Class PKCS12KeyStoreSpi
- java.lang.Object
-
- java.security.KeyStoreSpi
-
- org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi
-
- All Implemented Interfaces:
PKCSObjectIdentifiers
,X509ObjectIdentifiers
,BCKeyStore
- Direct Known Subclasses:
PKCS12KeyStoreSpi.BCPKCS12KeyStore
,PKCS12KeyStoreSpi.BCPKCS12KeyStore3DES
,PKCS12KeyStoreSpi.DefPKCS12KeyStore
,PKCS12KeyStoreSpi.DefPKCS12KeyStore3DES
public class PKCS12KeyStoreSpi extends java.security.KeyStoreSpi implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
PKCS12KeyStoreSpi.BCPKCS12KeyStore
static class
PKCS12KeyStoreSpi.BCPKCS12KeyStore3DES
static class
PKCS12KeyStoreSpi.DefPKCS12KeyStore
static class
PKCS12KeyStoreSpi.DefPKCS12KeyStore3DES
-
Field Summary
Fields Modifier and Type Field Description protected java.security.SecureRandom
random
-
Fields inherited from interface org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers
bagtypes, canNotDecryptAny, certBag, certTypes, crlBag, crlTypes, data, des_EDE3_CBC, dhKeyAgreement, digestAlgorithm, digestedData, encryptedData, encryptionAlgorithm, envelopedData, id_aa, id_aa_asymmDecryptKeyID, id_aa_cmsAlgorithmProtect, id_aa_commitmentType, id_aa_communityIdentifiers, id_aa_contentHint, id_aa_contentIdentifier, id_aa_contentReference, id_aa_decryptKeyID, id_aa_encrypKeyPref, id_aa_ets_archiveTimestamp, id_aa_ets_certCRLTimestamp, id_aa_ets_certificateRefs, id_aa_ets_certValues, id_aa_ets_commitmentType, id_aa_ets_contentTimestamp, id_aa_ets_escTimeStamp, id_aa_ets_otherSigCert, id_aa_ets_revocationRefs, id_aa_ets_revocationValues, id_aa_ets_signerAttr, id_aa_ets_signerLocation, id_aa_ets_sigPolicyId, id_aa_implCompressAlgs, id_aa_implCryptoAlgs, id_aa_msgSigDigest, id_aa_otherSigCert, id_aa_receiptRequest, id_aa_signatureTimeStampToken, id_aa_signerLocation, id_aa_signingCertificate, id_aa_signingCertificateV2, id_aa_sigPolicyId, id_alg, id_alg_AEADChaCha20Poly1305, id_alg_CMS3DESwrap, id_alg_CMSRC2wrap, id_alg_ESDH, id_alg_hkdf_with_sha256, id_alg_hkdf_with_sha384, id_alg_hkdf_with_sha512, id_alg_hss_lms_hashsig, id_alg_PWRI_KEK, id_alg_SSDH, id_ct, id_ct_authData, id_ct_authEnvelopedData, id_ct_compressedData, id_ct_timestampedData, id_ct_TSTInfo, id_cti, id_cti_ets_proofOfApproval, id_cti_ets_proofOfCreation, id_cti_ets_proofOfDelivery, id_cti_ets_proofOfOrigin, id_cti_ets_proofOfReceipt, id_cti_ets_proofOfSender, id_hmacWithSHA1, id_hmacWithSHA224, id_hmacWithSHA256, id_hmacWithSHA384, id_hmacWithSHA512, id_mgf1, id_PBES2, id_PBKDF2, id_pSpecified, id_rsa_KEM, id_RSAES_OAEP, id_RSASSA_PSS, id_smime, id_spq, id_spq_ets_unotice, id_spq_ets_uri, keyBag, md2, md2WithRSAEncryption, md4, md4WithRSAEncryption, md5, md5WithRSAEncryption, pbeWithMD2AndDES_CBC, pbeWithMD2AndRC2_CBC, pbeWithMD5AndDES_CBC, pbeWithMD5AndRC2_CBC, pbeWithSHA1AndDES_CBC, pbeWithSHA1AndRC2_CBC, pbeWithSHAAnd128BitRC2_CBC, pbeWithSHAAnd128BitRC4, pbeWithSHAAnd2_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC, pbewithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC4, pkcs_1, pkcs_12, pkcs_12PbeIds, pkcs_3, pkcs_5, pkcs_7, pkcs_9, pkcs_9_at_challengePassword, pkcs_9_at_contentType, pkcs_9_at_counterSignature, pkcs_9_at_emailAddress, pkcs_9_at_extendedCertificateAttributes, pkcs_9_at_extensionRequest, pkcs_9_at_friendlyName, pkcs_9_at_localKeyId, pkcs_9_at_messageDigest, pkcs_9_at_signingDescription, pkcs_9_at_signingTime, pkcs_9_at_smimeCapabilities, pkcs_9_at_unstructuredAddress, pkcs_9_at_unstructuredName, pkcs8ShroudedKeyBag, preferSignedData, RC2_CBC, rc4, rsaEncryption, safeContentsBag, sdsiCertificate, secretBag, sha1WithRSAEncryption, sha224WithRSAEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption, sha512_224WithRSAEncryption, sha512_256WithRSAEncryption, sha512WithRSAEncryption, signedAndEnvelopedData, signedData, sMIMECapabilitiesVersions, srsaOAEPEncryptionSET, x509Certificate, x509certType, x509Crl
