Package org.mozilla.jss.pkix.primitive
Class EncryptedPrivateKeyInfo
java.lang.Object
org.mozilla.jss.pkix.primitive.EncryptedPrivateKeyInfo
- All Implemented Interfaces:
ASN1Value
PKCS #8 EncryptedPrivateKeyInfo.
EncryptedPrivateKeyInfo ::= SEQUENCE { encryptionAlgorithm AlgorithmIdentifier, encryptedData OCTET STRING }
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
A template class for decoding EncryptedPrivateKeyInfos from BER. -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate OCTET_STRING
private AlgorithmIdentifier
private SEQUENCE
private static final Tag
private static final EncryptedPrivateKeyInfo.Template
-
Constructor Summary
ConstructorsConstructorDescriptionEncryptedPrivateKeyInfo
(AlgorithmIdentifier encryptionAlgorithm, OCTET_STRING encryptedData) Creates an EncryptedPrivateKeyInfo from its components. -
Method Summary
Modifier and TypeMethodDescriptionstatic EncryptedPrivateKeyInfo
createPBE
(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKey pri, CryptoToken token) Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key- with wrapping/unwrapping happening on token.static EncryptedPrivateKeyInfo
createPBE
(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo pki) Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key.static EncryptedPrivateKeyInfo
createPBES2
(int saltLen, int kdfIterations, EncryptionAlgorithm encAlg, Password pwd, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo privateKeyInfo) Export a private key in PBES2 format, using a random PBKDF2 salt.decrypt
(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) Decrypts an EncryptedPrivateKeyInfo that was encrypted with a PBE algorithm.void
encode
(OutputStream ostream) Write this value's DER encoding to an output stream using its own base tag.void
encode
(Tag implicitTag, OutputStream ostream) Write this value's DER encoding to an output stream using an implicit tag.getTag()
Returns the base tag for this type, not counting any tags that may be imposed on it by its context.
-
Field Details
-
encryptionAlgorithm
-
encryptedData
-
sequence
-
TAG
-
templateInstance
-
-
Constructor Details
-
EncryptedPrivateKeyInfo
Creates an EncryptedPrivateKeyInfo from its components.
-
-
Method Details
-
getEncryptionAlgorithm
-
getEncryptedData
-
createPBE
public static EncryptedPrivateKeyInfo createPBE(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo pki) throws NotInitializedException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, CharConversionException Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key.- Parameters:
pbeAlg
- The algorithm for generating a symmetric key from a password, salt, and iteration count.password
- The password to use in generating the key.salt
- The salt to use in generating the key.iterationCount
- The number of hashing iterations to perform while generating the key.charToByteConverter
- The mechanism for converting the characters in the password into bytes. If null, the default mechanism will be used, which is UTF8.pki
- The PrivateKeyInfo to be encrypted and stored in the EncryptedContentInfo. Before they are encrypted, they will be padded using PKCS padding.- Throws:
NotInitializedException
NoSuchAlgorithmException
InvalidKeyException
InvalidAlgorithmParameterException
TokenException
CharConversionException
-
createPBES2
public static EncryptedPrivateKeyInfo createPBES2(int saltLen, int kdfIterations, EncryptionAlgorithm encAlg, Password pwd, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo privateKeyInfo) throws NotInitializedException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, CharConversionException Export a private key in PBES2 format, using a random PBKDF2 salt. Token must support the CKM_PKCS5_PBKD2 mechanism.- Parameters:
saltLen
- Length of salt in bytes (default: 16)kdfIterations
- PBKDF2 iterations (default: 2000)encAlg
- The symmetric encryption algorithm for enciphering the private key. Determines the size of derived key.pwd
- PasswordcharToByteConverter
- The mechanism for converting the characters in the password into bytes. If null, the default mechanism will be used, which is UTF8.privateKeyInfo
- The encoded PrivateKeyInfo to be encrypted and stored in the EncryptedContentInfo.- Throws:
NotInitializedException
NoSuchAlgorithmException
InvalidKeyException
InvalidAlgorithmParameterException
TokenException
CharConversionException
-
createPBE
public static EncryptedPrivateKeyInfo createPBE(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKey pri, CryptoToken token) throws NotInitializedException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, CharConversionException Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key- with wrapping/unwrapping happening on token.- Parameters:
pbeAlg
- The algorithm for generating a symmetric key from a password, salt, and iteration count.password
- The password to use in generating the key.salt
- The salt to use in generating the key.iterationCount
- The number of hashing iterations to perform while generating the key.charToByteConverter
- The mechanism for converting the characters in the password into bytes. If null, the default mechanism will be used, which is UTF8.pri
- The PrivateKey to be encrypted and stored in the EncryptedContentInfo.- Throws:
NotInitializedException
NoSuchAlgorithmException
InvalidKeyException
InvalidAlgorithmParameterException
TokenException
CharConversionException
-
decrypt
public PrivateKeyInfo decrypt(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) throws NotInitializedException, NoSuchAlgorithmException, InvalidBERException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, IllegalBlockSizeException, BadPaddingException, CharConversionException Decrypts an EncryptedPrivateKeyInfo that was encrypted with a PBE algorithm. The algorithm and its parameters are extracted from the EncryptedPrivateKeyInfo.- Parameters:
pass
- The password to use to generate the PBE key.charToByteConverter
- The converter to change the password characters to bytes. If null, the default conversion is used.- Throws:
NotInitializedException
NoSuchAlgorithmException
InvalidBERException
InvalidKeyException
InvalidAlgorithmParameterException
TokenException
IllegalBlockSizeException
BadPaddingException
CharConversionException
-
getTag
Description copied from interface:ASN1Value
Returns the base tag for this type, not counting any tags that may be imposed on it by its context. -
encode
Description copied from interface:ASN1Value
Write this value's DER encoding to an output stream using its own base tag.- Specified by:
encode
in interfaceASN1Value
- Parameters:
ostream
- Output stream.- Throws:
IOException
- If an error occurred.
-
encode
Description copied from interface:ASN1Value
Write this value's DER encoding to an output stream using an implicit tag.- Specified by:
encode
in interfaceASN1Value
- Parameters:
implicitTag
- Implicit tag.ostream
- Output stream.- Throws:
IOException
- If an error occurred.
-
getTemplate
-