Package org.globus.gsi.stores

Class PEMKeyStore

  • public class PEMKeyStore
extends java.security.KeyStoreSpi
    This class provides a KeyStore implementation that supports trusted certificates stored in PEM format and proxy certificates stored in PEM format. It reads trusted certificates from multiple directories and a proxy certificate from a file.
    Since:
    1.0
    Version:
    ${version}

    • Constructor Detail

      • PEMKeyStore

        public PEMKeyStore()

    • Method Detail

      • getCertificateEntry

        private ResourceTrustAnchor getCertificateEntry​(java.lang.String alias)

      • engineGetKey

        public java.security.Key engineGetKey​(java.lang.String s,
                                      char[] chars)
                               throws java.security.NoSuchAlgorithmException,
                                      java.security.UnrecoverableKeyException
        Get the key referenced by the specified alias.
        Specified by:
        engineGetKey in class java.security.KeyStoreSpi
        Parameters:
        s - The key's alias.
        chars - The key's password.
        Returns:
        The key reference by the alias or null.
        Throws:
        java.security.NoSuchAlgorithmException - If the key is encoded with an invalid algorithm.
        java.security.UnrecoverableKeyException - If the key can not be retrieved.

      • engineIsKeyEntry

        public boolean engineIsKeyEntry​(java.lang.String s)
        Does the supplied alias refer to a key in this key store.
        Specified by:
        engineIsKeyEntry in class java.security.KeyStoreSpi
        Parameters:
        s - The alias.
        Returns:
        True if the alias refers to a key.

      • engineStore

        public void engineStore​(java.io.OutputStream outputStream,
                        char[] chars)
                 throws java.io.IOException,
                        java.security.NoSuchAlgorithmException,
                        java.security.cert.CertificateException
        Persist the security material in this keystore. If the object has a path associated with it, the object will be persisted to that path. Otherwise it will be stored in the default certificate directory. As a result, the parameters of this method are ignored.
        Specified by:
        engineStore in class java.security.KeyStoreSpi
        Parameters:
        outputStream - This parameter is ignored.
        chars - This parameter is ignored.
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.cert.CertificateException

      • engineGetCreationDate

        public java.util.Date engineGetCreationDate​(java.lang.String s)
        Get the creation date for the object referenced by the alias.
        Specified by:
        engineGetCreationDate in class java.security.KeyStoreSpi
        Parameters:
        s - The alias of the security object.
        Returns:
        The creation date of the security object.

      • engineGetCertificateAlias

        public java.lang.String engineGetCertificateAlias​(java.security.cert.Certificate certificate)
        Get the alias associated with the supplied certificate.
        Specified by:
        engineGetCertificateAlias in class java.security.KeyStoreSpi
        Parameters:
        certificate - The certificate to query
        Returns:
        The certificate's alias or null if the certificate is not present in this keystore.

      • engineGetCertificateChain

        public java.security.cert.Certificate[] engineGetCertificateChain​(java.lang.String s)
        Get the certificateChain for the key referenced by the alias.
        Specified by:
        engineGetCertificateChain in class java.security.KeyStoreSpi
        Parameters:
        s - The key alias.
        Returns:
        The key's certificate chain or a 0 length array if the key is not in the keystore.

      • engineGetCertificate

        public java.security.cert.Certificate engineGetCertificate​(java.lang.String s)
        Get the certificate referenced by the supplied alias.
        Specified by:
        engineGetCertificate in class java.security.KeyStoreSpi
        Parameters:
        s - The alias.
        Returns:
        The Certificate or null if the alias does not exist in the keyStore.

      • engineLoad

        public void engineLoad​(java.security.KeyStore.LoadStoreParameter loadStoreParameter)
                throws java.io.IOException,
                       java.security.NoSuchAlgorithmException,
                       java.security.cert.CertificateException
        Load the keystore based on parameters in the LoadStoreParameter. The parameter object must be an instance of FileBasedKeyStoreParameters.
        Overrides:
        engineLoad in class java.security.KeyStoreSpi
        Parameters:
        loadStoreParameter - The parameters to load.
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.cert.CertificateException

      • engineLoad

        public void engineLoad​(java.io.InputStream inputStream,
                       char[] chars)
                throws java.io.IOException,
                       java.security.NoSuchAlgorithmException,
                       java.security.cert.CertificateException
        Load the keystore from the supplied input stream. Unlike many other implementations of keystore (most notably the default JKS implementation), the input stream does not hold the keystore objects. Instead, it must be a properties file defining the locations of the keystore objects. The password is not used.
        Specified by:
        engineLoad in class java.security.KeyStoreSpi
        Parameters:
        inputStream - An input stream to the properties file.
        chars - The password is not used.
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.cert.CertificateException

