001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: KeyProvider.java,v 1.5 2009/07/02 21:53:26 madan_ranganath Exp $
026 *
027 */
028
029/*
030 * Portions Copyrighted 2013 ForgeRock, Inc.
031 */
032
033package com.sun.identity.saml.xmlsig;
034
035import java.security.KeyStore;
036import java.security.PrivateKey;
037import java.security.cert.Certificate;
038
039/**
040 * The class <code>KeyProvider</code> is an interface
041 * that is implemented to retrieve X509Certificates and Private Keys from
042 * user data store.  
043 * <p>
044 *
045 * @supported.all.api
046 */
047
048public interface KeyProvider {
049
050    /**
051     * Set the key to access key store database. This method will only need to 
052     * be called once if the key could not be obtained by other means. 
053     * @param storepass  password for the key store
054     * @param keypass password for the certificate
055     */
056    public void setKey(String storepass, String keypass); 
057
058    /**
059     * Return <code>java.security.cert.X509Certificate</code> for the specified
060     * <code>certAlias</code>.
061     * @param certAlias Certificate alias name 
062     * @return <code>X509Certificate</code> which matches the
063     *         <code>certAlias</code>, return null if the certificate could not
064     *         be found.
065     */
066    public java.security.cert.X509Certificate getX509Certificate (
067           String certAlias); 
068
069    /**
070     * Returns <code>java.security.PublicKey</code> for the specified
071     * <code>keyAlias</code>
072     *
073     * @param keyAlias Key alias name
074     * @return <code>PublicKey</code> which matches the <code>keyAlias</code>,
075     *         return null if the <code>PublicKey</code> could not be found.
076     */
077    public java.security.PublicKey getPublicKey (String keyAlias);
078
079    /**
080     * Returns <code>java.security.PrivateKey</code> for the specified
081     * <code>certAlias</code>.
082     *
083     * @param certAlias Certificate alias name  
084     * @return <code>PrivateKey</code> which matches the <code>certAlias</code>,
085     *         return null if the private key could not be found.
086     */
087    public java.security.PrivateKey getPrivateKey (String certAlias);
088
089    /**
090     * Return the {@link java.security.PrivateKey} for the specified certAlias and encrypted private key password.
091     * @param certAlias Certificate alias name
092     * @param encryptedKeyPass The encrypted keypass to use when getting the private certificate
093     * @return PrivateKey which matches the certAlias, return null if
094    the private key could not be found.
095     */
096    public PrivateKey getPrivateKey (String certAlias, String encryptedKeyPass);
097
098     /**
099     * Get the alias name of the first keystore entry whose certificate matches 
100     * the given certificate. 
101     * @param cert Certificate 
102     * @return the (alias) name of the first entry with matching certificate,
103     *       or null if no such entry exists in this keystore. If the keystore 
104     *       has not been loaded properly, return null as well. 
105     */
106    public String getCertificateAlias(Certificate cert); 
107
108    /**
109     * Returns <code>java.security.PrivateKey</code> for the given
110     * <code>X509Certificate</code>.
111     *
112     * @param cert <code>X509Certificate</code>
113     * @return <code>PrivateKey</code> which matches the certificate,
114     *         return null if the private key could not be found.
115     */
116    /* public java.security.PrivateKey getPrivateKey (
117           java.security.cert.X509Certificate cert); */
118
119    /**
120     * Returns certificate corresponding to the specified
121     * <code>PublicKey</code>.
122     *
123     * @param publicKey Certificate public key
124     * @return Certificate which matches the <code>PublicKey</code>, return
125     *         null if the Certificate could not be found.
126     */
127    public Certificate getCertificate (
128            java.security.PublicKey publicKey);
129
130    /**
131     * Returns the keystore instance.
132     * @return the keystore instance.
133     */
134    public KeyStore getKeyStore();
135}