source: trunk/src/gcc/libjava/java/security/KeyStore.java@ 681

Last change on this file since 681 was 2, checked in by bird, 23 years ago

Initial revision
  • Property cvs2svn:cvs-rev set to 1.1
  • Property svn:eol-style set to native
  • Property svn:executable set to *
File size: 13.4 KB
Line 
1/* KeyStore.java --- Key Store Class
2 Copyright (C) 1999 Free Software Foundation, Inc.
3
4This file is part of GNU Classpath.
5
6GNU Classpath is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published by
8the Free Software Foundation; either version 2, or (at your option)
9any later version.
10
11GNU Classpath is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Classpath; see the file COPYING. If not, write to the
18Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
1902111-1307 USA.
20
21Linking this library statically or dynamically with other modules is
22making a combined work based on this library. Thus, the terms and
23conditions of the GNU General Public License cover the whole
24combination.
25
26As a special exception, the copyright holders of this library give you
27permission to link this library with independent modules to produce an
28executable, regardless of the license terms of these independent
29modules, and to copy and distribute the resulting executable under
30terms of your choice, provided that you also meet, for each linked
31independent module, the terms and conditions of the license of that
32module. An independent module is a module which is not derived from
33or based on this library. If you modify this library, you may extend
34this exception to your version of the library, but you are not
35obligated to do so. If you do not wish to do so, delete this
36exception statement from your version. */
37
38package java.security;
39import java.io.InputStream;
40import java.io.IOException;
41import java.io.OutputStream;
42import java.security.cert.CertificateException;
43import java.util.Date;
44import java.util.Enumeration;
45
46/**
47 Keystore represents an in-memory collection of keys and
48 certificates. There are two types of entries:
49
50 * Key Entry
51
52 This type of keystore entry store sensitive crytographic key
53 information in a protected format.Typically this is a secret
54 key or a private key with a certificate chain.
55
56
57 * Trusted Ceritificate Entry
58
59 This type of keystore entry contains a single public key
60 certificate belonging to annother entity. It is called trusted
61 because the keystore owner trusts that the certificates
62 belongs to the subject (owner) of the certificate.
63
64 The keystore contains an "alias" string for each entry.
65
66 The structure and persistentence of the key store is not
67 specified. Any method could be used to protect sensitive
68 (private or secret) keys. Smart cards or integrated
69 cryptographic engines could be used or the keystore could
70 be simply stored in a file.
71 */
72public class KeyStore
73{
74 private KeyStoreSpi keyStoreSpi;
75 private Provider provider;
76 private String type;
77
78 /**
79 Creates an instance of KeyStore
80
81 @param keyStoreSpi A KeyStore engine to use
82 @param provider A provider to use
83 @param type The type of KeyStore
84 */
85 protected KeyStore(KeyStoreSpi keyStoreSpi, Provider provider, String type)
86 {
87 this.keyStoreSpi = keyStoreSpi;
88 this.provider = provider;
89 this.type = type;
90 }
91
92 /**
93 Gets an instance of the KeyStore class representing
94 the specified keystore. If the type is not
95 found then, it throws CertificateException.
96
97 @param type the type of certificate to choose
98
99 @return a KeyStore repesenting the desired type
100
101 @throws KeyStoreException if the type of keystore is not implemented by providers
102 */
103 public static KeyStore getInstance(String type) throws KeyStoreException
104 {
105 Provider[] p = Security.getProviders();
106
107 for (int i = 0; i < p.length; i++)
108 {
109 String classname = p[i].getProperty("KeyStore." + type);
110 if (classname != null)
111 return getInstance(classname, type, p[i]);
112 }
113
114 throw new KeyStoreException(type);
115 }
116
117 /**
118 Gets an instance of the KeyStore class representing
119 the specified key store from the specified provider.
120 If the type is not found then, it throws CertificateException.
121 If the provider is not found, then it throws
122 NoSuchProviderException.
123
124 @param type the type of certificate to choose
125
126 @return a KeyStore repesenting the desired type
127
128 @throws KeyStoreException if the type of keystore is not implemented by providers
129 @throws NoSuchProviderException if the provider is not found
130 */
131 public static KeyStore getInstance(String type, String provider)
132 throws KeyStoreException, NoSuchProviderException
133 {
134 Provider p = Security.getProvider(provider);
135 if (p == null)
136 throw new NoSuchProviderException();
137
138 return getInstance(p.getProperty("KeyStore." + type), type, p);
139 }
140
141 private static KeyStore getInstance(String classname,
142 String type,
143 Provider provider)
144 throws KeyStoreException
145 {
146 try
147 {
148 return new KeyStore((KeyStoreSpi) Class.forName(classname).
