001    /* KeyStoreSpi.java --- Key Store Service Provider Interface
002       Copyright (C) 1999, 2004  Free Software Foundation, Inc.
003    
004    This file is part of GNU Classpath.
005    
006    GNU Classpath is free software; you can redistribute it and/or modify
007    it under the terms of the GNU General Public License as published by
008    the Free Software Foundation; either version 2, or (at your option)
009    any later version.
010    
011    GNU Classpath is distributed in the hope that it will be useful, but
012    WITHOUT ANY WARRANTY; without even the implied warranty of
013    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014    General Public License for more details.
015    
016    You should have received a copy of the GNU General Public License
017    along with GNU Classpath; see the file COPYING.  If not, write to the
018    Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019    02110-1301 USA.
020    
021    Linking this library statically or dynamically with other modules is
022    making a combined work based on this library.  Thus, the terms and
023    conditions of the GNU General Public License cover the whole
024    combination.
025    
026    As a special exception, the copyright holders of this library give you
027    permission to link this library with independent modules to produce an
028    executable, regardless of the license terms of these independent
029    modules, and to copy and distribute the resulting executable under
030    terms of your choice, provided that you also meet, for each linked
031    independent module, the terms and conditions of the license of that
032    module.  An independent module is a module which is not derived from
033    or based on this library.  If you modify this library, you may extend
034    this exception to your version of the library, but you are not
035    obligated to do so.  If you do not wish to do so, delete this
036    exception statement from your version. */
037    
038    
039    package java.security;
040    
041    import java.io.IOException;
042    import java.io.InputStream;
043    import java.io.OutputStream;
044    import java.security.cert.CertificateException;
045    import java.util.Date;
046    import java.util.Enumeration;
047    
048    /**
049     * KeyStoreSpi is the Service Provider Interface (SPI) for the 
050     * KeyStore class. This is the interface for providers to 
051     * supply to implement a keystore for a particular keystore 
052     * type.
053     *
054     * @since 1.2
055     * @author Mark Benvenuto
056     */
057    public abstract class KeyStoreSpi
058    {
059      /**
060       * Constructs a new KeyStoreSpi
061       */
062      public KeyStoreSpi()
063      {
064      }
065    
066      /**
067       * Returns the key associated with given alias using the 
068       * supplied password.
069       *
070       * @param alias an alias for the key to get
071       * @param password password to access key with
072       *
073       * @return the requested key, or null otherwise
074       *
075       * @throws NoSuchAlgorithmException if there is no algorithm
076       * for recovering the key
077       * @throws UnrecoverableKeyException key cannot be reocovered
078       * (wrong password).
079       */
080      public abstract Key engineGetKey(String alias, char[]password)
081        throws NoSuchAlgorithmException, UnrecoverableKeyException;
082    
083      /**
084       * Gets a Certificate chain for the specified alias.
085       *
086       * @param alias the alias name
087       *
088       * @return a chain of Certificates ( ordered from the user's 
089       * certificate to the Certificate Authority's ) or 
090       * null if the alias does not exist or there is no
091       * certificate chain for the alias ( the alias refers
092       * to a trusted certificate entry or there is no entry).
093       */
094      public abstract java.security.cert.
095        Certificate[] engineGetCertificateChain(String alias);
096    
097    
098      /**
099       * Gets a Certificate for the specified alias.
100       *
101       * If there is a trusted certificate entry then that is returned.
102       * it there is a key entry with a certificate chain then the
103       * first certificate is return or else null.
104       *
105       * @param alias the alias name
106       *
107       * @return a Certificate or null if the alias does not exist 
108       * or there is no certificate for the alias
109       */
110      public abstract java.security.cert.
111        Certificate engineGetCertificate(String alias);
112    
113      /**
114       * Gets entry creation date for the specified alias.
115       *
116       * @param alias the alias name
117       *
118       * @returns the entry creation date or null
119       */
120      public abstract Date engineGetCreationDate(String alias);
121    
122      /**
123       * Assign the key to the alias in the keystore, protecting it
124       * with the given password. It will overwrite an existing 
125       * entry and if the key is a PrivateKey, also add the 
126       * certificate chain representing the corresponding public key.
127       *
128       * @param alias the alias name
129       * @param key the key to add
130       * @password the password to protect with
131       * @param chain the certificate chain for the corresponding
132       * public key
133       *
134       * @throws KeyStoreException if it fails
135       */
136      public abstract void engineSetKeyEntry(String alias, Key key,
137                                             char[]password,
138                                             java.security.cert.
139                                             Certificate[]chain) throws
140        KeyStoreException;
141    
142      /**
143       * Assign the key to the alias in the keystore. It will overwrite
144       * an existing entry and if the key is a PrivateKey, also 
145       * add the certificate chain representing the corresponding 
146       * public key.
147       *
148       * @param alias the alias name
149       * @param key the key to add
150       * @param chain the certificate chain for the corresponding
151       * public key
152       *
153       * @throws KeyStoreException if it fails
154       */
155      public abstract void engineSetKeyEntry(String alias, byte[]key,
156                                             java.security.cert.
157                                             Certificate[]chain) throws
158        KeyStoreException;
159    
160    
161      /**
162       * Assign the certificate to the alias in the keystore. It 
163       * will overwrite an existing entry.
164       *
165       * @param alias the alias name
166       * @param cert the certificate to add
167       *
168       * @throws KeyStoreException if it fails
169       */
170      public abstract void engineSetCertificateEntry(String alias,
171                                                     java.security.cert.
172                                                     Certificate cert) throws
173        KeyStoreException;
174    
175      /**
176       * Deletes the entry for the specified entry.
177       *
178       * @param alias the alias name
179       *
180       * @throws KeyStoreException if it fails
181       */
182      public abstract void engineDeleteEntry(String alias)
183        throws KeyStoreException;
184    
185      /**
186       * Generates a list of all the aliases in the keystore.
187       *
188       * @return an Enumeration of the aliases
189       */
190      public abstract Enumeration<String> engineAliases();
191    
192      /**
193       * Determines if the keystore contains the specified alias.
194       *
195       * @param alias the alias name
196       *
197       * @return true if it contains the alias, false otherwise
198       */
199      public abstract boolean engineContainsAlias(String alias);
200    
201      /**
202       * Returns the number of entries in the keystore.
203       *
204       * @returns the number of keystore entries.
205       */
206      public abstract int engineSize();
207    
208      /**
209       * Determines if the keystore contains a key entry for 
210       * the specified alias.
211       *
212       * @param alias the alias name
213       *
214       * @return true if it is a key entry, false otherwise
215       */
216      public abstract boolean engineIsKeyEntry(String alias);
217    
218      /**
219       * Determines if the keystore contains a certificate entry for 
220       * the specified alias.
221       *
222       * @param alias the alias name
223       *
224       * @return true if it is a certificate entry, false otherwise
225       */
226      public abstract boolean engineIsCertificateEntry(String alias);
227    
228      /**
229       * Determines if the keystore contains the specified certificate 
230       * entry and returns the alias.
231       *
232       * It checks every entry and for a key entry checks only the
233       * first certificate in the chain.
234       *
235       * @param cert Certificate to look for
236       *
237       * @return alias of first matching certificate, null if it 
238       * does not exist.
239       */
240      public abstract String engineGetCertificateAlias(java.security.cert.
241                                                       Certificate cert);
242    
243      /**
244       * Stores the keystore in the specified output stream and it
245       * uses the specified key it keep it secure.
246       *
247       * @param stream the output stream to save the keystore to
248       * @param password the password to protect the keystore integrity with
249       *
250       * @throws IOException if an I/O error occurs.
251       * @throws NoSuchAlgorithmException the data integrity algorithm 
252       * used cannot be found.
253       * @throws CertificateException if any certificates could not be
254       * stored in the output stream.
255       */
256      public abstract void engineStore(OutputStream stream, char[]password)
257        throws IOException, NoSuchAlgorithmException, CertificateException;
258    
259    
260      /**
261       * Loads the keystore from the specified input stream and it
262       * uses the specified password to check for integrity if supplied.
263       *
264       * @param stream the input stream to load the keystore from
265       * @param password the password to check the keystore integrity with
266       *
267       * @throws IOException if an I/O error occurs.
268       * @throws NoSuchAlgorithmException the data integrity algorithm 
269       * used cannot be found.
270       * @throws CertificateException if any certificates could not be
271       * stored in the output stream.
272       */
273      public abstract void engineLoad(InputStream stream, char[]password)
274        throws IOException, NoSuchAlgorithmException, CertificateException;
275    }