1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/*
2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  Licensed to the Apache Software Foundation (ASF) under one or more
3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  contributor license agreements.  See the NOTICE file distributed with
4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  this work for additional information regarding copyright ownership.
5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  The ASF licenses this file to You under the Apache License, Version 2.0
6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  (the "License"); you may not use this file except in compliance with
7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  the License.  You may obtain a copy of the License at
8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *
9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *     http://www.apache.org/licenses/LICENSE-2.0
10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *
11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  Unless required by applicable law or agreed to in writing, software
12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  distributed under the License is distributed on an "AS IS" BASIS,
13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  See the License for the specific language governing permissions and
15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project *  limitations under the License.
16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */
17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage java.security;
19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.IOException;
21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.InputStream;
22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.OutputStream;
23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.Certificate;
24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateException;
25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Date;
26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Enumeration;
27adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.crypto.SecretKey;
28adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.auth.callback.CallbackHandler;
29adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.auth.callback.PasswordCallback;
30adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
31adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/**
32adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code KeyStoreSpi} is the Service Provider Interface (SPI) definition for
33adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link KeyStore}.
342f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes *
35adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see KeyStore
36adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */
37adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic abstract class KeyStoreSpi {
38adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
39adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
40adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns the key with the given alias, using the password to recover the
41adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * key from the store.
422f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
43adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
44adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the entry.
45adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param password
46adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the password used to recover the key.
47adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return the key with the specified alias, or {@code null} if the
48adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         specified alias is not bound to an entry.
49adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws NoSuchAlgorithmException
50adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the algorithm for recovering the key is not available.
51adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws UnrecoverableKeyException
52adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the key can not be recovered.
53adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
54adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract Key engineGetKey(String alias, char[] password)
55adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throws NoSuchAlgorithmException, UnrecoverableKeyException;
56adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
57adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
58adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns the certificate chain for the entry with the given alias.
592f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
60adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
61adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the entry
62adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return the certificate chain for the entry with the given alias, or
63adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         {@code null} if the specified alias is not bound to an entry.
64adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
65adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract Certificate[] engineGetCertificateChain(String alias);
66adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
67adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
68adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns the trusted certificate for the entry with the given alias.
692f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
70adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
71adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the entry.
72adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return the trusted certificate for the entry with the given alias, or
73adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         {@code null} if the specified alias is not bound to an entry.
74adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
75adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract Certificate engineGetCertificate(String alias);
76adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
77adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
78adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns the creation date of the entry with the given alias.
792f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
80adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
81adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the entry.
82adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return the creation date, or {@code null} if the specified alias is not
83adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         bound to an entry.
84adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
85adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract Date engineGetCreationDate(String alias);
86adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
87adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
88adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Associates the given alias with the key, password and certificate chain.
89adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * <p>
90adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * If the specified alias already exists, it will be reassigned.
912f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
92adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
93adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the key.
94adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param key
95adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the key.
96adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param password
97adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the password.
98adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param chain
99adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the certificate chain.
100adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws KeyStoreException
101adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the specified key can not be protected, or if this
102adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             operation fails for another reason.
103adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IllegalArgumentException
104adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if {@code key} is a {@code PrivateKey} and {@code chain} does
105adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             not contain any certificates.
106adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
107adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract void engineSetKeyEntry(String alias, Key key,
108adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            char[] password, Certificate[] chain) throws KeyStoreException;
109adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
110adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
111adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Associates the given alias with a key and a certificate chain.
112adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * <p>
113adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * If the specified alias already exists, it will be reassigned.
1142f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
115adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
116adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the key.
117adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param key
118adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the key in an encoded format.
119adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param chain
120adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the certificate chain.
121adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws KeyStoreException
122adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if this operation fails.
123adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IllegalArgumentException
124adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if {@code key} is a {@code PrivateKey} and {@code chain}
125adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             does.
126adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
127adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract void engineSetKeyEntry(String alias, byte[] key,
128adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            Certificate[] chain) throws KeyStoreException;
129adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
130adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
131adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Associates the given alias with a certificate.
132adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * <p>
133adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * If the specified alias already exists, it will be reassigned.
1342f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
135adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
136adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the certificate.
137adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param cert
138adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the certificate.
139adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws KeyStoreException
140adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if an existing alias is not associated to an entry containing
141adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             a trusted certificate, or this method fails for any other
142adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             reason.
143adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
144adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract void engineSetCertificateEntry(String alias,
145adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            Certificate cert) throws KeyStoreException;
146adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
147adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
148adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Deletes the entry identified with the given alias from this {@code
149adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * KeyStoreSpi}.
1502f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
151adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
152adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the entry.
153adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws KeyStoreException
154adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the entry can not be deleted.
155adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
156adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract void engineDeleteEntry(String alias)
157adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throws KeyStoreException;
158adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
159adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
160adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns an {@code Enumeration} over all alias names stored in this
161adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * {@code KeyStoreSpi}.
1622f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
163adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return an {@code Enumeration} over all alias names stored in this
164adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         {@code KeyStoreSpi}.
165adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
166adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract Enumeration<String> engineAliases();
167adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
168adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
169adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Indicates whether the given alias is present in this {@code KeyStoreSpi}.
1702f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
171adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
172adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias of an entry.
173adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return {@code true} if the alias exists, {@code false} otherwise.
174adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
175adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract boolean engineContainsAlias(String alias);
176adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
177adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
178adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns the number of entries stored in this {@code KeyStoreSpi}.
1792f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
180adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return the number of entries stored in this {@code KeyStoreSpi}.
181adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
182adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract int engineSize();
183adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
184adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
185adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Indicates whether the specified alias is associated with either a
186adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * {@link KeyStore.PrivateKeyEntry} or a {@link KeyStore.SecretKeyEntry}.
1872f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
188adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
189adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias of an entry.
190adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return {@code true} if the given alias is associated with a key entry.
191adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
192adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract boolean engineIsKeyEntry(String alias);
193adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
194adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
195adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Indicates whether the specified alias is associated with a
196adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * {@link KeyStore.TrustedCertificateEntry}.
1972f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
198adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
199adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias of an entry.
200adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return {@code true} if the given alias is associated with a certificate
201adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         entry.
202adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
203adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract boolean engineIsCertificateEntry(String alias);
204adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
205adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
206adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns the alias associated with the first entry whose certificate
207adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * matches the specified certificate.
2082f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
209adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param cert
210adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the certificate to find the associated entry's alias for.
211adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return the alias or {@code null} if no entry with the specified
212adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         certificate can be found.
213adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
214adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract String engineGetCertificateAlias(Certificate cert);
215adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
216adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
217adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Writes this {@code KeyStoreSpi} to the specified {@code OutputStream}.
218adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * The data written to the {@code OutputStream} is protected by the
219adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * specified password.
2202f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
221adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param stream
222adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the {@code OutputStream} to write the store's data to.
223adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param password
224adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the password to protect the data.
225adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IOException
226adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if a problem occurred while writing to the stream.
227adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws NoSuchAlgorithmException
228adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the required algorithm is not available.
229adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws CertificateException
230adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the an exception occurred while storing the certificates
231adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             of this code {@code KeyStoreSpi}.
232adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
233adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract void engineStore(OutputStream stream, char[] password)
234adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throws IOException, NoSuchAlgorithmException, CertificateException;
235adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
236adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
237adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Stores this {@code KeyStoreSpi} using the specified {@code
238adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * LoadStoreParameter}.
2392f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
240adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param param
241adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the {@code LoadStoreParameter} that specifies how to store
242adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            this {@code KeyStoreSpi}, maybe {@code null}.
243adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IOException
244adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if a problem occurred while writing to the stream.
245adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws NoSuchAlgorithmException
246adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the required algorithm is not available.
247adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws CertificateException
248adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the an exception occurred while storing the certificates
249adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             of this code {@code KeyStoreSpi}.
250adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IllegalArgumentException
251adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the given {@link KeyStore.LoadStoreParameter} is not
252adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             recognized.
253adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
254adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public void engineStore(KeyStore.LoadStoreParameter param)
255adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throws IOException, NoSuchAlgorithmException, CertificateException {
256897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes        throw new UnsupportedOperationException();
257adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    }
258adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
259adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
260adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Loads this {@code KeyStoreSpi} from the given {@code InputStream}.
261adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Utilizes the given password to verify the stored data.
2622f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
263adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param stream
264adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the {@code InputStream} to load this {@code KeyStoreSpi}'s
265adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            data from.
266adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param password
267adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the password to verify the stored data, maybe {@code null}.
268adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IOException
269adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if a problem occurred while reading from the stream.
270adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws NoSuchAlgorithmException
271adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the required algorithm is not available.
272adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws CertificateException
273adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the an exception occurred while loading the certificates
274adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             of this code {@code KeyStoreSpi}.
275adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
276adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public abstract void engineLoad(InputStream stream, char[] password)
277adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throws IOException, NoSuchAlgorithmException, CertificateException;
278adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
279adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
280adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Loads this {@code KeyStoreSpi} using the specified {@code
281adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * LoadStoreParameter}.
2822f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
283adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param param
284adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the {@code LoadStoreParameter} that specifies how to load this
285adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            {@code KeyStoreSpi}, maybe {@code null}.
286adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IOException
287adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if a problem occurred while reading from the stream.
288adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws NoSuchAlgorithmException
289adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the required algorithm is not available.
290adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws CertificateException
291adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the an exception occurred while loading the certificates
292adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             of this code {@code KeyStoreSpi}.
293adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws IllegalArgumentException
294adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the given {@link KeyStore.LoadStoreParameter} is not
295adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             recognized.
296adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
297adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public void engineLoad(KeyStore.LoadStoreParameter param)
298adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throws IOException, NoSuchAlgorithmException, CertificateException {
299adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (param == null) {
300adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            engineLoad(null, null);
301adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return;
302adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
303adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        char[] pwd;
304adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        KeyStore.ProtectionParameter pp = param.getProtectionParameter();
305adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (pp instanceof KeyStore.PasswordProtection) {
306adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            try {
307adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                pwd = ((KeyStore.PasswordProtection) pp).getPassword();
308adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                engineLoad(null, pwd);
309adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                return;
310adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            } catch (IllegalStateException e) {
311adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                throw new IllegalArgumentException(e);
312adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            }
313adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
314adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (pp instanceof KeyStore.CallbackHandlerProtection) {
315adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            try {
316adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                pwd = getPasswordFromCallBack(pp);
317adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                engineLoad(null, pwd);
318adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                return;
319adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            } catch (UnrecoverableEntryException e) {
320adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                throw new IllegalArgumentException(e);
321adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            }
322adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
323e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom        throw new UnsupportedOperationException("protectionParameter is neither PasswordProtection "
324e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                                                + "nor CallbackHandlerProtection instance");
325adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    }
326adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
327adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
328adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Returns the {@code Entry} with the given alias, using the specified
329adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * {@code ProtectionParameter}.
3302f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
331adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
332adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias of the requested entry.
333adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param protParam
334adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the {@code ProtectionParameter}, used to protect the requested
335adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            entry, maybe {@code null}.
336adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return he {@code Entry} with the given alias, using the specified
337adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         {@code ProtectionParameter}.
338adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws NoSuchAlgorithmException
339adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the required algorithm is not available.
340adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws UnrecoverableEntryException
341adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if the entry can not be recovered.
342adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws KeyStoreException
343adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if this operation fails
344adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
345adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public KeyStore.Entry engineGetEntry(String alias,
346adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            KeyStore.ProtectionParameter protParam) throws KeyStoreException,
347adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            NoSuchAlgorithmException, UnrecoverableEntryException {
348adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (!engineContainsAlias(alias)) {
349adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return null;
350adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
351adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (engineIsCertificateEntry(alias)) {
352adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return new KeyStore.TrustedCertificateEntry(
353adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                    engineGetCertificate(alias));
354adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
355adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        char[] passW = null;
356adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (protParam != null) {
357adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            if (protParam instanceof KeyStore.PasswordProtection) {
358adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                try {
359adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                    passW = ((KeyStore.PasswordProtection) protParam)
360adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                            .getPassword();
361adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                } catch (IllegalStateException ee) {
362897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes                    throw new KeyStoreException("Password was destroyed", ee);
363adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                }
364adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            } else if (protParam instanceof KeyStore.CallbackHandlerProtection) {
365adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                passW = getPasswordFromCallBack(protParam);
366adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            } else {
367e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                throw new UnrecoverableEntryException("ProtectionParameter object is not "
368e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                                                      + "PasswordProtection: " + protParam);
369adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            }
370adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
371adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (engineIsKeyEntry(alias)) {
372e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom            Key key = engineGetKey(alias, passW);
373e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom            if (key instanceof PrivateKey) {
374e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                return new KeyStore.PrivateKeyEntry((PrivateKey) key,
375e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                                                    engineGetCertificateChain(alias));
376e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom            }
377e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom            if (key instanceof SecretKey) {
378e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                return new KeyStore.SecretKeyEntry((SecretKey) key);
379adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            }
380adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
381897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes        throw new NoSuchAlgorithmException("Unknown KeyStore.Entry object");
382adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    }
383adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
384adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
385adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Stores the given {@code Entry} in this {@code KeyStoreSpi} and associates
386adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * the entry with the given {@code alias}. The entry is protected by the
387adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * specified {@code ProtectionParameter}.
388adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * <p>
389adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * If the specified alias already exists, it will be reassigned.
3902f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
391adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
392adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the entry.
393adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param entry
394adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the entry to store.
395adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param protParam
396adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the {@code ProtectionParameter} to protect the entry.
397adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @throws KeyStoreException
398adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *             if this operation fails.
399adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
400adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public void engineSetEntry(String alias, KeyStore.Entry entry,
401adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            KeyStore.ProtectionParameter protParam) throws KeyStoreException {
402adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (entry == null) {
403897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes            throw new KeyStoreException("entry == null");
404adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
405adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
406adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (engineContainsAlias(alias)) {
407adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            engineDeleteEntry(alias);
408adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
409adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
410adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (entry instanceof KeyStore.TrustedCertificateEntry) {
411adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            KeyStore.TrustedCertificateEntry trE = (KeyStore.TrustedCertificateEntry) entry;
412adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            engineSetCertificateEntry(alias, trE.getTrustedCertificate());
413adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return;
414adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
415adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
416adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        char[] passW = null;
417d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom        if (protParam != null) {
418d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom            if (protParam instanceof KeyStore.PasswordProtection) {
419d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom                try {
420d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom                    passW = ((KeyStore.PasswordProtection) protParam).getPassword();
421d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom                } catch (IllegalStateException ee) {
422d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom                    throw new KeyStoreException("Password was destroyed", ee);
423d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom                }
424d951031b428eb2885dca51e0484d5d29e0caad44Brian Carlstrom            } else if (protParam instanceof KeyStore.CallbackHandlerProtection) {
425adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                try {
426adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                    passW = getPasswordFromCallBack(protParam);
427adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                } catch (Exception e) {
428adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                    throw new KeyStoreException(e);
429adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                }
430adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            } else {
431e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                throw new KeyStoreException("protParam should be PasswordProtection or "
432e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                                            + "CallbackHandlerProtection");
433adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            }
434adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
435adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
436adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (entry instanceof KeyStore.PrivateKeyEntry) {
437adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            KeyStore.PrivateKeyEntry prE = (KeyStore.PrivateKeyEntry) entry;
438adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            engineSetKeyEntry(alias, prE.getPrivateKey(), passW, prE
439adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                    .getCertificateChain());
440adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return;
441adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
442adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
443adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (entry instanceof KeyStore.SecretKeyEntry) {
444adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            KeyStore.SecretKeyEntry skE = (KeyStore.SecretKeyEntry) entry;
445adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            engineSetKeyEntry(alias, skE.getSecretKey(), passW, null);
446adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            //            engineSetKeyEntry(alias, skE.getSecretKey().getEncoded(), null);
447adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return;
448adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
449adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
450e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom        throw new KeyStoreException("Entry object is neither PrivateKeyObject nor SecretKeyEntry "
451e3a187163504f00c98bd75cbd8bcbdde123ae2cdBrian Carlstrom                                    + "nor TrustedCertificateEntry: " + entry);
452adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    }
453adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
454adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /**
455adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * Indicates whether the entry for the given alias is assignable to the
456adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * provided {@code Class}.
4572f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes     *
458adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param alias
459adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the alias for the entry.
460adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @param entryClass
461adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *            the type of the entry.
462adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * @return {@code true} if the {@code Entry} for the alias is assignable to
463adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     *         the specified {@code entryClass}.
464adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
465adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    public boolean engineEntryInstanceOf(String alias,
466adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            Class<? extends KeyStore.Entry> entryClass) {
467adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (!engineContainsAlias(alias)) {
468adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return false;
469adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
470adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
471adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        try {
472adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            if (engineIsCertificateEntry(alias)) {
473adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                return entryClass
474adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                        .isAssignableFrom(Class
475f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes                                .forName("java.security.KeyStore$TrustedCertificateEntry"));
476adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            }
477adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
478adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            if (engineIsKeyEntry(alias)) {
479adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                if (entryClass.isAssignableFrom(Class
480f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes                        .forName("java.security.KeyStore$PrivateKeyEntry"))) {
481adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                    return engineGetCertificate(alias) != null;
482adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                }
483adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
484adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                if (entryClass.isAssignableFrom(Class
485f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes                        .forName("java.security.KeyStore$SecretKeyEntry"))) {
486adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                    return engineGetCertificate(alias) == null;
487adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project                }
488adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            }
489adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        } catch (ClassNotFoundException ignore) {}
490adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
491adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        return false;
492adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    }
493adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
494adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    /*
495adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * This method returns password which is encapsulated in
496adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * CallbackHandlerProtection object If there is no implementation of
497adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     * CallbackHandler then this method returns null
498adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project     */
499adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    static char[] getPasswordFromCallBack(KeyStore.ProtectionParameter protParam)
500adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throws UnrecoverableEntryException {
501adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
502adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (protParam == null) {
503adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return null;
504adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
505adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
506adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (!(protParam instanceof KeyStore.CallbackHandlerProtection)) {
507897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes            throw new UnrecoverableEntryException("Incorrect ProtectionParameter");
508adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
509adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
510897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes        String clName = Security.getProperty("auth.login.defaultCallbackHandler");
511adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        if (clName == null) {
512897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes            throw new UnrecoverableEntryException("Default CallbackHandler was not defined");
513adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
514adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
515adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project
516adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        try {
517adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            Class<?> cl = Class.forName(clName);
518adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            CallbackHandler cbHand = (CallbackHandler) cl.newInstance();
519f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes            PasswordCallback[] pwCb = { new PasswordCallback("password: ", true) };
520adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            cbHand.handle(pwCb);
521adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            return pwCb[0].getPassword();
522adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        } catch (Exception e) {
523adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project            throw new UnrecoverableEntryException(e.toString());
524adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project        }
525adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project    }
526adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project}
527