|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.rsa.certj.pkcs12.PKCS12
This class builds, reads and writes PKCS #12 data files.
PKCS #12 data is actually composed of PFX (Microsoft Personal Information Exchange) data. This class will read PKCS #12 data from a PKCS #12 file. The PKCS #12 file uses only three of the six data types from the PKCS #7 specification:
PKCS #7 Types Used by this ClassgetCertificates
, getCrls
,
or getKeys
methods that
are defined in this class. Therefore, a database parameter is not
required.
Copyright © RSA Security Inc., 1999-2001. All rights reserved.
See Also
Field Summary |
|
static int |
DEFAULT_ITERATIONS
Indicates the default value of iterations used for MAC calculation. |
static String[] |
POSSIBLE_DIGEST_ALGORITHMS
Indicates the possible digest algorithms to use for HMAC calculation. |
static String[] |
POSSIBLE_ENCRYPTION_ALGORITHMS
Indicates the possible PBE algorithms to use. |
static int[] |
POSSIBLE_OPTIONS
Indicates the possible values of the
|
static int |
USE_MS_FORMAT
Indicates the format of PKCS #12 files that Microsoft Internet Explorer (IE) uses. |
static int |
USE_NS_FORMAT
Indicates the format of PKCS #12 files that Netscape Navigator uses except that it encodes using DER instead of indefinite-length BER. |
Constructor Summary |
|
PKCS12(CertJ certJ,
Certificate[] certs,
CRL[] crls,
com.rsa.jsafe.JSAFE_PrivateKey[] keys,
X501Attributes[] certAttrs,
X501Attributes[] crlAttrs,
X501Attributes[] keyAttrs)
Constructs a |
|
PKCS12(CertJ certJ,
Certificate[] certs,
CRL[] crls,
com.rsa.jsafe.JSAFE_PrivateKey[] keys,
X501Attributes[] certAttrs,
X501Attributes[] crlAttrs,
X501Attributes[] keyAttrs,
String[] keyFormats)
Constructs a |
|
PKCS12(CertJ certJ,
Certificate cert,
CertPathCtx pathCtx)
Constructs a |
|
PKCS12(CertJ certJ,
Certificate cert,
CertPathCtx pathCtx,
String keyFormat)
Constructs a |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
char[] encPassword,
File pkcs12File)
Constructs an object from a given PKCS #12 file named pkcs12file. |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
char[] encPassword,
InputStream pkcs12Stream)
Constructs an object from a given PKCS #12 stream named pkcs12Stream. |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
char[] encPassword,
InputStream pkcs12Stream,
int length)
Constructs an object from a given PKCS #12 stream named pkcs12Stream. |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
char[] encPassword,
String pkcs12File)
Constructs an object from a given PKCS #12 file string named pkcs12file. |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
File pkcs12File)
Constructs an object from a given PKCS #12 file named pkcs12file. |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
InputStream pkcs12Stream)
Constructs an object from a given PKCS #12 stream named pkcs12Stream. |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
InputStream pkcs12Stream,
int length)
Constructs an object from a given PKCS #12 stream named pkcs12Stream. |
|
PKCS12(CertJ certJ,
DatabaseService database,
char[] password,
String pkcs12File)
Constructs an object from a given PKCS #12 file string named pkcs12file. |
|
PKCS12(CertJ certJ,
X500Name subjectName,
CertPathCtx pathCtx)
Constructs a |
|
PKCS12(CertJ certJ,
X500Name subjectName,
CertPathCtx pathCtx,
String keyFormat)
Constructs a |
Method Summary |
|
void |
export(File file,
char[] password,
char[] encPassword,
String encAlg,
String digestAlg,
int iterations,
int option)
Exports the contents of this |
void |
export(File file,
char[] password,
String encAlg,
String digestAlg,
int iterations,
int option)
Exports the contents of this |
void |
export(OutputStream stream,
char[] password,
char[] encPassword,
String encAlg,
String digestAlg,
int iterations,
int option)
Exports the contents of this |
void |
export(OutputStream stream,
char[] password,
String encAlg,
String digestAlg,
int iterations,
int option)
Exports the contents of this |
void |
export(String filename,
char[] password,
char[] encPassword,
String encAlg,
String digestAlg,
int iterations,
int option)
Exports the contents of this |
void |
export(String filename,
char[] password,
String encAlg,
String digestAlg,
int iterations,
int option)
Exports the contents of this |
getCertificates()
Retrieves the certificates found in the |
|
getCertsAttributes()
Retrieves the certificates attributes found in the |
|
CRL[] |
getCrls()
Retrieves the CRLs found in the |
getCRLsAttributes()
Retrieves the CRLs attributes found in the |
|
com.rsa.jsafe.JSAFE_PrivateKey[] |
getKeys()
Retrieves the private keys found in the |
getKeysAttributes()
Retrieves the private keys attributes found in the |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final int USE_MS_FORMAT
public static final int USE_NS_FORMAT
public static final String[] POSSIBLE_ENCRYPTION_ALGORITHMS
export
method
is null
, the first element of this array is
used.
