public abstract class KeyStoreSpi
extends Object
| java.lang.Object | |
| ↳ | java.security.KeyStoreSpi |
该类为KeyStore类定义 ( SPI )。 该类中的所有抽象方法必须由希望为特定密钥库类型提供密钥库实现的每个加密服务提供者实现。
也可以看看:
Public constructors |
|
|---|---|
KeyStoreSpi() |
|
Public methods |
|
|---|---|
abstract Enumeration<String> |
engineAliases() 列出此密钥库的所有别名。 |
abstract boolean |
engineContainsAlias(String alias) 检查此密钥库中是否存在给定的别名。 |
abstract void |
engineDeleteEntry(String alias) 从此密钥库中删除由给定别名标识的条目。 |
boolean |
engineEntryInstanceOf(String alias, Class<? extends KeyStore.Entry> entryClass) 确定密钥库 |
abstract Certificate |
engineGetCertificate(String alias) 返回与给定别名关联的证书。 |
abstract String |
engineGetCertificateAlias(Certificate cert) 返回证书与给定证书相匹配的第一个密钥库条目的(别名)名称。 |
abstract Certificate[] |
engineGetCertificateChain(String alias) 返回与给定别名关联的证书链。 |
abstract Date |
engineGetCreationDate(String alias) 返回由给定别名标识的条目的创建日期。 |
KeyStore.Entry |
engineGetEntry(String alias, KeyStore.ProtectionParameter protParam) 获取具有指定保护参数的指定别名的 |
abstract Key |
engineGetKey(String alias, char[] password) 返回与给定别名关联的密钥,使用给定的密码来恢复它。 |
abstract boolean |
engineIsCertificateEntry(String alias) 如果给定别名标识的条目是通过调用创建返回true |
abstract boolean |
engineIsKeyEntry(String alias) 如果给定别名标识的条目是通过调用 |
void |
engineLoad(KeyStore.LoadStoreParameter param) 使用给定的 |
abstract void |
engineLoad(InputStream stream, char[] password) 从给定的输入流加载密钥库。 |
abstract void |
engineSetCertificateEntry(String alias, Certificate cert) 将给定的证书分配给给定的别名。 |
void |
engineSetEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter protParam) 在指定的别名下保存 |
abstract void |
engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) 将给定的键分配给给定的别名,用给定的密码保护它。 |
abstract void |
engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) 将给定的键(已被保护)分配给给定的别名。 |
abstract int |
engineSize() 检索此密钥库中的条目数。 |
void |
engineStore(KeyStore.LoadStoreParameter param) 使用给定的 |
abstract void |
engineStore(OutputStream stream, char[] password) 将此密钥库存储到给定的输出流,并使用给定的密码保护其完整性。 |
Inherited methods |
|
|---|---|
 From class java.lang.Object
|
|
Enumeration<String> engineAliases ()
列出此密钥库的所有别名。
| Returns | |
|---|---|
Enumeration<String> |
enumeration of the alias names |
boolean engineContainsAlias (String alias)
检查此密钥库中是否存在给定的别名。
| Parameters | |
|---|---|
alias |
String: the alias name |
| Returns | |
|---|---|
boolean |
true if the alias exists, false otherwise |
void engineDeleteEntry (String alias)
从此密钥库中删除由给定别名标识的条目。
| Parameters | |
|---|---|
alias |
String: the alias name |
| Throws | |
|---|---|
KeyStoreException |
if the entry cannot be removed. |
boolean engineEntryInstanceOf (String alias, Class<? extends KeyStore.Entry> entryClass)
确定密钥库 Entry为指定 alias是指定的一个实例或亚类 entryClass 。
| Parameters | |
|---|---|
alias |
String: the alias name |
entryClass |
Class: the entry class |
| Returns | |
|---|---|
boolean |
true if the keystore Entry for the specified alias is an instance or subclass of the specified entryClass, false otherwise |
Certificate engineGetCertificate (String alias)
返回与给定别名关联的证书。
如果给定的别名标识通过调用创建一个条目 setCertificateEntry ,或者创建通过调用 setEntry与 TrustedCertificateEntry ,那么包含在该条目中的可信证书被返回。
如果给定的别名标识通过一个调用创建一个条目 setKeyEntry ,或创建通过调用 setEntry与 PrivateKeyEntry ,然后在该条目中的证书链的第一个元素(如果存在链)被返回。
| Parameters | |
|---|---|
alias |
String: the alias name |
| Returns | |
|---|---|
Certificate |
the certificate, or null if the given alias does not exist or does not contain a certificate. |
String engineGetCertificateAlias (Certificate cert)
返回证书与给定证书相匹配的第一个密钥库条目的(别名)名称。
此方法尝试将给定的证书与每个密钥库条目进行匹配。 如果正在考虑的条目是通过调用setCertificateEntry创建的,或者通过setEntry与TrustedCertificateEntry的调用创建的,则将给定的证书与该条目的证书进行比较。
如果正在考虑的条目是通过调用 setKeyEntry创建的,或者通过调用 setEntry以 PrivateKeyEntry ,则将给定的证书与该条目的证书链的第一个元素进行比较。
| Parameters | |
|---|---|
cert |
Certificate: the certificate to match with. |
| Returns | |
|---|---|
String |
the alias name of the first entry with matching certificate, or null if no such entry exists in this keystore. |
