Class PKCS12KeyStoreSpi
java.lang.Object
java.security.KeyStoreSpi
org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi
- All Implemented Interfaces:
PKCSObjectIdentifiers
,X509ObjectIdentifiers
,BCKeyStore
public class PKCS12KeyStoreSpi
extends KeyStoreSpi
implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
static class
static class
static class
-
Field Summary
FieldsFields inherited from interface org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers
bagtypes, canNotDecryptAny, certBag, certTypes, crlBag, crlTypes, data, des_EDE3_CBC, dhKeyAgreement, digestAlgorithm, digestedData, encryptedData, encryptionAlgorithm, envelopedData, id_aa, id_aa_asymmDecryptKeyID, id_aa_cmsAlgorithmProtect, id_aa_commitmentType, id_aa_communityIdentifiers, id_aa_contentHint, id_aa_contentIdentifier, id_aa_contentReference, id_aa_decryptKeyID, id_aa_encrypKeyPref, id_aa_ets_archiveTimestamp, id_aa_ets_certCRLTimestamp, id_aa_ets_certificateRefs, id_aa_ets_certValues, id_aa_ets_commitmentType, id_aa_ets_contentTimestamp, id_aa_ets_escTimeStamp, id_aa_ets_otherSigCert, id_aa_ets_revocationRefs, id_aa_ets_revocationValues, id_aa_ets_signerAttr, id_aa_ets_signerLocation, id_aa_ets_sigPolicyId, id_aa_implCompressAlgs, id_aa_implCryptoAlgs, id_aa_msgSigDigest, id_aa_otherSigCert, id_aa_receiptRequest, id_aa_signatureTimeStampToken, id_aa_signerLocation, id_aa_signingCertificate, id_aa_signingCertificateV2, id_aa_sigPolicyId, id_alg, id_alg_AEADChaCha20Poly1305, id_alg_CMS3DESwrap, id_alg_CMSRC2wrap, id_alg_ESDH, id_alg_hkdf_with_sha256, id_alg_hkdf_with_sha384, id_alg_hkdf_with_sha512, id_alg_hss_lms_hashsig, id_alg_PWRI_KEK, id_alg_SSDH, id_ct, id_ct_authData, id_ct_authEnvelopedData, id_ct_compressedData, id_ct_timestampedData, id_ct_TSTInfo, id_cti, id_cti_ets_proofOfApproval, id_cti_ets_proofOfCreation, id_cti_ets_proofOfDelivery, id_cti_ets_proofOfOrigin, id_cti_ets_proofOfReceipt, id_cti_ets_proofOfSender, id_hmacWithSHA1, id_hmacWithSHA224, id_hmacWithSHA256, id_hmacWithSHA384, id_hmacWithSHA512, id_hmacWithSHA512_224, id_hmacWithSHA512_256, id_mgf1, id_PBES2, id_PBKDF2, id_pSpecified, id_rsa_KEM, id_RSAES_OAEP, id_RSASSA_PSS, id_smime, id_spq, id_spq_ets_unotice, id_spq_ets_uri, keyBag, md2, md2WithRSAEncryption, md4, md4WithRSAEncryption, md5, md5WithRSAEncryption, pbeWithMD2AndDES_CBC, pbeWithMD2AndRC2_CBC, pbeWithMD5AndDES_CBC, pbeWithMD5AndRC2_CBC, pbeWithSHA1AndDES_CBC, pbeWithSHA1AndRC2_CBC, pbeWithSHAAnd128BitRC2_CBC, pbeWithSHAAnd128BitRC4, pbeWithSHAAnd2_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC, pbewithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC2_CBC, pbeWithSHAAnd40BitRC4, pkcs_1, pkcs_12, pkcs_12PbeIds, pkcs_3, pkcs_5, pkcs_7, pkcs_9, pkcs_9_at_binarySigningTime, pkcs_9_at_challengePassword, pkcs_9_at_contentType, pkcs_9_at_counterSignature, pkcs_9_at_emailAddress, pkcs_9_at_extendedCertificateAttributes, pkcs_9_at_extensionRequest, pkcs_9_at_friendlyName, pkcs_9_at_localKeyId, pkcs_9_at_messageDigest, pkcs_9_at_signingDescription, pkcs_9_at_signingTime, pkcs_9_at_smimeCapabilities, pkcs_9_at_unstructuredAddress, pkcs_9_at_unstructuredName, pkcs8ShroudedKeyBag, preferSignedData, RC2_CBC, rc4, rsaEncryption, safeContentsBag, sdsiCertificate, secretBag, sha1WithRSAEncryption, sha224WithRSAEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption, sha512_224WithRSAEncryption, sha512_256WithRSAEncryption, sha512WithRSAEncryption, signedAndEnvelopedData, signedData, sMIMECapabilitiesVersions, srsaOAEPEncryptionSET, x509Certificate, x509certType, x509Crl
Fields inherited from interface org.bouncycastle.asn1.x509.X509ObjectIdentifiers
commonName, countryName, crlAccessMethod, id_ad, id_ad_caIssuers, id_ad_ocsp, id_at_name, id_at_organizationIdentifier, id_at_telephoneNumber, id_ce, id_ea_rsa, id_ecdsa_with_shake128, id_ecdsa_with_shake256, id_pe, id_pkix, id_rsassa_pss_shake128, id_rsassa_pss_shake256, id_SHA1, localityName, ocspAccessMethod, organization, organizationalUnitName, ripemd160, ripemd160WithRSAEncryption, stateOrProvinceName
-
Constructor Summary
ConstructorsConstructorDescriptionPKCS12KeyStoreSpi
(JcaJceHelper helper, ASN1ObjectIdentifier keyAlgorithm, ASN1ObjectIdentifier certAlgorithm) -
Method Summary
Modifier and TypeMethodDescriptionprotected byte[]
cryptData
(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data) boolean
engineContainsAlias
(String alias) void
engineDeleteEntry
