Package org.xipki.security

Class SecurityFactoryImpl

    • Constructor Detail

      • SecurityFactoryImpl

        public SecurityFactoryImpl()

    • Method Detail

      • getSupportedSignerTypes

        public Set<String> getSupportedSignerTypes()
        Description copied from interface: SecurityFactory
        Retrieves the types of supported signers.
        Returns:
        lower-case types of supported signers, never null.

      • isStrongRandom4KeyEnabled

        public boolean isStrongRandom4KeyEnabled()

      • setStrongRandom4KeyEnabled

        public void setStrongRandom4KeyEnabled​(boolean strongRandom4KeyEnabled)

      • isStrongRandom4SignEnabled

        public boolean isStrongRandom4SignEnabled()

      • setStrongRandom4SignEnabled

        public void setStrongRandom4SignEnabled​(boolean strongRandom4SignEnabled)

      • createSigner

        public ConcurrentContentSigner createSigner​(String type,
                                            SignerConf conf,
                                            X509Cert[] certificateChain)
                                     throws org.xipki.util.exception.ObjectCreationException
        Description copied from interface: SecurityFactory
        Creates signer.
        Parameters:
        type - Type of the signer. Must not be null.
        conf - Configuration of the signer. Could be null.
        certificateChain - Certificates of the signer. If not null, it will be used; otherwise the certificates contained in the token will be used.
        Returns:
        the new signer
        Throws:
        org.xipki.util.exception.ObjectCreationException - if could not create the signer

      • getSupportedKeypairGeneratorTypes

        public Set<String> getSupportedKeypairGeneratorTypes()
        Description copied from interface: SecurityFactory
        Retrieves the types of supported keypair generators.
        Returns:
        lower-case types of supported keypair generators, never null.

      • createKeypairGenerator

        public KeypairGenerator createKeypairGenerator​(String type,
                                               String conf)
                                        throws org.xipki.util.exception.ObjectCreationException
        Description copied from interface: SecurityFactory
        Creates keypair generator.
        Parameters:
        type - Type of the generator. Must not be null.
        conf - Configuration of the generator. Could be null.
        Returns:
        the new keypair generator
        Throws:
        org.xipki.util.exception.ObjectCreationException - if could not create the keypair generator

      • getContentVerifierProvider

        public org.bouncycastle.operator.ContentVerifierProvider getContentVerifierProvider​(PublicKey publicKey,
                                                                                    DHSigStaticKeyCertPair ownerKeyAndCert)
                                                                             throws InvalidKeyException
        Description copied from interface: SecurityFactory
        Gets the ContentVerifierProvider from the public key.
        Parameters:
        publicKey - Signature verification key. Must not be null.
        ownerKeyAndCert - The owner's key and certificate for the CSR with Diffie-Hellman PoP. May be null.
        Returns:
        the ContentVerifierProvider
        Throws:
        InvalidKeyException - If the publicKey is invalid or unsupported.

      • generatePublicKey

        public PublicKey generatePublicKey​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subjectPublicKeyInfo)
                            throws InvalidKeyException
        Description copied from interface: SecurityFactory
        Create PublicKey from the subjectPublicKeyInfo.
        Parameters:
        subjectPublicKeyInfo - From which the public key will be created. Must not be null.
        Returns:
        the created public key.
        Throws:
        InvalidKeyException - if could not create public key.

      • verifyPop

        public boolean verifyPop​(org.bouncycastle.pkcs.PKCS10CertificationRequest csr,
                         AlgorithmValidator algoValidator,
                         DHSigStaticKeyCertPair ownerKeyAndCert)
        Description copied from interface: SecurityFactory
        Verifies the signature of CSR.
        Parameters:
        csr - CSR to be verified. Must not be null.
        algoValidator - Signature algorithms validator. null to accept all algorithms
        ownerKeyAndCert - The owner's key and certificate for the CSR with Diffie-Hellman PoP. May be null.
        Returns:
        true if the signature is valid and the signature algorithm is accepted, false otherwise.

      • getDfltSignerParallelism

        public int getDfltSignerParallelism()

      • setDefaultSignerParallelism

        public void setDefaultSignerParallelism​(int defaultSignerParallelism)

      • setSignerFactoryRegister

        public void setSignerFactoryRegister​(SignerFactoryRegister signerFactoryRegister)

      • setPasswordResolver

        public void setPasswordResolver​(org.xipki.password.PasswordResolver passwordResolver)

      • getPasswordResolver

        public org.xipki.password.PasswordResolver getPasswordResolver()