KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > management > geronimo > KeystoreInstance


1 /**
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */

17 package org.apache.geronimo.management.geronimo;
18
19 import java.security.PrivateKey JavaDoc;
20 import java.security.cert.Certificate JavaDoc;
21
22 import javax.net.ssl.KeyManager;
23 import javax.net.ssl.TrustManager;
24
25 /**
26  * Management interface for dealing with a specific Keystore
27  *
28  * @version $Rev: 476229 $ $Date: 2006-11-17 12:48:02 -0500 (Fri, 17 Nov 2006) $
29  */

30 public interface KeystoreInstance {
31     /**
32      * Returns the name of the keystore as known to the keystore manager.
33      */

34     public String JavaDoc getKeystoreName();
35
36     /**
37      * Saves a password to access the keystore as a whole. This means that any
38      * other server component can use this keystore to create a socket factory.
39      * However, the relevant private key in the keystore must also be unlocked.
40      *
41      * @return True if the keystore was unlocked successfully
42      */

43     public void unlockKeystore(char[] password) throws KeystoreException;
44
45     /**
46      * Clears any saved password, meaning this keystore cannot be used by other
47      * server components. You can still query and update it by passing the
48      * password to other functions,
49      */

50     public void lockKeystore(char[] password) throws KeystoreException;
51
52     /**
53      * Checks whether this keystore is unlocked, which is to say, available for
54      * other components to use to generate socket factories.
55      * Does not check whether the unlock password is actually correct.
56      */

57     public boolean isKeystoreLocked();
58
59     /**
60      * Gets the aliases of all private key entries in the keystore
61      *
62      * @param storePassword Used to open the keystore. If null, the
63      * internal password will be used and may
64      * @throws KeystoreIsLocked if a null password was provided and the keystore
65      * is locked, or if a bad password was provided
66      */

67     public String JavaDoc[] listPrivateKeys(char[] storePassword) throws KeystoreException;
68
69     /**
70      * Saves a password to access a private key. This means that if the
71      * keystore is also unlocked, any server component can create an SSL
72      * socket factory using this private key. Note that the keystore
73      * must be unlocked before this can be called.
74      *
75      * @param password The password to save.
76      * @return True if the key was unlocked successfully
77      * @throws KeystoreException
78      */

79     public void unlockPrivateKey(String JavaDoc alias, char[] storePassword, char[] keyPassword) throws KeystoreException;
80
81     /**
82      * Gets the aliases for all the private keys that are currently unlocked.
83      * This only works if the keystore is unlocked.
84      */

85     public String JavaDoc[] getUnlockedKeys(char[] storePassword) throws KeystoreException;
86
87     /**
88      * Checks whether this keystore can be used as a trust store (e.g. has at
89      * least one trust certificate). This only works if the keystore is
90      * unlocked.
91      */

92     public boolean isTrustStore(char[] storePassword) throws KeystoreException;
93
94     /**
95      * Clears any saved password for the specified private key, meaning this
96      * key cannot be used for a socket factory by other server components.
97      * You can still query and update it by passing the password to other
98      * functions,
99      * @param storePassword The password used to access the keystore. Must be non-null.
100      * @throws KeystoreIsLocked
101      */

102     public void lockPrivateKey(String JavaDoc alias, char[] storePassword) throws KeystoreException;
103
104     /**
105      * Checks whether the specified private key is locked, which is to say,
106      * available for other components to use to generate socket factories.
107      * Does not check whether the unlock password is actually correct.
108      */

109     public boolean isKeyLocked(String JavaDoc alias);
110
111     /**
112      * Gets the aliases of all trusted certificate entries in the keystore.
113      *
114      * @param storePassword Used to open the keystore or null to use the internal password.
115      * @throws KeystoreIsLocked if the keystore coul not be unlocked
116      */

117     public String JavaDoc[] listTrustCertificates(char[] storePassword) throws KeystoreException;
118
119     /**
120      * Gets a particular certificate from the keystore. This may be a trust
121      * certificate or the certificate corresponding to a particular private
122      * key.
123      * @param alias The certificate to look at
124      * @param storePassword Used to open the keystore or null to use the internal password.
125      * @throws KeystoreException
126      */

127     public Certificate JavaDoc getCertificate(String JavaDoc alias, char[] storePassword) throws KeystoreException;
128     
129     /**
130      * Gets a particular certificate chain from the keystore.
131      * @param alias The certificate chain to look at
132      * @param storePassword Used to open the keystore or null to use the internal password.
133      * @throws KeystoreIsLocked if the keystore coul not be unlocked
134      */

