Package xades4j.providers.impl

Class PKCS11KeyStoreKeyingDataProvider

java.lang.Object

xades4j.providers.impl.KeyStoreKeyingDataProvider

xades4j.providers.impl.PKCS11KeyStoreKeyingDataProvider

All Implemented Interfaces:

KeyingDataProvider

public final class PKCS11KeyStoreKeyingDataProvider
extends KeyStoreKeyingDataProvider

A specification of KeyStoreKeyingDataProvider for PKCS#11 keystores. This class uses the SUN's PKCS#11 provider, which brigdes with a native PKCS#11 library. Note that this provider may not be included in some versions of the JRE, On those scenarios this class will fail at runtime.

The builder method can be used to configure and create a new instance. If a name for the underlying PKCS#11 provider is not specified, a default value is used which is based on the native library path. Duplicate names will cause an exception.

The KeyStoreKeyingDataProvider.KeyStorePasswordProvider and KeyStoreKeyingDataProvider.KeyEntryPasswordProvider may be null, in which case the keystore protection has to be handled by the native library. If the KeyStoreKeyingDataProvider.KeyEntryPasswordProvider is supplied, the protection used to access an entry is a KeyStore.CallbackHandlerProtection that invokes the KeyStoreKeyingDataProvider.KeyEntryPasswordProvider exactly when when the password is requested.

Author:

Luís

See Also:

• KeyStoreKeyingDataProvider

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	PKCS11KeyStoreKeyingDataProvider.Builder

Nested classes/interfaces inherited from class xades4j.providers.impl.KeyStoreKeyingDataProvider

KeyStoreKeyingDataProvider.KeyEntryPasswordProvider, KeyStoreKeyingDataProvider.KeyStoreBuilderCreator, KeyStoreKeyingDataProvider.KeyStorePasswordProvider, KeyStoreKeyingDataProvider.SigningCertificateSelector

Method Summary

Modifier and Type	Method	Description
static PKCS11KeyStoreKeyingDataProvider.Builder	builder(String nativeLibraryPath, KeyStoreKeyingDataProvider.SigningCertificateSelector certificateSelector)	Create a builder to configure a new PKCS11KeyStoreKeyingDataProvider.
protected KeyStore.ProtectionParameter	getKeyProtection(String entryAlias, X509Certificate entryCert, KeyStoreKeyingDataProvider.KeyEntryPasswordProvider entryPasswordProvider)	Gets a protection parameter to access the specified entry.
static boolean	isProviderAvailable()

Methods inherited from class xades4j.providers.impl.KeyStoreKeyingDataProvider

getSigningCertificateChain, getSigningKey

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

builder

public static PKCS11KeyStoreKeyingDataProvider.Builder builder(String nativeLibraryPath,
 KeyStoreKeyingDataProvider.SigningCertificateSelector certificateSelector)

Create a builder to configure a new PKCS11KeyStoreKeyingDataProvider.

Parameters:

nativeLibraryPath - path for the native library of the specific PKCS#11 provider

certificateSelector - selector of the signing certificate

Returns:

the builder

getKeyProtection

protected KeyStore.ProtectionParameter getKeyProtection(String entryAlias,
 X509Certificate entryCert,
 KeyStoreKeyingDataProvider.KeyEntryPasswordProvider entryPasswordProvider)

Description copied from class: KeyStoreKeyingDataProvider

Gets a protection parameter to access the specified entry.

Specified by:

getKeyProtection in class KeyStoreKeyingDataProvider

Parameters:

entryAlias - the alias of the entry that is being accessed

entryCert - the cerificate in the entry

entryPasswordProvider - the password provider that should be used to get the actual password (may be null)

Returns:

the protection

isProviderAvailable

public static boolean isProviderAvailable()