Certificate[] engineGetCertificateChain (String alias)
返回与给定别名关联的证书链。 证书链必须已经通过调用别名关联到setKeyEntry ,或者通过将呼叫setEntry用PrivateKeyEntry 。
| Parameters | |
|---|---|
alias |
String: the alias name |
| Returns | |
|---|---|
Certificate[] |
the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the given alias does not exist or does not contain a certificate chain |
Date engineGetCreationDate (String alias)
返回由给定别名标识的条目的创建日期。
| Parameters | |
|---|---|
alias |
String: the alias name |
| Returns | |
|---|---|
Date |
the creation date of this entry, or null if the given alias does not exist |
KeyStore.Entry engineGetEntry (String alias, KeyStore.ProtectionParameter protParam)
获取具有指定保护参数的指定别名的 KeyStore.Entry 。
| Parameters | |
|---|---|
alias |
String: get the KeyStore.Entry for this alias |
protParam |
KeyStore.ProtectionParameter: the ProtectionParameter used to protect the Entry, which may be null |
| Returns | |
|---|---|
KeyStore.Entry |
the KeyStore.Entry for the specified alias, or null if there is no such entry |
| Throws | |
|---|---|
KeyStoreException |
if the operation failed |
NoSuchAlgorithmException |
if the algorithm for recovering the entry cannot be found |
UnrecoverableEntryException |
if the specified protParam were insufficient or invalid |
UnrecoverableKeyException |
if the entry is a PrivateKeyEntry or SecretKeyEntry and the specified protParam does not contain the information needed to recover the key (e.g. wrong password) |
Key engineGetKey (String alias, char[] password)
返回与给定别名关联的密钥,使用给定的密码来恢复它。 密钥必须通过调用setKeyEntry或通过PrivateKeyEntry或SecretKeyEntry调用setEntry与PrivateKeyEntry SecretKeyEntry 。
| Parameters | |
|---|---|
alias |
String: the alias name |
password |
char: the password for recovering the key |
| Returns | |
|---|---|
Key |
the requested key, or null if the given alias does not exist or does not identify a key-related entry. |
| Throws | |
|---|---|
NoSuchAlgorithmException |
if the algorithm for recovering the key cannot be found |
UnrecoverableKeyException |
if the key cannot be recovered (e.g., the given password is wrong). |
boolean engineIsCertificateEntry (String alias)
如果给定别名标识的条目是通过调用创建返回true setCertificateEntry ,或者创建通过调用 setEntry用 TrustedCertificateEntry 。
| Parameters | |
|---|---|
alias |
String: the alias for the keystore entry to be checked |
| Returns | |
|---|---|
boolean |
true if the entry identified by the given alias contains a trusted certificate, false otherwise. |
boolean engineIsKeyEntry (String alias)
如果给定别名标识的条目是通过调用 setKeyEntry创建的,或者通过用 PrivateKeyEntry或 SecretKeyEntry调用 setEntry创建的,则返回true。
| Parameters | |
|---|---|
alias |
String: the alias for the keystore entry to be checked |
| Returns | |
|---|---|
boolean |
true if the entry identified by the given alias is a key-related, false otherwise. |
void engineLoad (KeyStore.LoadStoreParameter param)
使用给定的 KeyStore.LoadStoreParameter加载密钥库。
请注意,如果此KeyStore已被加载,则会重新初始化并从给定参数再次加载。
| Parameters | |
|---|---|
param |
KeyStore.LoadStoreParameter: the KeyStore.LoadStoreParameter that specifies how to load the keystore, which may be null |
| Throws | |
|---|---|
IllegalArgumentException |
if the given KeyStore.LoadStoreParameter input is not recognized |
IOException |
if there is an I/O or format problem with the keystore data. If the error is due to an incorrect ProtectionParameter (e.g. wrong password) the cause of the IOException should be an UnrecoverableKeyException |
NoSuchAlgorithmException |
if the algorithm used to check the integrity of the keystore cannot be found |
CertificateException |
if any of the certificates in the keystore could not be loaded |
void engineLoad (InputStream stream, char[] password)
从给定的输入流加载密钥库。
可以给密码解锁密钥库(例如,密钥库驻留在硬件令牌设备上),或者检查密钥库数据的完整性。 如果未提供密码进行完整性检查,则不会执行完整性检查。
| Parameters | |
|---|---|
stream |
InputStream: the input stream from which the keystore is loaded, or null |
