KeyStoreBasedKeyFactoryBean.java

/* See LICENSE for licensing and NOTICE for copyright. */
package org.cryptacular.bean;

import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;

import org.cryptacular.CryptoException;

/**
 * Factory that produces either a {@link javax.crypto.SecretKey} or {@link java.security.PrivateKey}.
 *
 * <p>from a {@link KeyStore}.</p>
 *
 * @param  <T>  Type of key, either {@link javax.crypto.SecretKey} or {@link java.security.PrivateKey}.
 *
 * @author  Middleware Services
 */
public class KeyStoreBasedKeyFactoryBean<T extends Key> implements FactoryBean<T>
{

  /** Keystore containing secret key. */
  private KeyStore keyStore;

  /** Alias of keystore entry containing secret key. */
  private String alias;

  /** Password required to read key entry. */
  private String password;


  /** Creates a new instance. */
  public KeyStoreBasedKeyFactoryBean() {}


  /**
   * Creates a new instance by specifying all properties.
   *
   * @param  keyStore  Key store containing encryption key.
   * @param  alias  Name of encryption key entry in key store.
   * @param  password  Password used to decrypt key entry in keystore.
   */
  public KeyStoreBasedKeyFactoryBean(final KeyStore keyStore, final String alias, final String password)
  {
    setKeyStore(keyStore);
    setAlias(alias);
    setPassword(password);
  }


  /** @return  Keystore that contains the {@link #keyStore}. */
  public KeyStore getKeyStore()
  {
    return keyStore;
  }


  /**
   * Sets the keystore that contains the key.
   *
   * @param  keyStore  Non-null keystore.
   */
  public void setKeyStore(final KeyStore keyStore)
  {
    this.keyStore = keyStore;
  }


  /** @return  Alias that specifies the {@link KeyStore} entry containing the key. */
  public String getAlias()
  {
    return alias;
  }


  /**
   * Sets the alias that specifies the {@link KeyStore} entry containing the key.
   *
   * @param  alias  Keystore alias of key entry.
   */
  public void setAlias(final String alias)
  {
    this.alias = alias;
  }


  /**
   * Sets the password used to access the key entry.
   *
   * @param  password  Key entry password.
   */
  public void setPassword(final String password)
  {
    this.password = password;
  }


  @Override
  @SuppressWarnings("unchecked")
  public T newInstance()
  {
    final Key key;
    try {
      key = keyStore.getKey(alias, password.toCharArray());
    } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
      throw new CryptoException("Error accessing keystore entry " + alias, e);
    }
    return (T) key;
  }
}