      • initialize

        private void initialize​(java.lang.String defaultDirectoryString,
                        java.lang.String directoryListString,
                        java.lang.String proxyFilename,
                        java.lang.String certFilename,
                        java.lang.String keyFilename)
                 throws java.io.IOException,
                        java.security.cert.CertificateException
        Initialize resources from filename, proxyfile name
        Parameters:
        defaultDirectoryString - Name of the default directory name as: "file: directory name"
        directoryListString -
        proxyFilename -
        certFilename -
        keyFilename -
        Throws:
        java.io.IOException
        java.security.cert.CertificateException

      • loadDirectories

        private void loadDirectories​(java.lang.String directoryList)
                      throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • engineDeleteEntry

        public void engineDeleteEntry​(java.lang.String s)
                       throws java.security.KeyStoreException
        Delete a security object from this keystore.
        Specified by:
        engineDeleteEntry in class java.security.KeyStoreSpi
        Parameters:
        s - The alias of the object to delete.
        Throws:
        java.security.KeyStoreException

      • engineAliases

        public java.util.Enumeration<java.lang.String> engineAliases()
        Get an enumertion of all of the aliases in this keystore.
        Specified by:
        engineAliases in class java.security.KeyStoreSpi
        Returns:
        An enumeration of the aliases in this keystore.

      • engineSetKeyEntry

        public void engineSetKeyEntry​(java.lang.String s,
                              java.security.Key key,
                              char[] chars,
                              java.security.cert.Certificate[] certificates)
                       throws java.security.KeyStoreException
        Add a new private key to the keystore.
        Specified by:
        engineSetKeyEntry in class java.security.KeyStoreSpi
        Parameters:
        s - The alias for the object.
        key - The private key.
        chars - The password.
        certificates - The key's certificate chain.
        Throws:
        java.security.KeyStoreException

      • createProxyCredential

        private CredentialWrapper createProxyCredential​(java.lang.String s,
                                                X509Credential credential)
                                         throws java.security.KeyStoreException
        Throws:
        java.security.KeyStoreException

      • createCertKeyCredential

        private CredentialWrapper createCertKeyCredential​(java.lang.String s,
                                                  X509Credential credential)
                                           throws java.security.KeyStoreException
        Throws:
        java.security.KeyStoreException

      • storeWrapper

        private void storeWrapper​(CredentialWrapper wrapper)
                   throws java.security.KeyStoreException
        Throws:
        java.security.KeyStoreException

      • engineSetKeyEntry

        public void engineSetKeyEntry​(java.lang.String s,
                              byte[] bytes,
                              java.security.cert.Certificate[] certificates)
                       throws java.security.KeyStoreException
        currently unsupported.
        Specified by:
        engineSetKeyEntry in class java.security.KeyStoreSpi
        Parameters:
        s - The key's alias
        bytes - The encoded private key.
        certificates - The key's certificate chain.
        Throws:
        java.security.KeyStoreException

      • engineContainsAlias

        public boolean engineContainsAlias​(java.lang.String s)
        Does the specified alias exist in this keystore?
        Specified by:
        engineContainsAlias in class java.security.KeyStoreSpi
        Parameters:
        s - The alias.
        Returns:
        True if the alias refers to a security object in the keystore.

      • engineSize

        public int engineSize()
        Get the number of security objects stored in this keystore.
        Specified by:
        engineSize in class java.security.KeyStoreSpi
        Returns:
        The number of security objects.

      • engineIsCertificateEntry

        public boolean engineIsCertificateEntry​(java.lang.String s)
        Does the supplied alias refer to a certificate in this keystore?
        Specified by:
        engineIsCertificateEntry in class java.security.KeyStoreSpi
        Parameters:
        s - The alias.
        Returns:
        True if this store contains a certificate with the specified alias.

      • engineSetCertificateEntry

        public void engineSetCertificateEntry​(java.lang.String alias,
                                      java.security.cert.Certificate certificate)
                               throws java.security.KeyStoreException
        Add a certificate to the keystore.
        Specified by:
        engineSetCertificateEntry in class java.security.KeyStoreSpi
        Parameters:
        alias - The certificate alias.
        certificate - The certificate to store.
        Throws:
        java.security.KeyStoreException