Methods Summary |
---|
public abstract java.util.Enumeration | engineAliases()Lists all the alias names of this keystore.
|
public abstract boolean | engineContainsAlias(java.lang.String alias)Checks if the given alias exists in this keystore.
|
public abstract void | engineDeleteEntry(java.lang.String alias)Deletes the entry identified by the given alias from this keystore.
|
public boolean | engineEntryInstanceOf(java.lang.String alias, java.lang.Class entryClass)Determines if the keystore Entry for the specified
alias is an instance or subclass of the specified
entryClass .
if (entryClass == KeyStore.TrustedCertificateEntry.class) {
return engineIsCertificateEntry(alias);
}
if (entryClass == KeyStore.PrivateKeyEntry.class) {
return engineIsKeyEntry(alias) &&
engineGetCertificate(alias) != null;
}
if (entryClass == KeyStore.SecretKeyEntry.class) {
return engineIsKeyEntry(alias) &&
engineGetCertificate(alias) == null;
}
return false;
|
public abstract java.security.cert.Certificate | engineGetCertificate(java.lang.String alias)Returns the certificate associated with the given alias.
If the given alias name identifies an entry
created by a call to setCertificateEntry ,
or created by a call to setEntry with a
TrustedCertificateEntry ,
then the trusted certificate contained in that entry is returned.
If the given alias name identifies an entry
created by a call to setKeyEntry ,
or created by a call to setEntry with a
PrivateKeyEntry ,
then the first element of the certificate chain in that entry
(if a chain exists) is returned.
|
public abstract java.lang.String | engineGetCertificateAlias(java.security.cert.Certificate cert)Returns the (alias) name of the first keystore entry whose certificate
matches the given certificate.
This method attempts to match the given certificate with each
keystore entry. If the entry being considered was
created by a call to setCertificateEntry ,
or created by a call to setEntry with a
TrustedCertificateEntry ,
then the given certificate is compared to that entry's certificate.
If the entry being considered was
created by a call to setKeyEntry ,
or created by a call to setEntry with a
PrivateKeyEntry ,
then the given certificate is compared to the first
element of that entry's certificate chain.
|
public abstract java.security.cert.Certificate[] | engineGetCertificateChain(java.lang.String alias)Returns the certificate chain associated with the given alias.
The certificate chain must have been associated with the alias
by a call to setKeyEntry ,
or by a call to setEntry with a
PrivateKeyEntry .
|
public abstract java.util.Date | engineGetCreationDate(java.lang.String alias)Returns the creation date of the entry identified by the given alias.
|
public java.security.KeyStore$Entry | engineGetEntry(java.lang.String alias, java.security.KeyStore$ProtectionParameter protParam)Gets a KeyStore.Entry for the specified alias
with the specified protection parameter.
if (!engineContainsAlias(alias)) {
return null;
}
if (protParam == null) {
if (engineIsCertificateEntry(alias)) {
return new KeyStore.TrustedCertificateEntry
(engineGetCertificate(alias));
} else {
throw new UnrecoverableEntryException
("requested entry requires a password");
}
}
if (protParam instanceof KeyStore.PasswordProtection) {
if (engineIsCertificateEntry(alias)) {
throw new UnsupportedOperationException
("trusted certificate entries are not password-protected");
} else if (engineIsKeyEntry(alias)) {
KeyStore.PasswordProtection pp =
(KeyStore.PasswordProtection)protParam;
char[] password = pp.getPassword();
try {
Key key = engineGetKey(alias, password);
if (key instanceof PrivateKey) {
Certificate[] chain = engineGetCertificateChain(alias);
return new KeyStore.PrivateKeyEntry
((PrivateKey)key, chain);
} else if (key instanceof SecretKey) {
return new KeyStore.SecretKeyEntry((SecretKey)key);
}
} catch (UnrecoverableKeyException uke) {
UnrecoverableEntryException uee =
new UnrecoverableEntryException();
uee.initCause(uke);
throw uee;
}
}
}
throw new UnsupportedOperationException();
|
public abstract java.security.Key | engineGetKey(java.lang.String alias, char[] password)Returns the key associated with the given alias, using the given
password to recover it. The key must have been associated with
the alias by a call to setKeyEntry ,
or by a call to setEntry with a
PrivateKeyEntry or SecretKeyEntry .
|
public abstract boolean | engineIsCertificateEntry(java.lang.String alias)Returns true if the entry identified by the given alias
was created by a call to setCertificateEntry ,
or created by a call to setEntry with a
TrustedCertificateEntry .
|
public abstract boolean | engineIsKeyEntry(java.lang.String alias)Returns true if the entry identified by the given alias
was created by a call to setKeyEntry ,
or created by a call to setEntry with a
PrivateKeyEntry or a SecretKeyEntry .
|
public abstract void | engineLoad(java.io.InputStream stream, char[] password)Loads the keystore from the given input stream.
A password may be given to unlock the keystore
(e.g. the keystore resides on a hardware token device),
or to check the integrity of the keystore data.
