Class KeyStoreCertProvider

java.lang.Object

de.xima.fc.cryptography.BouncyCastleSupport

de.xima.fc.mail.impl.security.certprovider.KeyStoreCertProvider

All Implemented Interfaces:

IMailSecurityCertProvider

public class KeyStoreCertProvider
extends BouncyCastleSupport
implements IMailSecurityCertProvider

An email-encryptor key-provider to determine the certificates by a keystore. If no keystore is given, a default one will be created.

Author:

XIMA MEDIA GmbH

Field Summary

Fields

Modifier and Type	Field	Description
static final String	KEYSTORE_FORMAT

Constructor Summary

Constructors

Constructor	Description
KeyStoreCertProvider()	Creates a provider with a default keystore
KeyStoreCertProvider(File keyStoreFile, String keyStorePassword)	Creates a provider with the given keystore-config or default if the config is not valid

Method Summary

Modifier and Type	Method	Description
Optional<X509Certificate>	findEncryptionCertificate(String emailAddress, Long clientId, IUser user)	Finds the certificate for email-encryption for the given email address within the given client.
Optional<CertificateBundle>	findSignatureCertificateBundle(String emailAddress, Long clientId, IUser user)	Finds the certificate bundle containing the private key for email-signing for the given email address within the given client.

Methods inherited from class BouncyCastleSupport

buildSignedCertificate, createCMSContentEncryptorBuilder, createContentSigner, createJceKeyTransRecipientInfoGenerator, createKeyFactory, createKeyPairGenerator, createKeyStore, createOpenSSLPKCS8DecryptorProviderBuilder, createPEMKeyConverter, createSignature, createX509CertificateConverter, createX509CertificateFactory

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

KEYSTORE_FORMAT

public static final String KEYSTORE_FORMAT

See Also:

• Constant Field Values

Constructor Details

KeyStoreCertProvider

public KeyStoreCertProvider()
                     throws Exception

Creates a provider with a default keystore

Throws:

Exception - on errors while opening or creating the keystore

KeyStoreCertProvider

public KeyStoreCertProvider(File keyStoreFile,
 String keyStorePassword)
                     throws Exception

Creates a provider with the given keystore-config or default if the config is not valid

Parameters:

keyStoreFile - the File of the keystore. May be null

keyStorePassword - the password of the keystore. May be null

Throws:

Exception - on errors while opening or creating the keystore

Method Details

findEncryptionCertificate

public Optional<X509Certificate> findEncryptionCertificate(String emailAddress,
 Long clientId,
 IUser user)

Description copied from interface: IMailSecurityCertProvider

Finds the certificate for email-encryption for the given email address within the given client.

Specified by:

findEncryptionCertificate in interface IMailSecurityCertProvider

Parameters:

emailAddress - the email address to find the certificate for

clientId - the ID of the client to find the certificate in

user - the user requesting the certificate

Returns:

an Optional containing the found X509Certificate, or empty if no certificate was found for encrypting mail to the given email address

findSignatureCertificateBundle

public Optional<CertificateBundle> findSignatureCertificateBundle(String emailAddress,
 Long clientId,
 IUser user)

Description copied from interface: IMailSecurityCertProvider

Finds the certificate bundle containing the private key for email-signing for the given email address within the given client.

Specified by:

findSignatureCertificateBundle in interface IMailSecurityCertProvider

Parameters:

emailAddress - the email address to find the private key for

clientId - the ID of the client to find the private key in

user - the user requesting the private key

Returns:

an Optional containing the found CertificateBundle (with private key), or empty if no private key was found for signing mail from the given email address