PKCS11KeyManagerProvider (OpenDS Directory Server API Documentation)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.opends.server.extensions
Class PKCS11KeyManagerProvider

java.lang.Object
  org.opends.server.api.KeyManagerProvider<PKCS11KeyManagerProviderCfg>
      org.opends.server.extensions.PKCS11KeyManagerProvider

All Implemented Interfaces:: ConfigurationChangeListener<PKCS11KeyManagerProviderCfg>

public class PKCS11KeyManagerProvider
extends KeyManagerProvider<PKCS11KeyManagerProviderCfg>
implements ConfigurationChangeListener<PKCS11KeyManagerProviderCfg>
extends KeyManagerProvider<PKCS11KeyManagerProviderCfg>
implements ConfigurationChangeListener<PKCS11KeyManagerProviderCfg>

This class defines a key manager provider that will access keys stored on a PKCS#11 device. It will use the Java PKCS#11 interface, which may need to be configured on the underlying system.

Field Summary
`static java.lang.String`	`PKCS11_KEYSTORE_TYPE` The keystore type to use when accessing the PKCS#11 keystore.

Constructor Summary
`PKCS11KeyManagerProvider()` Creates a new instance of this PKCS#11 key manager provider.

Method Summary
`ConfigChangeResult`	`applyConfigurationChange(PKCS11KeyManagerProviderCfg configuration)` Applies the configuration changes to this change listener.
`void`	`finalizeKeyManagerProvider()` Performs any finalization that may be necessary for this key manager provider.
`javax.net.ssl.KeyManager[]`	`getKeyManagers()` Retrieves a set of `KeyManager` objects that may be used for interactions requiring access to a key manager.
`void`	`initializeKeyManagerProvider(PKCS11KeyManagerProviderCfg configuration)` Initializes this key manager provider based on the information in the provided key manager provider configuration.
`boolean`	`isConfigurationAcceptable(PKCS11KeyManagerProviderCfg configuration, java.util.List<Message> unacceptableReasons)` Indicates whether the provided configuration is acceptable for this key manager provider.
`boolean`	`isConfigurationChangeAcceptable(PKCS11KeyManagerProviderCfg configuration, java.util.List<Message> unacceptableReasons)` Indicates whether the proposed change to the configuration is acceptable to this change listener.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

PKCS11_KEYSTORE_TYPE

public static final java.lang.String PKCS11_KEYSTORE_TYPE

The keystore type to use when accessing the PKCS#11 keystore.

See Also:: Constant Field Values

Constructor Detail

PKCS11KeyManagerProvider

public PKCS11KeyManagerProvider()

Creates a new instance of this PKCS#11 key manager provider. The initializeKeyManagerProvider method must be called on the resulting object before it may be used.

Method Detail

initializeKeyManagerProvider

public void initializeKeyManagerProvider(PKCS11KeyManagerProviderCfg configuration)
                                  throws ConfigException,
                                         InitializationException

Initializes this key manager provider based on the information in the provided key manager provider configuration.

Specified by:: initializeKeyManagerProvider in class KeyManagerProvider<PKCS11KeyManagerProviderCfg>

Parameters:: configuration - The key manager provider configuration that contains the information to use to initialize this key manager provider.
Throws:: ConfigException - If an unrecoverable problem arises in the process of performing the initialization as a result of the server configuration.; InitializationException - If a problem occurs during initialization that is not related to the server configuration.

finalizeKeyManagerProvider

public void finalizeKeyManagerProvider()

Performs any finalization that may be necessary for this key manager provider.

Specified by:: finalizeKeyManagerProvider in class KeyManagerProvider<PKCS11KeyManagerProviderCfg>

getKeyManagers

public javax.net.ssl.KeyManager[] getKeyManagers()
                                          throws DirectoryException

Retrieves a set of KeyManager objects that may be used for interactions requiring access to a key manager.

Specified by:: getKeyManagers in class KeyManagerProvider<PKCS11KeyManagerProviderCfg>

Returns:: A set of KeyManager objects that may be used for interactions requiring access to a key manager.
Throws:: DirectoryException - If a problem occurs while attempting to obtain the set of key managers.

isConfigurationAcceptable

public boolean isConfigurationAcceptable(PKCS11KeyManagerProviderCfg configuration,
                                         java.util.List<Message> unacceptableReasons)

Indicates whether the provided configuration is acceptable for this key manager provider. It should be possible to call this method on an uninitialized key manager provider instance in order to determine whether the key manager provider would be able to use the provided configuration.

Note that implementations which use a subclass of the provided configuration class will likely need to cast the configuration to the appropriate subclass type.

Overrides:: isConfigurationAcceptable in class KeyManagerProvider<PKCS11KeyManagerProviderCfg>

Parameters:: configuration - The key manager provider configuration for which to make the determination.; unacceptableReasons - A list that may be used to hold the reasons that the provided configuration is not acceptable.
Returns:: true if the provided configuration is acceptable for this key manager provider, or false if not.

isConfigurationChangeAcceptable

public boolean isConfigurationChangeAcceptable(PKCS11KeyManagerProviderCfg configuration,
                                               java.util.List<Message> unacceptableReasons)

Indicates whether the proposed change to the configuration is acceptable to this change listener.

Specified by:: isConfigurationChangeAcceptable in interface ConfigurationChangeListener<PKCS11KeyManagerProviderCfg>

Parameters:: configuration - The new configuration containing the changes.; unacceptableReasons - A list that can be used to hold messages about why the provided configuration is not acceptable.
Returns:: Returns true if the proposed change is acceptable, or false if it is not.

applyConfigurationChange

public ConfigChangeResult applyConfigurationChange(PKCS11KeyManagerProviderCfg configuration)

Applies the configuration changes to this change listener.

Specified by:: applyConfigurationChange in interface ConfigurationChangeListener<PKCS11KeyManagerProviderCfg>

Parameters:: configuration - The new configuration containing the changes.
Returns:: Returns information about the result of changing the configuration.