If a password is not given for integrity checking,
then integrity checking is not performed.
|
public void | engineLoad(java.security.KeyStore$LoadStoreParameter param)Loads the keystore using the given
KeyStore.LoadStoreParameter .
Note that if this KeyStore has already been loaded, it is
reinitialized and loaded again from the given parameter.
if (param == null) {
engineLoad((InputStream)null, (char[])null);
return;
}
if (param instanceof KeyStore.SimpleLoadStoreParameter) {
ProtectionParameter protection = param.getProtectionParameter();
char[] password;
if (protection instanceof PasswordProtection) {
password = ((PasswordProtection)param).getPassword();
} else if (protection instanceof CallbackHandlerProtection) {
CallbackHandler handler =
((CallbackHandlerProtection)param).getCallbackHandler();
PasswordCallback callback =
new PasswordCallback("Password: ", false);
try {
handler.handle(new Callback[] {callback});
} catch (UnsupportedCallbackException e) {
throw new NoSuchAlgorithmException
("Could not obtain password", e);
}
password = callback.getPassword();
callback.clearPassword();
if (password == null) {
throw new NoSuchAlgorithmException
("No password provided");
}
} else {
throw new NoSuchAlgorithmException("ProtectionParameter must"
+ " be PasswordProtection or CallbackHandlerProtection");
}
engineLoad(null, password);
return;
}
throw new UnsupportedOperationException();
|
public abstract void | engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate cert)Assigns the given certificate to the given alias.
If the given alias identifies an existing entry
created by a call to setCertificateEntry ,
or created by a call to setEntry with a
TrustedCertificateEntry ,
the trusted certificate in the existing entry
is overridden by the given certificate.
|
public void | engineSetEntry(java.lang.String alias, java.security.KeyStore$Entry entry, java.security.KeyStore$ProtectionParameter protParam)Saves a KeyStore.Entry under the specified alias.
The specified protection parameter is used to protect the
Entry .
If an entry already exists for the specified alias,
it is overridden.
// get password
if (protParam != null &&
!(protParam instanceof KeyStore.PasswordProtection)) {
throw new KeyStoreException("unsupported protection parameter");
}
KeyStore.PasswordProtection pProtect = null;
if (protParam != null) {
pProtect = (KeyStore.PasswordProtection)protParam;
}
// set entry
if (entry instanceof KeyStore.TrustedCertificateEntry) {
if (protParam != null && pProtect.getPassword() != null) {
// pre-1.5 style setCertificateEntry did not allow password
throw new KeyStoreException
("trusted certificate entries are not password-protected");
} else {
KeyStore.TrustedCertificateEntry tce =
(KeyStore.TrustedCertificateEntry)entry;
engineSetCertificateEntry(alias, tce.getTrustedCertificate());
return;
}
} else if (entry instanceof KeyStore.PrivateKeyEntry) {
if (pProtect == null || pProtect.getPassword() == null) {
// pre-1.5 style setKeyEntry required password
throw new KeyStoreException
("non-null password required to create PrivateKeyEntry");
} else {
engineSetKeyEntry
(alias,
((KeyStore.PrivateKeyEntry)entry).getPrivateKey(),
pProtect.getPassword(),
((KeyStore.PrivateKeyEntry)entry).getCertificateChain());
return;
}
} else if (entry instanceof KeyStore.SecretKeyEntry) {
if (pProtect == null || pProtect.getPassword() == null) {
// pre-1.5 style setKeyEntry required password
throw new KeyStoreException
("non-null password required to create SecretKeyEntry");
} else {
engineSetKeyEntry
(alias,
((KeyStore.SecretKeyEntry)entry).getSecretKey(),
pProtect.getPassword(),
(Certificate[])null);
return;
}
}
throw new KeyStoreException
("unsupported entry type: " + entry.getClass().getName());
|
public abstract void | engineSetKeyEntry(java.lang.String alias, java.security.Key key, char[] password, java.security.cert.Certificate[] chain)Assigns the given key to the given alias, protecting it with the given
password.
If the given key is of type java.security.PrivateKey ,
it must be accompanied by a certificate chain certifying the
corresponding public key.
If the given alias already exists, the keystore information
associated with it is overridden by the given key (and possibly
certificate chain).
|
public abstract void | engineSetKeyEntry(java.lang.String alias, byte[] key, java.security.cert.Certificate[] chain)Assigns the given key (that has already been protected) to the given
alias.
If the protected key is of type
java.security.PrivateKey ,
it must be accompanied by a certificate chain certifying the
corresponding public key.
If the given alias already exists, the keystore information
associated with it is overridden by the given key (and possibly
certificate chain).
|
public abstract int | engineSize()Retrieves the number of entries in this keystore.
|
public abstract void | engineStore(java.io.OutputStream stream, char[] password)Stores this keystore to the given output stream, and protects its
integrity with the given password.
|
public void | engineStore(java.security.KeyStore$LoadStoreParameter param)Stores this keystore using the given
KeyStore.LoadStoreParmeter .
throw new UnsupportedOperationException();
|