Package org.bouncycastle.jcajce

Class BCFKSLoadStoreParameter.Builder

java.lang.Object
org.bouncycastle.jcajce.BCFKSLoadStoreParameter.Builder
Enclosing class:
BCFKSLoadStoreParameter
public static class BCFKSLoadStoreParameter.Builder extends Object

  • Constructor Details

    • Builder

      public Builder()
      Base constructor for creating a LoadStoreParameter for initializing a key store.

    • Builder

      public Builder(OutputStream out, char[] password)
      Base constructor for storing to an OutputStream using a password.
      Parameters:
      out - OutputStream to write KeyStore to.
      password - the password to use to protect the KeyStore.

    • Builder

      public Builder(OutputStream out, KeyStore.ProtectionParameter protectionParameter)
      Base constructor for storing to an OutputStream using a protection parameter.
      Parameters:
      out - OutputStream to write KeyStore to.
      protectionParameter - the protection parameter to use to protect the KeyStore.

    • Builder

      public Builder(OutputStream out, PrivateKey sigKey)
      Base constructor for storing to an OutputStream using a protection parameter.
      Parameters:
      out - OutputStream to write KeyStore to.
      sigKey - the key used to protect the integrity of the key store.

    • Builder

      public Builder(InputStream in, PublicKey sigKey)
      Base constructor for reading a KeyStore from an InputStream using a public key for validation.
      Parameters:
      in - InputStream to load KeyStore to.
      sigKey - the public key parameter to used to verify the KeyStore.

    • Builder

      public Builder(InputStream in, BCFKSLoadStoreParameter.CertChainValidator validator)
      Base constructor for reading a KeyStore from an InputStream using validation based on encapsulated certificates in the KeyStore data.
      Parameters:
      in - InputStream to load KeyStore to.
      validator - the certificate chain validator to check the signing certificates.

    • Builder

      public Builder(InputStream in, char[] password)
      Base constructor for reading a KeyStore from an InputStream using a password.
      Parameters:
      in - InputStream to read the KeyStore from.
      password - the password used to protect the KeyStore.

    • Builder

      public Builder(InputStream in, KeyStore.ProtectionParameter protectionParameter)
      Base constructor for reading a KeyStore from an InputStream using a password.
      Parameters:
      in - InputStream to read the KeyStore from.
      protectionParameter - the protection parameter used to protect the KeyStore.

  • Method Details

    • withStorePBKDFConfig

      public BCFKSLoadStoreParameter.Builder withStorePBKDFConfig(PBKDFConfig storeConfig)
      Configure the PBKDF to use for protecting the KeyStore.
      Parameters:
      storeConfig - the PBKDF config to use for protecting the KeyStore.
      Returns:
      the current Builder instance.

    • withStoreEncryptionAlgorithm

      public BCFKSLoadStoreParameter.Builder withStoreEncryptionAlgorithm(BCFKSLoadStoreParameter.EncryptionAlgorithm encAlg)
      Configure the encryption algorithm to use for protecting the KeyStore and its keys.
      Parameters:
      encAlg - the PBKDF config to use for protecting the KeyStore and its keys.
      Returns:
      the current Builder instance.

    • withStoreMacAlgorithm

      public BCFKSLoadStoreParameter.Builder withStoreMacAlgorithm(BCFKSLoadStoreParameter.MacAlgorithm macAlg)
      Configure the MAC algorithm to use for protecting the KeyStore.
      Parameters:
      macAlg - the PBKDF config to use for protecting the KeyStore.
      Returns:
      the current Builder instance.

    • withCertificates

      public BCFKSLoadStoreParameter.Builder withCertificates(X509Certificate[] certs)
      Add a valid certificate chain where certs[0] is the end-entity matching the private key we are using to sign the key store.
      Parameters:
      certs - an array of X509 certificates.
      Returns:
      the current Builder instance.

    • withStoreSignatureAlgorithm

      public BCFKSLoadStoreParameter.Builder withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm sigAlg)
      Configure the signature algorithm to use for protecting the KeyStore.
      Parameters:
      sigAlg - the signature config to use for protecting the KeyStore.
      Returns:
      the current Builder instance.

    • build

      public BCFKSLoadStoreParameter build()
      Build and return a BCFKSLoadStoreParameter.
      Returns:
      a new BCFKSLoadStoreParameter.