org.apache.james.security
Class KeyHolder

java.lang.Object
  extended by org.apache.james.security.KeyHolder

public class KeyHolder
extends java.lang.Object

Loads a KeyStore in memory and keeps it ready for the cryptographic activity.

It has the role of being a simpler intermediate to the crypto libraries. Uses specifically the Legion of the Bouncy Castle libraries, particularly for the SMIME activity.

Since:
2.2.1
Version:
CVS $Revision: 494012 $ $Date: 2007-01-08 10:23:58 +0000 (Mon, 08 Jan 2007) $

Constructor Summary
KeyHolder(java.lang.String keyStoreFileName, java.lang.String keyStorePassword, java.lang.String keyAlias, java.lang.String keyAliasPassword, java.lang.String keyStoreType)
          Creates a new instance of KeyHolder using KeyStore related parameters.
 
Method Summary
 org.bouncycastle.mail.smime.SMIMESignedGenerator createGenerator()
          Creates an SMIMESignedGenerator.
 javax.mail.internet.MimeMultipart generate(javax.mail.internet.MimeBodyPart content)
          Generates a signed MimeMultipart from a MimeBodyPart.
 javax.mail.internet.MimeMultipart generate(javax.mail.internet.MimeMessage message)
          Generates a signed MimeMultipart from a MimeMessage.
 java.security.cert.X509Certificate getCertificate()
          Getter for property certificate.
 java.security.cert.CertStore getCertStore()
          Getter for property certStore.
static java.lang.String getDefaultType()
          Returns the default keystore type as specified in the Java security properties file, or the string "jks" (acronym for "Java keystore") if no such property exists.
 java.security.PrivateKey getPrivateKey()
          Getter for property privateKey.
 java.lang.String getSignerAddress()
          Getter for property signerAddress.
static java.lang.String getSignerAddress(java.security.cert.X509Certificate certificate)
          Extracts the signer email address (EMAILADDRESS=) from an X509Certificate distinguished name.
 java.lang.String getSignerCN()
          Getter for property signerCN.
static java.lang.String getSignerCN(java.security.cert.X509Certificate certificate)
          Extracts the signer common name (CN=) from an X509Certificate distinguished name.
 java.lang.String getSignerDistinguishedName()
          Getter for property signerDistinguishedName.
static java.lang.String getSignerDistinguishedName(java.security.cert.X509Certificate certificate)
          Extracts the signer distinguished name (DN) from an X509Certificate.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

KeyHolder

public KeyHolder(java.lang.String keyStoreFileName,
                 java.lang.String keyStorePassword,
                 java.lang.String keyAlias,
                 java.lang.String keyAliasPassword,
                 java.lang.String keyStoreType)
          throws java.security.KeyStoreException,
                 java.io.FileNotFoundException,
                 java.io.IOException,
                 java.security.NoSuchAlgorithmException,
                 java.security.InvalidAlgorithmParameterException,
                 java.security.cert.CertificateException,
                 java.security.UnrecoverableKeyException,
                 java.security.NoSuchProviderException
Creates a new instance of KeyHolder using KeyStore related parameters.

Parameters:
keyStoreFileName - The (absolute) file name of the .keystore file to load the keystore from.
keyStorePassword - The (optional) password used to check the integrity of the keystore. If given, it is used to check the integrity of the keystore data, otherwise, if null, the integrity of the keystore is not checked.
keyAlias - The alias name of the key. If missing (is null) and if there is only one key in the keystore, will default to it.
keyAliasPassword - The password of the alias for recovering the key. If missing (is null) will default to keyStorePassword. At least one of the passwords must be provided.
keyStoreType - The type of keystore. If missing (is null) will default to the keystore type as specified in the Java security properties file, or the string "jks" (acronym for "Java keystore") if no such property exists.
Throws:
java.security.KeyStoreException - Thrown when the keyAlias is specified and not found, or is not specified and either no alias is found or more than one is found.
java.io.FileNotFoundException
java.io.IOException
java.security.NoSuchAlgorithmException
java.security.InvalidAlgorithmParameterException
java.security.cert.CertificateException
java.security.UnrecoverableKeyException
java.security.NoSuchProviderException
See Also:
KeyStore.getDefaultType(), KeyStore.getInstance(String), KeyStore.load(java.io.InputStream, char[]), KeyStore.getKey(java.lang.String, char[]), KeyStore.getCertificate(java.lang.String)
Method Detail

getDefaultType

public static java.lang.String getDefaultType()
Returns the default keystore type as specified in the Java security properties file, or the string "jks" (acronym for "Java keystore") if no such property exists.

