Package org.forgerock.opendj.ldap

Class KeyManagers

java.lang.Object
org.forgerock.opendj.ldap.KeyManagers
public final class KeyManagers extends Object
This class contains methods for creating common types of key manager.

  • Method Details

    • useKeyStoreFile

      public static X509KeyManager useKeyStoreFile(String file) throws GeneralSecurityException, IOException
      Creates a new X509KeyManager which will use the named key store file for retrieving certificates. It will use the default key store format for the JVM (e.g. JKS) and will not use a password to open the key store.
      Parameters:
      file - The key store file name.
      Returns:
      A new X509KeyManager which will use the named key store file for retrieving certificates.
      Throws:
      GeneralSecurityException - If the key store could not be loaded, perhaps due to incorrect format, or missing algorithms.
      IOException - If the key store file could not be found or could not be read.
      NullPointerException - If file was null.

    • useKeyStoreFile

      public static X509KeyManager useKeyStoreFile(String file, char[] password, String format) throws GeneralSecurityException, IOException
      Creates a new X509KeyManager which will use the named key store file for retrieving certificates. It will use the provided key store format and password.
      Parameters:
      file - The key store file name.
      password - The key store password, which may be null.
      format - The key store format, which may be null to indicate that the default key store format for the JVM (e.g. JKS) should be used.
      Returns:
      A new X509KeyManager which will use the named key store file for retrieving certificates.
      Throws:
      GeneralSecurityException - If the key store could not be loaded, perhaps due to incorrect format, or missing algorithms.
      IOException - If the key store file could not be found or could not be read.
      NullPointerException - If file was null.

    • useKeyStoreFile

      public static X509KeyManager useKeyStoreFile(String keyStoreFile, char[] password, String format, String provider) throws GeneralSecurityException, IOException
      Creates a new X509KeyManager which will use the named key store file for retrieving certificates. It will use the provided key store format and password.
      Parameters:
      keyStoreFile - The key store file name.
      password - The key store password, which may be null.
      format - The key store format, which may be null to indicate that the default key store format for the JVM (e.g. JKS) should be used.
      provider - The key store provider, which may be null to indicate that the default key store provider for the JVM should be used.
      Returns:
      A new X509KeyManager which will use the named key store file for retrieving certificates.
      Throws:
      GeneralSecurityException - If the key store could not be loaded, perhaps due to incorrect format, or missing algorithms.
      IOException - If the key store file could not be found or could not be read.
      NullPointerException - If file was null.

    • usePKCS11Token

      public static X509KeyManager usePKCS11Token(char[] password) throws GeneralSecurityException, IOException
      Creates a new X509KeyManager which will use a PKCS#11 token for retrieving certificates.
      Parameters:
      password - The password to use for accessing the PKCS#11 token, which may be null if no password is required.
      Returns:
      A new X509KeyManager which will use a PKCS#11 token for retrieving certificates.
      Throws:
      GeneralSecurityException - If the PKCS#11 token could not be accessed, perhaps due to incorrect password, or missing algorithms.
      IOException - If the PKCS#11 token could not be found or could not be read.

    • useJvmDefaultKeyStore

      public static X509KeyManager useJvmDefaultKeyStore() throws GeneralSecurityException, IOException
      Creates a new X509KeyManager which will use the JVM's default keystore for retrieving certificates.
      Returns:
      A new X509KeyManager which will use the JVM's default keystore for retrieving certificates or null if the necessary JVM settings are missing.
      Throws:
      GeneralSecurityException - If the key store could not be loaded, perhaps due to incorrect format, or missing algorithms.
      IOException - If the key store file could not be found or could not be read.

    • useSingleCertificate

      public static X509KeyManager useSingleCertificate(String alias, X509KeyManager keyManager)
      Returns a new X509KeyManager which selects the named certificate from the provided X509KeyManager.
      Parameters:
      alias - The nickname of the certificate that should be selected for operations involving this key manager.
      keyManager - The key manager to be filtered.
      Returns:
      The filtered key manager.
      Throws:
      NullPointerException - If keyManager or alias was null.