KeyStore

Previous page
Table of content
Next page

KeyStore java.security
Java 1.2

This class represents a mapping of names , or aliases, to Key and java.security.cert.Certificate objects. Obtain a KeyStore object by calling one of the static getInstance( ) methods , specifying the desired key store type and, optionally , the desired provider. Use "JKS" to specify the "Java Key Store" type defined by Sun. Because of U.S. export regulations, this default KeyStore supports only weak encryption of private keys. If you have the Java Cryptography Extension installed, use the type "JCEKS" and provider "SunJCE" to obtain a KeyStore implementation that offers much stronger password-based encryption of keys. Once you have created a KeyStore , use load( ) to read its contents from a stream, supplying an optional password that verifies the integrity of the stream data. Keystores are typically read from a file named .keystore in the user 's home directory.

The KeyStore API has been substantially enhanced in Java 5.0. We describe pre-5.0 methods first, and then cover Java 5.0 enhancements below. A KeyStore may contain both public and private key entries. A public key entry is represented by a Certificate object. Use getCertificate( ) to look up a named public key certificate and setCertificateEntry( ) to add a new public key certificate to the keystore. A private key entry in the keystore contains both a password-protected Key and an array of Certificate objects that represent the certificate chain for the public key that corresponds to the private key. Use getKey( ) and getCertificateChain( ) to look up the key and certificate chain. Use setKeyEntry( ) to create a new private key entry. You must provide a password when reading or writing a private key from the keystore; this password encrypts the key data, and each private key entry should have a different password. If you are using the JCE, you may also store javax.crypto.SecretKey objects in a KeyStore . Secret keys are stored like private keys, except that they do not have a certificate chain associated with them. To delete an entry from a KeyStore , use deleteEntry( ) . If you modify the contents of a KeyStore , use store( ) to save the keystore to a specified stream. You may specify a password that is used to validate the integrity of the data, but it is not used to encrypt the keystore.

In Java 5.0 the KeyStore.Entry interface defines a keystore entry. Implementations include the nested types PrivateKeyEntry , SecretKeyEntry , and trustedCertificateEntry . You can get or set an entry of any type with the new methods getEntry( ) and setEntry( ) . These methods accept a KeyStore.ProtectionParameter object, such as a password represented as a KeyStore.PasswordProtection object. Java 5.0 also defines new load( ) and store( ) methods that specify a password indirectly through a KeyStore.LoadStoreParameter . 

 public class  KeyStore  {  // Protected Constructors  protected  KeyStore  (KeyStoreSpi  keyStoreSpi  , Provider  provider  , String  type  );  // Nested Types   5.0  public abstract static class  Builder  ;  5.0  public static class  CallbackHandlerProtection  implements KeyStore.ProtectionParameter;  5.0  public interface  Entry  ;  5.0  public interface  LoadStoreParameter  ;  5.0  public static class  PasswordProtection  implements javax.security.auth.Destroyable, KeyStore.ProtectionParameter;  5.0  public static final class  PrivateKeyEntry  implements KeyStore.Entry;  5.0  public interface  ProtectionParameter  ;  5.0  public static final class  SecretKeyEntry  implements KeyStore.Entry;  5.0  public static final class  TrustedCertificateEntry  implements KeyStore.Entry;  // Public Class Methods  public static final String  getDefaultType  ( );        public static KeyStore  getInstance  (String  type  ) throws KeyStoreException;        public static KeyStore  getInstance  (String  type  , String  provider  )          throws KeyStoreException, NoSuchProviderException;  1.4  public static KeyStore  getInstance  (String  type  , Provider  provider  )          throws KeyStoreException;  // Public Instance Methods  public final java.util.Enumeration<String>  aliases  ( )          throws KeyStoreException;        public final boolean  containsAlias  (String  alias  ) throws KeyStoreException;        public final void  deleteEntry  (String  alias  ) throws KeyStoreException;  5.0  public final boolean  entryInstanceOf  (String  alias  ,          Class<? extends KeyStore.Entry>  entryClass  )          throws KeyStoreException;        public final java.security.cert.Certificate  getCertificate  (String  alias  )          throws KeyStoreException;        public final String  getCertificateAlias  (java.security.cert.Certificate  cert  )         throws KeyStoreException;        public final java.security.cert.Certificate[ ]  getCertificateChain  (String  alias  ) throws KeyStoreException;        public final java.util.Date  getCreationDate  (String  alias  )          throws KeyStoreException;  5.0  public final KeyStore.Entry  getEntry  (String  alias  , KeyStore.         ProtectionParameter  protParam  )          throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException;        public final Key  getKey  (String  alias  , char[ ]  password  )          throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException;        public final Provider  getProvider  ( );        public final String  getType  ( );        public final boolean  isCertificateEntry  (String  alias  )          throws KeyStoreException;        public final boolean  isKeyEntry  (String  alias  ) throws KeyStoreException;  5.0  public final void  load  (KeyStore.LoadStoreParameter  param  )          throws java.io.IOException, NoSuchAlgorithmException,          java.security.cert.CertificateException;        public final void  load  (java.io.InputStream  stream  , char[ ]  password  )          throws java.io.IOException, NoSuchAlgorithmException,          java.security.cert.CertificateException;        public final void  setCertificateEntry  (String  alias  , java.security.cert.         Certificate  cert  ) throws KeyStoreException;  5.0  public final void  setEntry  (String  alias  , KeyStore.Entry  entry  ,          KeyStore.ProtectionParameter  protParam  )          throws KeyStoreException;        public final void  setKeyEntry  (String  alias  , byte[ ]  key  ,          java.security.cert.Certificate[ ]  chain  )          throws KeyStoreException;        public final void  setKeyEntry  (String  alias  , Key  key  , char[ ]  password  ,          java.security.cert.Certificate[ ]  chain  )          throws KeyStoreException;        public final int  size  ( ) throws KeyStoreException;  5.0  public final void  store  (KeyStore.LoadStoreParameter  param  )          throws KeyStoreException, java.io.IOException, NoSuchAlgorithmException,          java.security.cert.CertificateException;        public final void  store  (java.io.OutputStream  stream  , char[ ]  password  )          throws KeyStoreException, java.io.IOException, NoSuchAlgorithmException,          java.security.cert.CertificateException;   }

Passed To

KeyStore.Builder.newInstance( ) , java.security.cert.PKIXBuilderParameters.PKIXBuilderParameters( ) , java.security.cert.PKIXParameters.PKIXParameters( ) , javax.net.ssl.KeyManagerFactory.init( ) , javax.net.ssl.KeyManagerFactorySpi.engineInit( ) , javax.net.ssl.TrustManagerFactory.init( ) , javax.net.ssl.TrustManagerFactorySpi.engineInit( )

Returned By

KeyStore.Builder.getKeyStore( )


Previous page
Table of content
Next page
Java In A Nutshell
Java In A Nutshell, 5th Edition
ISBN: 0596007736
EAN: 2147483647
Year: 2004
Pages: 1220
Authors: David Flanagan
BUY ON AMAZON
VBScript Programmers Reference
Adobe After Effects 7.0 Studio Techniques
C++ GUI Programming with Qt 3
An Introduction to Design Patterns in C++ with Qt 4
.NET System Management Services
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy