Package no.digipost.security.keystore

Class KeyStoreBuilder

  • public final class KeyStoreBuilder
extends Object

    • Field Detail

      • DEFAULT_ALIAS_CREATOR

        public static final Function<? super X509Certificate,​String> DEFAULT_ALIAS_CREATOR
        The default way to create aliases for certificates, which uses certificates' Subject DNs, serial numbers, and Issuer DNs to create aliases. This alias creator is to ensure unique aliases for added certificates, and should not be used for adding certificates which one wishes to retrieve by alias from the resulting key store.

    • Constructor Detail

      • KeyStoreBuilder

        public KeyStoreBuilder​(KeyStoreType type)

    • Method Detail

      • containing

        public KeyStoreBuilder containing​(X509Certificate certificate)
        Add a certificate which should be contained in the resulting KeyStore. Its alias will be created by DEFAULT_ALIAS_CREATOR.
        Parameters:
        certificate - the certificate to add to the resulting key store.
        Returns:
        the builder

      • containing

        public KeyStoreBuilder containing​(X509Certificate certificate,
                                  String alias)
        Add a certificate which should be contained in the resulting KeyStore with the given alias.
        Parameters:
        certificate - the certificate to add to the resulting key store.
        alias - the alias which the certificate may be retrieved from the resulting key store.
        Returns:
        the builder

      • containing

        public KeyStoreBuilder containing​(Stream<X509Certificate> certificates,
                                  Function<? super X509Certificate,​String> aliasCreator)
        Add certificates which should be contained in the resulting key store.
        Parameters:
        certificates - the certificates to add to the new KeyStore.
        aliasCreator - creates an alias for each certificate in the new key store.
        Returns:
        the builder.
        Throws:
        DuplicateAlias - if the same alias is created for several certificates.

      • loadFromClasspath

        public KeyStoreBuilder loadFromClasspath​(String classpathResourceName)
        Load key store from classpath resource into a new KeyStore.
        Parameters:
        classpathResourceName - the name of the classpath resource containing the key store. The resource is resolved from the root of the classpath.

      • loadFrom

        public KeyStoreBuilder loadFrom​(InputStream keyStoreStream)
        Load key store from InputStream into a new KeyStore.
        Parameters:
        keyStoreStream - the InputStream containing the key store.

      • withNoPassword

        public KeyStore withNoPassword()
        Build a new key store with no password to access its content.
        Returns:
        the new KeyStore.

      • withPassword

        public KeyStore withPassword​(String password)
        Build a new key store with the given password to access its content.
        Parameters:
        password - the password for the key store.
        Returns:
        the new KeyStore.

      • withPassword

        public KeyStore withPassword​(char[] password)
        Build a new key store with the given password to access its content.
        Parameters:
        password - the password for the key store.
        Returns:
        the new KeyStore.