public class PrivateKeyPKCS8 extends java.lang.Object implements ASN1Object, PrivateKey
When a PrivateKeyPKCS8 is constructed from components, the private key is encrypted when any of the methods
getContents()
, getEncoded()
, output(java.io.OutputStream)
or length()
are called.
When a PrivateKeyPKCS8 is instantiated by inputting its encoding from a stream or file, the private key is decrypted immediately if the password has been set or made available to the constructor. If the password has not been provided, the private key will not be decrypted until the
getKey()
method is called. Note that the getKey()
method is invoked by the methods getAlgID()
, getAlgorithm()
, getFormat()
and getBitLength()
.
PBE
, Serialized FormConstructor and Description |
---|
PrivateKeyPKCS8()
Creates a new instance with the default encryption mode for the
PKCS5 class and the default random bits source. |
PrivateKeyPKCS8(AlgorithmIdentifier algID)
Creates a new PrivateKeyPKCS8 instance using the specified AlgorithmIdentifier.
|
PrivateKeyPKCS8(ASN1ObjectID oid)
Creates a new PrivateKeyPKCS8 instance using the specified OID.
|
PrivateKeyPKCS8(ASN1ObjectID oid, RandomBitsSource rbs)
Creates a new PrivateKeyPKCS8 instance using the specified OID.
|
PrivateKeyPKCS8(ASN1Sequence s)
Deprecated.
|
PrivateKeyPKCS8(java.io.InputStream is)
Creates a new PrivateKeyPKCS8 instance from the specified input stream.
|
PrivateKeyPKCS8(int mode)
Deprecated.
|
PrivateKeyPKCS8(int mode, RandomBitsSource rbs)
Deprecated.
|
PrivateKeyPKCS8(PrivateKey key)
Deprecated.
|
PrivateKeyPKCS8(PrivateKey key, int mode)
Deprecated.
|
PrivateKeyPKCS8(PrivateKey key, int mode, RandomBitsSource rbs)
Deprecated.
|
PrivateKeyPKCS8(PrivateKey key, RandomBitsSource rbs)
Deprecated.
|
PrivateKeyPKCS8(PrivateKey key, java.lang.String password)
Creates a new PrivateKeyPKCS8 instance with the specified parameters.
|
PrivateKeyPKCS8(PrivateKey key, java.lang.String password, AlgorithmIdentifier algID)
Creates a new PrivateKeyPKCS8 instance using the specified AlgorithmIdentifier.
|
PrivateKeyPKCS8(PrivateKey key, java.lang.String password, ASN1ObjectID oid, RandomBitsSource rbs)
Creates a new PrivateKeyPKCS8 instance using the specified OID.
|
PrivateKeyPKCS8(PrivateKey key, java.lang.String passwd, int mode)
Deprecated.
|
PrivateKeyPKCS8(PrivateKey key, java.lang.String passwd, int mode, RandomBitsSource rbs)
Deprecated.
|
PrivateKeyPKCS8(java.lang.String password, ASN1Sequence s)
Deprecated.
|
PrivateKeyPKCS8(java.lang.String password, java.io.File f)
Deprecated.
|
PrivateKeyPKCS8(java.lang.String password, java.io.InputStream is)
Deprecated.
|
PrivateKeyPKCS8(java.lang.String passwd, PrivateKey key)
Deprecated.
|
PrivateKeyPKCS8(java.lang.String passwd, PrivateKey key, RandomBitsSource rbs)
Deprecated.
|
Modifier and Type | Method and Description |
---|---|
protected void |
assertAllowExport()
If either this key's export flag or the global export flag is set to
false , this method throws a KeyExportException . |
java.lang.Object |
clone()
Creates a clone of the instance.
|
void |
erase()
Sets the encrypted and unencrypted private key to
null . |
AlgorithmIdentifier |
getAlgID()
Returns the AlgorithmIdentifier of the underlying PrivateKey, or
null if the key has not been input or set, or the key cannot be decrypted. |
java.lang.String |
getAlgorithm()
Returns the algorithm of the underlying PrivateKey, or
null if the underlying key hasn't been input or set, or if the key cannot be decrypted. |
boolean |
getAllowExport()
Returns
false if plaintext export of this key's key material is not allowed; returns true if plaintext export is allowed. |
int |
getBitLength()
Returns the bit length of the underlying PrivateKey or
0 if the underlying key hasn't been input or set or if the key cannot be decrypted. |
ASN1Object |
getContents()
Returns the ASN1Object that is output to the
output(OutputStream os) method. |
byte[] |
getEncoded()
Returns the bytes that are output from the
output(OutputStream os) method. |
java.lang.String |
getFormat()
Returns the format of the underlying PrivateKey or
null if the underlying key hasn't been input or set, or if the key cannot be decrypted. |
PrivateKey |
getKey()
Get the private key.
