be.cardon.cryptoapi.provider
Class CryptoAPIKeyStore

java.lang.Object
  extended by java.security.KeyStoreSpi
      extended by be.cardon.cryptoapi.provider.CryptoAPIKeyStore

public class CryptoAPIKeyStore
extends java.security.KeyStoreSpi

CryptoAPI store wrapper


Nested Class Summary
 class CryptoAPIKeyStore.EnumAliases
          Enumeration of keys aliases
 
Constructor Summary
CryptoAPIKeyStore()
          Creates a new instance of CryptoAPIKeyStore
 
Method Summary
 java.util.Enumeration<java.lang.String> engineAliases()
          Lists all the alias names of this keystore.
 boolean engineContainsAlias(java.lang.String alias)
          Checks if the given alias exists in this keystore.
 void engineDeleteEntry(java.lang.String alias)
          NOT IMPLEMENTED : throw KeyStoreException.
 java.security.cert.Certificate engineGetCertificate(java.lang.String alias)
          Returns the certificate associated with the given alias.
 java.lang.String engineGetCertificateAlias(java.security.cert.Certificate cert)
          Returns the (alias) name of the first keystore entry whose certificate matches the given certificate, or null if no such entry exists in this keystore.
 java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String alias)
          Returns the certificate chain associated with the given alias.
 java.util.Date engineGetCreationDate(java.lang.String alias)
          Returns the creation date of the entry identified by the given alias.
 java.security.Key engineGetKey(java.lang.String alias, char[] password)
          Returns the key associated with the given alias.
 boolean engineIsCertificateEntry(java.lang.String alias)
          Returns true if the entry identified by the given alias was created by a call to setCertificateEntry, or created by a call to setEntry with a TrustedCertificateEntry.
 boolean engineIsKeyEntry(java.lang.String alias)
          Returns true if the entry identified by the given alias was created by a call to setKeyEntry, or created by a call to setEntry with a PrivateKeyEntry or a SecretKeyEntry.
 void engineLoad(java.io.InputStream stream, char[] password)
          Loads the keystore from the given input stream.
 void engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate cert)
          Assigns the given certificate to the given alias.
 void engineSetKeyEntry(java.lang.String alias, byte[] key, java.security.cert.Certificate[] chain)
          Assigns the given key (that has already been protected) to the given alias.
 void engineSetKeyEntry(java.lang.String alias, java.security.Key key, char[] password, java.security.cert.Certificate[] chain)
          Assigns the given key to the given alias, protecting it with the given password.
 int engineSize()
          Retrieves the number of entries in this keystore.
 void engineStore(java.io.OutputStream stream, char[] password)
          Stores this keystore using the given KeyStore.LoadStoreParmeter.
 
Methods inherited from class java.security.KeyStoreSpi
engineEntryInstanceOf, engineGetEntry, engineLoad, engineSetEntry, engineStore
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CryptoAPIKeyStore

public CryptoAPIKeyStore()
                  throws java.io.IOException
Creates a new instance of CryptoAPIKeyStore

Throws:
java.io.IOException
Method Detail

engineAliases

public java.util.Enumeration<java.lang.String> engineAliases()
Lists all the alias names of this keystore.

Specified by:
engineAliases in class java.security.KeyStoreSpi

engineContainsAlias

public boolean engineContainsAlias(java.lang.String alias)
Checks if the given alias exists in this keystore.

Specified by:
engineContainsAlias in class java.security.KeyStoreSpi

engineDeleteEntry

public void engineDeleteEntry(java.lang.String alias)
                       throws java.security.KeyStoreException
NOT IMPLEMENTED : throw KeyStoreException. Deletes the entry identified by the given alias from this keystore.

Specified by:
engineDeleteEntry in class java.security.KeyStoreSpi
Throws:
java.security.KeyStoreException

engineGetCertificate

public java.security.cert.Certificate engineGetCertificate(java.lang.String alias)
Returns the certificate associated with the given alias. or null if the given alias does not exist or does not contain a certificate.

Specified by:
engineGetCertificate in class java.security.KeyStoreSpi

engineGetCertificateAlias

public java.lang.String engineGetCertificateAlias(java.security.cert.Certificate cert)
Returns the (alias) name of the first keystore entry whose certificate matches the given certificate, or null if no such entry exists in this keystore.

Specified by:
engineGetCertificateAlias in class java.security.KeyStoreSpi

engineGetCertificateChain

public java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String alias)
Returns the certificate chain associated with the given alias.

Specified by:
engineGetCertificateChain in class java.security.KeyStoreSpi

engineGetCreationDate

public java.util.Date engineGetCreationDate(java.lang.String alias)
Returns the creation date of the entry identified by the given alias.

Specified by:
engineGetCreationDate in class java.security.KeyStoreSpi

engineGetKey

public java.security.Key engineGetKey(java.lang.String alias,
                                      char[] password)
                               throws java.security.UnrecoverableKeyException
Returns the key associated with the given alias.

WARNING !

The password should be null. This is the default case. The CSP (cryptographic service provider) will display a window (PIN, or other) to the user if needed.

You can also give a password (PIN) programatically. The CSP MUST support the function CryptoAPI function CryptSetProvParam with PP_SIGNATURE_PIN or PP_KEYEXCHANGE_PIN. Most CSP like the Microsoft Basic CSP or the Belgian eid middleware doesn't support this function. The CSP from 'Nexus Personal' has been tested with that. All CSP supporting Smard Card Windows logon should support this function.

.

The password doesn't support Unicode (CryptoAPI use byte[], not char[]). In the future, we will create a property to choose the encoding for password.

Specified by:
engineGetKey in class java.security.KeyStoreSpi
Throws:
java.security.UnrecoverableKeyException - if the CryptSetProvParam function is not supported for PIN, or other error.

engineIsCertificateEntry

public boolean engineIsCertificateEntry(java.lang.String alias)
Returns true if the entry identified by the given alias was created by a call to setCertificateEntry, or created by a call to setEntry with a TrustedCertificateEntry.

Specified by:
engineIsCertificateEntry in class java.security.KeyStoreSpi

engineIsKeyEntry

public boolean engineIsKeyEntry(java.lang.String alias)
Returns true if the entry identified by the given alias was created by a call to setKeyEntry, or created by a call to setEntry with a PrivateKeyEntry or a SecretKeyEntry.

Specified by:
engineIsKeyEntry in class java.security.KeyStoreSpi

engineLoad

public void engineLoad(java.io.InputStream stream,
                       char[] password)
                throws java.io.IOException
Loads the keystore from the given input stream. Inputstream is the UTF-8 name of the MS store. If the inputstream is null, uses 'My' store. password is not used

Specified by:
engineLoad in class java.security.KeyStoreSpi
Throws:
java.io.IOException

engineSetCertificateEntry

public void engineSetCertificateEntry(java.lang.String alias,
                                      java.security.cert.Certificate cert)
                               throws java.security.KeyStoreException
Assigns the given certificate to the given alias.

Specified by:
engineSetCertificateEntry in class java.security.KeyStoreSpi
Throws:
java.security.KeyStoreException

engineSetKeyEntry

public void engineSetKeyEntry(java.lang.String alias,
                              byte[] key,
                              java.security.cert.Certificate[] chain)
                       throws java.security.KeyStoreException
Assigns the given key (that has already been protected) to the given alias.

Specified by:
engineSetKeyEntry in class java.security.KeyStoreSpi
Throws:
java.security.KeyStoreException

engineSetKeyEntry

public void engineSetKeyEntry(java.lang.String alias,
                              java.security.Key key,
                              char[] password,
                              java.security.cert.Certificate[] chain)
                       throws java.security.KeyStoreException
Assigns the given key to the given alias, protecting it with the given password.

Specified by:
engineSetKeyEntry in class java.security.KeyStoreSpi
Throws:
java.security.KeyStoreException

engineSize

public int engineSize()
Retrieves the number of entries in this keystore.

Specified by:
engineSize in class java.security.KeyStoreSpi

engineStore

public void engineStore(java.io.OutputStream stream,
                        char[] password)
Stores this keystore using the given KeyStore.LoadStoreParmeter.

Specified by:
engineStore in class java.security.KeyStoreSpi