/*
* Copyright (c) 2013-2014 EMC Corporation
* All Rights Reserved
*/
package com.emc.storageos.security.keystore;
import java.security.KeyStore;
import java.util.Map;
import com.emc.storageos.security.exceptions.SecurityException;
import com.emc.storageos.security.keystore.impl.KeyCertificateEntry;
import com.emc.storageos.security.keystore.impl.TrustedCertificateEntry;
/**
*
*/
public interface DistributedKeyStore {
/**
* initailizes the keystore with the specified parameters
*
* @param param
* the parameters with which to initialize the keystore
* @throws SecurityException
* if bad parameters are given
*/
public void init(KeyStore.LoadStoreParameter param) throws SecurityException;
/**
* gets the stored trusted certificates from persistence, if any. else, returns an
* empty map.
*
* @return the stored trusted certificates
* @throws SecurityException
* when reading the certifiactes have failed
*/
public Map<String, TrustedCertificateEntry> getTrustedCertificates()
throws SecurityException;
/**
* persists the trusted certificates
*
* @param trustedCerts
* the certificates to persist
* @throws SecurityException
* if persistence of the certificates have failed
*/
public void setTrustedCertificates(Map<String, TrustedCertificateEntry> trustedCerts)
throws SecurityException;
/**
* get all root certificates who are from well known CA preinstalled with ViPR from keystore
*
* @return the map of ca certificates
*/
public Map<String, TrustedCertificateEntry> getCACertificates();
/**
* set all root certificates to key store.
*
* @param trustedCerts
*/
public void setCACertificates(Map<String, TrustedCertificateEntry> trustedCerts);
/**
* remove a CA certificate
*
* @param alias
*/
public void removeCACertificate(String alias);
/**
* adds a trusted certificate to the list of persisted certificates
*
* @param alias
* the alias under which to persist the certificate
* @param cert
* the trusted certificate to persist
* @throws SecurityException
* if persistence of the certificate has failed
*/
public void addTrustedCertificate(String alias, TrustedCertificateEntry cert)
throws SecurityException;
/**
* removes the specified trusted certificate from persistence. does nothing if a
* certificate with the specified alias does not exist
*
* @param alias
* the alias of the certificate to remove
* @throws SecurityException
* if failed to remove the specified certificate
*/
public void removeTrustedCertificate(String alias) throws SecurityException;
/**
* gets the persisted KeyCertificateEntry. returns null if it's not found
*
* @return KeyCertificateEntry
* @throws SecurityException
* if failed to retrieve the KeyCertificateEntry
*/
public KeyCertificateEntry getKeyCertificatePair() throws SecurityException;
/**
* sets the KeyCertificateEntry
*
* @param entry
* the entry to set
* @throws SecurityException
* if persistence of the entry has failed
*/
public void setKeyCertificatePair(KeyCertificateEntry entry) throws SecurityException;
TrustedCertificateEntry getUserAddedCert(String alias);
TrustedCertificateEntry getViprAddedCert(String alias);
boolean containsUserAddedCerts(String alias);
boolean containsViprSuppliedCerts(String alias);
}