org.globus.gsi.stores
Class PEMKeyStore

java.lang.Object
  java.security.KeyStoreSpi
      org.globus.gsi.stores.PEMKeyStore

public class PEMKeyStore
extends java.security.KeyStoreSpi

This class provides a KeyStore implementation that supports trusted certificates stored in PEM format and proxy certificates stored in PEM format. It reads trusted certificates from multiple directories and a proxy certificate from a file.

Since:

1.0

Version:

${version}

Field Summary

static java.lang.String	CERTIFICATE_FILENAME
static java.lang.String	DEFAULT_DIRECTORY_KEY
static java.lang.String	DIRECTORY_LIST_KEY
static java.lang.String	KEY_FILENAME
static java.lang.String	PROXY_FILENAME

Constructor Summary

PEMKeyStore()

Method Summary

java.util.Enumeration<java.lang.String>	engineAliases() Get an enumertion of all of the aliases in this keystore.
boolean	engineContainsAlias(java.lang.String s) Does the specified alias exist in this keystore?
void	engineDeleteEntry(java.lang.String s) Delete a security object from this keystore.
java.security.cert.Certificate	engineGetCertificate(java.lang.String s) Get the certificate referenced by the supplied alias.
java.lang.String	engineGetCertificateAlias(java.security.cert.Certificate certificate) Get the alias associated with the supplied certificate.
java.security.cert.Certificate[]	engineGetCertificateChain(java.lang.String s) Get the certificateChain for the key referenced by the alias.
java.util.Date	engineGetCreationDate(java.lang.String s) Get the creation date for the object referenced by the alias.
java.security.Key	engineGetKey(java.lang.String s, char[] chars) Get the key referenced by the specified alias.
boolean	engineIsCertificateEntry(java.lang.String s) Does the supplied alias refer to a certificate in this keystore?
boolean	engineIsKeyEntry(java.lang.String s) Does the supplied alias refer to a key in this key store.
void	engineLoad(java.io.InputStream inputStream, char[] chars) Load the keystore from the supplied input stream.
void	engineLoad(java.security.KeyStore.LoadStoreParameter loadStoreParameter) Load the keystore based on parameters in the LoadStoreParameter.
void	engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate certificate) Add a certificate to the keystore.
void	engineSetKeyEntry(java.lang.String s, byte[] bytes, java.security.cert.Certificate[] certificates) currently unsupported.
void	engineSetKeyEntry(java.lang.String s, java.security.Key key, char[] chars, java.security.cert.Certificate[] certificates) Add a new private key to the keystore.
int	engineSize() Get the number of security objects stored in this keystore.
void	engineStore(java.io.OutputStream outputStream, char[] chars) Persist the security material in this keystore.
void	setCACertStore(ResourceSecurityWrapperStore<ResourceTrustAnchor,java.security.cert.TrustAnchor> caCertStore)
void	setProxyDelegate(ResourceSecurityWrapperStore<ResourceProxyCredential,X509Credential> proxyDelegate)

Methods inherited from class java.security.KeyStoreSpi

engineEntryInstanceOf, engineGetEntry, engineSetEntry, engineStore

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_DIRECTORY_KEY

public static final java.lang.String DEFAULT_DIRECTORY_KEY

See Also:

Constant Field Values

DIRECTORY_LIST_KEY

public static final java.lang.String DIRECTORY_LIST_KEY

See Also:

Constant Field Values

CERTIFICATE_FILENAME

public static final java.lang.String CERTIFICATE_FILENAME

See Also:

Constant Field Values

KEY_FILENAME

public static final java.lang.String KEY_FILENAME

See Also:

Constant Field Values

PROXY_FILENAME

public static final java.lang.String PROXY_FILENAME

See Also:

Constant Field Values

Constructor Detail

PEMKeyStore

public PEMKeyStore()

Method Detail

setCACertStore

public void setCACertStore(ResourceSecurityWrapperStore<ResourceTrustAnchor,java.security.cert.TrustAnchor> caCertStore)

setProxyDelegate

public void setProxyDelegate(ResourceSecurityWrapperStore<ResourceProxyCredential,X509Credential> proxyDelegate)

engineGetKey

public java.security.Key engineGetKey(java.lang.String s,
                                      char[] chars)
                               throws java.security.NoSuchAlgorithmException,
                                      java.security.UnrecoverableKeyException

Get the key referenced by the specified alias.

Specified by:

engineGetKey in class java.security.KeyStoreSpi

Parameters:

s - The key's alias.

chars - The key's password.

Returns:

The key reference by the alias or null.

Throws:

java.security.NoSuchAlgorithmException - If the key is encoded with an invalid algorithm.

java.security.UnrecoverableKeyException - If the key can not be retrieved.

engineIsKeyEntry

public boolean engineIsKeyEntry(java.lang.String s)

Does the supplied alias refer to a key in this key store.

Specified by:

engineIsKeyEntry in class java.security.KeyStoreSpi

Parameters:

s - The alias.

Returns:

True if the alias refers to a key.

engineStore

public void engineStore(java.io.OutputStream outputStream,
                        char[] chars)
                 throws java.io.IOException,
                        java.security.NoSuchAlgorithmException,
                        java.security.cert.CertificateException

Persist the security material in this keystore. If the object has a path associated with it, the object will be persisted to that path. Otherwise it will be stored in the default certificate directory. As a result, the parameters of this method are ignored.

