/** * Build a credential instance from the key store entry. * * @param keyStoreEntry the key store entry to process * @param entityID the entityID to include in the credential * @param usage the usage type to include in the credential * @return the new credential instance, appropriate to the type of key store entry being processed * @throws SecurityException throw if there is a problem building a credential from the key store entry */ protected Credential buildCredential(KeyStore.Entry keyStoreEntry, String entityID, UsageType usage) throws SecurityException { log.debug("Building credential from keystore entry for entityID {}, usage type {}", entityID, usage); Credential credential = null; if (keyStoreEntry instanceof KeyStore.PrivateKeyEntry) { credential = processPrivateKeyEntry((KeyStore.PrivateKeyEntry) keyStoreEntry, entityID, keystoreUsage); } else if (keyStoreEntry instanceof KeyStore.TrustedCertificateEntry) { credential = processTrustedCertificateEntry((KeyStore.TrustedCertificateEntry) keyStoreEntry, entityID, keystoreUsage); } else if (keyStoreEntry instanceof KeyStore.SecretKeyEntry) { credential = processSecretKeyEntry((KeyStore.SecretKeyEntry) keyStoreEntry, entityID, keystoreUsage); } else { throw new SecurityException("KeyStore entry was of an unsupported type: " + keyStoreEntry.getClass().getName()); } return credential; }
/** * Default constructor which uses an existing KeyStore instance for loading of credentials. Available keys are * calculated automatically. * * @param keyStore key store to use * @param passwords passwords used to access private keys * @param defaultKey default key */ public JKSKeyManager(KeyStore keyStore, Map<String, String> passwords, String defaultKey) { this.keyStore = keyStore; this.availableKeys = getAvailableKeys(keyStore); this.credentialResolver = new KeyStoreCredentialResolver(keyStore, passwords); this.defaultKey = defaultKey; }
checkCriteriaRequirements(criteriaSet); usage = UsageType.UNSPECIFIED; if (!matchUsage(keystoreUsage, usage)) { log.debug("Specified usage criteria {} does not match keystore usage {}", usage, keystoreUsage); log.debug("Can not resolve credentials from this keystore"); Credential credential = buildCredential(keyStoreEntry, entityID, keystoreUsage); return Collections.singleton(credential);
checkCriteriaRequirements(criteriaSet); usage = UsageType.UNSPECIFIED; if (!matchUsage(keystoreUsage, usage)) { log.debug("Specified usage criteria {} does not match keystore usage {}", usage, keystoreUsage); log.debug("Can not resolve credentials from this keystore"); Credential credential = buildCredential(keyStoreEntry, entityID, keystoreUsage); return Collections.singleton(credential);
/** * Build a credential instance from the key store entry. * * @param keyStoreEntry the key store entry to process * @param entityID the entityID to include in the credential * @param usage the usage type to include in the credential * @return the new credential instance, appropriate to the type of key store entry being processed * @throws SecurityException throw if there is a problem building a credential from the key store entry */ protected Credential buildCredential(KeyStore.Entry keyStoreEntry, String entityID, UsageType usage) throws SecurityException { log.debug("Building credential from keystore entry for entityID {}, usage type {}", entityID, usage); Credential credential = null; if (keyStoreEntry instanceof KeyStore.PrivateKeyEntry) { credential = processPrivateKeyEntry((KeyStore.PrivateKeyEntry) keyStoreEntry, entityID, keystoreUsage); } else if (keyStoreEntry instanceof KeyStore.TrustedCertificateEntry) { credential = processTrustedCertificateEntry((KeyStore.TrustedCertificateEntry) keyStoreEntry, entityID, keystoreUsage); } else if (keyStoreEntry instanceof KeyStore.SecretKeyEntry) { credential = processSecretKeyEntry((KeyStore.SecretKeyEntry) keyStoreEntry, entityID, keystoreUsage); } else { throw new SecurityException("KeyStore entry was of an unsupported type: " + keyStoreEntry.getClass().getName()); } return credential; }
/** * Default constructor which instantiates a new KeyStore used to load all credentials. Available keys are * calculated automatically. * * @param storeFile file pointing to the JKS keystore * @param storePass password to access the keystore, or null for no password * @param passwords passwords used to access private keys * @param defaultKey default key */ public JKSKeyManager(Resource storeFile, String storePass, Map<String, String> passwords, String defaultKey) { this.keyStore = initialize(storeFile, storePass, "JKS"); this.availableKeys = getAvailableKeys(keyStore); this.credentialResolver = new KeyStoreCredentialResolver(keyStore, passwords); this.defaultKey = defaultKey; }