149 newInstance(), provider, type);
150 }
151 catch (ClassNotFoundException cnfe)
152 {
153 throw new KeyStoreException("Class not found");
154 }
155 catch (InstantiationException ie)
156 {
157 throw new KeyStoreException("Class instantiation failed");
158 }
159 catch (IllegalAccessException iae)
160 {
161 throw new KeyStoreException("Illegal Access");
162 }
163 }
164
165
166 /**
167 Gets the provider that the class is from.
168
169 @return the provider of this class
170 */
171 public final Provider getProvider()
172 {
173 return provider;
174 }
175
176 /**
177 Returns the type of the KeyStore supported
178
179 @return A string with the type of KeyStore
180 */
181 public final String getType()
182 {
183 return type;
184 }
185
186 /**
187 Returns the key associated with given alias using the
188 supplied password.
189
190 @param alias an alias for the key to get
191 @param password password to access key with
192
193 @return the requested key, or null otherwise
194
195 @throws NoSuchAlgorithmException if there is no algorithm
196 for recovering the key
197 @throws UnrecoverableKeyException key cannot be reocovered
198 (wrong password).
199 */
200 public final Key getKey(String alias, char[]password)
201 throws KeyStoreException, NoSuchAlgorithmException,
202 UnrecoverableKeyException
203 {
204 return keyStoreSpi.engineGetKey(alias, password);
205 }
206
207 /**
208 Gets a Certificate chain for the specified alias.
209
210 @param alias the alias name
211
212 @return a chain of Certificates ( ordered from the user's
213 certificate to the Certificate Authority's ) or
214 null if the alias does not exist or there is no
215 certificate chain for the alias ( the alias refers
216 to a trusted certificate entry or there is no entry).
217 */
218 public final java.security.cert.
219 Certificate[] getCertificateChain(String alias) throws KeyStoreException
220 {
221 return keyStoreSpi.engineGetCertificateChain(alias);
222 }
223
224 /**
225 Gets a Certificate for the specified alias.
226
227 If there is a trusted certificate entry then that is returned.
228 it there is a key entry with a certificate chain then the
229 first certificate is return or else null.
230
231 @param alias the alias name
232
233 @return a Certificate or null if the alias does not exist
234 or there is no certificate for the alias
235 */
236 public final java.security.cert.Certificate getCertificate(String alias)
237 throws KeyStoreException
238 {
239 return keyStoreSpi.engineGetCertificate(alias);
240 }
241
242 /**
243 Gets entry creation date for the specified alias.
244
245 @param alias the alias name
246
247 @returns the entry creation date or null
248 */
249 public final Date getCreationDate(String alias) throws KeyStoreException
250 {
251 return keyStoreSpi.engineGetCreationDate(alias);
252 }
253
254 /**
255 Assign the key to the alias in the keystore, protecting it
256 with the given password. It will overwrite an existing
257 entry and if the key is a PrivateKey, also add the
258 certificate chain representing the corresponding public key.
259
260 @param alias the alias name
261 @param key the key to add
262 @password the password to protect with
263 @param chain the certificate chain for the corresponding
264 public key
265
266 @throws KeyStoreException if it fails
267 */
268 public final void setKeyEntry(String alias, Key key, char[]password,
269 java.security.cert.
270 Certificate[]chain) throws KeyStoreException
271 {
272 keyStoreSpi.engineSetKeyEntry(alias, key, password, chain);
273 }
274
275 /**
276 Assign the key to the alias in the keystore. It will overwrite
277 an existing entry and if the key is a PrivateKey, also
278 add the certificate chain representing the corresponding
279 public key.
280
281 @param alias the alias name
282 @param key the key to add
283 @param chain the certificate chain for the corresponding
284 public key
285
286 @throws KeyStoreException if it fails
287 */
288 public final void setKeyEntry(String alias, byte[]key,
289 java.security.cert.
290 Certificate[]chain) throws KeyStoreException
291 {
292 keyStoreSpi.engineSetKeyEntry(alias, key, chain);
293 }
294
295 /**
296 Assign the certificate to the alias in the keystore. It
297 will overwrite an existing entry.
