Class PKCS12KeyStoreSpi
- java.lang.Object
-
- java.security.KeyStoreSpi
-
- org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi
-
- All Implemented Interfaces:
PKCSObjectIdentifiers
,X509ObjectIdentifiers
,BCKeyStore
- Direct Known Subclasses:
PKCS12KeyStoreSpi.BCPKCS12KeyStore
,PKCS12KeyStoreSpi.BCPKCS12KeyStore3DES
,PKCS12KeyStoreSpi.DefPKCS12KeyStore
,PKCS12KeyStoreSpi.DefPKCS12KeyStore3DES
public class PKCS12KeyStoreSpi extends java.security.KeyStoreSpi implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
PKCS12KeyStoreSpi.BCPKCS12KeyStore
static class
PKCS12KeyStoreSpi.BCPKCS12KeyStore3DES
static class
PKCS12KeyStoreSpi.DefPKCS12KeyStore
static class
PKCS12KeyStoreSpi.DefPKCS12KeyStore3DES
-
Field Summary
Fields Modifier and Type Field Description protected java.security.SecureRandom
random
-
Fields inherited from interface org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers
bagtypes, canNotDecryptAny, certBag, certTypes, crlBag, crlTypes, data, des_EDE3_CBC, dhKeyAgreement, digestAlgorithm, digestedData, encryptedData, encryptionAlgorithm, envelopedData, id_aa, id_aa_asymmDecryptKeyID, id_aa_cmsAlgorithmProtect, id_aa_commitmentType, id_aa_communityIdentifiers, id_aa_contentHint, id_aa_contentIdentifier, id_aa_contentReference, id_aa_decryptKeyID, id_aa_encrypKeyPref, id_aa_ets_archiveTimestamp, id_aa_ets_certCRLTimestamp, id_aa_ets_certificateRefs, id_aa_ets_certValues, id_aa_ets_commitmentType, id_aa_ets_contentTimestamp, id_aa_ets_escTimeStamp, id_aa_ets_otherSigCert, id_aa_ets_revocationRefs, id_aa_ets_revocationValues, id_aa_ets_signerAttr, id_aa_ets_signerLocation, id_aa_ets_sigPolicyId, id_aa_implCompressAlgs, id_aa_implCryptoAlgs, id_aa_msgSigDigest, id_aa_otherSigCert, id_aa_receiptRequest, id_aa_signatureTimeStampToken, id_aa_signerLocation, id_aa_signingCertificate, id_aa_signingCertificateV2, id_aa_sigPolicyId, id_alg, id_alg_AEADChaCha20Poly1305, id_alg_CMS3DESwrap, id_alg_CMSRC2wrap, id_alg_ESDH, id_alg_hkdf_with_sha256, id_alg_hkdf_with_sha384, id_alg_hkdf_with_sha512, id_alg_hss_lms_hashsig, id_alg_PWRI_KEK, id_alg_SSDH, id_alg_zlibCompress, id_ct, id_ct_authData, id_ct_authEnvelopedData, id_ct_compressedData, id_ct_timestampedData, id_ct_TSTInfo, id_cti, id_cti_ets_proofOfApproval, id_cti_ets_proofOfCreation, id_cti_ets_proofOfDelivery, id_cti_ets_proofOfOrigin, id_cti_ets_proofOfReceipt, id_cti_ets_proofOfSender, id_hmacWithSHA1, id_hmacWithSHA224, id_hmacWithSHA256, id_hmacWithSHA384, id_hmacWithSHA512, id_hmacWithSHA512_224, id_hmacWithSHA512_256, id_mgf1, id_PBES2, id_PBKDF2, id_PBMAC1, id_pSpecified, id_rsa_KEM, id_RSAES_OAEP, id_RSASSA_PSS, id_smime, id_spq, id_spq_ets_unotice, id_spq_ets_uri, id_spq_oid, keyBag, md2, md2WithRSAEncryption, md4, md4WithRSAEncryption, md5, md5WithRSAEncryption, pbeWithMD2AndDES_CBC, pbeWithMD2AndRC2_CBC, pbeWithMD5AndDES_CBC, pbeWithMD5AndRC2_CBC, pbeWithSHA1AndDES_CBC, pbeWithSHA1AndRC2_CBC, pbeWithSHAAnd128BitRC2_CBC, pbeWithSHAAnd128BitRC4, pbeWithSHAAnd2_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC, pbewithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC4, pkcs_1, pkcs_12, pkcs_12PbeIds, pkcs_3, pkcs_5, pkcs_7, pkcs_9, pkcs_9_at_binarySigningTime, pkcs_9_at_challengePassword, pkcs_9_at_contentType, pkcs_9_at_counterSignature, pkcs_9_at_emailAddress, pkcs_9_at_extendedCertificateAttributes, pkcs_9_at_extensionRequest, pkcs_9_at_friendlyName, pkcs_9_at_localKeyId, pkcs_9_at_messageDigest, pkcs_9_at_signingDescription, pkcs_9_at_signingTime, pkcs_9_at_smimeCapabilities, pkcs_9_at_unstructuredAddress, pkcs_9_at_unstructuredName, pkcs8ShroudedKeyBag, preferSignedData, RC2_CBC, rc4, rsaEncryption, safeContentsBag, sdsiCertificate, secretBag, sha1WithRSAEncryption, sha224WithRSAEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption, sha512_224WithRSAEncryption, sha512_256WithRSAEncryption, sha512WithRSAEncryption, signedAndEnvelopedData, signedData, smime_alg, sMIMECapabilitiesVersions, srsaOAEPEncryptionSET, x509Certificate, x509certType, x509Crl
