OpenJDK 1.23 · java.security.KeyStoreSpi · APIdia, the JavaDoc alternative

Access	Constructor and Description
public	KeyStoreSpi() Constructor for subclasses to call.

Method Summary

Modifier and Type	Method and Description
public abstract Enumeration<String>	Returns: enumeration of the alias names engineAliases() Lists all the alias names of this keystore.
public abstract boolean	Returns: `true` if the alias exists, `false` otherwise engineContainsAlias(String the alias name alias) Checks if the given alias exists in this keystore.
public abstract void	engineDeleteEntry(String the alias name alias) Deletes the entry identified by the given alias from this keystore.
public boolean	Returns: `true` if the keystore `Entry` for the specified `alias` is an instance or subclass of the specified `entryClass`, false otherwise engineEntryInstanceOf(String the alias name alias, Class<? extends KeyStore.Entry> the entry class entryClass) Determines if the keystore `Entry` for the specified `alias` is an instance or subclass of the specified `entryClass`.
public Set<KeyStore.Entry.Attribute>	Returns: an unmodifiable `Set` of attributes. This set is empty if the given alias does not exist or there are no attributes associated with the alias. This set may also be empty for `PrivateKeyEntry` or `SecretKeyEntry` entries that contain protected attributes. These protected attributes should be populated into the result returned by `engineGetEntry` and can be retrieved by calling the `Entry#getAttributes` method. engineGetAttributes(String the alias name alias) Retrieves the attributes associated with the given alias.
public abstract Certificate	Returns: the certificate, or `null` if the given alias does not exist or does not contain a certificate. engineGetCertificate(String the alias name alias) Returns the certificate associated with the given alias.
public abstract String	Returns: the alias name of the first entry with matching certificate, or `null` if no such entry exists in this keystore. engineGetCertificateAlias(Certificate the certificate to match with. cert) Returns the (alias) name of the first keystore entry whose certificate matches the given certificate.
public abstract Certificate[]	Returns: the certificate chain (ordered with the user's certificate first and the root certificate authority last), or `null` if the given alias * does not exist or does not contain a certificate chain engineGetCertificateChain(String the alias name alias) Returns the certificate chain associated with the given alias.
public abstract Date	Returns: the creation date of this entry, or `null` if the given alias does not exist engineGetCreationDate(String the alias name alias) Returns the creation date of the entry identified by the given alias.
public KeyStore.Entry	Returns: the `KeyStore.Entry` for the specified alias, or `null` if there is no such entry engineGetEntry(String get the `KeyStore.Entry` for this alias alias, KeyStore.ProtectionParameter the `ProtectionParameter` used to protect the `Entry`, which may be `null` protParam) Gets a `KeyStore.Entry` for the specified alias with the specified protection parameter.
public abstract Key	Returns: the requested key, or `null` if the given alias does not exist or does not identify a key-related entry. engineGetKey(String the alias name alias, char[] the password for recovering the key password) Returns the key associated with the given alias, using the given password to recover it.
public abstract boolean	Returns: `true` if the entry identified by the given alias contains a trusted certificate, `false` otherwise. engineIsCertificateEntry(String the alias for the keystore entry to be checked alias) Returns `true` if the entry identified by the given alias was created by a call to `setCertificateEntry`, or created by a call to `setEntry` with a `TrustedCertificateEntry`.
public abstract boolean	Returns: `true` if the entry identified by the given alias is a key-related, `false` otherwise. engineIsKeyEntry(String the alias for the keystore entry to be checked alias) Returns `true` if the entry identified by the given alias was created by a call to `setKeyEntry`, or created by a call to `setEntry` with a `PrivateKeyEntry` or a `SecretKeyEntry`.
public abstract void	engineLoad(InputStream the input stream from which the keystore is loaded, or `null` stream, char[] the password used to check the integrity of the keystore, the password used to unlock the keystore, or `null` password) Loads the keystore from the given input stream.
public void	engineLoad(KeyStore.LoadStoreParameter the `KeyStore.LoadStoreParameter` that specifies how to load the keystore, which may be `null` param) Loads the keystore using the given `KeyStore.LoadStoreParameter`.
pack-priv void	engineLoad(InputStream stream, KeyStore.LoadStoreParameter param)
public boolean	Returns: `true` if the keystore data is supported, otherwise `false` engineProbe(InputStream the keystore data to be probed stream) Probes the specified input stream to determine whether it contains a keystore that is supported by this implementation, or not.
public abstract void	engineSetCertificateEntry(String the alias name alias, Certificate the certificate cert) Assigns the given certificate to the given alias.
public void	engineSetEntry(String save the `KeyStore.Entry` under this alias alias, KeyStore.Entry the `Entry` to save entry, KeyStore.ProtectionParameter the `ProtectionParameter` used to protect the `Entry`, which may be `null` protParam) Saves a `KeyStore.Entry` under the specified alias.
public abstract void	engineSetKeyEntry(String the alias name alias, Key the key to be associated with the alias key, char[] the password to protect the key password, Certificate[] the certificate chain for the corresponding public key (only required if the given key is of type `java.security.PrivateKey`). chain) Assigns the given key to the given alias, protecting it with the given password.
public abstract void	engineSetKeyEntry(String the alias name alias, byte[] the key (in protected format) to be associated with the alias key, Certificate[] the certificate chain for the corresponding public key (only useful if the protected key is of type `java.security.PrivateKey`). chain) Assigns the given key (that has already been protected) to the given alias.
public abstract int	Returns: the number of entries in this keystore engineSize() Retrieves the number of entries in this keystore.
public abstract void	engineStore(OutputStream the output stream to which this keystore is written. stream, char[] the password to generate the keystore integrity check. May be `null` if the keystore does not support or require an integrity check. password) Stores this keystore to the given output stream, and protects its integrity with the given password.
public void	engineStore(KeyStore.LoadStoreParameter the `KeyStore.LoadStoreParameter` that specifies how to store the keystore, which may be `null` param) Stores this keystore using the given `KeyStore.LoadStoreParameter`.