298
299 @param alias the alias name
300 @param cert the certificate to add
301
302 @throws KeyStoreException if it fails
303 */
304 public final void setCertificateEntry(String alias,
305 java.security.cert.
306 Certificate cert) throws
307 KeyStoreException
308 {
309 keyStoreSpi.engineSetCertificateEntry(alias, cert);
310 }
311
312 /**
313 Deletes the entry for the specified entry.
314
315 @param alias the alias name
316
317 @throws KeyStoreException if it fails
318 */
319 public final void deleteEntry(String alias) throws KeyStoreException
320 {
321 keyStoreSpi.engineDeleteEntry(alias);
322 }
323
324 /**
325 Generates a list of all the aliases in the keystore.
326
327 @return an Enumeration of the aliases
328 */
329 public final Enumeration aliases() throws KeyStoreException
330 {
331 return keyStoreSpi.engineAliases();
332 }
333
334 /**
335 Determines if the keystore contains the specified alias.
336
337 @param alias the alias name
338
339 @return true if it contains the alias, false otherwise
340 */
341 public final boolean containsAlias(String alias) throws KeyStoreException
342 {
343 return keyStoreSpi.engineContainsAlias(alias);
344 }
345
346 /**
347 Returns the number of entries in the keystore.
348
349 @returns the number of keystore entries.
350 */
351 public final int size() throws KeyStoreException
352 {
353 return keyStoreSpi.engineSize();
354 }
355
356 /**
357 Determines if the keystore contains a key entry for
358 the specified alias.
359
360 @param alias the alias name
361
362 @return true if it is a key entry, false otherwise
363 */
364 public final boolean isKeyEntry(String alias) throws KeyStoreException
365 {
366 return keyStoreSpi.engineIsKeyEntry(alias);
367 }
368
369
370 /**
371 Determines if the keystore contains a certificate entry for
372 the specified alias.
373
374 @param alias the alias name
375
376 @return true if it is a certificate entry, false otherwise
377 */
378 public final boolean isCertificateEntry(String alias)
379 throws KeyStoreException
380 {
381 return keyStoreSpi.engineIsCertificateEntry(alias);
382 }
383
384 /**
385 Determines if the keystore contains the specified certificate
386 entry and returns the alias.
387
388 It checks every entry and for a key entry checks only the
389 first certificate in the chain.
390
391 @param cert Certificate to look for
392
393 @return alias of first matching certificate, null if it
394 does not exist.
395 */
396 public final String getCertificateAlias(java.security.cert.Certificate cert)
397 throws KeyStoreException
398 {
399 return keyStoreSpi.engineGetCertificateAlias(cert);
400 }
401
402 /**
403 Stores the keystore in the specified output stream and it
404 uses the specified key it keep it secure.
405
406 @param stream the output stream to save the keystore to
407 @param password the password to protect the keystore integrity with
408
409 @throws IOException if an I/O error occurs.
410 @throws NoSuchAlgorithmException the data integrity algorithm
411 used cannot be found.
412 @throws CertificateException if any certificates could not be
413 stored in the output stream.
414 */
415 public final void store(OutputStream stream, char[]password)
416 throws KeyStoreException, IOException, NoSuchAlgorithmException,
417 CertificateException
418 {
419 keyStoreSpi.engineStore(stream, password);
420 }
421
422 /**
423 Loads the keystore from the specified input stream and it
424 uses the specified password to check for integrity if supplied.
425
426 @param stream the input stream to load the keystore from
427 @param password the password to check the keystore integrity with
428
429 @throws IOException if an I/O error occurs.
430 @throws NoSuchAlgorithmException the data integrity algorithm
431 used cannot be found.
432 @throws CertificateException if any certificates could not be
433 stored in the output stream.
434 */
435 public final void load(InputStream stream, char[]password)
436 throws IOException, NoSuchAlgorithmException, CertificateException
437 {
438 keyStoreSpi.engineLoad(stream, password);
439 }
440
441 /**
442 Returns the default KeyStore type. This method looks up the
443 type in <JAVA_HOME>/lib/security/java.security with the
444 property "keystore.type" or if that fails then "jks" .
445 */
446 public static final String getDefaultType()
447 {
448 String tmp;
449 //Security reads every property in java.security so it
450 //will return this property if it exists.
451 tmp = Security.getProperty("keystore.type");
452
453 if (tmp == null)
454 tmp = "jks";
455
456 return tmp;
457 }
458}
Note: See TracBrowser for help on using the repository browser.