-
Fields inherited from interface org.bouncycastle.asn1.x509.X509ObjectIdentifiers
attributeType, commonName, countryName, crlAccessMethod, id_ad, id_ad_caIssuers, id_ad_ocsp, id_at_name, id_at_organizationIdentifier, id_at_telephoneNumber, id_ce, id_ea_rsa, id_ecdsa_with_shake128, id_ecdsa_with_shake256, id_PasswordBasedMac, id_pda, id_pe, id_pkix, id_rsassa_pss_shake128, id_rsassa_pss_shake256, id_SHA1, localityName, ocspAccessMethod, organization, organizationalUnitName, pkix_algorithms, ripemd160, ripemd160WithRSAEncryption, stateOrProvinceName
-
-
Constructor Summary
Constructors Constructor Description PKCS12KeyStoreSpi(java.security.Provider provider, ASN1ObjectIdentifier keyAlgorithm, ASN1ObjectIdentifier certAlgorithm)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected byte[]
cryptData(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data)
java.util.Enumeration
engineAliases()
boolean
engineContainsAlias(java.lang.String alias)
void
engineDeleteEntry(java.lang.String alias)
this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain[] the store method now prunes out unused certificates from the chain map if they are present.java.security.cert.Certificate
engineGetCertificate(java.lang.String alias)
simply return the cert for the private keyjava.lang.String
engineGetCertificateAlias(java.security.cert.Certificate cert)
java.security.cert.Certificate[]
engineGetCertificateChain(java.lang.String alias)
java.util.Date
engineGetCreationDate(java.lang.String alias)
java.security.Key
engineGetKey(java.lang.String alias, char[] password)
boolean
engineIsCertificateEntry(java.lang.String alias)
boolean
engineIsKeyEntry(java.lang.String alias)
void
engineLoad(java.io.InputStream stream, char[] password)
void
engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate cert)
void
engineSetKeyEntry(java.lang.String alias, byte[] key, java.security.cert.Certificate[] chain)
void
engineSetKeyEntry(java.lang.String alias, java.security.Key key, char[] password, java.security.cert.Certificate[] chain)
int
engineSize()
void
engineStore(java.io.OutputStream stream, char[] password)
void
setRandom(java.security.SecureRandom rand)
set the random source for the key storeprotected java.security.PrivateKey
unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero)
protected byte[]
wrapKey(java.lang.String algorithm, java.security.Key key, PKCS12PBEParams pbeParams, char[] password)
-
-
-
Constructor Detail
-
PKCS12KeyStoreSpi
public PKCS12KeyStoreSpi(java.security.Provider provider, ASN1ObjectIdentifier keyAlgorithm, ASN1ObjectIdentifier certAlgorithm)
-
-
Method Detail
-
setRandom
public void setRandom(java.security.SecureRandom rand)
Description copied from interface:BCKeyStore
set the random source for the key store- Specified by:
setRandom
in interfaceBCKeyStore
-
engineAliases
public java.util.Enumeration engineAliases()
- Specified by:
engineAliases
in classjava.security.KeyStoreSpi
-
engineContainsAlias
public boolean engineContainsAlias(java.lang.String alias)
- Specified by:
engineContainsAlias
