com.springcryptoutils.core.signature.SignerWithChoosersByAliasImpl Maven / Gradle / Ivy

Go to download
/*
 * Copyright 2012 Mirko Caserta
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this software except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *  http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.springcryptoutils.core.signature;

import java.security.PrivateKey;
import java.util.HashMap;
import java.util.Map;

import com.springcryptoutils.core.key.PrivateKeyChooserByAlias;
import com.springcryptoutils.core.key.PrivateKeyRegistryByAlias;
import com.springcryptoutils.core.keystore.KeyStoreChooser;

/**
 * The default implementation for providing digital signatures when the private
 * key alias can be configured on the side of the user of this class.
 *
 * @author Mirko Caserta ([email protected])
 */
public class SignerWithChoosersByAliasImpl implements SignerWithChoosersByAlias {

	private Map cache = new HashMap();

	private PrivateKeyRegistryByAlias privateKeyRegistryByAlias;

	private String algorithm = "SHA1withRSA";

	private String provider;

	/**
	 * Sets the private key registry by alias.
	 *
	 * @param privateKeyRegistryByAlias the private key registry by alias
	 */
	public void setPrivateKeyRegistryByAlias(PrivateKeyRegistryByAlias privateKeyRegistryByAlias) {
		this.privateKeyRegistryByAlias = privateKeyRegistryByAlias;
	}

	/**
	 * The signature algorithm. The default is SHA1withRSA.
	 *
	 * @param algorithm the signature algorithm
	 */
	public void setAlgorithm(String algorithm) {
		this.algorithm = algorithm;
	}

	/**
	 * Sets the provider name of the specific implementation requested (e.g.,
	 * "BC" for BouncyCastle, "SunJCE" for the default Sun JCE provider).
	 *
	 * @param provider the provider to set
	 */
	public void setProvider(String provider) {
		this.provider = provider;
	}

	/**
	 * Signs a message.
	 *
	 * @param keyStoreChooser the keystore chooser
	 * @param privateKeyChooserByAlias the private key chooser
	 * @param message the message to sign
	 * @return the signature
	 */
	public byte[] sign(KeyStoreChooser keyStoreChooser, PrivateKeyChooserByAlias privateKeyChooserByAlias, byte[] message) {
		Signer signer = cache.get(cacheKey(keyStoreChooser, privateKeyChooserByAlias));

		if (signer != null) {
			return signer.sign(message);
		}

		SignerImpl signerImpl = new SignerImpl();
		signerImpl.setAlgorithm(algorithm);
		signerImpl.setProvider(provider);
		PrivateKey privateKey = privateKeyRegistryByAlias.get(keyStoreChooser, privateKeyChooserByAlias);

		if (privateKey == null) {
			throw new SignatureException("private key not found in registry: keyStoreName="
					+ keyStoreChooser.getKeyStoreName() + ", alias=" + privateKeyChooserByAlias.getAlias());
		}

		signerImpl.setPrivateKey(privateKey);
		cache.put(cacheKey(keyStoreChooser, privateKeyChooserByAlias), signerImpl);
		return signerImpl.sign(message);
	}

	private static String cacheKey(KeyStoreChooser keyStoreChooser, PrivateKeyChooserByAlias privateKeyChooserByAlias) {
		return new StringBuffer().append(keyStoreChooser.getKeyStoreName()).append('-').append(
				privateKeyChooserByAlias.getAlias()).toString();
	}

}