This array is a list of algorithms that have been tested, but
it is not an exclusive list. You can use other PBE algorithms as
long as they are supported in the underlying
Crypto-J
toolkit. For example, all the algorithms
currently use the iteration count 1
but
you can use a different number.public static final String[] POSSIBLE_DIGEST_ALGORITHMS
export
method is null
,
the first element of this array is used.
This array is a list of algorithms that have been tested, but
it is not an exclusive list. You can use other digest algorithms as
long as they are supported in the underlying
Crypto-J
toolkit.public static final int DEFAULT_ITERATIONS
export
method is not a positive number,
it uses this value.public static final int[] POSSIBLE_OPTIONS
option
argument for
the export
method.Constructor Detail |
public PKCS12(CertJ certJ, DatabaseService database, char[] password, InputStream pkcs12Stream, int length) throws PKCS12Exception
null
.Parameters
certJ | A | ||
database | A | ||
password | A | ||
pkcs12Stream | A | ||
length | An |
Throws
PKCS12Exception
- If the PKCS #12 contents cannot be
read or decoded.public PKCS12(CertJ certJ, DatabaseService database, char[] password, char[] encPassword, InputStream pkcs12Stream, int length) throws PKCS12Exception
null
.Parameters
certJ | A | ||
database | A | ||
password | A | ||
encPassword | A | ||
pkcs12Stream | A | ||
length | An |
Throws
PKCS12Exception
- If the PKCS #12 contents cannot be
read or decoded.public PKCS12(CertJ certJ, DatabaseService database, char[] password, InputStream pkcs12Stream) throws PKCS12Exception
PKCS12(CertJ, DatabaseService, char[] InputStream,
int) if you know how many bytes should be expected from
the stream.
Certificates, CRLs, and private keys will
be placed into database, if database is not
set to null
.
Parameters
certJ
A CertJ
object holding the various
service providers available.
database
A DatabaseService
to store
certificates, CRLs, and keys.
password
A char
array holding the password
used to decrypt and authenticate the PKCS #12 file.
pkcs12Stream
A String
holding a stream
object which is the source of BER-encoded PKCS #12 contents.
Throws
PKCS12Exception
- If the PKCS #12 contents cannot be
read or decoded.See Also
PKCS12(com.rsa.certj.CertJ, com.rsa.certj.DatabaseService, char[], java.io.InputStream, int)
public PKCS12(CertJ certJ, DatabaseService database, char[] password, char[] encPassword, InputStream pkcs12Stream) throws PKCS12Exception
PKCS12(CertJ, DatabaseService, char[] InputStream,
int) if you know how many bytes should be expected from
the stream.
Certificates, CRLs, and private keys will
be placed into database, if database is not
set to null
.