(String alias) this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain... the store method now prunes out unused certificates from the chain map if they are present.engineGetCertificate
(String alias) simply return the cert for the private keyengineGetCertificateChain
(String alias) engineGetCreationDate
(String alias) engineGetKey
(String alias, char[] password) boolean
engineIsCertificateEntry
(String alias) boolean
engineIsKeyEntry
(String alias) void
engineLoad
(InputStream stream, char[] password) void
engineLoad
(KeyStore.LoadStoreParameter loadStoreParameter) boolean
engineProbe
(InputStream stream) void
engineSetCertificateEntry
(String alias, Certificate cert) void
engineSetKeyEntry
(String alias, byte[] key, Certificate[] chain) void
engineSetKeyEntry
(String alias, Key key, char[] password, Certificate[] chain) int
void
engineStore
(OutputStream stream, char[] password) void
void
setRandom
(SecureRandom rand) set the random source for the key storeprotected PrivateKey
unwrapKey
(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero) protected byte[]
wrapKey
(String algorithm, Key key, PKCS12PBEParams pbeParams, char[] password) Methods inherited from class java.security.KeyStoreSpi
engineEntryInstanceOf, engineGetEntry, engineSetEntry
-
Field Details
-
random
-
-
Constructor Details
-
PKCS12KeyStoreSpi
public PKCS12KeyStoreSpi(JcaJceHelper helper, ASN1ObjectIdentifier keyAlgorithm, ASN1ObjectIdentifier certAlgorithm)
-
-
Method Details
-
setRandom
Description copied from interface:BCKeyStore
set the random source for the key store- Specified by:
setRandom
in interfaceBCKeyStore
-
engineProbe
- Overrides:
engineProbe
in classKeyStoreSpi
- Throws:
IOException
-
engineAliases
- Specified by:
engineAliases
in classKeyStoreSpi
-
engineContainsAlias
- Specified by:
engineContainsAlias
in classKeyStoreSpi
-
engineDeleteEntry
this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain... the store method now prunes out unused certificates from the chain map if they are present.- Specified by:
engineDeleteEntry
in classKeyStoreSpi
- Throws:
KeyStoreException
-
engineGetCertificate
simply return the cert for the private key- Specified by:
engineGetCertificate
in classKeyStoreSpi
-
engineGetCertificateAlias
- Specified by:
engineGetCertificateAlias
in classKeyStoreSpi
-
engineGetCertificateChain
- Specified by:
engineGetCertificateChain
in classKeyStoreSpi
-
engineGetCreationDate
- Specified by:
engineGetCreationDate
in classKeyStoreSpi
-
engineGetKey
public Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException - Specified by:
engineGetKey
in classKeyStoreSpi
- Throws:
NoSuchAlgorithmException
UnrecoverableKeyException
-
engineIsCertificateEntry
- Specified by:
engineIsCertificateEntry
in classKeyStoreSpi
-
engineIsKeyEntry
- Specified by:
engineIsKeyEntry
in classKeyStoreSpi
-
engineSetCertificateEntry
- Specified by:
engineSetCertificateEntry
in classKeyStoreSpi
- Throws:
KeyStoreException
-
engineSetKeyEntry
public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) throws KeyStoreException - Specified by:
engineSetKeyEntry
in classKeyStoreSpi
- Throws:
KeyStoreException
-
engineSetKeyEntry
public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) throws KeyStoreException - Specified by:
engineSetKeyEntry
in classKeyStoreSpi
- Throws:
KeyStoreException
-
engineSize
public int engineSize()- Specified by:
engineSize
in classKeyStoreSpi
-
unwrapKey
protected PrivateKey unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero) throws IOException - Throws:
IOException
-
wrapKey
protected byte[] wrapKey(String algorithm, Key key, PKCS12PBEParams pbeParams, char[] password) throws IOException - Throws:
IOException
-
cryptData
protected byte[] cryptData(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data) throws IOException - Throws:
IOException
-
engineLoad
public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException, NoSuchAlgorithmException, CertificateException - Overrides:
engineLoad
in classKeyStoreSpi
- Throws:
IOException
NoSuchAlgorithmException
CertificateException
-
engineLoad
- Specified by:
engineLoad
in classKeyStoreSpi
- Throws:
IOException
-
engineStore
public void engineStore(KeyStore.LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException - Overrides:
engineStore
in classKeyStoreSpi
- Throws:
IOException
NoSuchAlgorithmException
CertificateException
-
engineStore
- Specified by:
engineStore
in classKeyStoreSpi
- Throws:
IOException
-