Interface Pkcs11Configuration

All Known Implementing Classes:
AbstractPkcs11Configuration, DefaultPkcs11Configuration

public interface Pkcs11Configuration
Interface for a PKCS#11 configuration.
Author:
Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
  • Method Details

    • getProvider

      Gets the Java security Provider to use when setting up a PKCS#11 credential.
      Returns:
      a Provider instance
      Throws:
      Pkcs11ConfigurationException - if the configuration is incorrect
    • getPrivateKeyProvider

      Pkcs11ObjectProvider<PrivateKey> getPrivateKeyProvider()
      Gets the getter function object that should be used to obtain a private key from the PKCS#11 device.

      How the private key is obtained from the device is dependent on the security provider used.

      Note: If both the private key and the certificate should be obtained from the device, use getCredentialProvider() instead.

      Returns:
      a Pkcs11ObjectProvider instance
    • getCredentialProvider

      Pkcs11ObjectProvider<PkiCredential> getCredentialProvider()
      Gets the getter function object that should be used to obtain the private key and certificate from the PKCS#11 device.

      How the objects are obtained from the device is dependent on the security provider used.

      In some HSM-deployments the certificate is not kept on the device, only the private key. The PkiCredential object returned from the provider will then return null for a PkiCredential.getCertificate() call.

      Returns:
      a Pkcs11ObjectProvider instance