Parameters
certJ
A CertJ
object holding the various
service providers available.
database
A DatabaseService
to store
certificates, CRLs, and keys.
password
A char
array holding the password
used to authenticate the PKCS #12 file with HMAC.
encPassword
A char
array holding the password
used to decrypt the PKCS#12 data. If it is null
, then
password
will be used to decrypt it.
pkcs12Stream
A String
holding a stream
object which is the source of BER-encoded PKCS #12 contents.
Throws
PKCS12Exception
- If the PKCS #12 contents cannot be
read or decoded.See Also
PKCS12(com.rsa.certj.CertJ, com.rsa.certj.DatabaseService,
char[], java.io.InputStream, int)
public PKCS12(CertJ certJ, DatabaseService database, char[] password, String pkcs12File) throws PKCS12Exception
null
.Parameters
certJ | A | ||
database | A | ||
password | A | ||
pkcs12File | A |
Throws
PKCS12Exception
- If the PKCS #12 file cannot be read
or decoded.public PKCS12(CertJ certJ, DatabaseService database, char[] password, char[] encPassword, String pkcs12File) throws PKCS12Exception
null
.Parameters
certJ | A | ||
database | A | ||
password | A | ||
encPassword | A | ||
pkcs12File | A |
Throws
PKCS12Exception
- If the PKCS #12 file cannot be read
or decoded.public PKCS12(CertJ certJ, DatabaseService database, char[] password, File pkcs12File) throws PKCS12Exception
null
.Parameters
certJ | A | ||
database | A | ||
password | A | ||
pkcs12File | A |
Throws
PKCS12Exception
- If the PKCS #12 file cannot be read
or decoded.public PKCS12(CertJ certJ, DatabaseService database, char[] password, char[] encPassword, File pkcs12File) throws PKCS12Exception
null
.Parameters
certJ | A | ||
database | A | ||
password | A | ||
encPassword | A | ||
pkcs12File | A |
Throws
PKCS12Exception
- If the PKCS #12 file cannot be read
or decoded.public PKCS12(CertJ certJ, Certificate[] certs, CRL[] crls, com.rsa.jsafe.JSAFE_PrivateKey[] keys, X501Attributes[] certAttrs, X501Attributes[] crlAttrs, X501Attributes[] keyAttrs) throws InvalidParameterException
PKCS12
object that holds specified
certificates, CRLs, and private keys.Parameters
certJ | A | ||
certs | A | ||
crls | A | ||
keys | A | ||
certAttrs | An | ||
crlAttrs | An | ||
keyAttrs | An |
Throws
InvalidParameterException
- If any of the parameters
is invalid.public PKCS12(CertJ certJ, Certificate[] certs, CRL[] crls, com.rsa.jsafe.JSAFE_PrivateKey[] keys, X501Attributes[] certAttrs, X501Attributes[] crlAttrs, X501Attributes[] keyAttrs, String[] keyFormats) throws InvalidParameterException
PKCS12
object that holds specified
certificates, CRLs, and private keys.Parameters
certJ | A | ||
certs | A | ||
crls | A | ||
keys | A | ||
certAttrs | An | ||
crlAttrs | An | ||
keyAttrs | An | ||
keyFormats | An |
Throws
InvalidParameterException
- If any of the parameters
is invalid.public PKCS12(CertJ certJ, X500Name subjectName, CertPathCtx pathCtx) throws InvalidParameterException, PKCS12Exception
PKCS12
object that holds key
materials corresponding to subjectName. Key materials are
the certificates corresponding to the subjectName and
the private keys corresponding to the public keys found in the
certificates. Key materials may also include
valid certification chains for the
certificates, and CRLs for any certificate
included.
The pathCtx argument specifies the source of the
materials to be included in the resulting PKCS #12 file.
First, the subjectName argument is used to look
for one or more certificates with subject names that match it.
For each certificate found, it looks for the corresponding
private key, and builds a certificate path from this
certificate up to a trusted root certificate in
the pathCtx. If building a certificate path fails,
it throws an exception indicating the failure.