in classjava.security.KeyStoreSpi
-
engineDeleteEntry
public void engineDeleteEntry(java.lang.String alias) throws java.security.KeyStoreException
this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain[] the store method now prunes out unused certificates from the chain map if they are present.- Specified by:
engineDeleteEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineGetCertificate
public java.security.cert.Certificate engineGetCertificate(java.lang.String alias)
simply return the cert for the private key- Specified by:
engineGetCertificate
in classjava.security.KeyStoreSpi
-
engineGetCertificateAlias
public java.lang.String engineGetCertificateAlias(java.security.cert.Certificate cert)
- Specified by:
engineGetCertificateAlias
in classjava.security.KeyStoreSpi
-
engineGetCertificateChain
public java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String alias)
- Specified by:
engineGetCertificateChain
in classjava.security.KeyStoreSpi
-
engineGetCreationDate
public java.util.Date engineGetCreationDate(java.lang.String alias)
- Specified by:
engineGetCreationDate
in classjava.security.KeyStoreSpi
-
engineGetKey
public java.security.Key engineGetKey(java.lang.String alias, char[] password) throws java.security.NoSuchAlgorithmException, java.security.UnrecoverableKeyException
- Specified by:
engineGetKey
in classjava.security.KeyStoreSpi
- Throws:
java.security.NoSuchAlgorithmException
java.security.UnrecoverableKeyException
-
engineIsCertificateEntry
public boolean engineIsCertificateEntry(java.lang.String alias)
- Specified by:
engineIsCertificateEntry
in classjava.security.KeyStoreSpi
-
engineIsKeyEntry
public boolean engineIsKeyEntry(java.lang.String alias)
- Specified by:
engineIsKeyEntry
in classjava.security.KeyStoreSpi
-
engineSetCertificateEntry
public void engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate cert) throws java.security.KeyStoreException
- Specified by:
engineSetCertificateEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineSetKeyEntry
public void engineSetKeyEntry(java.lang.String alias, byte[] key, java.security.cert.Certificate[] chain) throws java.security.KeyStoreException
- Specified by:
engineSetKeyEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineSetKeyEntry
public void engineSetKeyEntry(java.lang.String alias, java.security.Key key, char[] password, java.security.cert.Certificate[] chain) throws java.security.KeyStoreException
- Specified by:
engineSetKeyEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineSize
public int engineSize()
- Specified by:
engineSize
in classjava.security.KeyStoreSpi
-
unwrapKey
protected java.security.PrivateKey unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero) throws java.io.IOException
- Throws:
java.io.IOException
-
wrapKey
protected byte[] wrapKey(java.lang.String algorithm, java.security.Key key, PKCS12PBEParams pbeParams, char[] password) throws java.io.IOException
- Throws:
java.io.IOException
-
cryptData
protected byte[] cryptData(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data) throws java.io.IOException
- Throws:
java.io.IOException
-
engineLoad
public void engineLoad(java.io.InputStream stream, char[] password) throws java.io.IOException
- Specified by:
engineLoad
in classjava.security.KeyStoreSpi
- Throws:
java.io.IOException
-
engineStore
public void engineStore(java.io.OutputStream stream, char[] password) throws java.io.IOException
- Specified by:
engineStore
in classjava.security.KeyStoreSpi
- Throws:
java.io.IOException
-
-