/**
* Loads the keystore from the Keychain.
*
* @param stream Ignored - here for API compatibility.
* @param password Ignored - if user needs to unlock keychain Security framework will post any
* dialogs.
* @exception IOException if there is an I/O or format problem with the keystore data
* @exception NoSuchAlgorithmException if the algorithm used to check the integrity of the
* keystore cannot be found
* @exception CertificateException if any of the certificates in the keystore could not be loaded
*/
public void engineLoad(InputStream stream, char[] password)
throws IOException, NoSuchAlgorithmException, CertificateException {
permissionCheck();
// Release any stray keychain references before clearing out the entries.
synchronized (entries) {
for (Enumeration<String> e = entries.keys(); e.hasMoreElements(); ) {
String alias = e.nextElement();
Object entry = entries.get(alias);
if (entry instanceof TrustedCertEntry) {
if (((TrustedCertEntry) entry).certRef != 0) {
_releaseKeychainItemRef(((TrustedCertEntry) entry).certRef);
}
} else {
KeyEntry keyEntry = (KeyEntry) entry;
if (keyEntry.chain != null) {
for (int i = 0; i < keyEntry.chain.length; i++) {
if (keyEntry.chainRefs[i] != 0) {
_releaseKeychainItemRef(keyEntry.chainRefs[i]);
}
}
if (keyEntry.keyRef != 0) {
_releaseKeychainItemRef(keyEntry.keyRef);
}
}
}
}
entries.clear();
_scanKeychain();
}
}
/**
* Stores this keystore to the given output stream, and protects its integrity with the given
* password.
*
* @param stream Ignored. the output stream to which this keystore is written.
* @param password the password to generate the keystore integrity check
* @exception IOException if there was an I/O problem with data
* @exception NoSuchAlgorithmException if the appropriate data integrity algorithm could not be
* found
* @exception CertificateException if any of the certificates included in the keystore data could
* not be stored
*/
public void engineStore(OutputStream stream, char[] password)
throws IOException, NoSuchAlgorithmException, CertificateException {
permissionCheck();
// Delete items that do have a keychain item ref.
for (Enumeration<String> e = deletedEntries.keys(); e.hasMoreElements(); ) {
String alias = e.nextElement();
Object entry = deletedEntries.get(alias);
if (entry instanceof TrustedCertEntry) {
if (((TrustedCertEntry) entry).certRef != 0) {
_removeItemFromKeychain(((TrustedCertEntry) entry).certRef);
_releaseKeychainItemRef(((TrustedCertEntry) entry).certRef);
}
} else {
Certificate certElem;
KeyEntry keyEntry = (KeyEntry) entry;
if (keyEntry.chain != null) {
for (int i = 0; i < keyEntry.chain.length; i++) {
if (keyEntry.chainRefs[i] != 0) {
_removeItemFromKeychain(keyEntry.chainRefs[i]);
_releaseKeychainItemRef(keyEntry.chainRefs[i]);
}
}
if (keyEntry.keyRef != 0) {
_removeItemFromKeychain(keyEntry.keyRef);
_releaseKeychainItemRef(keyEntry.keyRef);
}
}
}
}
// Add all of the certs or keys in the added entries.
// No need to check for 0 refs, as they are in the added list.
for (Enumeration<String> e = addedEntries.keys(); e.hasMoreElements(); ) {
String alias = e.nextElement();
Object entry = addedEntries.get(alias);
if (entry instanceof TrustedCertEntry) {
TrustedCertEntry tce = (TrustedCertEntry) entry;
Certificate certElem;
certElem = tce.cert;
tce.certRef = addCertificateToKeychain(alias, certElem);
} else {
KeyEntry keyEntry = (KeyEntry) entry;
if (keyEntry.chain != null) {
for (int i = 0; i < keyEntry.chain.length; i++) {
keyEntry.chainRefs[i] = addCertificateToKeychain(alias, keyEntry.chain[i]);
}
keyEntry.keyRef =
_addItemToKeychain(alias, false, keyEntry.protectedPrivKey, keyEntry.password);
}
}
}
// Clear the added and deletedEntries hashtables here, now that we're done with the updates.
// For the deleted entries, we freed up the native references above.
deletedEntries.clear();
addedEntries.clear();
}