Inherited from java.lang.Object:: clone equals finalize getClass hashCode notify notifyAll toString wait wait wait

KeyStoreSpi	back to summary
public KeyStoreSpi() Constructor for subclasses to call.

Method Detail

engineAliases	back to summary
public abstract Enumeration<String> engineAliases() Lists all the alias names of this keystore. Returns:Enumeration<String> enumeration of the alias names

engineAliases

back to summary

public abstract Enumeration<String> engineAliases()

Lists all the alias names of this keystore.

Returns:Enumeration<String>: enumeration of the alias names

engineContainsAlias back to summary

engineContainsAlias	back to summary
public abstract boolean engineContainsAlias(String alias) Checks if the given alias exists in this keystore. Parameters alias:String the alias name Returns:boolean `true` if the alias exists, `false` otherwise

public abstract boolean engineContainsAlias(String alias)

Checks if the given alias exists in this keystore.

Parameters

alias:String: the alias name

Returns:boolean

true if the alias exists, false otherwise

engineDeleteEntry	back to summary
public abstract void engineDeleteEntry(String alias) throws KeyStoreException Deletes the entry identified by the given alias from this keystore. Parameters alias:String the alias name Exceptions KeyStoreException: if the entry cannot be removed.

engineDeleteEntry

back to summary

public abstract void engineDeleteEntry(String alias) throws KeyStoreException

Deletes the entry identified by the given alias from this keystore.

Parameters

alias:String: the alias name

Exceptions

KeyStoreException:: if the entry cannot be removed.

engineEntryInstanceOf back to summary

engineEntryInstanceOf	back to summary
public boolean engineEntryInstanceOf(String alias, Class<? extends KeyStore.Entry> entryClass) Determines if the keystore `Entry` for the specified `alias` is an instance or subclass of the specified `entryClass`. Parameters alias:String the alias name entryClass:Class<? extends KeyStore.Entry> the entry class Returns:boolean `true` if the keystore `Entry` for the specified `alias` is an instance or subclass of the specified `entryClass`, false otherwise Since 1.5

public boolean engineEntryInstanceOf(String alias, Class<? extends KeyStore.Entry> entryClass)

Determines if the keystore Entry for the specified alias is an instance or subclass of the specified entryClass.

