/**
* Saves a <code>KeyStore.Entry</code> under the specified alias. The specified protection
* parameter is used to protect the <code>Entry</code>.
*
* <p>If an entry already exists for the specified alias, it is overridden.
*
* @param alias save the <code>KeyStore.Entry</code> under this alias
* @param entry the <code>Entry</code> to save
* @param protParam the <code>ProtectionParameter</code> used to protect the <code>Entry</code>,
* which may be <code>null</code>
* @exception KeyStoreException if this operation fails
* @since 1.5
*/
public void engineSetEntry(
String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter protParam)
throws KeyStoreException {
// get password
if (protParam != null && !(protParam instanceof KeyStore.PasswordProtection)) {
throw new KeyStoreException("unsupported protection parameter");
}
KeyStore.PasswordProtection pProtect = null;
if (protParam != null) {
pProtect = (KeyStore.PasswordProtection) protParam;
}
// set entry
if (entry instanceof KeyStore.TrustedCertificateEntry) {
if (protParam != null && pProtect.getPassword() != null) {
// pre-1.5 style setCertificateEntry did not allow password
throw new KeyStoreException("trusted certificate entries are not password-protected");
} else {
KeyStore.TrustedCertificateEntry tce = (KeyStore.TrustedCertificateEntry) entry;
engineSetCertificateEntry(alias, tce.getTrustedCertificate());
return;
}
} else if (entry instanceof KeyStore.PrivateKeyEntry) {
if (pProtect == null || pProtect.getPassword() == null) {
// pre-1.5 style setKeyEntry required password
throw new KeyStoreException("non-null password required to create PrivateKeyEntry");
} else {
engineSetKeyEntry(
alias,
((KeyStore.PrivateKeyEntry) entry).getPrivateKey(),
pProtect.getPassword(),
((KeyStore.PrivateKeyEntry) entry).getCertificateChain());
return;
}
} else if (entry instanceof KeyStore.SecretKeyEntry) {
if (pProtect == null || pProtect.getPassword() == null) {
// pre-1.5 style setKeyEntry required password
throw new KeyStoreException("non-null password required to create SecretKeyEntry");
} else {
engineSetKeyEntry(
alias,
((KeyStore.SecretKeyEntry) entry).getSecretKey(),
pProtect.getPassword(),
(Certificate[]) null);
return;
}
}
throw new KeyStoreException("unsupported entry type: " + entry.getClass().getName());
}
/**
* Assign the key to the alias in the keystore. It will overwrite an existing entry and if the key
* is a PrivateKey, also add the certificate chain representing the corresponding public key.
*
* @param alias the alias name
* @param key the key to add
* @param chain the certificate chain for the corresponding public key
* @throws KeyStoreException if it fails
*/
public final void setKeyEntry(String alias, byte[] key, java.security.cert.Certificate[] chain)
throws KeyStoreException {
keyStoreSpi.engineSetKeyEntry(alias, key, chain);
}