135     public Certificate JavaDoc[] getCertificateChain(String JavaDoc alias, char[] storePassword) throws KeystoreException;
136     
137     /**
138      * Gets the alias corresponding to the given certificate.
139      * @param alias The certificate used to retrieve the alias
140      * @param storePassword Used to open the keystore or null to use the internal password.
141      * @throws KeystoreIsLocked if the keystore coul not be unlocked
142      */

143     public String JavaDoc getCertificateAlias(Certificate JavaDoc cert, char[] storePassword) throws KeystoreException;
144
145     /**
146      * Adds a certificate to this keystore as a trusted certificate.
147      * @param cert The certificate to add
148      * @param alias The alias to list the certificate under
149      * @param storePassword Used to open the keystore. Must be non null
150      * @return True if the certificate was imported successfully
151      * @throws KeystoreException
152      */

153     public void importTrustCertificate(Certificate JavaDoc cert, String JavaDoc alias, char[] storePassword) throws KeystoreException;
154
155     /**
156      * Generates a new private key and certificate pair in this keystore.
157      * @param alias The alias to store the new key pair under
158      * @param storePassword The password used to access the keystore
159      * @param keyPassword The password to use to protect the new key
160      * @param keyAlgorithm The algorithm used for the key (e.g. RSA)
161      * @param keySize The number of bits in the key (e.g. 1024)
162      * @param signatureAlgorithm The algorithm used to sign the key (e.g. MD5withRSA)
163      * @param validity The number of days the certificate should be valid for
164      * @param commonName The CN portion of the identity on the certificate
165      * @param orgUnit The OU portion of the identity on the certificate
166      * @param organization The O portion of the identity on the certificate
167      * @param locality The L portion of the identity on the certificate
168      * @param state The ST portion of the identity on the certificate
169      * @param country The C portion of the identity on the certificate
170      * @return True if the key was generated successfully
171      * @throws KeystoreException
172      */

173     public void generateKeyPair(String JavaDoc alias, char[] storePassword, char[] keyPassword, String JavaDoc keyAlgorithm, int keySize,
174                                    String JavaDoc signatureAlgorithm, int validity, String JavaDoc commonName, String JavaDoc orgUnit,
175                                    String JavaDoc organization, String JavaDoc locality, String JavaDoc state, String JavaDoc country) throws KeystoreException;
176
177
178     /**
179      * Gets a KeyManager for a key in this Keystore. This only works if both
180      * the keystore and the private key in question have been unlocked,
181      * allowing other components in the server to access them.
182      * @param algorithm The SSL algorithm to use for this key manager
183      * @param alias The alias of the key to use in the keystore
184      * @param storePassword The password used to access the keystore
185      */

186     public KeyManager[] getKeyManager(String JavaDoc algorithm, String JavaDoc alias, char[] storePassword) throws KeystoreException;
187
188     /**
189      * Gets a TrustManager for this keystore. This only works if the keystore
190      * has been unlocked, allowing other components in the server to access it.
191      * @param algorithm The SSL algorithm to use for this trust manager
192      * @param storePassword The password used to access the keystore
193      */

194     public TrustManager[] getTrustManager(String JavaDoc algorithm, char[] storePassword) throws KeystoreException;
195     
196     public String JavaDoc generateCSR(String JavaDoc alias, char[] storePassword) throws KeystoreException;
197     
198     public void importPKCS7Certificate(String JavaDoc alias, String JavaDoc certbuf, char[] storePassword) throws KeystoreException;
199
200     /**
201      * Deletes a key from this Keystore.
202      * @param alias the alias to delete
203      * @param storePassword The password used to access the keystore
204      * @return True if the key was deleted successfully
205      * @throws KeystoreException
206      */

207     public void deleteEntry(String JavaDoc alias, char[] storePassword) throws KeystoreException;
208
209
210     /**
211      * Gets the private key with the specified alias.
212      * @param alias The alias of the private key to be retrieved
213      * @param storePassword The password used to access the keystore
214      * @param keyPassword The password to use to protect the new key
215      * @return PrivateKey with the alias specified
216      */

217     public PrivateKey JavaDoc getPrivateKey(String JavaDoc alias, char[] storePassword, char[] keyPassword) throws KeystoreException;
218
219     /**
220      * Gets a particular certificate from the keystore. This may be a trust
221      * certificate or the certificate corresponding to a particular private
222      * key.
223      * This only works if the keystore is unlocked.
224      * @param alias Alias of the certificate
225      */

226     public Certificate JavaDoc getCertificate(String JavaDoc alias);
227 }
228
Popular Tags