In summary, the following four steps are used to build
the PKCS #12 file:
pathOptions
associated with
the pathCtx argument does not have
the CertPathCtx.PF_IGNORE_REVOCATION
bit set,
include the the CRLs found while building a certificate path
in step 3.trustedCerts
associated with
the pathCtx argument if the certificate path
is not included.Parameters
certJ | A
| ||
subjectName | An | ||
pathCtx | A |
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If constructing the contents of a
PKCS #12 file fails.public PKCS12(CertJ certJ, X500Name subjectName, CertPathCtx pathCtx, String keyFormat) throws InvalidParameterException, PKCS12Exception
PKCS12
object that holds key
materials corresponding to subjectName. Key materials are
the certificates corresponding to the subjectName and
the private keys corresponding to the public keys found in the
certificates. Key materials may also include
valid certification chains for the
certificates, and CRLs for any certificate
included.
The pathCtx argument specifies the source of the
materials to be included in the resulting PKCS #12 file.
First, the subjectName argument is used to look
for one or more certificates with subject names that match it.
For each certificate found, it looks for the corresponding
private key, and builds a certificate path from this
certificate up to a trusted root certificate in
the pathCtx. If building a certificate path fails,
it throws an exception indicating the failure.
In summary, the following four steps are used to build
the PKCS #12 file:
pathOptions
associated with
the pathCtx argument does not have
the CertPathCtx.PF_IGNORE_REVOCATION
bit set,
include the the CRLs found while building a certificate path
in step 3.trustedCerts
associated with
the pathCtx argument if the certificate path
is not included.Parameters
certJ | A
| ||
subjectName | An | ||
pathCtx | A | ||
keyFormat | An |
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If constructing the contents of a
PKCS #12 file fails.public PKCS12(CertJ certJ, Certificate cert, CertPathCtx pathCtx) throws InvalidParameterException, PKCS12Exception
PKCS12
object that holds key
materials for the certificate given in cert.
Key materials are
the certificate given in cert and
the private key corresponding to the public keys found in the
certificate. Key materials may also include
valid certification chains for the
certificate, and CRLs for the certificate.
The pathCtx argument specifies the source of the
materials to be included in the resulting PKCS #12 file.
First, it looks for the corresponding private key for the
certificate and builds a certificate path from this
certificate up to a trusted root certificate in
the pathCtx. If building a certificate path fails,
it throws an exception indicating the failure.
In summary, the following three steps are used to build
the PKCS #12 file:
pathOptions
associated with
the pathCtx argument does not have
the CertPathCtx.PF_IGNORE_REVOCATION
bit set,
include the the CRLs found while building a certificate path
in step 2.
trustedCerts
associated with
the pathCtx argument if the certificate path
is not included.Parameters
certJ | A
| ||
cert | A | ||
pathCtx | A |
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If constructing the contents of a
PKCS #12 file fails.public PKCS12(CertJ certJ, Certificate cert, CertPathCtx pathCtx, String keyFormat) throws InvalidParameterException, PKCS12Exception
PKCS12
object that holds key
materials for the certificate given in cert.
Key materials are
the certificate given in cert and
the private key corresponding to the public keys found in the
certificate. Key materials may also include
valid certification chains for the
certificate, and CRLs for the certificate.
The pathCtx argument specifies the source of the
materials to be included in the resulting PKCS #12 file.
First, it looks for the corresponding private key for the
certificate and builds a certificate path from this
certificate up to a trusted root certificate in
the pathCtx. If building a certificate path fails,
it throws an exception indicating the failure.