Returns:
The defaultType, issuing a KeyStore.getDefaultType().

getPrivateKey

public java.security.PrivateKey getPrivateKey()
Getter for property privateKey.

Returns:
Value of property privateKey.

getCertificate

public java.security.cert.X509Certificate getCertificate()
Getter for property certificate.

Returns:
Value of property certificate.

getCertStore

public java.security.cert.CertStore getCertStore()
Getter for property certStore.

Returns:
Value of property certStore.

createGenerator

public org.bouncycastle.mail.smime.SMIMESignedGenerator createGenerator()
                                                                 throws java.security.cert.CertStoreException,
                                                                        org.bouncycastle.mail.smime.SMIMEException
Creates an SMIMESignedGenerator. Includes a signer private key and certificate, and a pool of certs and cerls (if any) to go with the signature.

Returns:
The generated SMIMESignedGenerator.
Throws:
java.security.cert.CertStoreException
org.bouncycastle.mail.smime.SMIMEException

generate

public javax.mail.internet.MimeMultipart generate(javax.mail.internet.MimeMessage message)
                                           throws java.security.cert.CertStoreException,
                                                  java.security.NoSuchAlgorithmException,
                                                  java.security.NoSuchProviderException,
                                                  org.bouncycastle.mail.smime.SMIMEException
Generates a signed MimeMultipart from a MimeMessage.

Parameters:
message - The message to sign.
Returns:
The signed MimeMultipart.
Throws:
java.security.cert.CertStoreException
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
org.bouncycastle.mail.smime.SMIMEException

generate

public javax.mail.internet.MimeMultipart generate(javax.mail.internet.MimeBodyPart content)
                                           throws java.security.cert.CertStoreException,
                                                  java.security.NoSuchAlgorithmException,
                                                  java.security.NoSuchProviderException,
                                                  org.bouncycastle.mail.smime.SMIMEException
Generates a signed MimeMultipart from a MimeBodyPart.

Parameters:
content - The content to sign.
Returns:
The signed MimeMultipart.
Throws:
java.security.cert.CertStoreException
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException
org.bouncycastle.mail.smime.SMIMEException

getSignerDistinguishedName

public static java.lang.String getSignerDistinguishedName(java.security.cert.X509Certificate certificate)
Extracts the signer distinguished name (DN) from an X509Certificate.

Parameters:
certificate - The certificate to extract the information from.
Returns:
The requested information.

getSignerCN

public static java.lang.String getSignerCN(java.security.cert.X509Certificate certificate)
Extracts the signer common name (CN=) from an X509Certificate distinguished name.

Parameters:
certificate - The certificate to extract the information from.
Returns:
The requested information.
See Also:
getSignerDistinguishedName(X509Certificate)

getSignerAddress

public static java.lang.String getSignerAddress(java.security.cert.X509Certificate certificate)
Extracts the signer email address (EMAILADDRESS=) from an X509Certificate distinguished name.

Parameters:
certificate - The certificate to extract the information from.
Returns:
The requested information.
See Also:
getSignerDistinguishedName(X509Certificate)

getSignerDistinguishedName

public java.lang.String getSignerDistinguishedName()
Getter for property signerDistinguishedName.

Returns:
Value of property signerDistinguishedName.
See Also:
getSignerDistinguishedName(X509Certificate)

getSignerCN

public java.lang.String getSignerCN()
Getter for property signerCN.

Returns:
Value of property signerCN.
See Also:
getSignerCN(X509Certificate)

getSignerAddress

public java.lang.String getSignerAddress()
Getter for property signerAddress.

Returns:
Value of property signerMailAddress.
See Also:
getSignerAddress(X509Certificate)


Copyright ? 2002-2009 The Apache Software Foundation. All Rights Reserved.