JXTA

net.jxta.impl.membership.pse
Class PSEConfig

java.lang.Object
  extended by net.jxta.impl.membership.pse.PSEConfig

public final class PSEConfig
extends Object

Manages the state of a Personal Security Enviroment.


Constructor Summary
PSEConfig(KeyStoreManager storeManager, char[] store_password)
          Standard constructor.
 
Method Summary
 void erase()
          Removes an existing PSE enviroment.
 void erase(ID id)
          Erases the specified id from the keystore.
protected  void finalize()
          
 PrivateKey getKey(ID id, char[] key_password)
          Returns the private key for the specified ID.
 ID[] getKeysList()
          Returns the list of root certificates for which there is an associated local private key.
(package private)  ID[] getKeysList(char[] store_password)
          Returns the list of root certificates for which there is an associated local private key.
 KeyStore getKeyStore()
          Gets a copy of the KeyStore associated with this PSE instance.
 KeyStore getKeyStore(char[] store_password)
          Gets a copy of the KeyStore associated with this PSE instance.
 X509Certificate getTrustedCertificate(ID id)
          Returns the trusted cert for the specified id.
(package private)  X509Certificate getTrustedCertificate(ID id, char[] store_password)
          Returns the trusted cert for the specified id.
 X509Certificate[] getTrustedCertificateChain(ID id)
          Returns the trusted cert chain for the specified id.
 ID getTrustedCertificateID(X509Certificate cert)
          Returns the ID of the provided certificate or null if the certificate is not found in the keystore.
 ID[] getTrustedCertsList()
          Returns the list of the trusted certificates available in this keystore.
 void initialize()
          Initializes the PSE environment.
 boolean isInitialized()
          Returns true if the PSE has been initialized (created).
 boolean isKey(ID id)
          Returns true if the specified id is associated with a private key.
 boolean isKey(ID id, char[] store_password)
          Returns true if the specified id is associated with a private key.
 void setKey(ID id, Certificate[] certchain, PrivateKey key, char[] key_password)
          Adds a private key to the PSE using the specified ID.
 void setKeyStorePassword(char[] store_password)
          Sets the passphrase to be used when unlocking the keystore.
 void setTrustedCertificate(ID id, X509Certificate cert)
          Adds a trusted certificate with the specified id to the key store.
(package private)  boolean validPasswd(ID id, char[] store_password, char[] key_password)
          Check if the provided passwords are correct for the specified identity.
 
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PSEConfig

PSEConfig(KeyStoreManager storeManager,
          char[] store_password)
Standard constructor.

Parameters:
storeManager - The StoreManager to be used for this PSEConfig instance.
store_password - The passphrase for the keystore or null. The passphrase may be set independantly via setKeyStorePassword(char[]).
Method Detail

setKeyStorePassword

public final void setKeyStorePassword(char[] store_password)
Sets the passphrase to be used when unlocking the keystore.

Parameters:
store_password - The passphrase used to unlock the keystore may be null for keystores with no passphrase.

finalize

protected void finalize()
                 throws Throwable

Overrides:
finalize in class Object
Throws:
Throwable

isInitialized

public boolean isInitialized()
Returns true if the PSE has been initialized (created). Some keystore formats may not require initialization and may always return true. false may also be returned if the keystore passphrase is incorrect.

Returns:
true if the PSE has been previously initialized otherwise false.

initialize

public void initialize()
                throws KeyStoreException,
                       IOException
Initializes the PSE environment.

Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

erase

public void erase()
           throws IOException
Removes an existing PSE enviroment.

Throws:
IOException - If the PSE cannot be successfully deleted.

getKeyStore

public KeyStore getKeyStore()
Gets a copy of the KeyStore associated with this PSE instance. The returned KeyStore is a copy and not tied to the instance maintained by the PSE. Changing the returned keystore will not result in changes to the PSE.

Returns:
The keystore or null if it cannot be retrieved.

getKeyStore

public KeyStore getKeyStore(char[] store_password)
                     throws KeyStoreException,
                            IOException
Gets a copy of the KeyStore associated with this PSE instance. The returned KeyStore is a copy and not tied to the instance maintained by the PSE. Changing the returned keystore will not result in changes to the PSE.

Parameters:
store_password - The passphrase used to unlock the keystore may be null for keystores with no passphrase.
Returns:
The keystore.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.
Since:
JXTA 2.4

validPasswd

boolean validPasswd(ID id,
                    char[] store_password,
                    char[] key_password)
Check if the provided passwords are correct for the specified identity.