Parameters

alias:String: the alias name
entryClass:Class<? extends KeyStore.Entry>: the entry class

Returns:boolean

true if the keystore Entry for the specified alias is an instance or subclass of the specified entryClass, false otherwise

Since

1.5

engineGetAttributes back to summary

engineGetAttributes	back to summary
public Set<KeyStore.Entry.Attribute> engineGetAttributes(String alias) Retrieves the attributes associated with the given alias. Implementation Specification The default implementation returns an empty `Set`. `KeyStoreSpi` implementations that support attributes should override this method. Parameters alias:String the alias name Returns:Set<KeyStore.Entry.Attribute> an unmodifiable `Set` of attributes. This set is empty if the given alias does not exist or there are no attributes associated with the alias. This set may also be empty for `PrivateKeyEntry` or `SecretKeyEntry` entries that contain protected attributes. These protected attributes should be populated into the result returned by `engineGetEntry` and can be retrieved by calling the `Entry#getAttributes` method. Since 18

public Set<KeyStore.Entry.Attribute> engineGetAttributes(String alias)

Retrieves the attributes associated with the given alias.

Implementation Specification

The default implementation returns an empty Set. KeyStoreSpi implementations that support attributes should override this method.

Parameters

alias:String: the alias name

Returns:Set<KeyStore.Entry.Attribute>

an unmodifiable Set of attributes. This set is empty if the given alias does not exist or there are no attributes associated with the alias. This set may also be empty for PrivateKeyEntry or SecretKeyEntry entries that contain protected attributes. These protected attributes should be populated into the result returned by engineGetEntry and can be retrieved by calling the Entry#getAttributes method.

Since

engineGetCertificate back to summary

engineGetCertificate	back to summary
public abstract Certificate engineGetCertificate(String alias) Returns the certificate associated with the given alias. If the given alias name identifies an entry created by a call to `setCertificateEntry`, or created by a call to `setEntry` with a `TrustedCertificateEntry`, then the trusted certificate contained in that entry is returned. If the given alias name identifies an entry created by a call to `setKeyEntry`, or created by a call to `setEntry` with a `PrivateKeyEntry`, then the first element of the certificate chain in that entry (if a chain exists) is returned. Parameters alias:String the alias name Returns:Certificate the certificate, or `null` if the given alias does not exist or does not contain a certificate.

public abstract Certificate engineGetCertificate(String alias)

Returns the certificate associated with the given alias.

If the given alias name identifies an entry created by a call to setCertificateEntry, or created by a call to setEntry with a TrustedCertificateEntry, then the trusted certificate contained in that entry is returned.

If the given alias name identifies an entry created by a call to setKeyEntry, or created by a call to setEntry with a PrivateKeyEntry, then the first element of the certificate chain in that entry (if a chain exists) is returned.

Parameters

alias:String: the alias name

Returns:Certificate

the certificate, or null if the given alias does not exist or does not contain a certificate.

engineGetCertificateAlias back to summary

engineGetCertificateAlias	back to summary
public abstract String engineGetCertificateAlias(Certificate cert) Returns the (alias) name of the first keystore entry whose certificate matches the given certificate. This method attempts to match the given certificate with each keystore entry. If the entry being considered was created by a call to `setCertificateEntry`, or created by a call to `setEntry` with a `TrustedCertificateEntry`, then the given certificate is compared to that entry's certificate. If the entry being considered was created by a call to `setKeyEntry`, or created by a call to `setEntry` with a `PrivateKeyEntry`, then the given certificate is compared to the first element of that entry's certificate chain. Parameters cert:Certificate the certificate to match with. Returns:String the alias name of the first entry with matching certificate, or `null` if no such entry exists in this keystore.

public abstract String engineGetCertificateAlias(Certificate cert)

Returns the (alias) name of the first keystore entry whose certificate matches the given certificate.

