PKCS12KeyRetriever (Oracle Security Developer Tools XML Security Java API Reference)

Overview

Package

Class

Tree

Deprecated

Index

Help

Oracle Security Developer Tools XML Security Java API Reference
11g (11.1.1)
E10680-02

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.xmlsec.keys.retrieval
Class PKCS12KeyRetriever

java.lang.Object oracle.security.xmlsec.keys.retrieval.KeyRetriever oracle.security.xmlsec.keys.retrieval.PKCS12KeyRetriever

public class PKCS12KeyRetriever

extends KeyRetriever

Class to retrieve keys and certificates from a PKCS #12 file.

Note: StorageAuthenticators used with this class must override the StorageAuthenticator.getPassword() method.

Since:: 2.0

Constructor Summary
`PKCS12KeyRetriever(java.io.InputStream p12Stream)` Creates a new `PKCS12KeyRetriever` instance.
`PKCS12KeyRetriever(oracle.security.crypto.cert.PKCS12 pkcs12)` Creates a new `PKCS12KeyRetriever` instance.

Method Summary
`java.security.cert.X509Certificate`	`retrieveCertificate(KeyInfoData keyInfo)` Finds a certificate in the PKCS#12 by matching information in the given `KeyInfoData`'s KeyName or X509Data elements.
`java.security.PrivateKey`	`retrievePrivateKey(KeyInfoData keyInfo)` Finds a private key in the PKCS#12 by matching information in the given `KeyInfoData`'s KeyName element.
`java.security.PublicKey`	`retrievePublicKey(KeyInfoData keyInfo)` Finds a public key in the PKCS#12 by retrieving the certificate that matches information in the given `KeyInfoData`'s KeyName or X509Data elements.

Methods inherited from class oracle.security.xmlsec.keys.retrieval.KeyRetriever
`addKeyRetriever, getAuthenticator, getCertificate, getCertificate, getPrivateKey, getPrivateKey, getPublicKey, getPublicKey, getSymmetricKey, getSymmetricKey, removeKeyRetriever, retrieveCertificate, retrievePrivateKey, retrievePublicKey, retrieveSymmetricKey, retrieveSymmetricKey, setAuthenticator, setCertificateValidator, validateCertificate, validateCertificate, validateCertificate`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

PKCS12KeyRetriever

public PKCS12KeyRetriever(java.io.InputStream p12Stream)
                   throws java.io.IOException

Creates a new PKCS12KeyRetriever instance.

Parameters:: p12Stream - An input stream containing the PKCS #12.
Throws:: java.io.IOException

PKCS12KeyRetriever

public PKCS12KeyRetriever(oracle.security.crypto.cert.PKCS12 pkcs12)
                   throws java.io.IOException

Creates a new PKCS12KeyRetriever instance.

Parameters:: pkcs12 - The PKCS #12 object.
Throws:: java.io.IOException

Method Detail

retrievePublicKey

public java.security.PublicKey retrievePublicKey(KeyInfoData keyInfo)
                                          throws KeyRetrievalException

Finds a public key in the PKCS#12 by retrieving the certificate that matches information in the given KeyInfoData's KeyName or X509Data elements.

For a KeyName element, any of the following values may be used:

Subject name -- the X.500 directory name of the certificate's subject.
Common name -- the common name (CN) component of the subject name.
Email address -- the email address of the subject, contained in either the certificate subject name or in a Subject Alternative Name extension.
Friendly name -- the PKCS#12 friendly name of the certificate.
Local key ID -- the PKCS#12 local key ID for the certificate.

For a X509Data element, any of the following child element types may be used:

X509SubjectName -- the X.500 directory name ofthe certificate's subject.
X509IssuerSerial -- the X.500 directory name of the certificate's issuer and the serial number of the certificate.
X509SKI -- the certificate key ID contained in a Subject Key Identifier extension.

Overrides:: retrievePublicKey in class KeyRetriever

Parameters:: keyInfo - A KeyInfoData to be used to locate the public key.
Returns:: A PublicKey, or null if none could be located.
Throws:: StorageAuthenticationException - If an error occurs authenticating to the key source.; KeyRetrievalException
See Also:: KeyName, X509Data

retrieveCertificate

public java.security.cert.X509Certificate retrieveCertificate(KeyInfoData keyInfo)
                                                       throws KeyRetrievalException

Finds a certificate in the PKCS#12 by matching information in the given KeyInfoData's KeyName or X509Data elements.

For a KeyName element, any of the following values may be used:

Subject name -- the X.500 directory name of the certificate's subject.
Common name -- the common name (CN) component of the subject name.
Email address -- the email address of the subject, contained in either the certificate subject name or in a Subject Alternative Name extension.
Friendly name -- the PKCS#12 friendly name of the certificate.
Local key ID -- the PKCS#12 local key ID for the certificate.

For a X509Data element, any of the following child element types may be used:

X509SubjectName -- the X.500 directory name ofthe certificate's subject.
X509IssuerSerial -- the X.500 directory name of the certificate's issuer and the serial number of the certificate.
X509SKI -- the certificate key ID contained in a Subject Key Identifier extension.

Overrides:: retrieveCertificate in class KeyRetriever

Parameters:: keyInfo - A KeyInfoData to be used to locate the certificate.
Returns:: A X509Certificate, or null if none could be located.
Throws:: StorageAuthenticationException - If an error occurs authenticating to the key source.; KeyRetrievalException
See Also:: KeyName, X509Data

retrievePrivateKey

public java.security.PrivateKey retrievePrivateKey(KeyInfoData keyInfo)
                                            throws KeyRetrievalException

Finds a private key in the PKCS#12 by matching information in the given KeyInfoData's KeyName element.

For a KeyName element, any of the following values may be used:

Friendly name -- the PKCS#12 friendly name of the private key.
Local key ID -- the PKCS#12 local key ID for the private key.

Overrides:: retrievePrivateKey in class KeyRetriever

Parameters:: keyInfo - A KeyInfoData to be used to locate the private key.
Returns:: A PrivateKey, or null if none could be located.
Throws:: StorageAuthenticationException - If an error occurs authenticating to the key source.; KeyRetrievalException
See Also:: KeyName