|
PrivateKey |
getKey(java.lang.String password)
Get the private key.
|
int |
getMode()
Deprecated.
|
AlgorithmIdentifier |
getPBEAlgID()
Returns the PBEAlgorithmIdentifier used in the PrivateKeyPKCS8 object.
|
void |
initialize(AlgorithmIdentifier algID, ASN1Object contents)
Deprecated.
Use CryptoUtils.inputPrivateKey().
|
void |
input(ASN1Sequence s)
Deprecated.
|
void |
input(java.io.InputStream is)
Inputs this object from the specified input stream.
|
int |
length()
Length of this object's encoding.
|
void |
output(java.io.OutputStream os)
Outputs this object to the specified output stream.
|
void |
readExternal(java.io.ObjectInput is)
Reads the input stream and initializes the PKCS#8 private key.
|
void |
setAllowExport(boolean value)
Set to
false to disallow plaintext export of this key's key material; set to true to allow plaintext export if the global value in FIPS_140_2 is also set to true . |
void |
setCount(int c)
Deprecated.
|
void |
setKey(PrivateKey key)
Deprecated.
Use
setPrivateKey(oracle.security.crypto.core.PrivateKey) instead to preserve the ability to erase any previously set private key. |
void |
setMode(int m)
Deprecated.
|
void |
setPassword(java.lang.String pw)
Set the password for PKCS5/12.
|
PrivateKey |
setPrivateKey(PrivateKey key)
Sets the private key to be encrypted, and returns the previous private key, if any.
|
void |
setSalt(byte[] salt)
Deprecated.
|
java.lang.String |
toString()
Returns a string representation of this object.
|
void |
writeExternal(java.io.ObjectOutput os)
Writes to the output stream the DER encoding of this object.
|
public PrivateKeyPKCS8()
PKCS5
class and the default random bits source.public PrivateKeyPKCS8(PrivateKey key, java.lang.String password) throws AlgorithmIdentifierException
key
- The plain key to encrypt.password
- The password to use to encrypt the key.AlgorithmIdentifierException
public PrivateKeyPKCS8(ASN1ObjectID oid) throws AlgorithmIdentifierException
AlgorithmIdentifierException
public PrivateKeyPKCS8(ASN1ObjectID oid, RandomBitsSource rbs) throws AlgorithmIdentifierException
AlgorithmIdentifierException
public PrivateKeyPKCS8(PrivateKey key, java.lang.String password, ASN1ObjectID oid, RandomBitsSource rbs) throws AlgorithmIdentifierException
AlgorithmIdentifierException
public PrivateKeyPKCS8(AlgorithmIdentifier algID) throws AlgorithmIdentifierException
AlgorithmIdentifierException
public PrivateKeyPKCS8(PrivateKey key, java.lang.String password, AlgorithmIdentifier algID) throws AlgorithmIdentifierException
AlgorithmIdentifierException
public PrivateKeyPKCS8(java.io.InputStream is) throws java.io.IOException
java.io.IOException
public PrivateKeyPKCS8(int mode, RandomBitsSource rbs)
public PrivateKeyPKCS8(int mode)
public PrivateKeyPKCS8(PrivateKey key, RandomBitsSource rbs)
public PrivateKeyPKCS8(PrivateKey key)
public PrivateKeyPKCS8(PrivateKey key, int mode, RandomBitsSource rbs)
public PrivateKeyPKCS8(PrivateKey key, int mode)
public PrivateKeyPKCS8(java.lang.String passwd, PrivateKey key, RandomBitsSource rbs)
public PrivateKeyPKCS8(java.lang.String passwd, PrivateKey key)
public PrivateKeyPKCS8(PrivateKey key, java.lang.String passwd, int mode, RandomBitsSource rbs)
public PrivateKeyPKCS8(PrivateKey key, java.lang.String passwd, int mode)
public PrivateKeyPKCS8(java.lang.String password, java.io.InputStream is) throws java.io.IOException
java.io.IOException
public PrivateKeyPKCS8(ASN1Sequence s) throws java.io.IOException
java.io.IOException
public PrivateKeyPKCS8(java.lang.String password, java.io.File f) throws java.io.IOException, java.io.FileNotFoundException
java.io.IOException
java.io.FileNotFoundException
public PrivateKeyPKCS8(java.lang.String password, ASN1Sequence s) throws java.io.IOException
java.io.IOException
public void input(java.io.InputStream is) throws java.io.IOException
Streamable
input
in interface Streamable
