the type of keystore.Methods inherited from class org.springframework.beans.factory.config.AbstractFactoryBean
destroyInstance, getBeanFactory, getBeanTypeConverter, getEarlySingletonInterfaces, getObject, isSingleton, setBeanClassLoader, setBeanFactory, setSingleton
-
Constructor Details
-
PkiCredentialFactoryBean
public PkiCredentialFactoryBean()Default constructor. -
PkiCredentialFactoryBean
Constructor that initializes the factory from the supplied credential configuration properties object.- Parameters:
properties- credential configuration properties
-
-
Method Details
-
createInstance
- Specified by:
createInstancein classAbstractFactoryBean<PkiCredential>- Throws:
Exception
-
getObjectType
- Specified by:
getObjectTypein interfaceFactoryBean<PkiCredential>- Specified by:
getObjectTypein classAbstractFactoryBean<PkiCredential>
-
setName
Assigns the name of the credential.- Parameters:
name- the credential name
-
setCertificate
Assigns the resource holding the certificate part of the credential (optional since the certificate may be part of a keystore).- Parameters:
certificate- certificate resource
-
setCertificates
Assigns the list of resources holding the certificate chain that part of the credential (optional since the certificate may be part of a keystore). If used, the entity certificate must be the first element.- Parameters:
certificates- a list of certificate resources
-
setPrivateKey
Assigns the resource holding the private key part of the credential (optional since the key may be part of a keystore).- Parameters:
privateKey- private key resource
-
setResource
Assigns the resource to the keystore containing the credential.- Parameters:
resource- the keystore resource
-
setPassword
public void setPassword(char[] password) Assigns the keystore password.- Parameters:
password- keystore password
-
setType
Assigns the type of keystore.- Parameters:
type- the keystore type
-
setProvider
Assigns the name of the security provider to use when creating the KeyStore instance.- Parameters:
provider- security provider name
-
setPkcs11Configuration
Assigns the PKCS#11 configuration file to use.- Parameters:
pkcs11Configuration- PKCS#11 configuration file (full path)
-
setAlias
Assigns the keystore alias to the entry holding the key pair.- Parameters:
alias- keystore alias
-
setKeyPassword
public void setKeyPassword(char[] keyPassword) Assigns the password to unlock the private key from the keystore.- Parameters:
keyPassword- the key password
-
setPin
public void setPin(char[] pin) Assigns the PIN. The same as keyPassword (used mainly for PKCS#11 credentials).- Parameters:
pin- the PIN
-
afterPropertiesSet
- Specified by:
afterPropertiesSetin interfaceInitializingBean- Overrides:
afterPropertiesSetin classAbstractFactoryBean<PkiCredential>- Throws:
Exception
-
destroy
- Specified by:
destroyin interfaceDisposableBean- Overrides:
destroyin classAbstractFactoryBean<PkiCredential>- Throws:
Exception
-