class UtimacoCryptoService : CryptoService<UtimacoAuthenticationCredentials, UtimacoKeyConfig>
Implementation of a CryptoService that is backed by a Utimaco HSM.
data class CryptoServerProviderConfig
Configuration class for CryptoServerProvider. Currently not supported: DefaultUser,KeyStorePath,LogFile,LogLevel,LogSize. |
|
class UtimacoHSMException : CryptoServiceException |
UtimacoCryptoService(cryptoServerProvider: <ERROR CLASS>, keyTemplate: <ERROR CLASS>, authThreshold: Int = 1)
Implementation of a CryptoService that is backed by a Utimaco HSM. |
fun authenticate(credentials: UtimacoAuthenticationCredentials): Unit
Authenticate a user against the underlying crypto provider using given credentials. |
|
fun containsKey(alias: String): Boolean
Check if this CryptoService contains an entry for the given alias. |
|
fun generateAndStoreKeyPair(keyConfig: UtimacoKeyConfig): PublicKey
Generate a key pair and a basic self-signed certificate and store within the underlying key store. |
|
fun generateRandomLong(): Long
Generate a random Long using the underlying Provider. |
|
fun getAuthenticatedUsers(): List<String>
Return the list of users currently authenticated against the underlying crypto provider. |
|
fun getCertificate(alias: String): Certificate
Returns the Certificate of the entry for the given alias. |
|
fun getPublicKey(alias: String): PublicKey
Returns the PublicKey of the entry for the given alias. |
|
fun getSigner(alias: String, password: String?): <ERROR CLASS>
Returns ContentSigner for the key identified by the input alias. |
|
fun isAuthenticated(): Boolean
Boolean flag indicating whether further authentication is needed to use stored keys. |
|
fun logOut(): Unit
Reset the authentication state for the underlying crypto provider. |
|
fun sign(alias: String, data: ByteArray, signAlgorithm: String?, password: String?): ByteArray
Sign a ByteArray using the private key identified by the input alias. Returns the signature bytes formatted according to the signature scheme. The signAlgorithm if specified determines the signature scheme used for signing, if not specified then the signature scheme is based on the private key scheme. |
|
fun updateCertificate(keyConfig: UtimacoKeyConfig, certificateChain: List<X509Certificate>): Unit
Update the certificate chain within the underlying key store. |