Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.me.keymgmt
Class KeyStore

java.lang.Object
  |
  +--iaik.me.keymgmt.KeyStore
public class KeyStore
extends Object

This class encodes and decodes IAIK-JCE-ME KeyStores. It uses a new, more efficient and compact format than the previous IAIK keystores. The registered object identifier of this keystore is "1.3.6.1.4.1.2706.2.1".

Note: The old keystore format is not supported anymore, only keystores with the new format can be parsed with this implementation. You can convert keystores with the old format to the new one with the conversion tool provided with this distribution.

Constructor Summary
KeyStore()
          Creates a new empty KeyStore.
KeyStore(InputStream in, char[] password)
          Reads a keystore from the given InputStream.
 
Method Summary
 void addCertificateChainEntry(String alias, X509Certificate[] cert)
          Adds a X509 certificate chain to the Keystore.
 void addCertificateEntry(String alias, X509Certificate cert)
          Adds a certificate to the Keystore.
 void addKeyAndCertEntry(String alias, KeyAndCert kac)
          Adds a KeyAndCert object containing a private key and the corresponsing certifacte(chain) to the keystore.
 void addKeyAndCertEntry(String alias, PrivateKey key, X509Certificate[] chain)
          Adds a private key and the corresponsing certifacte chain to the keystore.
 void addKeyEntry(String alias, PrivateKey key)
          Adds a PrivateKey object to the keystore.
 Enumeration aliases()
          Returns an enumeration of the aliases in this KeyStore.
 void deleteEntry(String alias)
          Deletes an entry from the keystore.
 X509Certificate[] getCertificateChain(String alias)
          Returns the certificate chain specified by the given alias or null if the chain is not in the keystore.
If the alias points to a iaik.me.keymgmt.KeyAndCert object, the certificatechain of this object is returned.
This method is also used to retrieve single certificates from the keystore.
 Object getEntry(String alias)
          Returns an entry from the keystore of arbitrary type which is define by its alias (for those who have forgotten of what kind the entry is).
The type of the entry can be determined this way:
Object thing = keystore.getEntry("myalias");
if( thing instanceof X509Certificate[] ) {
// certificate (chain)
} else if( thing instanceof KeyAndCert ) {
// KeyAndCert object
} else if ( thing instanceof PrivateKey ) {
// Private key object
}
 KeyAndCert getKeyAndCert(String alias)
          Return the KeyAndCert with the given alias or null if the object can not be found within the keystore.
 PrivateKey getPrivateKey(String alias)
          Returns the private key that is specified by the given alias or null if the key is not in the keystore.
If the alias points to a KeyAndCert object, the private key of that object is returned.
 void setSecureRandom(SecureRandom rnd)
          Sets a secure random number generator for the cipher operations during password based keystore encryption.
 byte[] store(char[] password)
          Store the KeyStore protecting it with the given password.
 byte[] store(char[] password, int iterationCount)
          Store the KeyStore protecting it with the given password.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

KeyStore

public KeyStore()
Creates a new empty KeyStore.
Since:
3.0

KeyStore

public KeyStore(InputStream in,
                char[] password)
         throws CryptoException,
                IOException
Reads a keystore from the given InputStream. A keystore can be read the following way:

KeyStore ks = new KeyStore(new FileInputStream("keystore.ks"), "mypassword".toCharArray());

Parameters:
in - the inpustream
password - the password of the keystore
Throws:
IOException -  
CryptoException -  
Since:
3.0
Method Detail

setSecureRandom

public void setSecureRandom(SecureRandom rnd)
Sets a secure random number generator for the cipher operations during password based keystore encryption.
Parameters:
rnd - the secure random object
Since:
3.0
See Also:
SecureRandom

aliases

public Enumeration aliases()
Returns an enumeration of the aliases in this KeyStore. The keystore content can be retrieved the following way:

Enumeration enum = keystore.aliases();
while (enum.hasMoreElements()) {
System.out.println(enum.nextElement());
}

Returns:
an enumeration of the keystore content
Since:
3.0

getPrivateKey

public PrivateKey getPrivateKey(String alias)
                         throws CryptoException
Returns the private key that is specified by the given alias or null if the key is not in the keystore.
If the alias points to a KeyAndCert object, the private key of that object is returned.
Parameters:
alias - alias of the private key
Returns:
the privatekey object
Since:
3.0
See Also:
KeyAndCert

getCertificateChain

public X509Certificate[] getCertificateChain(String alias)
Returns the certificate chain specified by the given alias or null if the chain is not in the keystore.
If the alias points to a iaik.me.keymgmt.KeyAndCert object, the certificatechain of this object is returned.
This method is also used to retrieve single certificates from the keystore. The certificate is the first item of the returned array:

