java.security
Class KeyStore
java.lang.Object
|
+--java.security.KeyStore
public class
KeyStoreextends
ObjectKeystore represents an in-memory collection of keys and
certificates. There are two types of entries:
Key Entry
This type of keystore entry store sensitive crytographic key
information in a protected format.Typically this is a secret
key or a private key with a certificate chain.
Trusted Ceritificate Entry
This type of keystore entry contains a single public key
certificate belonging to annother entity. It is called trusted
because the keystore owner trusts that the certificates
belongs to the subject (owner) of the certificate.
The keystore contains an "alias" string for each entry.
The structure and persistentence of the key store is not
specified. Any method could be used to protect sensitive
(private or secret) keys. Smart cards or integrated
cryptographic engines could be used or the keystore could
be simply stored in a file.
java.util.Enumeration | aliases()
|
boolean | containsAlias(java.lang.String alias)
|
void | deleteEntry(java.lang.String alias)
|
java.security.cert.Certificate | getCertificate(java.lang.String alias)
|
java.lang.String | getCertificateAlias(java.security.cert.Certificate cert)
|
java.security.cert.Certificate[] | getCertificateChain(java.lang.String alias)
|
java.util.Date | getCreationDate(java.lang.String alias)
|
static java.lang.String | getDefaultType()
|
static java.security.KeyStore | getInstance(java.lang.String type)
|
static java.security.KeyStore | getInstance(java.lang.String type, java.lang.String provider)
|
static java.security.KeyStore | getInstance(java.lang.String type, java.security.Provider provider)
|
java.security.Key | getKey(java.lang.String alias, char[] )
|
java.security.Provider | getProvider()
|
java.lang.String | getType()
|
boolean | isCertificateEntry(java.lang.String alias)
|
boolean | isKeyEntry(java.lang.String alias)
|
void | load(java.io.InputStream stream, char[] )
|
void | setCertificateEntry(java.lang.String alias, java.security.cert. Certificate cert)
|
void | setKeyEntry(java.lang.String alias, java.security.Key key, char[] , java.security.cert. Certificate[]chain)
|
void | setKeyEntry(java.lang.String alias, byte[] , java.security.cert. Certificate[]chain)
|
int | size()
|
void | store(java.io.OutputStream stream, char[] )
|
KeyStore
protected KeyStore(java.security.KeyStoreSpi keyStoreSpi, java.security.Provider provider, java.lang.String type)
Creates an instance of KeyStore
Parameters:
aliases
public final Enumeration aliases()
Generates a list of all the aliases in the keystore.
Returns:
- an Enumeration of the aliases
containsAlias
public final boolean containsAlias(java.lang.String alias)
Determines if the keystore contains the specified alias.
Parameters:
Returns:
- true if it contains the alias, false otherwise
deleteEntry
public final void deleteEntry(java.lang.String alias)
Deletes the entry for the specified entry.
Parameters:
Throws:
getCertificate
public final Certificate getCertificate(java.lang.String alias)
Gets a Certificate for the specified alias.
If there is a trusted certificate entry then that is returned.
it there is a key entry with a certificate chain then the
first certificate is return or else null.
Parameters:
Returns:
- a Certificate or null if the alias does not exist
or there is no certificate for the alias
getCertificateAlias
public final String getCertificateAlias(java.security.cert.Certificate cert)
Determines if the keystore contains the specified certificate
entry and returns the alias.
It checks every entry and for a key entry checks only the
first certificate in the chain.
Parameters:
Returns:
- alias of first matching certificate, null if it
does not exist.
getCertificateChain
public final Certificate[] getCertificateChain(java.lang.String alias)
Gets a Certificate chain for the specified alias.
Parameters:
Returns:
- a chain of Certificates ( ordered from the user's
certificate to the Certificate Authority's ) or
null if the alias does not exist or there is no
certificate chain for the alias ( the alias refers
to a trusted certificate entry or there is no entry).
getCreationDate
public final Date getCreationDate(java.lang.String alias)
Gets entry creation date for the specified alias.
Parameters:
getDefaultType
public static final String getDefaultType()
Returns the default KeyStore type. This method looks up the
type in /lib/security/java.security with the
property "keystore.type" or if that fails then "jks" .
getInstance
public static KeyStore getInstance(java.lang.String type)
Gets an instance of the KeyStore class representing
the specified keystore. If the type is not
found then, it throws KeyStoreException.
Parameters:
Returns:
- a KeyStore repesenting the desired type
Throws:
getInstance
public static KeyStore getInstance(java.lang.String type, java.lang.String provider)
Gets an instance of the KeyStore class representing
the specified key store from the specified provider.
If the type is not found then, it throws KeyStoreException.
If the provider is not found, then it throws
NoSuchProviderException.
Parameters:
Returns:
- a KeyStore repesenting the desired type
Throws:
getInstance
public static KeyStore getInstance(java.lang.String type, java.security.Provider provider)
Gets an instance of the KeyStore class representing
the specified key store from the specified provider.
If the type is not found then, it throws KeyStoreException.
If the provider is not found, then it throws
NoSuchProviderException.
Since:Parameters:
Returns:
- a KeyStore repesenting the desired type
Throws:
getKey
public final Key getKey(java.lang.String alias, char[] )
Returns the key associated with given alias using the
supplied password.
Parameters:
Returns:
- the requested key, or null otherwise
Throws:
getProvider
public final Provider getProvider()
Gets the provider that the class is from.
Returns:
- the provider of this class
getType
public final String getType()
Returns the type of the KeyStore supported
Returns:
- A string with the type of KeyStore
isCertificateEntry
public final boolean isCertificateEntry(java.lang.String alias)
Determines if the keystore contains a certificate entry for
the specified alias.
Parameters:
Returns:
- true if it is a certificate entry, false otherwise
isKeyEntry
public final boolean isKeyEntry(java.lang.String alias)
Determines if the keystore contains a key entry for
the specified alias.
Parameters:
Returns:
- true if it is a key entry, false otherwise
load
public final void load(java.io.InputStream stream, char[] )
Loads the keystore from the specified input stream and it
uses the specified password to check for integrity if supplied.
Parameters:
Throws:
setCertificateEntry
public final void setCertificateEntry(java.lang.String alias, java.security.cert. Certificate cert)
Assign the certificate to the alias in the keystore. It
will overwrite an existing entry.
Parameters:
Throws:
setKeyEntry
public final void setKeyEntry(java.lang.String alias, byte[] , java.security.cert. Certificate[]chain)
Assign the key to the alias in the keystore. It will overwrite
an existing entry and if the key is a PrivateKey, also
add the certificate chain representing the corresponding
public key.
Parameters:
Throws:
setKeyEntry
public final void setKeyEntry(java.lang.String alias, java.security.Key key, char[] , java.security.cert. Certificate[]chain)
Assign the key to the alias in the keystore, protecting it
with the given password. It will overwrite an existing
entry and if the key is a PrivateKey, also add the
certificate chain representing the corresponding public key.
Parameters:
Throws:
size
public final int size()
Returns the number of entries in the keystore.
store
public final void store(java.io.OutputStream stream, char[] )
Stores the keystore in the specified output stream and it
uses the specified key it keep it secure.
Parameters:
Throws: