Build 1.1_r1 (from source)

java.security
Class KeyStore

java.lang.Object
  extended by java.security.KeyStore

public class KeyStore
extends Object

KeyStore is responsible for maintaining cryptographic keys and their owners.

The type of the system key store can be changed by setting the 'keystore.type' property in the file named JAVA_HOME/lib/security/java.security.

Since:
Android 1.0
See Also:
Certificate, PrivateKey

Nested Class Summary
static class KeyStore.Builder
          Builder is used to construct new instances of KeyStore.
static class KeyStore.CallbackHandlerProtection
          CallbackHandlerProtection is a ProtectionParameter that encapsulates a CallbackHandler.
static interface KeyStore.Entry
          Entry is the common marker interface for a KeyStore entry.
static interface KeyStore.LoadStoreParameter
          LoadStoreParameter represents a parameter that specifies how a KeyStore can be loaded and stored.
static class KeyStore.PasswordProtection
          PasswordProtection is a ProtectionParameter that protects a KeyStore using a password.
static class KeyStore.PrivateKeyEntry
          PrivateKeyEntry represents a KeyStore entry that holds a private key.
static interface KeyStore.ProtectionParameter
          ProtectionParameter is a marker interface for protection parameters.
static class KeyStore.SecretKeyEntry
          SecretKeyEntry represents a KeyStore entry that holds a secret key.
static class KeyStore.TrustedCertificateEntry
          TrustedCertificateEntry represents a KeyStore entry that holds a trusted certificate.
 
Constructor Summary
protected KeyStore(KeyStoreSpi keyStoreSpi, Provider provider, String type)
          Constructs a new instance of KeyStore with the given arguments.
 
Method Summary
 Enumeration<String> aliases()
          Returns an Enumeration over all alias names stored in this KeyStore.
 boolean containsAlias(String alias)
          Indicates whether the given alias is present in this KeyStore.
 void deleteEntry(String alias)
          Deletes the entry identified with the given alias from this KeyStore.
 boolean entryInstanceOf(String alias, Class<? extends KeyStore.Entry> entryClass)
          Indicates whether the entry for the given alias is assignable to the provided Class.
 Certificate getCertificate(String alias)
          Returns the trusted certificate for the entry with the given alias.
 String getCertificateAlias(Certificate cert)
          Returns the alias associated with the first entry whose certificate matches the specified certificate.
 Certificate[] getCertificateChain(String alias)
          Returns the certificate chain for the entry with the given alias.
 Date getCreationDate(String alias)
          Returns the creation date of the entry with the given alias.
static String getDefaultType()
          Returns the default type for KeyStore instances.
 KeyStore.Entry getEntry(String alias, KeyStore.ProtectionParameter param)
          Returns the Entry with the given alias, using the specified ProtectionParameter.
static KeyStore getInstance(String type)
          Returns a new instance of KeyStore with the specified type.
static KeyStore getInstance(String type, Provider provider)
          Returns a new instance of KeyStore from the specified provider with the given type.
static KeyStore getInstance(String type, String provider)
          Returns a new instance of KeyStore from the specified provider with the given type.
 Key getKey(String alias, char[] password)
          Returns the key with the given alias, using the password to recover the key from the store.
 Provider getProvider()
          Returns the provider associated with this KeyStore.
 String getType()
          Returns the type of this KeyStore.
 boolean isCertificateEntry(String alias)
          Indicates whether the specified alias is associated with a KeyStore.TrustedCertificateEntry.
 boolean isKeyEntry(String alias)
          Indicates whether the specified alias is associated with either a KeyStore.PrivateKeyEntry or a KeyStore.SecretKeyEntry.
 void load(InputStream stream, char[] password)
          Initializes this KeyStore from the provided InputStream.
 void load(KeyStore.LoadStoreParameter param)
          Loads this KeyStore using the specified LoadStoreParameter.
 void setCertificateEntry(String alias, Certificate cert)
          Associates the given alias with a certificate.
 void setEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter param)
          Stores the given Entry in this KeyStore and associates the entry with the given alias.
 void setKeyEntry(String alias, byte[] key, Certificate[] chain)
          Associates the given alias with a key and a certificate chain.
 void setKeyEntry(String alias, Key key, char[] password, Certificate[] chain)
          Associates the given alias with the key, password and certificate chain.
 int size()
          Returns the number of entries stored in this KeyStore.
 void store(KeyStore.LoadStoreParameter param)
          Stores this KeyStore using the specified LoadStoreParameter.
 void store(OutputStream stream, char[] password)
          Writes this KeyStore to the specified OutputStream.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

KeyStore

protected KeyStore(KeyStoreSpi keyStoreSpi,
                   Provider provider,
                   String type)
Constructs a new instance of KeyStore with the given arguments.

Parameters:
keyStoreSpi - the concrete key store.
provider - the provider.
type - the type of the KeyStore to be constructed.
Since:
Android 1.0
Method Detail

getInstance

public static KeyStore getInstance(String type)
                            throws KeyStoreException
Returns a new instance of KeyStore with the specified type.

Parameters:
type - the type of the returned KeyStore.
Returns:
a new instance of KeyStore with the specified type.
Throws:
KeyStoreException - if an error occurred during the creation of the new KeyStore.
NullPointerException - if type is null.
Since:
Android 1.0
See Also:
getDefaultType()

getInstance

public static KeyStore getInstance(String type,
                                   String provider)
                            throws KeyStoreException,
                                   NoSuchProviderException
Returns a new instance of KeyStore from the specified provider with the given type.

Parameters:
type - the type of the returned KeyStore.
provider - name of the provider of the KeyStore.
Returns:
a new instance of KeyStore from the specified provider with the given type.
Throws:
KeyStoreException - if an error occurred during the creation of the new KeyStore.
NoSuchProviderException - if the specified provider is not available.
IllegalArgumentException - if provider is null or the empty string.
Since:
Android 1.0
See Also:
getDefaultType()

getInstance

public static KeyStore getInstance(String type,
                                   Provider provider)
                            throws KeyStoreException
Returns a new instance of KeyStore from the specified provider with the given type.

Parameters:
type - the type of the returned KeyStore.
provider - the provider of the KeyStore.
Returns:
a new instance of KeyStore from the specified provider with the given type.
Throws:
KeyStoreException - if an error occurred during the creation of the new KeyStore.
IllegalArgumentException - if provider is null or the empty string.
Since:
Android 1.0
See Also:
getDefaultType()

getDefaultType

public static final String getDefaultType()
Returns the default type for KeyStore instances.

The default is specified in the 'keystore.type' property in the file named JAVA_HOME/lib/security/java.security. If this property is not set, "jks" will be used.

Returns:
the default type for KeyStore instances
Since:
Android 1.0

getProvider

public final Provider getProvider()
Returns the provider associated with this KeyStore.

Returns:
the provider associated with this KeyStore.
Since:
Android 1.0

getType

public final String getType()
Returns the type of this KeyStore.

Returns:
the type of this KeyStore.
Since:
Android 1.0

getKey

public final Key getKey(String alias,
                        char[] password)
                 throws KeyStoreException,
                        NoSuchAlgorithmException,
                        UnrecoverableKeyException
Returns the key with the given alias, using the password to recover the key from the store.

Parameters:
alias - the alias for the entry.
password - the password used to recover the key.
Returns:
the key with the specified alias, or null if the specified alias is not bound to an entry.
Throws:
KeyStoreException - if this KeyStore is not initialized.
NoSuchAlgorithmException - if the algorithm for recovering the key is not available.
UnrecoverableKeyException - if the key can not be recovered.
Since:
Android 1.0

getCertificateChain

public final Certificate[] getCertificateChain(String alias)
                                        throws KeyStoreException
Returns the certificate chain for the entry with the given alias.

Parameters:
alias - the alias for the entry.
Returns:
the certificate chain for the entry with the given alias, or null if the specified alias is not bound to an entry.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

getCertificate

public final Certificate getCertificate(String alias)
                                 throws KeyStoreException
Returns the trusted certificate for the entry with the given alias.

Parameters:
alias - the alias for the entry.
Returns:
the trusted certificate for the entry with the given alias, or null if the specified alias is not bound to an entry.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

getCreationDate

public final Date getCreationDate(String alias)
                           throws KeyStoreException
Returns the creation date of the entry with the given alias.

Parameters:
alias - the alias for the entry.
Returns:
the creation date, or null if the specified alias is not bound to an entry.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

setKeyEntry

public final void setKeyEntry(String alias,
                              Key key,
                              char[] password,
                              Certificate[] chain)
                       throws KeyStoreException
Associates the given alias with the key, password and certificate chain.

If the specified alias already exists, it will be reassigned.

Parameters:
alias - the alias for the key.
key - the key.
password - the password.
chain - the certificate chain.
Throws:
KeyStoreException - if this KeyStore is not initialized.
IllegalArgumentException - if key is a PrivateKey and chain does not contain any certificates.
Since:
Android 1.0

setKeyEntry

public final void setKeyEntry(String alias,
                              byte[] key,
                              Certificate[] chain)
                       throws KeyStoreException
Associates the given alias with a key and a certificate chain.

If the specified alias already exists, it will be reassigned.

If this KeyStore is of type "jks", key must be encoded conform to the PKS#8 standard as an EncryptedPrivateKeyInfo.

Parameters:
alias - the alias for the key.
key - the key in an encoded format.
chain - the certificate chain.
Throws:
KeyStoreException - if this KeyStore is not initialized.
IllegalArgumentException - if key is a PrivateKey and chain does.
Since:
Android 1.0

setCertificateEntry

public final void setCertificateEntry(String alias,
                                      Certificate cert)
                               throws KeyStoreException
Associates the given alias with a certificate.

If the specified alias already exists, it will be reassigned.

Parameters:
alias - the alias for the certificate.
cert - the certificate.
Throws:
KeyStoreException - if this KeyStore is not initialized, or an existing alias is not associated to an entry containing a trusted certificate, or this method fails for any other reason.
Since:
Android 1.0

deleteEntry

public final void deleteEntry(String alias)
                       throws KeyStoreException
Deletes the entry identified with the given alias from this KeyStore.

Parameters:
alias - the alias for the entry.
Throws:
KeyStoreException - if this KeyStore is not initialized, or if the entry can not be deleted.
Since:
Android 1.0

aliases

public final Enumeration<String> aliases()
                                  throws KeyStoreException
Returns an Enumeration over all alias names stored in this KeyStore.

Returns:
an Enumeration over all alias names stored in this KeyStore.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

containsAlias

public final boolean containsAlias(String alias)
                            throws KeyStoreException
Indicates whether the given alias is present in this KeyStore.

Parameters:
alias - the alias of an entry.
Returns:
true if the alias exists, false otherwise.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

size

public final int size()
               throws KeyStoreException
Returns the number of entries stored in this KeyStore.

Returns:
the number of entries stored in this KeyStore.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

isKeyEntry

public final boolean isKeyEntry(String alias)
                         throws KeyStoreException
Indicates whether the specified alias is associated with either a KeyStore.PrivateKeyEntry or a KeyStore.SecretKeyEntry.

Parameters:
alias - the alias of an entry.
Returns:
true if the given alias is associated with a key entry.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

isCertificateEntry

public final boolean isCertificateEntry(String alias)
                                 throws KeyStoreException
Indicates whether the specified alias is associated with a KeyStore.TrustedCertificateEntry.

Parameters:
alias - the alias of an entry.
Returns:
true if the given alias is associated with a certificate entry.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

getCertificateAlias

public final String getCertificateAlias(Certificate cert)
                                 throws KeyStoreException
Returns the alias associated with the first entry whose certificate matches the specified certificate.

Parameters:
cert - the certificate to find the associated entry's alias for.
Returns:
the alias or null if no entry with the specified certificate can be found.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

store

public final void store(OutputStream stream,
                        char[] password)
                 throws KeyStoreException,
                        IOException,
                        NoSuchAlgorithmException,
                        CertificateException
Writes this KeyStore to the specified OutputStream. The data written to the OutputStream is protected by the specified password.

