Class PKCS12Util
java.lang.Object
org.mozilla.jss.netscape.security.pkcs.PKCS12Util
-
Field Summary
FieldsModifier and TypeFieldDescription(package private) PBEAlgorithm
static final PBEAlgorithm
static final String
static final PBEAlgorithm
static final String
(package private) PBEAlgorithm
private static org.slf4j.Logger
static final String
(package private) SecureRandom
static final List
<PBEAlgorithm> static final List
<PBEAlgorithm> (package private) boolean
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
addCertBag
(PKCS12CertInfo certInfo, SEQUENCE safeContents) void
addKeyBag
(PKCS12KeyInfo keyInfo, Password password, SEQUENCE encSafeContents) Add a private key to the PKCS #12 object.create_EPKI_with_PBE_PKCS5_PBES2
(CryptoToken token, PrivateKey privateKey, Password password) create_EPKI_with_PBE_SHA1_DES3_CBC
(CryptoToken token, PrivateKey privateKey, Password password) (package private) SET
createCertBagAttrs
(PKCS12CertInfo certInfo) createCertInfoFromNSS
(X509Certificate cert, String friendlyName) (package private) SET
createKeyBagAttrs
(PKCS12KeyInfo keyInfo) createKeyInfoFromNSS
(X509Certificate cert, PrivateKey privateKey) createKeyInfoFromNSS
(X509Certificate cert, PrivateKey privateKey, String friendlyName) (package private) BigInteger
createLocalID
(byte[] bytes) (package private) BigInteger
createLocalID
(X509Certificate cert) generatePFX
(PKCS12 pkcs12, Password password) getCertBySubjectDN
(PKCS12 pkcs12, String subjectDN) getCertInfo
(SafeBag bag) void
getCertInfos
(PKCS12 pkcs12, PFX pfx, Password password) getKeyInfo
(SafeBag bag, Password password) Loads key bags (for IMPORT and other operations on existing PKCS #12 files).void
getKeyInfos
(PKCS12 pkcs12, PFX pfx, Password password) getPrivateKeyType
(PublicKey publicKey) getTrustFlags
(X509Certificate cert) Deprecated.Use PK11Cert.getTrustFlags() instead.void
importKey
(PKCS12 pkcs12, Password password, String nickname, PKCS12KeyInfo keyInfo) boolean
void
loadCertFromNSS
(PKCS12 pkcs12, String nickname, boolean includeKey, boolean includeChain) void
loadCertFromNSS
(PKCS12 pkcs12, String nickname, boolean includeKey, boolean includeChain, String friendlyName) void
loadCertFromNSS
(PKCS12 pkcs12, X509Certificate cert, boolean includeKey, boolean includeChain) void
loadCertFromNSS
(PKCS12 pkcs12, X509Certificate cert, boolean includeKey, boolean includeChain, String friendlyName) loadFromByteArray
(byte[] b, Password password) loadFromFile
(String filename) loadFromFile
(String filename, Password password) void
loadFromNSS
(PKCS12 pkcs12) void
loadFromNSS
(PKCS12 pkcs12, boolean includeKey, boolean includeChain) void
setCertEncryption
(String name) void
setCertEncryption
(PBEAlgorithm algorithm) void
setKeyEncryption
(String name) void
setKeyEncryption
(PBEAlgorithm algorithm) void
setTrustFlags
(X509Certificate cert, String trustFlags) Deprecated.Use PK11Cert.setTrustFlags() instead.void
setTrustFlagsEnabled
(boolean trustFlagsEnabled) void
storeCertIntoNSS
(PKCS12 pkcs12, Password password, String nickname, boolean overwrite) void
storeCertIntoNSS
(PKCS12 pkcs12, Password password, PKCS12CertInfo certInfo, boolean overwrite) Store a certificate (and key, if present) in NSSDB.void
storeIntoFile
(PKCS12 pkcs12, String filename, Password password) void
storeIntoNSS
(PKCS12 pkcs12, Password password, boolean overwrite)
-
Field Details
-
logger
private static org.slf4j.Logger logger -
NO_ENCRYPTION
- See Also:
-
SUPPORTED_CERT_ENCRYPTIONS
-
SUPPORTED_KEY_ENCRYPTIONS
-
DEFAULT_CERT_ENCRYPTION
-
DEFAULT_CERT_ENCRYPTION_NAME
- See Also:
-
DEFAULT_KEY_ENCRYPTION
-
DEFAULT_KEY_ENCRYPTION_NAME
-
random
SecureRandom random -
certEncryption
PBEAlgorithm certEncryption -
keyEncryption
PBEAlgorithm keyEncryption -
trustFlagsEnabled
boolean trustFlagsEnabled
-
-
Constructor Details
-
PKCS12Util
- Throws:
Exception
-
-
Method Details
-
setCertEncryption
- Throws:
Exception
-
setCertEncryption
- Throws:
Exception
-
getCertEncryption
-
setKeyEncryption
- Throws:
Exception
-
setKeyEncryption
- Throws:
Exception
-
getKeyEncryption
-