Parameters:
id - The identity to be validated.
store_password - The passphrase used to unlock the keystore may be null for keystores with no passphrase.
key_password - The passphrase associated with the private key or null if the key has no passphrase.
Returns:
true if the passwords were valid for the given id otherwise false.

getTrustedCertsList

public ID[] getTrustedCertsList()
                         throws KeyStoreException,
                                IOException
Returns the list of the trusted certificates available in this keystore.

Returns:
an array of the IDs of the available trusted certificates.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

getKeysList

public ID[] getKeysList()
                 throws KeyStoreException,
                        IOException
Returns the list of root certificates for which there is an associated local private key.

Returns:
an array of the available keys. May be an empty array.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

getKeysList

ID[] getKeysList(char[] store_password)
           throws KeyStoreException,
                  IOException
Returns the list of root certificates for which there is an associated local private key.

Parameters:
store_password - The passphrase used to unlock the keystore may be null for keystores with no passphrase.
Returns:
an array of the available keys. May be an empty array.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

getTrustedCertificateID

public ID getTrustedCertificateID(X509Certificate cert)
                           throws KeyStoreException,
                                  IOException
Returns the ID of the provided certificate or null if the certificate is not found in the keystore.

Parameters:
cert - The certificate who's ID is desired.
Returns:
The ID of the certificate or null if no matching Certificate was found.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

getTrustedCertificate

public X509Certificate getTrustedCertificate(ID id)
                                      throws KeyStoreException,
                                             IOException
Returns the trusted cert for the specified id.

Parameters:
id - The id of the Certificate to retrieve.
Returns:
Certificate for the specified ID or null if the store does not contain the specified certificate.
Throws:
KeyStoreException - When the wrong keystore key has been provided.
IOException - For errors related to processing the keystore.

getTrustedCertificate

X509Certificate getTrustedCertificate(ID id,
                                      char[] store_password)
                                throws KeyStoreException,
                                       IOException
Returns the trusted cert for the specified id.

Parameters:
id - The id of the Certificate to retrieve.
store_password - The passphrase used to unlock the keystore may be null for keystores with no passphrase.
Returns:
Certificate for the specified ID or null if the store does not contain the specified certificate.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

getTrustedCertificateChain

public X509Certificate[] getTrustedCertificateChain(ID id)
                                             throws KeyStoreException,
                                                    IOException
Returns the trusted cert chain for the specified id.

Parameters:
id - The ID of the certificate who's certificate chain is desired.
Returns:
Certificate chain for the specified ID or null if the PSE does not contain the specified certificate.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

getKey

public PrivateKey getKey(ID id,
                         char[] key_password)
                  throws KeyStoreException,
                         IOException
Returns the private key for the specified ID.

Parameters:
id - The ID of the requested private key.
key_password - The passphrase associated with the private key or null if the key has no passphrase.
Returns:
PrivateKey for the specified ID.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

isKey

public boolean isKey(ID id)
              throws KeyStoreException,
                     IOException
Returns true if the specified id is associated with a private key.

Parameters:
id - The ID of the requested private key.
Returns:
true if a private key with the specified ID is present otherwise false
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

isKey

public boolean isKey(ID id,
                     char[] store_password)
              throws KeyStoreException,
                     IOException
Returns true if the specified id is associated with a private key.

Parameters:
id - The ID of the requested private key.
store_password - The passphrase used to unlock the keystore may be null for keystores with no passphrase.
Returns:
true if a private key with the specified ID is present otherwise false
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

setTrustedCertificate

public void setTrustedCertificate(ID id,
                                  X509Certificate cert)
                           throws KeyStoreException,
                                  IOException
Adds a trusted certificate with the specified id to the key store. The certificate replaces any existing certificate or private key stored at this ID.

Parameters:
id - The ID under which the certificate will be stored.
cert - Certificate for the specified ID.
Throws:
KeyStoreException - When the wrong keystore has been provided.
IOException - For errors related to processing the keystore.

setKey

public void setKey(ID id,
                   Certificate[] certchain,
                   PrivateKey key,
                   char[] key_password)
            throws KeyStoreException,
                   IOException
Adds a private key to the PSE using the specified ID. The key replaces any existing certificate or private key stored at this ID. The key is stored using the provided key passphrase.

Parameters:
id - The ID under which the certificate chain and private key will be stored.
certchain - The certificate chain matching the private key.
key - The private key to be stored in the kestore.
key_password - The passphrase associated with the private key or null if the key has no passphrase.
Throws:
KeyStoreException - When the wrong keystore key has been provided.
IOException - For errors related to processing the keystore.

erase

public void erase(ID id)
           throws KeyStoreException,
                  IOException
Erases the specified id from the keystore.

Parameters:
id - The ID of the key or certificate to be deleted.
Throws:
KeyStoreException - When the wrong keystore password has been provided.
IOException - For errors related to processing the keystore.

JXSE