In summary, the following three steps are used to build
the PKCS #12 file:
pathOptions
associated with
the pathCtx argument does not have
the CertPathCtx.PF_IGNORE_REVOCATION
bit set,
include the the CRLs found while building a certificate path
in step 2.
trustedCerts
associated with
the pathCtx argument if the certificate path
is not included.Parameters
certJ | A
| ||
cert | A | ||
pathCtx | A | ||
keyFormat | An |
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If constructing the contents of a
PKCS #12 file fails.Method Detail |
public void export(String filename, char[] password, String encAlg, String digestAlg, int iterations, int option) throws InvalidParameterException, PKCS12Exception
PKCS12
object into a
file given as a String
.
Parameters
filename | A | ||
password | A | ||
encAlg | A | ||
digestAlg | A | ||
iterations | An | ||
option | An
|
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If creation of the PKCS #12 file
fails.public void export(File file, char[] password, String encAlg, String digestAlg, int iterations, int option) throws InvalidParameterException, PKCS12Exception
PKCS12
object into a
file given as a File
.Parameters
file | A | ||
password | A | ||
encAlg | A | ||
digestAlg | A | ||
iterations | An | ||
option | An
|
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If creation of the PKCS #12 file
failed.public void export(String filename, char[] password, char[] encPassword, String encAlg, String digestAlg, int iterations, int option) throws InvalidParameterException, PKCS12Exception
PKCS12
object into a
file given as a String
.
Parameters
filename | A | ||
password | A | ||
encPassword | A | ||
encAlg | A | ||
digestAlg | A | ||
iterations | An | ||
option | An
|
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If creation of the PKCS #12 file
fails.public void export(File file, char[] password, char[] encPassword, String encAlg, String digestAlg, int iterations, int option) throws InvalidParameterException, PKCS12Exception
PKCS12
object into a
file given as a File
.Parameters
file | A | ||
password | A | ||
encPassword | A | ||
encAlg | A | ||
digestAlg | A | ||
iterations | An | ||
option | An
|
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If creation of the PKCS #12 file
failed.public void export(OutputStream stream, char[] password, String encAlg, String digestAlg, int iterations, int option) throws InvalidParameterException, PKCS12Exception
PKCS12
object into
an output stream given as an OutputStream
.Parameters
stream | An | ||
password | A | ||
encAlg | A | ||
digestAlg | A | ||
iterations | An | ||
option | An
|
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If creation of the PKCS #12 file
fails.public void export(OutputStream stream, char[] password, char[] encPassword, String encAlg, String digestAlg, int iterations, int option) throws InvalidParameterException, PKCS12Exception
PKCS12
object into
an output stream given as an OutputStream
.Parameters
stream | An | ||
password | A | ||
encPassword | A | ||
encAlg | A | ||
digestAlg | A | ||
iterations | An | ||
option | An
|
Throws
InvalidParameterException
- If any of the parameters
is invalid.
PKCS12Exception
- If creation of the PKCS #12 file
fails.public Certificate[] getCertificates()
PKCS12
data.
Returns
Certificate
array containing all of the
certificates in the PKCS12
data.public CRL[] getCrls()
PKCS12
data.
Returns
CRL
array containing all of the CRLs in
the PKCS12
data.public com.rsa.jsafe.JSAFE_PrivateKey[] getKeys()
PKCS12
data.
Returns
JSAFE_PrivateKey
array containing all
of the private keys in the PKCS12
data.public X501Attributes[] getKeysAttributes()
PKCS12
data. Keys attributes are ordered as keys, so if some key is missing its
attributes, the corresponding attributes element is null.
Returns
X501Attributes
array containing all
of the private keys attributes in the PKCS12
data.public X501Attributes[] getCertsAttributes()
PKCS12
data. Certificates attributes are ordered as certs, so if some cert
is missing its attributes, the corresponding attributes element is null.
Returns
X501Attributes
array containing all
of the certificates attributes in the PKCS12
data.public X501Attributes[] getCRLsAttributes()
PKCS12
data. CRLs attributes are ordered as CRLss, so if some CRL is missing
attributes, the corresponding attributes element is null.
Returns
X501Attributes
array containing all
of the CRLs attributes in the PKCS12
data.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |