A
KeyStore
is an object that can be used to map names or aliases to
Keys
or
Certificates.
A
KeyStore
can be created programmatically or loaded from a file;
it can also be written to a file to be accessed by other programs.
Yoix programs interact with keystores
by reading, writing or executing the following
KeyStore
fields:
| aliases([String alias[, int date]]) |
A
Builtin
that provides information about keystore entries.
With no arguments or a single
NULL
argument, it will return an
Array
of
String
elements representing the aliases for all entries in the keystore.
With a single
String
argument, it returns a
String
indicating if the associated entry is a key or a certificate.
If no entry matches the supplied alias, a
NULL
is returned.
When two arguments are supplied, then when the first argument is
NULL,
an
Array
of two-element
Array
objects is returned.
The first of the two-elements is always a
String
representing an alias for a keystore entry, the second element depends on the value of the
second argument.
If that argument is non-zero, then the creation timestamp for that keystore entry is supplied
as a
double,
otherwise a
String
indicating if the entry is a key or certificate is supplied.
If the first argument is not
NULL,
then the second argument determines whether the return value is a timestamp or a key /
certificate indicator as just described.
| | certificate([Object arg1[, Object arg2]) |
A
Builtin
for extracting certificates from or installing certificates into a keystore.
When the first argument is a
String,
it should represent an alias for a certificate or certificate chain in the keystore.
If there is no second argument or the second argument is an
int
with value zero, then a
Certificate
is return.
If the second argument is non-zero, then an
Array
of
Certificate
objects representing a certificate chain is returned.
If the second argument is a
Certificate,
then it is stored in the keystore under the supplied alias.
If the alias has no match in the keystore, a
NULL
is returned.
If there is only one argument and it is a
Certificate,
then the return value is a
String
representing the alias associated with that certificate or
NULL,
if the certificate is not in the keystore.
| | file |
A
String
giving a filepath from which the keystore will be loaded or which will serve as
a default name when writing the keystore to disk.
See also the
output
Builtin.
| | key(String alias[, String arg2[, String pswd[, Array chain]]]) |
A
Builtin
for extracting or storing keys.
The first argument, a
String,
is required and is the key alias.
If there is only one argument or there are two arguments, but the second argument is
NULL,
then an attempt is made to extract the referenced key using the keystore password.
If the second of two arguments is non-null and a
String,
then it is the key password used for extraction.
Storing a key requires at least three arguments.
In this case, the second argument is a
String
representation of a key as might be obtained from the
keystring
Builtin
of the
Key
object.
The third argument, a
String,
is the password to be used when storing the key.
A
NULL
third argument indicates that the keystore password should be used.
The fourth and final argument, if present, is an
Array
of
Certificate
objects providing a certificate chain for the key.
For extraction, a keystring
String
is returned; for storage, an
int
is returned indicated success (non-zero) or failure (zero).
| | output([String file[, String password]]) |
A
Builtin
for for writing the keystore to a file.
The first
String
argument is the name of the file to be written and the second
String
argument is the password for protecting the keystore file.
If one or both of the arguments are missing then the
file
and
password
fields in the keystore provide default values.
| | password |
A
String
which is the password to be used to loading the keystore specified by the
file
field.
This field also provides a default password when writing out the keystore using the
output
builtin and it serves as a default key password when needed.
| | provider |
A read-only
Dictionary
summarizing all the information related to the provider of this key algorithm.
| | size |
A read-only
int
that gives the number of entries in the keystore.
| | type |
A
String
that gives the type of the keystore.
The two most common values for this field is
JKS
for asymmetric keys and
JCEKS
for symmetric keys.
|
Several permanent fields have not been documented and should not be
used in Yoix applications.
| |
| Example: |
The program,
import yoix.*.*;
String ksfile = "keystore_file";
Key k = {
Dictionary specification = {
int type = SYMMETRIC_KEY;
String transformation = "DES";
};
};
KeyStore ks1 = {
String type = "JCEKS";
String password = "keystore_password";
String file = "keystore_file";
};
ks1.key("example_keytag", k.keystring(), "key_password");
if (isFilePath(ks1.file)) {
fprintf(stderr, "File %s exists already!\n", ks1.file);
exit(1);
} else fprintf(stderr, "File %s will be created.\n", ks1.file);
ks1.output();
if (isFilePath(ks1.file))
fprintf(stderr,
"File %s created with entry count: %d\n",
ks1.file, ks1.size);
else fprintf(stderr, "File creation for %s failed!\n", ks1.file);
KeyStore ks2 = {
String type = "JCEKS";
String password = "keystore_password";
String file = "keystore_file";
};
if (k.keystring() === ks2.key("example_keytag", "key_password"))
fprintf(stderr, "Successfully retrieved stored key.\n");
else fprintf(stderr, "Failed to retrieve stored key!\n");
exit(0);
creates a
KeyStore
object and a
Key
object, stores the key in the keystore, writes the keystore to a disk file, then uses
another
KeyStore
object to load the keystore file and retrieve the stored key, which matches the original key.
| | |
| See Also: |
adjustSecurity,
Certificate,
Cipher,
KeyStore,
Random
|
|
