com.ibm.security.keystoreutil

Class KeyStoreUtil

java.lang.Object

com.ibm.security.keystoreutil.KeyStoreUtil

public final class KeyStoreUtil
extends Object

KeyStore utility class to help accomplish different type of operations on KeyStore.

Method Summary

Modifier and Type	Method and Description
static void	exportCertificate(OutputStream output, KeyStore store, String alias, boolean useBase64Encoding) Export the Certificate that is associated with alias in the KeyStore store to the Output Stream output.
static void	importCertificate(InputStream input, KeyStore store, String alias) Import a certificate from an input stream into a KeyStore.
static void	importCertificates(InputStream input, KeyStore store) Import a set of certificates, that are encoded in PKCS#7 format, from an input stream into a KeyStore.
static KeyStoreTranslator	newTranslator(String outType) Creates a KeyStore translator to a given type.
static KeyStoreTranslator	newTranslator(String outType, Provider provider) Creates a KeyStore translator to a given type using a specific provider.
static KeyStoreTranslator	newTranslator(String outType, String provider) Creates a KeyStore translator to a given type using a specific provider.
static KeyStoreTranslatorParameters	newTranslatorParameters(KeyStore source, char[] accessPassword, Map<String,char[]> KeyPasswords) Creates an instance of KeyStoreTranslatorParameters which can be used as parameter when calling KeyStoreTranslator.translateStore(KeyStoreTranslatorParameters) method.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

newTranslator

public static KeyStoreTranslator newTranslator(String outType)
                                        throws KeyStoreException

Creates a KeyStore translator to a given type.

Parameters:

outType - The type of the target KeyStore that the source will be translated to. For example, "JCEKS", "CMSKS"...etc *

Returns:

KeyStoreTranslator instance.

Throws:

KeyStoreException

newTranslator

public static KeyStoreTranslator newTranslator(String outType,
                                               Provider provider)
                                        throws KeyStoreException

Creates a KeyStore translator to a given type using a specific provider. Note: the provider doesn't have to be registered.

Parameters:

outType - The type of the target KeyStore that the source will be translated to.

provider - The target KeyStore's provider.

Returns:

KeyStoreTranslator instance.

Throws:

KeyStoreException

newTranslator

public static KeyStoreTranslator newTranslator(String outType,
                                               String provider)
                                        throws KeyStoreException,
                                               NoSuchProviderException

Creates a KeyStore translator to a given type using a specific provider.

Parameters:

outType - The type of the target KeyStore that the source will be translated to.

provider - The name of the provider.

Returns:

KeyStoreTranslator instance.

Throws:

NoSuchProviderException

KeyStoreException

newTranslatorParameters

public static KeyStoreTranslatorParameters newTranslatorParameters(KeyStore source,
                                                                   char[] accessPassword,
                                                                   Map<String,char[]> KeyPasswords)

Creates an instance of KeyStoreTranslatorParameters which can be used as parameter when calling KeyStoreTranslator.translateStore(KeyStoreTranslatorParameters) method.

Parameters:

source - The source KeyStore that the translator will be reading from. The KeyStore should be loaded with data.

accessPassword - The source KeyStore access password.

KeyPasswords - A map of (alias, password) pairs of all the key aliases that require a different password than the KeyStore access password. It can be empty or null if all key protection keys are the same as the access password.

Returns:

An instance of KeyStoreTranslatorParameters

Throws:

NullPointerException - If source or accessPassword are null.

importCertificate

public static void importCertificate(InputStream input,
                                     KeyStore store,
                                     String alias)
                              throws CertificateException,
                                     IOException,
                                     KeyStoreException

Import a certificate from an input stream into a KeyStore. The certificate can be imported from the stream in binary or Base64 format.

Parameters:

input - The input stream that hold the certificate encoding.

store - The KeyStore that the certificate will be imported into. The KeyStore should be initialized and loaded.

alias - The alias in the KeyStore that the certificate will be imported as. It can be null, in which case the SubjectDN's Common Name (CN) will be used as the alias.

Throws:

NullPointerException - If input or store are null.

CertificateException - If an X509Certificate could not be created from the data in the input stream.

IOException - If alias was null and the SubjectDN's Common Name could not be found or extracted.

KeyStoreException - If the certificate could not be stored in the KeyStore.

importCertificates

public static void importCertificates(InputStream input,
                                      KeyStore store)
                               throws CertificateException,
                                      IOException,
                                      KeyStoreException

Import a set of certificates, that are encoded in PKCS#7 format, from an input stream into a KeyStore. The SubjectDN's Common Name (CN) of every certificate in the set will be used as the alias of this certificate in the KeyStore.

Parameters:

input - The input stream that hold the certificates encoding.

store - The KeyStore that the certificates will be imported into. The KeyStore should be initialized and loaded.

Throws:

NullPointerException - If input or store are null.

CertificateException - If a collection of X509Certificate could not be created from the data in the input stream.

IOException - If one of the SubjectDN's Common Name could not be found or extracted.

KeyStoreException - If a certificate could not be stored in the KeyStore.

exportCertificate

public static void exportCertificate(OutputStream output,
                                     KeyStore store,
                                     String alias,
                                     boolean useBase64Encoding)
                              throws KeyStoreException,
                                     CertificateEncodingException,
                                     IOException

Export the Certificate that is associated with alias in the KeyStore store to the Output Stream output.

Parameters:

output - The outputStream that the Certificate will be exported to. It should not be null.

store - The KeyStore that the Certificate will be exported from. It should not be null.

alias - The name that the exported Certificate is associated with in the KeyStore. It should not be null.

useBase64Encoding - true if the Certificate will be exported to output in DER Base64 format. false, if it will be exported in DER binary format.

Throws:

NullPointerException - If output, store or alias are null.

KeyStoreException - If the Certificate could not be found in the KeyStore.

CertificateEncodingException - If the Certificate encoding in a DER format has failed.

IOException - If the Certificate encoding could not be written to output.