Package xades4j.providers.impl
Class PKCS11KeyStoreKeyingDataProvider
java.lang.Object
xades4j.providers.impl.KeyStoreKeyingDataProvider
xades4j.providers.impl.PKCS11KeyStoreKeyingDataProvider
- All Implemented Interfaces:
KeyingDataProvider
A specification of
KeyStoreKeyingDataProvider
for PKCS#11 keystores.
This class uses the SUN's PKCS#11 provider, which brigdes with a native PKCS#11
library. Note that this provider may not be included in some versions of the JRE,
On those scenarios this class will fail at runtime.
The builder
method can be used
to configure and create a new instance. If a name for the underlying PKCS#11 provider is not specified, a default
value is used which is based on the native library path. Duplicate names will cause an exception.
The KeyStoreKeyingDataProvider.KeyStorePasswordProvider
and KeyStoreKeyingDataProvider.KeyEntryPasswordProvider
may be null
, in which case the
keystore protection has to be handled by the native library. If the KeyStoreKeyingDataProvider.KeyEntryPasswordProvider
is supplied,
the protection used to access an entry is a KeyStore.CallbackHandlerProtection
that invokes the
KeyStoreKeyingDataProvider.KeyEntryPasswordProvider
exactly when when the password is requested.
- Author:
- Luís
- See Also:
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from class xades4j.providers.impl.KeyStoreKeyingDataProvider
KeyStoreKeyingDataProvider.KeyEntryPasswordProvider, KeyStoreKeyingDataProvider.KeyStoreBuilderCreator, KeyStoreKeyingDataProvider.KeyStorePasswordProvider, KeyStoreKeyingDataProvider.SigningCertificateSelector
-
Method Summary
Modifier and TypeMethodDescriptionbuilder
(String nativeLibraryPath, KeyStoreKeyingDataProvider.SigningCertificateSelector certificateSelector) Create a builder to configure a newPKCS11KeyStoreKeyingDataProvider
.protected KeyStore.ProtectionParameter
getKeyProtection
(String entryAlias, X509Certificate entryCert, KeyStoreKeyingDataProvider.KeyEntryPasswordProvider entryPasswordProvider) Gets a protection parameter to access the specified entry.static boolean
Methods inherited from class xades4j.providers.impl.KeyStoreKeyingDataProvider
getSigningCertificateChain, getSigningKey
-
Method Details
-
builder
public static PKCS11KeyStoreKeyingDataProvider.Builder builder(String nativeLibraryPath, KeyStoreKeyingDataProvider.SigningCertificateSelector certificateSelector) Create a builder to configure a newPKCS11KeyStoreKeyingDataProvider
.- Parameters:
nativeLibraryPath
- path for the native library of the specific PKCS#11 providercertificateSelector
- selector of the signing certificate- Returns:
- the builder
-
getKeyProtection
protected KeyStore.ProtectionParameter getKeyProtection(String entryAlias, X509Certificate entryCert, KeyStoreKeyingDataProvider.KeyEntryPasswordProvider entryPasswordProvider) Description copied from class:KeyStoreKeyingDataProvider
Gets a protection parameter to access the specified entry.- Specified by:
getKeyProtection
in classKeyStoreKeyingDataProvider
- Parameters:
entryAlias
- the alias of the entry that is being accessedentryCert
- the cerificate in the entryentryPasswordProvider
- the password provider that should be used to get the actual password (may benull
)- Returns:
- the protection
-
isProviderAvailable
public static boolean isProviderAvailable()
-