This method attempts to match the given certificate with each keystore entry. If the entry being considered was created by a call to setCertificateEntry, or created by a call to setEntry with a TrustedCertificateEntry, then the given certificate is compared to that entry's certificate.

If the entry being considered was created by a call to setKeyEntry, or created by a call to setEntry with a PrivateKeyEntry, then the given certificate is compared to the first element of that entry's certificate chain.

Parameters

cert:Certificate: the certificate to match with.

Returns:String

the alias name of the first entry with matching certificate, or null if no such entry exists in this keystore.

engineGetCertificateChain back to summary

engineGetCertificateChain	back to summary
public abstract Certificate[] engineGetCertificateChain(String alias) Returns the certificate chain associated with the given alias. The certificate chain must have been associated with the alias by a call to `setKeyEntry`, or by a call to `setEntry` with a `PrivateKeyEntry`. Parameters alias:String the alias name Returns:Certificate[] the certificate chain (ordered with the user's certificate first and the root certificate authority last), or `null` if the given alias * does not exist or does not contain a certificate chain

public abstract Certificate[] engineGetCertificateChain(String alias)

Returns the certificate chain associated with the given alias. The certificate chain must have been associated with the alias by a call to setKeyEntry, or by a call to setEntry with a PrivateKeyEntry.

Parameters

alias:String: the alias name

Returns:Certificate[]

the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the given alias * does not exist or does not contain a certificate chain

engineGetCreationDate back to summary

engineGetCreationDate	back to summary
public abstract Date engineGetCreationDate(String alias) Returns the creation date of the entry identified by the given alias. Parameters alias:String the alias name Returns:Date the creation date of this entry, or `null` if the given alias does not exist

public abstract Date engineGetCreationDate(String alias)

Returns the creation date of the entry identified by the given alias.

Parameters

alias:String: the alias name

Returns:Date

the creation date of this entry, or null if the given alias does not exist

engineGetEntry back to summary

engineGetEntry	back to summary
public KeyStore.Entry engineGetEntry(String alias, KeyStore.ProtectionParameter protParam) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException Gets a `KeyStore.Entry` for the specified alias with the specified protection parameter. Parameters alias:String get the `KeyStore.Entry` for this alias protParam:KeyStore.ProtectionParameter the `ProtectionParameter` used to protect the `Entry`, which may be `null` Returns:KeyStore.Entry the `KeyStore.Entry` for the specified alias, or `null` if there is no such entry Exceptions KeyStoreException: if the operation failed NoSuchAlgorithmException: if the algorithm for recovering the entry cannot be found UnrecoverableEntryException: if the specified `protParam` were insufficient or invalid UnrecoverableKeyException: if the entry is a `PrivateKeyEntry` or `SecretKeyEntry` and the specified `protParam` does not contain the information needed to recover the key (e.g. wrong password) Since 1.5

public KeyStore.Entry engineGetEntry(String alias, KeyStore.ProtectionParameter protParam) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException

Gets a KeyStore.Entry for the specified alias with the specified protection parameter.

Parameters

alias:String: get the KeyStore.Entry for this alias
protParam:KeyStore.ProtectionParameter: the ProtectionParameter used to protect the Entry, which may be null

Returns:KeyStore.Entry

the KeyStore.Entry for the specified alias, or null if there is no such entry

Exceptions

KeyStoreException:: if the operation failed
NoSuchAlgorithmException:: if the algorithm for recovering the entry cannot be found
UnrecoverableEntryException:: if the specified protParam were insufficient or invalid
UnrecoverableKeyException:: if the entry is a PrivateKeyEntry or SecretKeyEntry and the specified protParam does not contain the information needed to recover the key (e.g. wrong password)

