Class AlfrescoKeyStoreImpl

  • All Implemented Interfaces:
    AlfrescoKeyStore

    public class AlfrescoKeyStoreImpl
    extends java.lang.Object
    implements AlfrescoKeyStore
    This wraps a Java Keystore and caches the encryption keys. It manages the loading and caching of the encryption keys and their registration with and validation against the encryption key registry.
    Since:
    4.0
    • Field Detail

      • backupKeys

        protected KeyMap backupKeys
      • writeLock

        protected final java.util.concurrent.locks.ReentrantReadWriteLock.WriteLock writeLock
      • readLock

        protected final java.util.concurrent.locks.ReentrantReadWriteLock.ReadLock readLock
      • validateKeyChanges

        protected boolean validateKeyChanges
    • Constructor Detail

      • AlfrescoKeyStoreImpl

        public AlfrescoKeyStoreImpl()
    • Method Detail

      • init

        public void init()
      • setEncryptionKeysRegistry

        public void setEncryptionKeysRegistry​(EncryptionKeysRegistry encryptionKeysRegistry)
      • setValidateKeyChanges

        public void setValidateKeyChanges​(boolean validateKeyChanges)
      • setKeysToValidate

        public void setKeysToValidate​(java.util.Set<java.lang.String> keysToValidate)
      • setKeyStoreParameters

        public void setKeyStoreParameters​(KeyStoreParameters keyStoreParameters)
      • setBackupKeyStoreParameters

        public void setBackupKeyStoreParameters​(KeyStoreParameters backupKeyStoreParameters)
      • setKeyResourceLoader

        public void setKeyResourceLoader​(KeyResourceLoader keyResourceLoader)
      • getName

        public java.lang.String getName()
        The name of the keystore.
        Specified by:
        getName in interface AlfrescoKeyStore
        Returns:
        the name of the keystore.
      • exists

        public boolean exists()
        Does the underlying key store exist?
        Specified by:
        exists in interface AlfrescoKeyStore
        Returns:
        true if it exists, false otherwise
      • getKeyAliases

        public java.util.Set<java.lang.String> getKeyAliases()
        Return all key aliases in the key store.
        Specified by:
        getKeyAliases in interface AlfrescoKeyStore
        Returns:
        Set
      • backup

        public void backup()
        Backup the keystore to the backup location. Write the keys to the backup keystore.
        Specified by:
        backup in interface AlfrescoKeyStore
      • create

        public void create()
        Create the key store if it doesn't exist. A key for each key alias will be written to the keystore on disk, either from the cached keys or, if not present, a key will be generated.
        Specified by:
        create in interface AlfrescoKeyStore
      • getKey

        public java.security.Key getKey​(java.lang.String keyAlias)
        Return the key with the given key alias.
        Specified by:
        getKey in interface AlfrescoKeyStore
        Parameters:
        keyAlias - String
        Returns:
        Key
      • getKeyTimestamp

        public long getKeyTimestamp​(java.lang.String keyAlias)
        Return the timestamp (in ms) of when the key was last loaded from the keystore on disk.
        Specified by:
        getKeyTimestamp in interface AlfrescoKeyStore
        Parameters:
        keyAlias - String
        Returns:
        long
      • getBackupKey

        public java.security.Key getBackupKey​(java.lang.String keyAlias)
        Return the backup key with the given key alias.
        Specified by:
        getBackupKey in interface AlfrescoKeyStore
        Parameters:
        keyAlias - String
        Returns:
        Key
      • createKeyManagers

        public javax.net.ssl.KeyManager[] createKeyManagers()
        Create an array of key managers from keys in the key store.
        Specified by:
        createKeyManagers in interface AlfrescoKeyStore
        Returns:
        KeyManager[]
      • createTrustManagers

        public javax.net.ssl.TrustManager[] createTrustManagers()
        Create an array of trust managers from certificates in the key store.
        Specified by:
        createTrustManagers in interface AlfrescoKeyStore
        Returns:
        TrustManager[]
      • getKeyStoreStream

        protected java.io.InputStream getKeyStoreStream​(java.lang.String location)
                                                 throws java.io.FileNotFoundException
        Throws:
        java.io.FileNotFoundException
      • getKeyStoreOutStream

        protected java.io.OutputStream getKeyStoreOutStream()
                                                     throws java.io.FileNotFoundException
        Throws:
        java.io.FileNotFoundException
      • getKeyInfoManager

        @Deprecated
        protected AlfrescoKeyStoreImpl.KeyInfoManager getKeyInfoManager​(java.lang.String metadataFileLocation)
                                                                 throws java.io.IOException
        Deprecated.
        Throws:
        java.io.IOException
      • cacheKeys

        protected KeyMap cacheKeys​(java.security.KeyStore ks,
                                   AlfrescoKeyStoreImpl.KeyInfoManager keyInfoManager)
                            throws java.security.UnrecoverableKeyException,
                                   java.security.KeyStoreException,
                                   java.security.NoSuchAlgorithmException
        Throws:
        java.security.UnrecoverableKeyException
        java.security.KeyStoreException
        java.security.NoSuchAlgorithmException
      • initialiseKeyStore

        protected java.security.KeyStore initialiseKeyStore​(java.lang.String type,
                                                            java.lang.String provider)
      • createKey

        protected void createKey​(java.lang.String keyAlias)
      • backupExists

        public boolean backupExists()
      • keyStoreExists

        protected boolean keyStoreExists​(java.lang.String location)