X509Certificate[] certs = keystore.getCertificateChain("mycertificate");
X509Certificate cert = certs[0];

Parameters:
alias - certificate chain alias
Returns:
certificate chain or null if it is not in the store
Since:
3.0
See Also:
KeyAndCert

getKeyAndCert

public KeyAndCert getKeyAndCert(String alias)
                         throws CryptoException
Return the KeyAndCert with the given alias or null if the object can not be found within the keystore.
Parameters:
alias - alias of the KeyAndCert object
Returns:
the KeyAndCert object
Since:
3.0
See Also:
KeyAndCert

store

public byte[] store(char[] password)
             throws CryptoException
Store the KeyStore protecting it with the given password.

byte[] newstore = keystore.store("mypassword".toCharArray());

Parameters:
password - characterarray of the keystore password
Returns:
the encoded and ecrypted keystore as byte array
Throws:
CryptoException -  
Since:
3.0

store

public byte[] store(char[] password,
                    int iterationCount)
             throws CryptoException
Store the KeyStore protecting it with the given password. The iteration count is used for the password based methods and is a proportional to the security of system against exhaustive password search attacks. The default value is 2048, if performance is a critical factor, this value may be reduced.
Parameters:
password - characterarray of the keystore password
iterationCount - iteration count for the password- based encryption
Returns:
the encoded and ecrypted keystore as byte array
Throws:
CryptoException -  
Since:
3.0

addKeyAndCertEntry

public void addKeyAndCertEntry(String alias,
                               PrivateKey key,
                               X509Certificate[] chain)
Adds a private key and the corresponsing certifacte chain to the keystore. The object is stored as a KeyAndCert object.

store.addKeyAndCertEntry("myalias", PrivateKey key, X509Certificate[] chain);

Parameters:
alias - alias of the KeyAndCert entry
key - the privatekey
chain - the X509 certificate chain
Since:
3.02
See Also:
KeyAndCert

addKeyAndCertEntry

public void addKeyAndCertEntry(String alias,
                               KeyAndCert kac)
Adds a KeyAndCert object containing a private key and the corresponsing certifacte(chain) to the keystore. KeyAndCert kac = new KeyAndCert(certChain, privateKey);
store.addKeyAndCertEntry("myalias", kac);
Parameters:
alias - the alias for the keystore entry
kac - a KeyAndCert object
Since:
3.02

deleteEntry

public void deleteEntry(String alias)
Deletes an entry from the keystore. The entry is specified by its alias.
Parameters:
alias - alias of the object
Since:
3.02

addKeyEntry

public void addKeyEntry(String alias,
                        PrivateKey key)
Adds a PrivateKey object to the keystore.
Parameters:
alias - of the private key
key - the priate key
Since:
3.02

addCertificateChainEntry

public void addCertificateChainEntry(String alias,
                                     X509Certificate[] cert)
Adds a X509 certificate chain to the Keystore.
Parameters:
alias - alias of the certificate chain
cert - the certificate chain

addCertificateEntry

public void addCertificateEntry(String alias,
                                X509Certificate cert)
Adds a certificate to the Keystore.
Parameters:
alias - alias of the certificate
cert - the X509Certificate
Since:
3.02

getEntry

public Object getEntry(String alias)
Returns an entry from the keystore of arbitrary type which is define by its alias (for those who have forgotten of what kind the entry is).
The type of the entry can be determined this way:
Object thing = keystore.getEntry("myalias");
if( thing instanceof X509Certificate[] ) {
// certificate (chain)
} else if( thing instanceof KeyAndCert ) {
// KeyAndCert object
} else if ( thing instanceof PrivateKey ) {
// Private key object
}
Parameters:
alias - the alias of the entry
Returns:
the keystore entry as object
Since:
3.02
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from IETF Internet Standard specifications, see copyright note) and RSA Data Security Public-Key Cryptography Standards (see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE ME 3.04, (c) 2002 IAIK, (c) 2003 to 2006 Stiftung SIC