Since

1.5

engineGetKey back to summary

engineGetKey	back to summary
public abstract Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException Returns the key associated with the given alias, using the given password to recover it. The key must have been associated with the alias by a call to `setKeyEntry`, or by a call to `setEntry` with a `PrivateKeyEntry` or `SecretKeyEntry`. Parameters alias:String the alias name password:char[] the password for recovering the key Returns:Key the requested key, or `null` if the given alias does not exist or does not identify a key-related entry. Exceptions NoSuchAlgorithmException: if the algorithm for recovering the key cannot be found UnrecoverableKeyException: if the key cannot be recovered (e.g., the given password is wrong).

public abstract Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException

Returns the key associated with the given alias, using the given password to recover it. The key must have been associated with the alias by a call to setKeyEntry, or by a call to setEntry with a PrivateKeyEntry or SecretKeyEntry.

Parameters

alias:String: the alias name
password:char[]: the password for recovering the key

Returns:Key

the requested key, or null if the given alias does not exist or does not identify a key-related entry.

Exceptions

NoSuchAlgorithmException:: if the algorithm for recovering the key cannot be found
UnrecoverableKeyException:: if the key cannot be recovered (e.g., the given password is wrong).

engineIsCertificateEntry back to summary

engineIsCertificateEntry	back to summary
public abstract boolean engineIsCertificateEntry(String alias) Returns `true` if the entry identified by the given alias was created by a call to `setCertificateEntry`, or created by a call to `setEntry` with a `TrustedCertificateEntry`. Parameters alias:String the alias for the keystore entry to be checked Returns:boolean `true` if the entry identified by the given alias contains a trusted certificate, `false` otherwise.

public abstract boolean engineIsCertificateEntry(String alias)

Returns true if the entry identified by the given alias was created by a call to setCertificateEntry, or created by a call to setEntry with a TrustedCertificateEntry.

Parameters

alias:String: the alias for the keystore entry to be checked

Returns:boolean

true if the entry identified by the given alias contains a trusted certificate, false otherwise.

engineIsKeyEntry back to summary

engineIsKeyEntry	back to summary
public abstract boolean engineIsKeyEntry(String alias) Returns `true` if the entry identified by the given alias was created by a call to `setKeyEntry`, or created by a call to `setEntry` with a `PrivateKeyEntry` or a `SecretKeyEntry`. Parameters alias:String the alias for the keystore entry to be checked Returns:boolean `true` if the entry identified by the given alias is a key-related, `false` otherwise.

public abstract boolean engineIsKeyEntry(String alias)

Returns true if the entry identified by the given alias was created by a call to setKeyEntry, or created by a call to setEntry with a PrivateKeyEntry or a SecretKeyEntry.

Parameters

alias:String: the alias for the keystore entry to be checked

Returns:boolean

true if the entry identified by the given alias is a key-related, false otherwise.

engineLoad back to summary

engineLoad	back to summary
public abstract void engineLoad(InputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException Loads the keystore from the given input stream. A password may be given to unlock the keystore (e.g. the keystore resides on a hardware token device), or to check the integrity of the keystore data. If a password is not given for integrity checking, then integrity checking is not performed. Parameters stream:InputStream the input stream from which the keystore is loaded, or `null` password:char[] the password used to check the integrity of the keystore, the password used to unlock the keystore, or `null` Exceptions IOException: if there is an I/O or format problem with the keystore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the `cause` of the `IOException` should be an `UnrecoverableKeyException` NoSuchAlgorithmException: if the algorithm used to check the integrity of the keystore cannot be found CertificateException: if any of the certificates in the keystore could not be loaded

public abstract void engineLoad(InputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException

Loads the keystore from the given input stream.

A password may be given to unlock the keystore (e.g. the keystore resides on a hardware token device), or to check the integrity of the keystore data. If a password is not given for integrity checking, then integrity checking is not performed.