java.io.IOException
public void input(ASN1Sequence s) throws java.io.IOException
java.io.IOException
public void output(java.io.OutputStream os) throws java.io.IOException
Streamable
output
in interface Streamable
java.io.IOException
public int length()
Streamable
length
in interface Streamable
public void setPassword(java.lang.String pw)
public void setMode(int m)
public int getMode()
public void setCount(int c)
public void setSalt(byte[] salt)
public PrivateKey getKey()
java.lang.IllegalStateException
- If an error occurs while decrypting the private key.public PrivateKey getKey(java.lang.String password)
java.lang.IllegalStateException
- If an error occurs while decrypting the private key.public void setKey(PrivateKey key)
setPrivateKey(oracle.security.crypto.core.PrivateKey)
instead to preserve the ability to erase any previously set private key.public PrivateKey setPrivateKey(PrivateKey key)
key
- The private key to be encryptednull
if none was present.erase()
public java.lang.String toString()
toString
in class java.lang.Object
public AlgorithmIdentifier getAlgID()
null
if the key has not been input or set, or the key cannot be decrypted.public AlgorithmIdentifier getPBEAlgID()
public ASN1Object getContents()
output(OutputStream os)
method.StreamableOutputException
- If an error occurs generating the output (e.g., key encryption fails).public void initialize(AlgorithmIdentifier algID, ASN1Object contents) throws InvalidInputException, AlgorithmIdentifierException
algID
- The algorithm identifier of the enclosed private key.contents
- The ASN.1 DER-encoded bytes of the private key.InvalidInputException
AlgorithmIdentifierException
public java.lang.Object clone()
clone
in class java.lang.Object
public void erase()
null
.public java.lang.String getAlgorithm()
null
if the underlying key hasn't been input or set, or if the key cannot be decrypted.getAlgorithm
in interface java.security.Key
public int getBitLength()
0
if the underlying key hasn't been input or set or if the key cannot be decrypted.public byte[] getEncoded()
output(OutputStream os)
method.getEncoded
in interface java.security.Key
StreamableOutputException
- If an error occurs generating the output bytes (e.g., key encryption fails).public java.lang.String getFormat()
null
if the underlying key hasn't been input or set, or if the key cannot be decrypted.getFormat
in interface java.security.Key
public void setAllowExport(boolean value)
false
to disallow plaintext export of this key's key material; set to true
to allow plaintext export if the global value in FIPS_140_2
is also set to true
.
If either this value or the global value is false
, the output(java.io.OutputStream)
, getContents()
and getEncoded()
methods will throw a KeyExportException
.
value
- false
to disallow plaintext key material export, true
to allow.FIPS_140_2.setAllowKeyExport(boolean)
, Cipher.wrapKey(PrivateKey key)
public boolean getAllowExport()
false
if plaintext export of this key's key material is not allowed; returns true
if plaintext export is allowed.
If either this value or the global value is false
, the output(java.io.OutputStream)
, getContents()
and getEncoded()
methods will throw a KeyExportException
.
false
if plaintext key material export is not allowed, true
if allowed.FIPS_140_2.getAllowKeyExport()
, Cipher.wrapKey(PrivateKey key)
protected void assertAllowExport()
false
, this method throws a KeyExportException
.FIPS_140_2.getAllowKeyExport()
public void writeExternal(java.io.ObjectOutput os) throws java.io.IOException
writeExternal
in interface java.io.Externalizable
os
- The output stream to write the encoding to.java.io.IOException
public void readExternal(java.io.ObjectInput is) throws java.io.IOException, java.lang.ClassNotFoundException
readExternal
in interface java.io.Externalizable
is
- The stream to read from.java.io.IOException
java.lang.ClassNotFoundException