org.globus.gsi.stores
Class PEMKeyStore

java.lang.Object
  extended by java.security.KeyStoreSpi
      extended by org.globus.gsi.stores.PEMKeyStore

public class PEMKeyStore
extends java.security.KeyStoreSpi

This class provides a KeyStore implementation that supports trusted certificates stored in PEM format and proxy certificates stored in PEM format. It reads trusted certificates from multiple directories and a proxy certificate from a file.

Since:
1.0
Version:
${version}

Field Summary
static java.lang.String CERTIFICATE_FILENAME
           
static java.lang.String DEFAULT_DIRECTORY_KEY
           
static java.lang.String DIRECTORY_LIST_KEY
           
static java.lang.String KEY_FILENAME
           
static java.lang.String PROXY_FILENAME
           
 
Constructor Summary
PEMKeyStore()
           
 
Method Summary
 java.util.Enumeration<java.lang.String> engineAliases()
          Get an enumertion of all of the aliases in this keystore.
 boolean engineContainsAlias(java.lang.String s)
          Does the specified alias exist in this keystore?
 void engineDeleteEntry(java.lang.String s)
          Delete a security object from this keystore.
 java.security.cert.Certificate engineGetCertificate(java.lang.String s)
          Get the certificate referenced by the supplied alias.
 java.lang.String engineGetCertificateAlias(java.security.cert.Certificate certificate)
          Get the alias associated with the supplied certificate.
 java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String s)
          Get the certificateChain for the key referenced by the alias.
 java.util.Date engineGetCreationDate(java.lang.String s)
          Get the creation date for the object referenced by the alias.
 java.security.Key engineGetKey(java.lang.String s, char[] chars)
          Get the key referenced by the specified alias.
 boolean engineIsCertificateEntry(java.lang.String s)
          Does the supplied alias refer to a certificate in this keystore?
 boolean engineIsKeyEntry(java.lang.String s)
          Does the supplied alias refer to a key in this key store.
 void engineLoad(java.io.InputStream inputStream, char[] chars)
          Load the keystore from the supplied input stream.
 void engineLoad(java.security.KeyStore.LoadStoreParameter loadStoreParameter)
          Load the keystore based on parameters in the LoadStoreParameter.
 void engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate certificate)
          Add a certificate to the keystore.
 void engineSetKeyEntry(java.lang.String s, byte[] bytes, java.security.cert.Certificate[] certificates)
          currently unsupported.
 void engineSetKeyEntry(java.lang.String s, java.security.Key key, char[] chars, java.security.cert.Certificate[] certificates)
          Add a new private key to the keystore.
 int engineSize()
          Get the number of security objects stored in this keystore.
 void engineStore(java.io.OutputStream outputStream, char[] chars)
          Persist the security material in this keystore.
 void setCACertStore(ResourceSecurityWrapperStore<ResourceTrustAnchor,java.security.cert.TrustAnchor> caCertStore)
           
 void setProxyDelegate(ResourceSecurityWrapperStore<ResourceProxyCredential,X509Credential> proxyDelegate)
           
 
Methods inherited from class java.security.KeyStoreSpi
engineEntryInstanceOf, engineGetEntry, engineSetEntry, engineStore
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_DIRECTORY_KEY

public static final java.lang.String DEFAULT_DIRECTORY_KEY
See Also:
Constant Field Values

DIRECTORY_LIST_KEY

public static final java.lang.String DIRECTORY_LIST_KEY
See Also:
Constant Field Values

CERTIFICATE_FILENAME

public static final java.lang.String CERTIFICATE_FILENAME
See Also:
Constant Field Values

KEY_FILENAME

public static final java.lang.String KEY_FILENAME
See Also:
Constant Field Values

PROXY_FILENAME

public static final java.lang.String PROXY_FILENAME
See Also:
Constant Field Values
Constructor Detail

PEMKeyStore

public PEMKeyStore()
Method Detail

setCACertStore

public void setCACertStore(ResourceSecurityWrapperStore<ResourceTrustAnchor,java.security.cert.TrustAnchor> caCertStore)

setProxyDelegate

public void setProxyDelegate(ResourceSecurityWrapperStore<ResourceProxyCredential,X509Credential> proxyDelegate)

engineGetKey

public java.security.Key engineGetKey(java.lang.String s,
                                      char[] chars)
                               throws java.security.NoSuchAlgorithmException,
                                      java.security.UnrecoverableKeyException
Get the key referenced by the specified alias.

Specified by:
engineGetKey in class java.security.KeyStoreSpi
Parameters:
s - The key's alias.
chars - The key's password.
Returns:
The key reference by the alias or null.
Throws:
java.security.NoSuchAlgorithmException - If the key is encoded with an invalid algorithm.
java.security.UnrecoverableKeyException - If the key can not be retrieved.

engineIsKeyEntry

public boolean engineIsKeyEntry(java.lang.String s)
Does the supplied alias refer to a key in this key store.

Specified by:
engineIsKeyEntry in class java.security.KeyStoreSpi
Parameters:
s - The alias.
Returns:
True if the alias refers to a key.

engineStore

public void engineStore(java.io.OutputStream outputStream,
                        char[] chars)
                 throws java.io.IOException,
                        java.security.NoSuchAlgorithmException,
                        java.security.cert.CertificateException
Persist the security material in this keystore. If the object has a path associated with it, the object will be persisted to that path. Otherwise it will be stored in the default certificate directory. As a result, the parameters of this method are ignored.

Specified by:
engineStore in class java.security.KeyStoreSpi
Parameters:
outputStream - This parameter is ignored.
chars - This parameter is ignored.
Throws:
java.io.IOException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException

engineGetCreationDate

public java.util.Date engineGetCreationDate(java.lang.String s)
Get the creation date for the object referenced by the alias.

Specified by:
engineGetCreationDate in class java.security.KeyStoreSpi
Parameters:
s - The alias of the security object.
Returns:
The creation date of the security object.

engineGetCertificateAlias

public java.lang.String engineGetCertificateAlias(java.security.cert.Certificate certificate)
Get the alias associated with the supplied certificate.

Specified by:
engineGetCertificateAlias in class java.security.KeyStoreSpi
Parameters:
certificate - The certificate to query
Returns:
The certificate's alias or null if the certificate is not present in this keystore.

engineGetCertificateChain

public java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String s)
Get the certificateChain for the key referenced by the alias.

Specified by:
engineGetCertificateChain in class java.security.KeyStoreSpi
Parameters:
s - The key alias.
Returns:
The key's certificate chain or a 0 length array if the key is not in the keystore.

engineGetCertificate

public java.security.cert.Certificate engineGetCertificate(java.lang.String s)
Get the certificate referenced by the supplied alias.

Specified by:
engineGetCertificate in class java.security.KeyStoreSpi
Parameters:
s - The alias.
Returns:
The Certificate or null if the alias does not exist in the keyStore.

engineLoad

public void engineLoad(java.security.KeyStore.LoadStoreParameter loadStoreParameter)
                throws java.io.IOException,
                       java.security.NoSuchAlgorithmException,
                       java.security.cert.CertificateException
Load the keystore based on parameters in the LoadStoreParameter. The parameter object must be an instance of FileBasedKeyStoreParameters.

Overrides:
engineLoad in class java.security.KeyStoreSpi
Parameters:
loadStoreParameter - The parameters to load.
Throws:
java.io.IOException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException

engineLoad

public void engineLoad(java.io.InputStream inputStream,
                       char[] chars)
                throws java.io.IOException,
                       java.security.NoSuchAlgorithmException,
                       java.security.cert.CertificateException
Load the keystore from the supplied input stream. Unlike many other implementations of keystore (most notably the default JKS implementation), the input stream does not hold the keystore objects. Instead, it must be a properties file defining the locations of the keystore objects. The password is not used.

Specified by:
engineLoad in class java.security.KeyStoreSpi
Parameters:
inputStream - An input stream to the properties file.
chars - The password is not used.
Throws:
java.io.IOException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException

engineDeleteEntry

public void engineDeleteEntry(java.lang.String s)
                       throws java.security.KeyStoreException
Delete a security object from this keystore.

Specified by:
engineDeleteEntry in class java.security.KeyStoreSpi
Parameters:
s - The alias of the object to delete.
Throws:
java.security.KeyStoreException

engineAliases

public java.util.Enumeration<java.lang.String> engineAliases()
Get an enumertion of all of the aliases in this keystore.

Specified by:
engineAliases in class java.security.KeyStoreSpi
Returns:
An enumeration of the aliases in this keystore.

engineSetKeyEntry

public void engineSetKeyEntry(java.lang.String s,
                              java.security.Key key,
                              char[] chars,
                              java.security.cert.Certificate[] certificates)
                       throws java.security.KeyStoreException
Add a new private key to the keystore.

Specified by:
engineSetKeyEntry in class java.security.KeyStoreSpi
Parameters:
s - The alias for the object.
key - The private key.
chars - The password.
certificates - The key's certificate chain.
Throws:
java.security.KeyStoreException

engineSetKeyEntry

public void engineSetKeyEntry(java.lang.String s,
                              byte[] bytes,
                              java.security.cert.Certificate[] certificates)
                       throws java.security.KeyStoreException
currently unsupported.

Specified by:
engineSetKeyEntry in class java.security.KeyStoreSpi
Parameters:
s - The key's alias
bytes - The encoded private key.
certificates - The key's certificate chain.
Throws:
java.security.KeyStoreException

engineContainsAlias

public boolean engineContainsAlias(java.lang.String s)
Does the specified alias exist in this keystore?

Specified by:
engineContainsAlias in class java.security.KeyStoreSpi
Parameters:
s - The alias.
Returns:
True if the alias refers to a security object in the keystore.

engineSize

public int engineSize()
Get the number of security objects stored in this keystore.

Specified by:
engineSize in class java.security.KeyStoreSpi
Returns:
The number of security objects.

engineIsCertificateEntry

public boolean engineIsCertificateEntry(java.lang.String s)
Does the supplied alias refer to a certificate in this keystore?

Specified by:
engineIsCertificateEntry in class java.security.KeyStoreSpi
Parameters:
s - The alias.
Returns:
True if this store contains a certificate with the specified alias.

engineSetCertificateEntry

public void engineSetCertificateEntry(java.lang.String alias,
                                      java.security.cert.Certificate certificate)
                               throws java.security.KeyStoreException
Add a certificate to the keystore.

Specified by:
engineSetCertificateEntry in class java.security.KeyStoreSpi
Parameters:
alias - The certificate alias.
certificate - The certificate to store.
Throws:
java.security.KeyStoreException