password |
char: the password used to check the integrity of the keystore, the password used to unlock the keystore, or null |
| Throws | |
|---|---|
IOException |
if there is an I/O or format problem with the keystore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException |
NoSuchAlgorithmException |
if the algorithm used to check the integrity of the keystore cannot be found |
CertificateException |
if any of the certificates in the keystore could not be loaded |
void engineSetCertificateEntry (String alias, Certificate cert)
将给定的证书分配给给定的别名。
如果给定别名标识通过调用 setCertificateEntry创建的现有条目,或者通过调用 setEntry与 TrustedCertificateEntry创建的现有条目,则现有条目中的可信证书将被给定证书覆盖。
| Parameters | |
|---|---|
alias |
String: the alias name |
cert |
Certificate: the certificate |
| Throws | |
|---|---|
KeyStoreException |
if the given alias already exists and does not identify an entry containing a trusted certificate, or this operation fails for some other reason. |
void engineSetEntry (String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter protParam)
在指定的别名下保存KeyStore.Entry 。 指定的保护参数用于保护Entry 。
如果指定别名的条目已存在,则会覆盖它。
| Parameters | |
|---|---|
alias |
String: save the KeyStore.Entry under this alias |
entry |
KeyStore.Entry: the Entry to save |
protParam |
KeyStore.ProtectionParameter: the ProtectionParameter used to protect the Entry, which may be null |
| Throws | |
|---|---|
KeyStoreException |
if this operation fails |
void engineSetKeyEntry (String alias, Key key, char[] password, Certificate[] chain)
将给定的键分配给给定的别名,用给定的密码保护它。
如果给定密钥的类型为 java.security.PrivateKey ,则必须附带证明相应公钥的证书链。
如果给定的别名已经存在,则与其关联的密钥库信息将被给定密钥(可能还有证书链)覆盖。
| Parameters | |
|---|---|
alias |
String: the alias name |
key |
Key: the key to be associated with the alias |
password |
char: the password to protect the key |
chain |
Certificate: the certificate chain for the corresponding public key (only required if the given key is of type java.security.PrivateKey). |
| Throws | |
|---|---|
KeyStoreException |
if the given key cannot be protected, or this operation fails for some other reason |
void engineSetKeyEntry (String alias, byte[] key, Certificate[] chain)
将给定的键(已被保护)分配给给定的别名。
如果受保护密钥的类型为 java.security.PrivateKey ,则必须附带证明相应公钥的证书链。
如果给定的别名已经存在,则与其关联的密钥库信息将被给定密钥(可能还有证书链)覆盖。
| Parameters | |
|---|---|
alias |
String: the alias name |
key |
byte: the key (in protected format) to be associated with the alias |
chain |
Certificate: the certificate chain for the corresponding public key (only useful if the protected key is of type java.security.PrivateKey). |
| Throws | |
|---|---|
KeyStoreException |
if this operation fails. |
int engineSize ()
检索此密钥库中的条目数。
| Returns | |
|---|---|
int |
the number of entries in this keystore |
void engineStore (KeyStore.LoadStoreParameter param)
使用给定的 KeyStore.LoadStoreParmeter存储此密钥库。
| Parameters | |
|---|---|
param |
KeyStore.LoadStoreParameter: the KeyStore.LoadStoreParmeter that specifies how to store the keystore, which may be null |
| Throws | |
|---|---|
IllegalArgumentException |
if the given KeyStore.LoadStoreParmeter input is not recognized |
IOException |
if there was an I/O problem with data |
NoSuchAlgorithmException |
if the appropriate data integrity algorithm could not be found |
CertificateException |
if any of the certificates included in the keystore data could not be stored |
void engineStore (OutputStream stream, char[] password)
将此密钥库存储到给定的输出流,并使用给定的密码保护其完整性。
| Parameters | |
|---|---|
stream |
OutputStream: the output stream to which this keystore is written. |
password |
char: the password to generate the keystore integrity check |
| Throws | |
|---|---|
IOException |
if there was an I/O problem with data |
NoSuchAlgorithmException |
if the appropriate data integrity algorithm could not be found |
CertificateException |
if any of the certificates included in the keystore data could not be stored |
Android开发手册