Package org.mozilla.jss.pkix.primitive
Class EncryptedPrivateKeyInfo
- java.lang.Object
-
- org.mozilla.jss.pkix.primitive.EncryptedPrivateKeyInfo
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
EncryptedPrivateKeyInfo.Template
A template class for decoding EncryptedPrivateKeyInfos from BER.
-
Constructor Summary
Constructors Constructor Description EncryptedPrivateKeyInfo(AlgorithmIdentifier encryptionAlgorithm, OCTET_STRING encryptedData)
Creates an EncryptedPrivateKeyInfo from its components.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static EncryptedPrivateKeyInfo
createPBE(PBEAlgorithm keyGenAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKey pri, CryptoToken token)
Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key- with wrapping/unwrapping happening on token.static EncryptedPrivateKeyInfo
createPBE(PBEAlgorithm keyGenAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo pki)
Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key.static EncryptedPrivateKeyInfo
createPBES2(int saltLen, int kdfIterations, EncryptionAlgorithm encAlg, Password pwd, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo privateKeyInfo)
Export a private key in PBES2 format, using a random PBKDF2 salt.PrivateKeyInfo
decrypt(Password pass, KeyGenerator.CharToByteConverter charToByteConverter)
Decrypts an EncryptedPrivateKeyInfo that was encrypted with a PBE algorithm.void
encode(java.io.OutputStream ostream)
Write this value's DER encoding to an output stream using its own base tag.void
encode(Tag implicitTag, java.io.OutputStream ostream)
Write this value's DER encoding to an output stream using an implicit tag.OCTET_STRING
getEncryptedData()
AlgorithmIdentifier
getEncryptionAlgorithm()
Tag
getTag()
Returns the base tag for this type, not counting any tags that may be imposed on it by its context.static EncryptedPrivateKeyInfo.Template
getTemplate()
-
-
-
Constructor Detail
-
EncryptedPrivateKeyInfo
public EncryptedPrivateKeyInfo(AlgorithmIdentifier encryptionAlgorithm, OCTET_STRING encryptedData)
Creates an EncryptedPrivateKeyInfo from its components.
-
-
Method Detail
-
getEncryptionAlgorithm
public AlgorithmIdentifier getEncryptionAlgorithm()
-
getEncryptedData
public OCTET_STRING getEncryptedData()
-
createPBE
public static EncryptedPrivateKeyInfo createPBE(PBEAlgorithm keyGenAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo pki) throws NotInitializedException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException, TokenException, java.io.CharConversionException
Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key.- Parameters:
keyGenAlg
- The algorithm for generating a symmetric key from a password, salt, and iteration count.password
- The password to use in generating the key.salt
- The salt to use in generating the key.iterationCount
- The number of hashing iterations to perform while generating the key.charToByteConverter
- The mechanism for converting the characters in the password into bytes. If null, the default mechanism will be used, which is UTF8.pki
- The PrivateKeyInfo to be encrypted and stored in the EncryptedContentInfo. Before they are encrypted, they will be padded using PKCS padding.- Throws:
NotInitializedException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.InvalidAlgorithmParameterException
TokenException
java.io.CharConversionException
-
createPBES2
public static EncryptedPrivateKeyInfo createPBES2(int saltLen, int kdfIterations, EncryptionAlgorithm encAlg, Password pwd, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo privateKeyInfo) throws NotInitializedException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException, TokenException, java.io.CharConversionException
Export a private key in PBES2 format, using a random PBKDF2 salt. Token must support the CKM_PKCS5_PBKD2 mechanism.- Parameters:
saltLen
- Length of salt in bytes (default: 16)kdfIterations
- PBKDF2 iterations (default: 2000)encAlg
- The symmetric encryption algorithm for enciphering the private key. Determines the size of derived key.pwd
- PasswordcharToByteConverter
- The mechanism for converting the characters in the password into bytes. If null, the default mechanism will be used, which is UTF8.privateKeyInfo
- The encoded PrivateKeyInfo to be encrypted and stored in the EncryptedContentInfo.- Throws:
NotInitializedException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.InvalidAlgorithmParameterException
TokenException
java.io.CharConversionException
-
createPBE
public static EncryptedPrivateKeyInfo createPBE(PBEAlgorithm keyGenAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKey pri, CryptoToken token) throws NotInitializedException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException, TokenException, java.io.CharConversionException
Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key- with wrapping/unwrapping happening on token.- Parameters:
keyGenAlg
- The algorithm for generating a symmetric key from a password, salt, and iteration count.password
- The password to use in generating the key.salt
- The salt to use in generating the key.iterationCount
- The number of hashing iterations to perform while generating the key.charToByteConverter
- The mechanism for converting the characters in the password into bytes. If null, the default mechanism will be used, which is UTF8.pri
- The PrivateKey to be encrypted and stored in the EncryptedContentInfo.- Throws:
NotInitializedException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.InvalidAlgorithmParameterException
TokenException
java.io.CharConversionException
-
decrypt
public PrivateKeyInfo decrypt(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) throws NotInitializedException, java.security.NoSuchAlgorithmException, InvalidBERException, java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException, TokenException, IllegalBlockSizeException, javax.crypto.BadPaddingException, java.io.CharConversionException
Decrypts an EncryptedPrivateKeyInfo that was encrypted with a PBE algorithm. The algorithm and its parameters are extracted from the EncryptedPrivateKeyInfo.- Parameters:
pass
- The password to use to generate the PBE key.charToByteConverter
- The converter to change the password characters to bytes. If null, the default conversion is used.- Throws:
NotInitializedException
java.security.NoSuchAlgorithmException
InvalidBERException
java.security.InvalidKeyException
java.security.InvalidAlgorithmParameterException
TokenException
IllegalBlockSizeException
javax.crypto.BadPaddingException
java.io.CharConversionException
-
getTag
public Tag getTag()
Description copied from interface:ASN1Value
Returns the base tag for this type, not counting any tags that may be imposed on it by its context.
-
encode
public void encode(java.io.OutputStream ostream) throws java.io.IOException
Description copied from interface:ASN1Value
Write this value's DER encoding to an output stream using its own base tag.
-
encode
public void encode(Tag implicitTag, java.io.OutputStream ostream) throws java.io.IOException
Description copied from interface:ASN1Value
Write this value's DER encoding to an output stream using an implicit tag.
-
getTemplate
public static EncryptedPrivateKeyInfo.Template getTemplate()
-
-