-
Fields inherited from interface org.bouncycastle.asn1.x509.X509ObjectIdentifiers
commonName, countryName, crlAccessMethod, id_ad, id_ad_caIssuers, id_ad_ocsp, id_at_name, id_at_organizationIdentifier, id_at_telephoneNumber, id_ce, id_ea_rsa, id_ecdsa_with_shake128, id_ecdsa_with_shake256, id_pe, id_pkix, id_rsassa_pss_shake128, id_rsassa_pss_shake256, id_SHA1, localityName, ocspAccessMethod, organization, organizationalUnitName, ripemd160, ripemd160WithRSAEncryption, stateOrProvinceName
-
-
Constructor Summary
Constructors Constructor Description PKCS12KeyStoreSpi(JcaJceHelper helper, ASN1ObjectIdentifier keyAlgorithm, ASN1ObjectIdentifier certAlgorithm)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected byte[]
cryptData(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data)
java.util.Enumeration
engineAliases()
boolean
engineContainsAlias(java.lang.String alias)
void
engineDeleteEntry(java.lang.String alias)
this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain... the store method now prunes out unused certificates from the chain map if they are present.java.security.cert.Certificate
engineGetCertificate(java.lang.String alias)
simply return the cert for the private keyjava.lang.String
engineGetCertificateAlias(java.security.cert.Certificate cert)
java.security.cert.Certificate[]
engineGetCertificateChain(java.lang.String alias)
java.util.Date
engineGetCreationDate(java.lang.String alias)
java.security.Key
engineGetKey(java.lang.String alias, char[] password)
boolean
engineIsCertificateEntry(java.lang.String alias)
boolean
engineIsKeyEntry(java.lang.String alias)
void
engineLoad(java.io.InputStream stream, char[] password)
void
engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate cert)
void
engineSetKeyEntry(java.lang.String alias, byte[] key, java.security.cert.Certificate[] chain)
void
engineSetKeyEntry(java.lang.String alias, java.security.Key key, char[] password, java.security.cert.Certificate[] chain)
int
engineSize()
void
engineStore(java.io.OutputStream stream, char[] password)
void
engineStore(java.security.KeyStore.LoadStoreParameter param)
void
setRandom(java.security.SecureRandom rand)
set the random source for the key storeprotected java.security.PrivateKey
unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero)
protected byte[]
wrapKey(java.lang.String algorithm, java.security.Key key, PKCS12PBEParams pbeParams, char[] password)
-
-
-
Constructor Detail
-
PKCS12KeyStoreSpi
public PKCS12KeyStoreSpi(JcaJceHelper helper, ASN1ObjectIdentifier keyAlgorithm, ASN1ObjectIdentifier certAlgorithm)
-
-
Method Detail
-
setRandom
public void setRandom(java.security.SecureRandom rand)
Description copied from interface:BCKeyStore
set the random source for the key store- Specified by:
setRandom
in interfaceBCKeyStore
-
engineAliases
public java.util.Enumeration engineAliases()
- Specified by:
engineAliases
in classjava.security.KeyStoreSpi
-
engineContainsAlias
public boolean engineContainsAlias(java.lang.String alias)
- Specified by:
engineContainsAlias
in classjava.security.KeyStoreSpi
-
engineDeleteEntry
public void engineDeleteEntry(java.lang.String alias) throws java.security.KeyStoreException
this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain... the store method now prunes out unused certificates from the chain map if they are present.- Specified by:
engineDeleteEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineGetCertificate
public java.security.cert.Certificate engineGetCertificate(java.lang.String alias)
simply return the cert for the private key- Specified by:
engineGetCertificate
in classjava.security.KeyStoreSpi
-
engineGetCertificateAlias
public java.lang.String engineGetCertificateAlias(java.security.cert.Certificate cert)
- Specified by:
engineGetCertificateAlias
in classjava.security.KeyStoreSpi
-
engineGetCertificateChain
public java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String alias)
- Specified by:
engineGetCertificateChain
in classjava.security.KeyStoreSpi
-
engineGetCreationDate
public java.util.Date engineGetCreationDate(java.lang.String alias)
- Specified by:
engineGetCreationDate
in classjava.security.KeyStoreSpi
-
engineGetKey
public java.security.Key engineGetKey(java.lang.String alias, char[] password) throws java.security.NoSuchAlgorithmException, java.security.UnrecoverableKeyException
- Specified by:
engineGetKey
in classjava.security.KeyStoreSpi
- Throws:
java.security.NoSuchAlgorithmException
java.security.UnrecoverableKeyException
-
engineIsCertificateEntry
public boolean engineIsCertificateEntry(java.lang.String alias)
- Specified by:
engineIsCertificateEntry
in classjava.security.KeyStoreSpi
-
engineIsKeyEntry
public boolean engineIsKeyEntry(java.lang.String alias)
- Specified by:
engineIsKeyEntry
in classjava.security.KeyStoreSpi
-
engineSetCertificateEntry
public void engineSetCertificateEntry(java.lang.String alias, java.security.cert.Certificate cert) throws java.security.KeyStoreException
- Specified by:
engineSetCertificateEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineSetKeyEntry
public void engineSetKeyEntry(java.lang.String alias, byte[] key, java.security.cert.Certificate[] chain) throws java.security.KeyStoreException
- Specified by:
engineSetKeyEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineSetKeyEntry
public void engineSetKeyEntry(java.lang.String alias, java.security.Key key, char[] password, java.security.cert.Certificate[] chain) throws java.security.KeyStoreException
- Specified by:
engineSetKeyEntry
in classjava.security.KeyStoreSpi
- Throws:
java.security.KeyStoreException
-
engineSize
public int engineSize()
- Specified by:
engineSize
in classjava.security.KeyStoreSpi
-
unwrapKey
protected java.security.PrivateKey unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero) throws java.io.IOException
- Throws:
java.io.IOException
-
wrapKey
protected byte[] wrapKey(java.lang.String algorithm, java.security.Key key, PKCS12PBEParams pbeParams, char[] password) throws java.io.IOException
- Throws:
java.io.IOException
-
cryptData
protected byte[] cryptData(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data) throws java.io.IOException
- Throws:
java.io.IOException
-
engineLoad
public void engineLoad(java.io.InputStream stream, char[] password) throws java.io.IOException
- Specified by:
engineLoad
in classjava.security.KeyStoreSpi
- Throws:
java.io.IOException
-
engineStore
public void engineStore(java.security.KeyStore.LoadStoreParameter param) throws java.io.IOException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException
- Overrides:
engineStore
in classjava.security.KeyStoreSpi
- Throws:
java.io.IOException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException
-
engineStore
public void engineStore(java.io.OutputStream stream, char[] password) throws java.io.IOException
- Specified by:
engineStore
in classjava.security.KeyStoreSpi
- Throws:
java.io.IOException
-
-