org.apache.commons.ssl
Class PKCS8Key
java.lang.Object
org.apache.commons.ssl.PKCS8Key
- public class PKCS8Key
- extends java.lang.Object
Utility for decrypting PKCS8 private keys. Way easier to use than
javax.crypto.EncryptedPrivateKeyInfo since all you need is the byte[] array
and the password. You don't need to know anything else about the PKCS8
key you pass in.
Can handle base64 PEM, or raw DER.
Can handle PKCS8 Version 1.5 and 2.0.
Can also handle OpenSSL encrypted or unencrypted private keys (DSA or RSA).
The PKCS12 key derivation (the "pkcs12()" method) comes from BouncyCastle.
- Since:
- 7-Nov-2006
- Author:
- Credit Union Central of British Columbia, www.cucbc.com, juliusdavies@cucbc.com, bouncycastle.org
|
Constructor Summary |
PKCS8Key(byte[] encoded,
char[] password)
|
PKCS8Key(java.io.ByteArrayInputStream in,
char[] password)
|
PKCS8Key(java.io.InputStream in,
char[] password)
|
|
Method Summary |
static PKCS8Key.DecryptResult |
decrypt(java.lang.String cipher,
java.lang.String mode,
DerivedKey dk,
boolean des2,
byte[] iv,
byte[] encryptedBytes)
|
static DerivedKey |
deriveKeyPKCS12(char[] password,
byte[] salt,
int iterations,
int keySizeInBits,
int ivSizeInBits,
java.security.MessageDigest md)
|
static DerivedKey |
deriveKeyV1(byte[] password,
byte[] salt,
int iterations,
int keySizeInBits,
int ivSizeInBits,
java.security.MessageDigest md)
|
static DerivedKey |
deriveKeyV2(byte[] password,
byte[] salt,
int iterations,
int keySizeInBits,
int ivSizeInBits,
javax.crypto.Mac mac)
|
static byte[] |
encode(DEREncodable der)
|
static byte[] |
formatAsPKCS8(byte[] privateKey,
java.lang.String oid,
org.apache.commons.ssl.ASN1Structure pkcs8)
|
static javax.crypto.Cipher |
generateCipher(java.lang.String cipher,
java.lang.String mode,
DerivedKey dk,
boolean des2,
byte[] iv,
boolean decryptMode)
|
byte[] |
getDecryptedBytes()
|
int |
getKeySize()
|
java.security.PrivateKey |
getPrivateKey()
|
java.lang.String |
getTransformation()
|
boolean |
isDSA()
|
boolean |
isRSA()
|
static void |
main(java.lang.String[] args)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RSA_OID
public static final java.lang.String RSA_OID
- See Also:
- Constant Field Values
DSA_OID
public static final java.lang.String DSA_OID
- See Also:
- Constant Field Values
PKCS8_UNENCRYPTED
public static final java.lang.String PKCS8_UNENCRYPTED
- See Also:
- Constant Field Values
PKCS8_ENCRYPTED
public static final java.lang.String PKCS8_ENCRYPTED
- See Also:
- Constant Field Values
OPENSSL_RSA
public static final java.lang.String OPENSSL_RSA
- See Also:
- Constant Field Values
OPENSSL_DSA
public static final java.lang.String OPENSSL_DSA
- See Also:
- Constant Field Values
PKCS8Key
public PKCS8Key(java.io.InputStream in,
char[] password)
throws java.security.GeneralSecurityException,
java.io.IOException
- Parameters:
in - pkcs8 file to parse (pem or der, encrypted or unencrypted)password - password to decrypt the pkcs8 file. Ignored if the
supplied pkcs8 is already unencrypted.
- Throws:
java.security.GeneralSecurityException - If a parsing or decryption problem
occured.
java.io.IOException - If the supplied InputStream could not be read.
PKCS8Key
public PKCS8Key(java.io.ByteArrayInputStream in,
char[] password)
throws java.security.GeneralSecurityException
- Parameters:
in - pkcs8 file to parse (pem or der, encrypted or unencrypted)password - password to decrypt the pkcs8 file. Ignored if the
supplied pkcs8 is already unencrypted.
- Throws:
java.security.GeneralSecurityException - If a parsing or decryption problem
occured.
PKCS8Key
public PKCS8Key(byte[] encoded,
char[] password)
throws java.security.GeneralSecurityException
- Parameters:
encoded - pkcs8 file to parse (pem or der, encrypted or unencrypted)password - password to decrypt the pkcs8 file. Ignored if the
supplied pkcs8 is already unencrypted.
- Throws:
java.security.GeneralSecurityException - If a parsing or decryption problem
occured.
isRSA
public boolean isRSA()
isDSA
public boolean isDSA()
getTransformation
public java.lang.String getTransformation()
getKeySize
public int getKeySize()
getDecryptedBytes
public byte[] getDecryptedBytes()
getPrivateKey
public java.security.PrivateKey getPrivateKey()
generateCipher
public static javax.crypto.Cipher generateCipher(java.lang.String cipher,
java.lang.String mode,
DerivedKey dk,
boolean des2,
byte[] iv,
boolean decryptMode)
throws java.security.NoSuchAlgorithmException,
javax.crypto.NoSuchPaddingException,
java.security.InvalidKeyException,
java.security.InvalidAlgorithmParameterException
- Throws:
java.security.NoSuchAlgorithmException
javax.crypto.NoSuchPaddingException
java.security.InvalidKeyException
java.security.InvalidAlgorithmParameterException
decrypt
public static PKCS8Key.DecryptResult decrypt(java.lang.String cipher,
java.lang.String mode,
DerivedKey dk,
boolean des2,
byte[] iv,
byte[] encryptedBytes)
throws java.security.NoSuchAlgorithmException,
javax.crypto.NoSuchPaddingException,
java.security.InvalidKeyException,
java.security.InvalidAlgorithmParameterException,
javax.crypto.IllegalBlockSizeException,
javax.crypto.BadPaddingException
- Throws:
java.security.NoSuchAlgorithmException
javax.crypto.NoSuchPaddingException
java.security.InvalidKeyException
java.security.InvalidAlgorithmParameterException
javax.crypto.IllegalBlockSizeException
javax.crypto.BadPaddingException
deriveKeyV1
public static DerivedKey deriveKeyV1(byte[] password,
byte[] salt,
int iterations,
int keySizeInBits,
int ivSizeInBits,
java.security.MessageDigest md)
deriveKeyPKCS12
public static DerivedKey deriveKeyPKCS12(char[] password,
byte[] salt,
int iterations,
int keySizeInBits,
int ivSizeInBits,
java.security.MessageDigest md)
deriveKeyV2
public static DerivedKey deriveKeyV2(byte[] password,
byte[] salt,
int iterations,
int keySizeInBits,
int ivSizeInBits,
javax.crypto.Mac mac)
throws java.security.InvalidKeyException
- Throws:
java.security.InvalidKeyException
formatAsPKCS8
public static byte[] formatAsPKCS8(byte[] privateKey,
java.lang.String oid,
org.apache.commons.ssl.ASN1Structure pkcs8)
encode
public static byte[] encode(DEREncodable der)
throws java.io.IOException
- Throws:
java.io.IOException
main
public static void main(java.lang.String[] args)
throws java.lang.Exception
- Throws:
java.lang.Exception
Copyright © 2011. All Rights Reserved.