Package com.sun.identity.saml.xmlsig
Class JKSKeyProvider
- java.lang.Object
-
- com.sun.identity.saml.xmlsig.JKSKeyProvider
-
- All Implemented Interfaces:
KeyProvider
public class JKSKeyProvider extends Object implements KeyProvider
The classJKSKeyProvideris a class that is implemented to retrieve X509Certificates and Private Keys from user data store.
-
-
Constructor Summary
Constructors Constructor Description JKSKeyProvider()ConstructorJKSKeyProvider(String keyStoreFilePropName, String keyStorePassFilePropName, String keyStoreTypePropName, String privateKeyPassFilePropName)Constructor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleancontainsKey(String alias)Whether the key alias exists in the keystore.CertificategetCertificate(String certAlias)Get the Certificate named certAlias.CertificategetCertificate(PublicKey publicKey)Return Certificate for the specified PublicKey.StringgetCertificateAlias(Certificate cert)Get the alias name of the first keystore entry whose certificate matches the given certificate.KeyStoregetKeyStore()Get the keystorePrivateKeygetPrivateKey(String certAlias)Return java.security.PrivateKey for the specified certAlias.PrivateKeygetPrivateKey(String certAlias, String encryptedKeyPass)Return thePrivateKeyfor the specified certAlias and encrypted private key password.StringgetPrivateKeyPass()Get the private key passwordPublicKeygetPublicKey(String keyAlias)Return java.security.PublicKey for the specified keyAliasSecretKeygetSecretKey(String certAlias)Retrieves the secret key for the given certificate alias.X509CertificategetX509Certificate(String certAlias)Return java.security.cert.X509Certificate for the specified certAlias.voidsetCertificateEntry(String certAlias, Certificate cert)Set the Certificate with name certAlias in the leystorevoidsetKey(String storepass, String keypass)Set the key to access key store database.voidstore()Store the keystore changes
-
-
-
Method Detail
-
setKey
public void setKey(String storepass, String keypass)
Set the key to access key store database. This method will only need to be calles once if the key could not be obtained by other means.- Specified by:
setKeyin interfaceKeyProvider- Parameters:
storepass- password for the key storekeypass- password for the certificate
-
getX509Certificate
public X509Certificate getX509Certificate(String certAlias)
Return java.security.cert.X509Certificate for the specified certAlias.- Specified by:
getX509Certificatein interfaceKeyProvider- Parameters:
certAlias- Certificate alias name- Returns:
- X509Certificate which matches the certAlias, return null if the certificate could not be found.
-
getPublicKey
public PublicKey getPublicKey(String keyAlias)
Return java.security.PublicKey for the specified keyAlias- Specified by:
getPublicKeyin interfaceKeyProvider- Parameters:
keyAlias- Key alias name- Returns:
- PublicKey which matches the keyAlias, return null if the PublicKey could not be found.
-
getPrivateKey
public PrivateKey getPrivateKey(String certAlias)
Return java.security.PrivateKey for the specified certAlias.- Specified by:
getPrivateKeyin interfaceKeyProvider- Parameters:
certAlias- Certificate alias name- Returns:
- PrivateKey which matches the certAlias, return null if the private key could not be found.
-
getSecretKey
public SecretKey getSecretKey(String certAlias)
Description copied from interface:KeyProviderRetrieves the secret key for the given certificate alias.- Specified by:
getSecretKeyin interfaceKeyProvider- Parameters:
certAlias- the certificate alieas- Returns:
- the secret key or returns null if the key does not exist or this key provider does not support secret keys
-
getPrivateKey
public PrivateKey getPrivateKey(String certAlias, String encryptedKeyPass)
Return thePrivateKeyfor the specified certAlias and encrypted private key password.- Specified by:
getPrivateKeyin interfaceKeyProvider- Parameters:
certAlias- Certificate alias nameencryptedKeyPass- The encrypted keypass to use when getting the private certificate- Returns:
- PrivateKey which matches the certAlias, return null if the private key could not be found.
-
getCertificateAlias
public String getCertificateAlias(Certificate cert)
Get the alias name of the first keystore entry whose certificate matches the given certificate.- Specified by:
getCertificateAliasin interfaceKeyProvider- Parameters:
cert- Certificate- Returns:
- the (alias) name of the first entry with matching certificate, or null if no such entry exists in this keystore. If the keystore has not been loaded properly, return null as well.
-
getPrivateKeyPass
public String getPrivateKeyPass()
Get the private key password- Returns:
- the private key password
-
getKeyStore
public KeyStore getKeyStore()
Get the keystore- Specified by:
getKeyStorein interfaceKeyProvider- Returns:
- the keystore
-
setCertificateEntry
public void setCertificateEntry(String certAlias, Certificate cert) throws SAMLException
Set the Certificate with name certAlias in the leystore- Parameters:
certAlias- Certificate's name Aliascert- Certificate- Throws:
SAMLException
-
getCertificate
public Certificate getCertificate(String certAlias)
Get the Certificate named certAlias.- Parameters:
certAlias- Certificate's name Alias- Returns:
- the Certificate, If the keystore doesn't contain such certAlias, return null.
-
store
public void store() throws SAMLExceptionStore the keystore changes- Throws:
SAMLException
-
getCertificate
public Certificate getCertificate(PublicKey publicKey)
Return Certificate for the specified PublicKey.- Specified by:
getCertificatein interfaceKeyProvider- Parameters:
publicKey- Certificate public key- Returns:
- Certificate which matches the PublicKey, return null if the Certificate could not be found.
-
containsKey
public boolean containsKey(String alias)
Description copied from interface:KeyProviderWhether the key alias exists in the keystore.- Specified by:
containsKeyin interfaceKeyProvider- Parameters:
alias- the key alias- Returns:
- whether the key alias exists
-
-