/** * Gets a <code>KeyStore.Entry</code> for the specified alias with the specified protection * parameter. * * @param alias get the <code>KeyStore.Entry</code> for this alias * @param protParam the <code>ProtectionParameter</code> used to protect the <code>Entry</code>, * which may be <code>null</code> * @return the <code>KeyStore.Entry</code> for the specified alias, or <code>null</code> if there * is no such entry * @exception KeyStoreException if the operation failed * @exception NoSuchAlgorithmException if the algorithm for recovering the entry cannot be found * @exception UnrecoverableEntryException if the specified <code>protParam</code> were * insufficient or invalid * @exception UnrecoverableKeyException if the entry is a <code>PrivateKeyEntry</code> or <code> * SecretKeyEntry</code> and the specified <code>protParam</code> does not contain the * information needed to recover the key (e.g. wrong password) * @since 1.5 */ public KeyStore.Entry engineGetEntry(String alias, KeyStore.ProtectionParameter protParam) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException { if (!engineContainsAlias(alias)) { return null; } if (protParam == null) { if (engineIsCertificateEntry(alias)) { return new KeyStore.TrustedCertificateEntry(engineGetCertificate(alias)); } else { throw new UnrecoverableKeyException("requested entry requires a password"); } } if (protParam instanceof KeyStore.PasswordProtection) { if (engineIsCertificateEntry(alias)) { throw new UnsupportedOperationException( "trusted certificate entries are not password-protected"); } else if (engineIsKeyEntry(alias)) { KeyStore.PasswordProtection pp = (KeyStore.PasswordProtection) protParam; char[] password = pp.getPassword(); Key key = engineGetKey(alias, password); if (key instanceof PrivateKey) { Certificate[] chain = engineGetCertificateChain(alias); return new KeyStore.PrivateKeyEntry((PrivateKey) key, chain); } else if (key instanceof SecretKey) { return new KeyStore.SecretKeyEntry((SecretKey) key); } } } throw new UnsupportedOperationException(); }
/** * Saves a <code>KeyStore.Entry</code> under the specified alias. The specified protection * parameter is used to protect the <code>Entry</code>. * * <p>If an entry already exists for the specified alias, it is overridden. * * @param alias save the <code>KeyStore.Entry</code> under this alias * @param entry the <code>Entry</code> to save * @param protParam the <code>ProtectionParameter</code> used to protect the <code>Entry</code>, * which may be <code>null</code> * @exception KeyStoreException if this operation fails * @since 1.5 */ public void engineSetEntry( String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter protParam) throws KeyStoreException { // get password if (protParam != null && !(protParam instanceof KeyStore.PasswordProtection)) { throw new KeyStoreException("unsupported protection parameter"); } KeyStore.PasswordProtection pProtect = null; if (protParam != null) { pProtect = (KeyStore.PasswordProtection) protParam; } // set entry if (entry instanceof KeyStore.TrustedCertificateEntry) { if (protParam != null && pProtect.getPassword() != null) { // pre-1.5 style setCertificateEntry did not allow password throw new KeyStoreException("trusted certificate entries are not password-protected"); } else { KeyStore.TrustedCertificateEntry tce = (KeyStore.TrustedCertificateEntry) entry; engineSetCertificateEntry(alias, tce.getTrustedCertificate()); return; } } else if (entry instanceof KeyStore.PrivateKeyEntry) { if (pProtect == null || pProtect.getPassword() == null) { // pre-1.5 style setKeyEntry required password throw new KeyStoreException("non-null password required to create PrivateKeyEntry"); } else { engineSetKeyEntry( alias, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey(), pProtect.getPassword(), ((KeyStore.PrivateKeyEntry) entry).getCertificateChain()); return; } } else if (entry instanceof KeyStore.SecretKeyEntry) { if (pProtect == null || pProtect.getPassword() == null) { // pre-1.5 style setKeyEntry required password throw new KeyStoreException("non-null password required to create SecretKeyEntry"); } else { engineSetKeyEntry( alias, ((KeyStore.SecretKeyEntry) entry).getSecretKey(), pProtect.getPassword(), (Certificate[]) null); return; } } throw new KeyStoreException("unsupported entry type: " + entry.getClass().getName()); }