Parameters

stream:InputStream: the input stream from which the keystore is loaded, or null
password:char[]: the password used to check the integrity of the keystore, the password used to unlock the keystore, or null

Exceptions

IOException:: if there is an I/O or format problem with the keystore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException
NoSuchAlgorithmException:: if the algorithm used to check the integrity of the keystore cannot be found
CertificateException:: if any of the certificates in the keystore could not be loaded

engineLoad back to summary

engineLoad	back to summary
public void engineLoad(KeyStore.LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException Loads the keystore using the given `KeyStore.LoadStoreParameter`. Note that if this KeyStore has already been loaded, it is reinitialized and loaded again from the given parameter. Implementation Specification The default implementation examines `KeyStore.LoadStoreParameter` to extract its password and pass it to `KeyStoreSpi#engineLoad(InputStream, char[])` along with a `null` `InputStream`. If `KeyStore.LoadStoreParameter` is `null` then the password parameter will also be `null`. Otherwise, the `KeyStore.ProtectionParameter` of `KeyStore.LoadStoreParameter` must be either a `KeyStore.PasswordProtection` or a `KeyStore.CallbackHandlerProtection` that supports `PasswordCallback` so that the password parameter can be extracted. If the `KeyStore.ProtectionParameter` is neither of those classes then a `NoSuchAlgorithmException` is thrown. Parameters param:KeyStore.LoadStoreParameter the `KeyStore.LoadStoreParameter` that specifies how to load the keystore, which may be `null` Exceptions IOException: if there is an I/O or format problem with the keystore data. If the error is due to an incorrect `ProtectionParameter` (e.g. wrong password) the `cause` of the `IOException` should be an `UnrecoverableKeyException` NoSuchAlgorithmException: if the algorithm used to check the integrity of the keystore cannot be found CertificateException: if any of the certificates in the keystore could not be loaded IllegalArgumentException: if the given `KeyStore.LoadStoreParameter` input is not recognized Since 1.5

public void engineLoad(KeyStore.LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException

Loads the keystore using the given KeyStore.LoadStoreParameter.

Note that if this KeyStore has already been loaded, it is reinitialized and loaded again from the given parameter.

Implementation Specification

The default implementation examines KeyStore.LoadStoreParameter to extract its password and pass it to KeyStoreSpi#engineLoad(InputStream, char[]) along with a null InputStream.

If KeyStore.LoadStoreParameter is null then the password parameter will also be null. Otherwise, the KeyStore.ProtectionParameter of KeyStore.LoadStoreParameter must be either a KeyStore.PasswordProtection or a KeyStore.CallbackHandlerProtection that supports PasswordCallback so that the password parameter can be extracted. If the KeyStore.ProtectionParameter is neither of those classes then a NoSuchAlgorithmException is thrown.

Parameters

param:KeyStore.LoadStoreParameter: the KeyStore.LoadStoreParameter that specifies how to load the keystore, which may be null

Exceptions

IOException:: if there is an I/O or format problem with the keystore data. If the error is due to an incorrect ProtectionParameter (e.g. wrong password) the cause of the IOException should be an UnrecoverableKeyException
NoSuchAlgorithmException:: if the algorithm used to check the integrity of the keystore cannot be found
CertificateException:: if any of the certificates in the keystore could not be loaded
IllegalArgumentException:: if the given KeyStore.LoadStoreParameter input is not recognized

Since

1.5

engineLoad	back to summary
pack-priv void engineLoad(InputStream stream, KeyStore.LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException

engineProbe back to summary

engineProbe	back to summary
public boolean engineProbe(InputStream stream) throws IOException Probes the specified input stream to determine whether it contains a keystore that is supported by this implementation, or not. Implementation Specification This method returns `false` by default. Keystore implementations should override this method to peek at the data stream directly or to use other content detection mechanisms. Parameters stream:InputStream the keystore data to be probed Returns:boolean `true` if the keystore data is supported, otherwise `false` Exceptions IOException: if there is an I/O problem with the keystore data. NullPointerException: if stream is `null`. Since 9

public boolean engineProbe(InputStream stream) throws IOException

Probes the specified input stream to determine whether it contains a keystore that is supported by this implementation, or not.