Specified by:

engineStore in class java.security.KeyStoreSpi

Parameters:

outputStream - This parameter is ignored.

chars - This parameter is ignored.

Throws:

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.cert.CertificateException

engineGetCreationDate

public java.util.Date engineGetCreationDate(java.lang.String s)

Get the creation date for the object referenced by the alias.

Specified by:

engineGetCreationDate in class java.security.KeyStoreSpi

Parameters:

s - The alias of the security object.

Returns:

The creation date of the security object.

engineGetCertificateAlias

public java.lang.String engineGetCertificateAlias(java.security.cert.Certificate certificate)

Get the alias associated with the supplied certificate.

Specified by:

engineGetCertificateAlias in class java.security.KeyStoreSpi

Parameters:

certificate - The certificate to query

Returns:

The certificate's alias or null if the certificate is not present in this keystore.

engineGetCertificateChain

public java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String s)

Get the certificateChain for the key referenced by the alias.

Specified by:

engineGetCertificateChain in class java.security.KeyStoreSpi

Parameters:

s - The key alias.

Returns:

The key's certificate chain or a 0 length array if the key is not in the keystore.

engineGetCertificate

public java.security.cert.Certificate engineGetCertificate(java.lang.String s)

Get the certificate referenced by the supplied alias.

Specified by:

engineGetCertificate in class java.security.KeyStoreSpi

Parameters:

s - The alias.

Returns:

The Certificate or null if the alias does not exist in the keyStore.

engineLoad

public void engineLoad(java.security.KeyStore.LoadStoreParameter loadStoreParameter)
                throws java.io.IOException,
                       java.security.NoSuchAlgorithmException,
                       java.security.cert.CertificateException

Load the keystore based on parameters in the LoadStoreParameter. The parameter object must be an instance of FileBasedKeyStoreParameters.

Overrides:

engineLoad in class java.security.KeyStoreSpi

Parameters:

loadStoreParameter - The parameters to load.

Throws:

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.cert.CertificateException

engineLoad

public void engineLoad(java.io.InputStream inputStream,
                       char[] chars)
                throws java.io.IOException,
                       java.security.NoSuchAlgorithmException,
                       java.security.cert.CertificateException

Load the keystore from the supplied input stream. Unlike many other implementations of keystore (most notably the default JKS implementation), the input stream does not hold the keystore objects. Instead, it must be a properties file defining the locations of the keystore objects. The password is not used.

Specified by:

engineLoad in class java.security.KeyStoreSpi

Parameters:

inputStream - An input stream to the properties file.

chars - The password is not used.

Throws:

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.cert.CertificateException

engineDeleteEntry

public void engineDeleteEntry(java.lang.String s)
                       throws java.security.KeyStoreException

Delete a security object from this keystore.

Specified by:

engineDeleteEntry in class java.security.KeyStoreSpi

Parameters:

s - The alias of the object to delete.

Throws:

java.security.KeyStoreException

engineAliases

public java.util.Enumeration<java.lang.String> engineAliases()

Get an enumertion of all of the aliases in this keystore.

Specified by:

engineAliases in class java.security.KeyStoreSpi

Returns:

An enumeration of the aliases in this keystore.

engineSetKeyEntry

public void engineSetKeyEntry(java.lang.String s,
                              java.security.Key key,
                              char[] chars,
                              java.security.cert.Certificate[] certificates)
                       throws java.security.KeyStoreException

Add a new private key to the keystore.

Specified by:

engineSetKeyEntry in class java.security.KeyStoreSpi

Parameters:

s - The alias for the object.

key - The private key.

chars - The password.

certificates - The key's certificate chain.

Throws:

java.security.KeyStoreException

engineSetKeyEntry

public void engineSetKeyEntry(java.lang.String s,
                              byte[] bytes,
                              java.security.cert.Certificate[] certificates)
                       throws java.security.KeyStoreException

currently unsupported.

Specified by:

engineSetKeyEntry in class java.security.KeyStoreSpi

Parameters:

s - The key's alias

bytes - The encoded private key.

certificates - The key's certificate chain.

Throws:

java.security.KeyStoreException

engineContainsAlias

public boolean engineContainsAlias(java.lang.String s)

Does the specified alias exist in this keystore?

Specified by:

engineContainsAlias in class java.security.KeyStoreSpi

Parameters:

s - The alias.

Returns:

True if the alias refers to a security object in the keystore.

engineSize

public int engineSize()

Get the number of security objects stored in this keystore.

Specified by:

engineSize in class java.security.KeyStoreSpi

Returns:

The number of security objects.

engineIsCertificateEntry

public boolean engineIsCertificateEntry(java.lang.String s)

Does the supplied alias refer to a certificate in this keystore?

Specified by:

engineIsCertificateEntry in class java.security.KeyStoreSpi

Parameters:

s - The alias.

Returns:

True if this store contains a certificate with the specified alias.

engineSetCertificateEntry

public void engineSetCertificateEntry(java.lang.String alias,
                                      java.security.cert.Certificate certificate)
                               throws java.security.KeyStoreException

Add a certificate to the keystore.

Specified by:

engineSetCertificateEntry in class java.security.KeyStoreSpi

Parameters:

alias - The certificate alias.

certificate - The certificate to store.

Throws:

java.security.KeyStoreException