isTrustFlagsEnabled
public boolean isTrustFlagsEnabled() -
setTrustFlagsEnabled
public void setTrustFlagsEnabled(boolean trustFlagsEnabled) -
getTrustFlags
Deprecated.Use PK11Cert.getTrustFlags() instead. -
setTrustFlags
Deprecated.Use PK11Cert.setTrustFlags() instead.- Throws:
Exception
-
addKeyBag
public void addKeyBag(PKCS12KeyInfo keyInfo, Password password, SEQUENCE encSafeContents) throws Exception Add a private key to the PKCS #12 object. The PKCS12KeyInfo object received comes about in two different scenarios: - The private key could be in encrypted byte[] form (e.g. when we have merely loaded a PKCS #12 file for inspection or e.g. to delete a certificate and its associated key). In this case we simply re-use this encrypted private key info byte[]. - The private key could be a be an NSS PrivateKey handle. In this case we must export the PrivateKey from the token to obtain the EncryptedPrivateKeyInfo. The common final step is to add the encrypted private key data to a "Shrouded Key Bag" to the PKCS #12 object. Unencrypted key material is never seen.- Throws:
Exception
-
create_EPKI_with_PBE_SHA1_DES3_CBC
public ASN1Value create_EPKI_with_PBE_SHA1_DES3_CBC(CryptoToken token, PrivateKey privateKey, Password password) throws Exception - Throws:
Exception
-
create_EPKI_with_PBE_PKCS5_PBES2
public ASN1Value create_EPKI_with_PBE_PKCS5_PBES2(CryptoToken token, PrivateKey privateKey, Password password) throws Exception - Throws:
Exception
-
addCertBag
- Throws:
Exception
-
createLocalID
- Throws:
Exception
-
createLocalID
- Throws:
Exception
-
createKeyBagAttrs
- Throws:
Exception
-
createCertBagAttrs
- Throws:
Exception
-
loadFromNSS
- Throws:
Exception
-
loadFromNSS
- Throws:
Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, String nickname, boolean includeKey, boolean includeChain) throws Exception - Throws:
Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, String nickname, boolean includeKey, boolean includeChain, String friendlyName) throws Exception - Throws:
Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, X509Certificate cert, boolean includeKey, boolean includeChain) throws Exception - Throws:
Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, X509Certificate cert, boolean includeKey, boolean includeChain, String friendlyName) throws Exception - Throws:
Exception
-
createCertInfoFromNSS
- Throws:
Exception
-
createCertInfoFromNSS
public PKCS12CertInfo createCertInfoFromNSS(X509Certificate cert, String friendlyName) throws Exception - Throws:
Exception
-
createKeyInfoFromNSS
public PKCS12KeyInfo createKeyInfoFromNSS(X509Certificate cert, PrivateKey privateKey) throws Exception - Throws:
Exception
-
createKeyInfoFromNSS
public PKCS12KeyInfo createKeyInfoFromNSS(X509Certificate cert, PrivateKey privateKey, String friendlyName) throws Exception - Throws:
Exception
-
generatePFX
- Throws:
Exception
-
storeIntoFile
- Throws:
Exception
-
getKeyInfo
Loads key bags (for IMPORT and other operations on existing PKCS #12 files). Does not decrypt EncryptedPrivateKeyInfo values, but stores them in PKCS12KeyInfo objects for possible later use.- Throws:
Exception
-
getCertInfo
- Throws:
Exception
-
getKeyInfos
- Throws:
Exception
-
getCertInfos
- Throws:
Exception
-
loadFromFile
- Throws:
Exception
-
loadFromByteArray
- Throws:
Exception
-
loadFromFile
- Throws:
Exception
-
getPrivateKeyType
-
getCertBySubjectDN
public PKCS12CertInfo getCertBySubjectDN(PKCS12 pkcs12, String subjectDN) throws CertificateException - Throws:
CertificateException
-
importKey
public void importKey(PKCS12 pkcs12, Password password, String nickname, PKCS12KeyInfo keyInfo) throws Exception - Throws:
Exception
-
storeCertIntoNSS
public void storeCertIntoNSS(PKCS12 pkcs12, Password password, PKCS12CertInfo certInfo, boolean overwrite) throws Exception Store a certificate (and key, if present) in NSSDB.- Throws:
Exception
-
storeCertIntoNSS
public void storeCertIntoNSS(PKCS12 pkcs12, Password password, String nickname, boolean overwrite) throws Exception - Throws:
Exception
-
storeIntoNSS
- Throws:
Exception
-