com.ibm.security.keystoreutil
Class KeyStoreUtil

java.lang.Object
  extended by com.ibm.security.keystoreutil.KeyStoreUtil

public final class KeyStoreUtil
extends Object

KeyStore utility class to help accomplish different type of operations on KeyStore.


Method Summary
static void exportCertificate(OutputStream output, KeyStore store, String alias, boolean useBase64Encoding)
          Export the Certificate that is associated with alias in the KeyStore store to the Output Stream output.
static void importCertificate(InputStream input, KeyStore store, String alias)
          Import a certificate from an input stream into a KeyStore.
static void importCertificates(InputStream input, KeyStore store)
          Import a set of certificates, that are encoded in PKCS#7 format, from an input stream into a KeyStore.
static KeyStoreTranslator newTranslator(String outType)
          Creates a KeyStore translator to a given type.
static KeyStoreTranslator newTranslator(String outType, Provider provider)
          Creates a KeyStore translator to a given type using a specific provider.
static KeyStoreTranslator newTranslator(String outType, String provider)
          Creates a KeyStore translator to a given type using a specific provider.
static KeyStoreTranslatorParameters newTranslatorParameters(KeyStore source, char[] accessPassword, Map<String,char[]> KeyPasswords)
          Creates an instance of KeyStoreTranslatorParameters which can be used as parameter when calling KeyStoreTranslator.translateStore(KeyStoreTranslatorParameters) method.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

newTranslator

public static KeyStoreTranslator newTranslator(String outType)
                                        throws KeyStoreException
Creates a KeyStore translator to a given type.

Parameters:
outType - The type of the target KeyStore that the source will be translated to. For example, "JCEKS", "CMSKS"...etc *
Returns:
KeyStoreTranslator instance.
Throws:
KeyStoreException

newTranslator

public static KeyStoreTranslator newTranslator(String outType,
                                               Provider provider)
                                        throws KeyStoreException
Creates a KeyStore translator to a given type using a specific provider. Note: the provider doesn't have to be registered.

Parameters:
outType - The type of the target KeyStore that the source will be translated to.
provider - The target KeyStore's provider.
Returns:
KeyStoreTranslator instance.
Throws:
KeyStoreException

newTranslator

public static KeyStoreTranslator newTranslator(String outType,
                                               String provider)
                                        throws KeyStoreException,
                                               NoSuchProviderException
Creates a KeyStore translator to a given type using a specific provider.

Parameters:
outType - The type of the target KeyStore that the source will be translated to.
provider - The name of the provider.
Returns:
KeyStoreTranslator instance.
Throws:
NoSuchProviderException
KeyStoreException

newTranslatorParameters

public static KeyStoreTranslatorParameters newTranslatorParameters(KeyStore source,
                                                                   char[] accessPassword,
                                                                   Map<String,char[]> KeyPasswords)
Creates an instance of KeyStoreTranslatorParameters which can be used as parameter when calling KeyStoreTranslator.translateStore(KeyStoreTranslatorParameters) method.

Parameters:
source - The source KeyStore that the translator will be reading from. The KeyStore should be loaded with data.
accessPassword - The source KeyStore access password.
KeyPasswords - A map of (alias, password) pairs of all the key aliases that require a different password than the KeyStore access password. It can be empty or null if all key protection keys are the same as the access password.
Returns:
An instance of KeyStoreTranslatorParameters
Throws:
NullPointerException - If source or accessPassword are null.

importCertificate

public static void importCertificate(InputStream input,
                                     KeyStore store,
                                     String alias)
                              throws CertificateException,
                                     IOException,
                                     KeyStoreException
Import a certificate from an input stream into a KeyStore. The certificate can be imported from the stream in binary or Base64 format.

Parameters:
input - The input stream that hold the certificate encoding.
store - The KeyStore that the certificate will be imported into. The KeyStore should be initialized and loaded.
alias - The alias in the KeyStore that the certificate will be imported as. It can be null, in which case the SubjectDN's Common Name (CN) will be used as the alias.
Throws:
NullPointerException - If input or store are null.
CertificateException - If an X509Certificate could not be created from the data in the input stream.
IOException - If alias was null and the SubjectDN's Common Name could not be found or extracted.
KeyStoreException - If the certificate could not be stored in the KeyStore.

importCertificates

public static void importCertificates(InputStream input,
                                      KeyStore store)
                               throws CertificateException,
                                      IOException,
                                      KeyStoreException
Import a set of certificates, that are encoded in PKCS#7 format, from an input stream into a KeyStore. The SubjectDN's Common Name (CN) of every certificate in the set will be used as the alias of this certificate in the KeyStore.

Parameters:
input - The input stream that hold the certificates encoding.
store - The KeyStore that the certificates will be imported into. The KeyStore should be initialized and loaded.
Throws:
NullPointerException - If input or store are null.
CertificateException - If a collection of X509Certificate could not be created from the data in the input stream.
IOException - If one of the SubjectDN's Common Name could not be found or extracted.
KeyStoreException - If a certificate could not be stored in the KeyStore.

exportCertificate

public static void exportCertificate(OutputStream output,
                                     KeyStore store,
                                     String alias,
                                     boolean useBase64Encoding)
                              throws KeyStoreException,
                                     CertificateEncodingException,
                                     IOException
Export the Certificate that is associated with alias in the KeyStore store to the Output Stream output.

Parameters:
output - The outputStream that the Certificate will be exported to. It should not be null.
store - The KeyStore that the Certificate will be exported from. It should not be null.
alias - The name that the exported Certificate is associated with in the KeyStore. It should not be null.
useBase64Encoding - true if the Certificate will be exported to output in DER Base64 format. false, if it will be exported in DER binary format.
Throws:
NullPointerException - If output, store or alias are null.
KeyStoreException - If the Certificate could not be found in the KeyStore.
CertificateEncodingException - If the Certificate encoding in a DER format has failed.
IOException - If the Certificate encoding could not be written to output.