Implementation Specification

This method returns false by default. Keystore implementations should override this method to peek at the data stream directly or to use other content detection mechanisms.

Parameters

stream:InputStream: the keystore data to be probed

Returns:boolean

true if the keystore data is supported, otherwise false

Exceptions

IOException:: if there is an I/O problem with the keystore data.
NullPointerException:: if stream is null.

Since

engineSetCertificateEntry back to summary

engineSetCertificateEntry	back to summary
public abstract void engineSetCertificateEntry(String alias, Certificate cert) throws KeyStoreException Assigns the given certificate to the given alias. If the given alias identifies an existing entry created by a call to `setCertificateEntry`, or created by a call to `setEntry` with a `TrustedCertificateEntry`, the trusted certificate in the existing entry is overridden by the given certificate. Parameters alias:String the alias name cert:Certificate the certificate Exceptions KeyStoreException: if the given alias already exists and does not identify an entry containing a trusted certificate, or this operation fails for some other reason.

public abstract void engineSetCertificateEntry(String alias, Certificate cert) throws KeyStoreException

Assigns the given certificate to the given alias.

If the given alias identifies an existing entry created by a call to setCertificateEntry, or created by a call to setEntry with a TrustedCertificateEntry, the trusted certificate in the existing entry is overridden by the given certificate.

Parameters

alias:String: the alias name
cert:Certificate: the certificate

Exceptions

KeyStoreException:: if the given alias already exists and does not identify an entry containing a trusted certificate, or this operation fails for some other reason.

engineSetEntry back to summary

engineSetEntry	back to summary
public void engineSetEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter protParam) throws KeyStoreException Saves a `KeyStore.Entry` under the specified alias. The specified protection parameter is used to protect the `Entry`. If an entry already exists for the specified alias, it is overridden. Parameters alias:String save the `KeyStore.Entry` under this alias entry:KeyStore.Entry the `Entry` to save protParam:KeyStore.ProtectionParameter the `ProtectionParameter` used to protect the `Entry`, which may be `null` Exceptions KeyStoreException: if this operation fails Since 1.5

public void engineSetEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter protParam) throws KeyStoreException

Saves a KeyStore.Entry under the specified alias. The specified protection parameter is used to protect the Entry.

If an entry already exists for the specified alias, it is overridden.

Parameters

alias:String: save the KeyStore.Entry under this alias
entry:KeyStore.Entry: the Entry to save
protParam:KeyStore.ProtectionParameter: the ProtectionParameter used to protect the Entry, which may be null

Exceptions

KeyStoreException:: if this operation fails

Since

1.5

engineSetKeyEntry back to summary

engineSetKeyEntry	back to summary
public abstract void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) throws KeyStoreException Assigns the given key to the given alias, protecting it with the given password. If the given key is of type `java.security.PrivateKey`, it must be accompanied by a certificate chain certifying the corresponding public key. If the given alias already exists, the keystore information associated with it is overridden by the given key (and possibly certificate chain). Parameters alias:String the alias name key:Key the key to be associated with the alias password:char[] the password to protect the key chain:Certificate[] the certificate chain for the corresponding public key (only required if the given key is of type `java.security.PrivateKey`). Exceptions KeyStoreException: if the given key cannot be protected, or this operation fails for some other reason

public abstract void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) throws KeyStoreException

Assigns the given key to the given alias, protecting it with the given password.

If the given key is of type java.security.PrivateKey, it must be accompanied by a certificate chain certifying the corresponding public key.

If the given alias already exists, the keystore information associated with it is overridden by the given key (and possibly certificate chain).

Parameters

alias:String: the alias name
key:Key: the key to be associated with the alias
password:char[]: the password to protect the key
chain:Certificate[]: the certificate chain for the corresponding public key (only required if the given key is of type java.security.PrivateKey).