Parameters:
stream - the OutputStream to write the store's data to.
password - the password to protect the data.
Throws:
KeyStoreException - if this KeyStore is not initialized.
IOException - if a problem occurred while writing to the stream.
NoSuchAlgorithmException - if the required algorithm is not available.
CertificateException - if an exception occurred while storing the certificates of this KeyStore.
Since:
Android 1.0

store

public final void store(KeyStore.LoadStoreParameter param)
                 throws KeyStoreException,
                        IOException,
                        NoSuchAlgorithmException,
                        CertificateException
Stores this KeyStore using the specified LoadStoreParameter.

Parameters:
param - the LoadStoreParameter that specifies how to store this KeyStore, maybe null.
Throws:
KeyStoreException - if this KeyStore is not initialized.
IOException - if a problem occurred while writing to the stream.
NoSuchAlgorithmException - if the required algorithm is not available.
CertificateException - if an exception occurred while storing the certificates of this KeyStore.
IllegalArgumentException - if the given KeyStore.LoadStoreParameter is not recognized.
Since:
Android 1.0

load

public final void load(InputStream stream,
                       char[] password)
                throws IOException,
                       NoSuchAlgorithmException,
                       CertificateException
Initializes this KeyStore from the provided InputStream. Pass null as the stream argument to initialize an empty KeyStore or to initialize a KeyStore which does not rely on an InputStream. This KeyStore utilizes the given password to verify the stored data.

Parameters:
stream - the InputStream to load this KeyStore's data from or null.
password - the password to verify the stored data, maybe null.
Throws:
IOException - if a problem occurred while reading from the stream.
NoSuchAlgorithmException - if the required algorithm is not available.
CertificateException - if an exception occurred while loading the certificates of this KeyStore.
Since:
Android 1.0

load

public final void load(KeyStore.LoadStoreParameter param)
                throws IOException,
                       NoSuchAlgorithmException,
                       CertificateException
Loads this KeyStore using the specified LoadStoreParameter.

Parameters:
param - the LoadStoreParameter that specifies how to load this KeyStore, maybe null.
Throws:
IOException - if a problem occurred while reading from the stream.
NoSuchAlgorithmException - if the required algorithm is not available.
CertificateException - if an exception occurred while loading the certificates of this KeyStore.
IllegalArgumentException - if the given KeyStore.LoadStoreParameter is not recognized.
Since:
Android 1.0

getEntry

public final KeyStore.Entry getEntry(String alias,
                                     KeyStore.ProtectionParameter param)
                              throws NoSuchAlgorithmException,
                                     UnrecoverableEntryException,
                                     KeyStoreException
Returns the Entry with the given alias, using the specified ProtectionParameter.

Parameters:
alias - the alias of the requested entry.
param - the ProtectionParameter used to protect the requested entry, maybe null.
Returns:
he Entry with the given alias, using the specified ProtectionParameter.
Throws:
NoSuchAlgorithmException - if the required algorithm is not available.
UnrecoverableEntryException - if the entry can not be recovered.
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

setEntry

public final void setEntry(String alias,
                           KeyStore.Entry entry,
                           KeyStore.ProtectionParameter param)
                    throws KeyStoreException
Stores the given Entry in this KeyStore and associates the entry with the given alias. The entry is protected by the specified ProtectionParameter.

If the specified alias already exists, it will be reassigned.

Parameters:
alias - the alias for the entry.
entry - the entry to store.
param - the ProtectionParameter to protect the entry.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

entryInstanceOf

public final boolean entryInstanceOf(String alias,
                                     Class<? extends KeyStore.Entry> entryClass)
                              throws KeyStoreException
Indicates whether the entry for the given alias is assignable to the provided Class.

Parameters:
alias - the alias for the entry.
entryClass - the type of the entry.
Returns:
true if the Entry for the alias is assignable to the specified entryClass.
Throws:
KeyStoreException - if this KeyStore is not initialized.
Since:
Android 1.0

Build 1.1_r1 (from source)

Please submit a feedback, bug or feature