CkCertStore Java Programming
Reference Documentation
CkCertStore
* This is a freeware class/component/library.
Represents a collection of certificates. The certificates may be loaded from a PFX (PKCS#12) or from a Windows-based certificate store. Many of the methods of this class are only applicable when running on a MS Windows operating system. The methods for opening, creating, and modifying Windows-based certificate stores (registry-based, file-based, and memory-based) are (of course) Windows-only. However, the methods for loading certs from PFX (PKCS#12), are valid on all supported operating systems, including Linux, MAC OS X, Windows, etc.
Object Creation
CkCertStore obj = new CkCertStore();
Properties
// Returns a boolean value
get_AvoidWindowsPkAccess( )
// newVal is a boolean (input)
put_AvoidWindowsPkAccess( newVal )
Applies only when running on a Microsoft Windows operating system. If true, then any method that returns a certificate will not try to also access the associated private key, assuming one exists. This is useful if the certificate was installed with high-security such that a private key access would trigger the Windows OS to display a security warning dialog. The default value of this property is false.
// str is a CkString object (output)
LastErrorHtml( str )
Error information in HTML format for the last method called.
// str is a CkString object (output)
LastErrorText( str )
Error information in plain-text format for the last method called.
// str is a CkString object (output)
LastErrorXml( str )
Error information in XML format for the last method called.
// Returns an integer value
get_NumCertificates( )
The number of certificates held in the certificate store.
// Returns an integer value
get_NumEmailCerts( )
The number of certificates that can be used for sending secure email within this store.
// Returns a boolean value
get_VerboseLogging( )
// newVal is a boolean (input)
put_VerboseLogging( newVal )
If set to true, then the LastErrorText may contain more verbose logging.
// version is a CkString object (output)
get_Version( version )
The version of this component, such as "1.0"
Methods
// cert is a CkCert object (input)
// Returns a boolean value
AddCertificate( cert )
Adds a certificate to the store. If the certificate is already in the store, it is updated with the new information. Returns true for success, false for failure.
// filename is a string (input)
// Returns a boolean value
CreateFileStore( filename )
(Relevant only when running on a Microsoft Windows operating system.) Creates a new file-based certificate store. Certificates may be saved to this store by calling AddCertificate. Returns true for success, false for failure.
// Returns a boolean value
CreateMemoryStore( )
(Relevant only when running on a Microsoft Windows operating system.) Creates an in-memory certificate store. Certificates may be added by calling AddCertificate. Returns true for success, false for failure.
// regRoot is a string (input)
// regPath is a string (input)
// Returns a boolean value
CreateRegistryStore( regRoot, regPath )
(Relevant only when running on a Microsoft Windows operating system.) Creates a registry-based certificate store. regRoot must be "CurrentUser" or "LocalMachine". regPath is a registry path such as "Software/MyApplication/Certificates". Returns true for success, false for failure.
// name is a string (input)
// Returns a CkCert object
FindCertByRfc822Name( name )
Locates a certificate by its RFC 822 name and returns it if found.
Returns nil on failure.
// serialNumber is a string (input)
// Returns a CkCert object
FindCertBySerial( serialNumber )
Finds and returns the certificate that has the matching serial number.
Returns nil on failure.
// str is a string (input)
// Returns a CkCert object
FindCertBySha1Thumbprint( str )
Finds a certificate by it's SHA-1 thumbprint. The thumbprint is a hexidecimal string.
Returns nil on failure.
// subject is a string (input)
// Returns a CkCert object
FindCertBySubject( subject )
Finds a certificate where one of the Subject properties (SubjectCN, SubjectE, SubjectO, SubjectOU, SubjectL, SubjectST, SubjectC) matches exactly (but case insensitive) with the passed string. A match in SubjectCN will be tried first, followed by SubjectE, and SubjectO. After that, the first match found in SubjectOU, SubjectL, SubjectST, or SubjectC, but in no guaranteed order, is returned. All matches are case insensitive.
Returns nil on failure.
// commonName is a string (input)
// Returns a CkCert object
FindCertBySubjectCN( commonName )
Finds a certificate where the SubjectCN property (common name) matches exactly (but case insensitive) with the passed string
Returns nil on failure.
// emailAddress is a string (input)
// Returns a CkCert object
FindCertBySubjectE( emailAddress )
Finds a certificate where the SubjectE property (email address) matches exactly (but case insensitive) with the passed string. This function differs from FindCertForEmail in that the certificate does not need to match the ForSecureEmail property.
Returns nil on failure.
// organization is a string (input)
// Returns a CkCert object
FindCertBySubjectO( organization )
Finds a certificate where the SubjectO property (organization) matches exactly (but case insensitive) with the passed string.
Returns nil on failure.
// emailAddress is a string (input)
// Returns a CkCert object
FindCertForEmail( emailAddress )
Finds a certificate that can be used to send secure email to the passed email address. A certificate matches only if the ForSecureEmail property is TRUE, and the email address matches exactly (but case insensitive) with the SubjectE property. Returns NULL if no matches are found.
Returns nil on failure.
// index is an integer (input)
// Returns a CkCert object
GetCertificate( index )
Returns the Nth certificate in the store. The first certificate is at index 0.
Returns nil on failure.
// index is an integer (input)
// Returns a CkCert object
GetEmailCert( index )
Returns the Nth email certificate in the store. The first certificate is at index 0. Use the NumEmailCertificates property to get the number of email certificates.
Returns nil on failure.
// pfxData is a CkByteData object (output)
// password is a string (input)
// Returns a boolean value
LoadPfxData( pfxData, password )
Loads a PFX from an in-memory image of a PFX file. Once loaded, the certificates within the PFX may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate within the PFX. Returns true for success, false for failure.
// buf is a byte array (input)
// bufLen is an integer (input)
// password is a string (input)
// Returns a boolean value
LoadPfxData2( buf, bufLen, password )
Loads a PFX from an in-memory image of a PFX file. Once loaded, the certificates within the PFX may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate within the PFX. Returns true for success, false for failure.
// filename is a string (input)
// password is a string (input)
// Returns a boolean value
LoadPfxFile( filename, password )
Loads a PFX file. Once loaded, the certificates within the PFX may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate within the PFX. Returns true for success, false for failure.
// readOnly is a boolean (input)
// Returns a boolean value
OpenChilkatStore( readOnly )
(Relevant only when running on a Microsoft Windows operating system.) Opens the registry-based local machine certificate store having the path "Software/Chilkat/SystemCertificates". If the certificate store does not exist, it is automatically created. Set readOnly = true if you are only fetching certificates and not updating the certificate store (i.e. you are not adding or removing certificates). Setting readOnly = true will prevent many "permission denied" errors. Once loaded, the certificates within the store may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate contained in the store. Returns true for success, false for failure.
// readOnly is a boolean (input)
// Returns a boolean value
OpenCurrentUserStore( readOnly )
(Relevant only when running on a Microsoft Windows operating system.) Opens the registry-based current-user certificate store. Set readOnly = true if you are only fetching certificates and not updating the certificate store (i.e. you are not adding or removing certificates). Setting readOnly = true will prevent many "permission denied" errors. Once loaded, the certificates within the store may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate contained in the store. Returns true for success, false for failure.
// filename is a string (input)
// readOnly is a boolean (input)
// Returns a boolean value
OpenFileStore( filename, readOnly )
(Relevant only when running on a Microsoft Windows operating system.) Opens a file-based certificate store. Once loaded, the certificates within the store may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate contained in the store. Returns true for success, false for failure.
// readOnly is a boolean (input)
// Returns a boolean value
OpenOutlookStore( readOnly )
(Relevant only when running on a Microsoft Windows operating system.) Opens the registry-based certificate store used by Outlook. Set readOnly = true if you are only fetching certificates and not updating the certificate store (i.e. you are not adding or removing certificates). Setting readOnly = true will prevent many "permission denied" errors. Once loaded, the certificates within the store may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate contained in the store. Returns true for success, false for failure.
// regRoot is a string (input)
// regPath is a string (input)
// readOnly is a boolean (input)
// Returns a boolean value
OpenRegistryStore( regRoot, regPath, readOnly )
(Relevant only when running on a Microsoft Windows operating system.) Opens an arbitrary registry-based certificate store. regRoot must be "CurrentUser" or "LocalMachine". regPath is a registry path such as "Software/MyApplication/Certificates". Once loaded, the certificates within the store may be searched via the Find* methods. It is also possible to iterate from 0 to NumCertficates-1, calling GetCertificate for each index, to retrieve each certificate contained in the store. Returns true for success, false for failure.
// cert is a CkCert object (input)
// Returns a boolean value
RemoveCertificate( cert )
(Relevant only when running on a Microsoft Windows operating system.) Removes the passed certificate from the store. The certificate object passed as the argument can no longer be used once removed. Returns true for success, false for failure.
// filename is a string (input)
// Returns a boolean value
SaveLastError( filename )
Saves the last error information to an XML formatted file.
// Returns a string
lastErrorHtml( )
Error information in HTML format for the last method called.Returns a null on failure
// Returns a string
lastErrorText( )
Error information in plain-text format for the last method called.Returns a null on failure
// Returns a string
lastErrorXml( )
Error information in XML format for the last method called.Returns a null on failure
// Returns a string
version( )
The version of this component, such as "1.0" Returns a null on failure
|