Exceptions

KeyStoreException:: if the given key cannot be protected, or this operation fails for some other reason

engineSetKeyEntry back to summary

engineSetKeyEntry	back to summary
public abstract void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) throws KeyStoreException Assigns the given key (that has already been protected) to the given alias. If the protected key is of type `java.security.PrivateKey`, it must be accompanied by a certificate chain certifying the corresponding public key. If the given alias already exists, the keystore information associated with it is overridden by the given key (and possibly certificate chain). Parameters alias:String the alias name key:byte[] the key (in protected format) to be associated with the alias chain:Certificate[] the certificate chain for the corresponding public key (only useful if the protected key is of type `java.security.PrivateKey`). Exceptions KeyStoreException: if this operation fails.

public abstract void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) throws KeyStoreException

Assigns the given key (that has already been protected) to the given alias.

If the protected key is of type java.security.PrivateKey, it must be accompanied by a certificate chain certifying the corresponding public key.

If the given alias already exists, the keystore information associated with it is overridden by the given key (and possibly certificate chain).

Parameters

alias:String: the alias name
key:byte[]: the key (in protected format) to be associated with the alias
chain:Certificate[]: the certificate chain for the corresponding public key (only useful if the protected key is of type java.security.PrivateKey).

Exceptions

KeyStoreException:: if this operation fails.

engineSize	back to summary
public abstract int engineSize() Retrieves the number of entries in this keystore. Returns:int the number of entries in this keystore

engineSize

back to summary

public abstract int engineSize()

Retrieves the number of entries in this keystore.

Returns:int: the number of entries in this keystore

engineStore back to summary

engineStore	back to summary
public abstract void engineStore(OutputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException Stores this keystore to the given output stream, and protects its integrity with the given password. Parameters stream:OutputStream the output stream to which this keystore is written. password:char[] the password to generate the keystore integrity check. May be `null` if the keystore does not support or require an integrity check. Exceptions IOException: if there was an I/O problem with data NoSuchAlgorithmException: if the appropriate data integrity algorithm could not be found CertificateException: if any of the certificates included in the keystore data could not be stored

public abstract void engineStore(OutputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException

Stores this keystore to the given output stream, and protects its integrity with the given password.

Parameters

stream:OutputStream: the output stream to which this keystore is written.
password:char[]: the password to generate the keystore integrity check. May be null if the keystore does not support or require an integrity check.

Exceptions

IOException:: if there was an I/O problem with data
NoSuchAlgorithmException:: if the appropriate data integrity algorithm could not be found
CertificateException:: if any of the certificates included in the keystore data could not be stored

engineStore back to summary

engineStore	back to summary
public void engineStore(KeyStore.LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException Stores this keystore using the given `KeyStore.LoadStoreParameter`. Implementation Specification The default implementation throws an `UnsupportedOperationException`. Parameters param:KeyStore.LoadStoreParameter the `KeyStore.LoadStoreParameter` that specifies how to store the keystore, which may be `null` Exceptions IOException: if there was an I/O problem with data NoSuchAlgorithmException: if the appropriate data integrity algorithm could not be found CertificateException: if any of the certificates included in the keystore data could not be stored IllegalArgumentException: if the given `KeyStore.LoadStoreParameter` input is not recognized UnsupportedOperationException: if the implementation does not support this operation Since 1.5

public void engineStore(KeyStore.LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException

Stores this keystore using the given KeyStore.LoadStoreParameter.

Implementation Specification

The default implementation throws an UnsupportedOperationException.

Parameters

param:KeyStore.LoadStoreParameter: the KeyStore.LoadStoreParameter that specifies how to store the keystore, which may be null

Exceptions

IOException:: if there was an I/O problem with data
NoSuchAlgorithmException:: if the appropriate data integrity algorithm could not be found
CertificateException:: if any of the certificates included in the keystore data could not be stored
IllegalArgumentException:: if the given KeyStore.LoadStoreParameter input is not recognized
UnsupportedOperationException:: if the implementation does not support this operation

Since

1.5

public abstract Class KeyStoreSpi

Constructor Summary

Method Summary

Constructor Detail

Method Detail