|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
org.mozilla.jss.pkcs12
Class SafeBag
java.lang.Object org.mozilla.jss.pkcs12.SafeBag
- All Implemented Interfaces:
- ASN1Value
public final class SafeBag
- extends java.lang.Object
- implements ASN1Value
- extends java.lang.Object
A PKCS #12 SafeBag structure.
Nested Class Summary | |
---|---|
static class |
SafeBag.Template
A template for decoding SafeBags. |
Field Summary | |
---|---|
static OBJECT_IDENTIFIER |
CERT_BAG
A bag containing a certificate. |
static OBJECT_IDENTIFIER |
CRL_BAG
A bag containing a certificate revocation list. |
static OBJECT_IDENTIFIER |
FRIENDLY_NAME
A FriendlyName attribute. |
static OBJECT_IDENTIFIER |
KEY_BAG
A bag containing a private key. |
static OBJECT_IDENTIFIER |
LOCAL_KEY_ID
A LocalKeyID attribute. |
static OBJECT_IDENTIFIER |
PKCS12_BAG_IDS
The OID branch for the PKCS #12 bag types. |
static OBJECT_IDENTIFIER |
PKCS12_VERSION_1
The OID branch for PKCS #12, version 1.0. |
static OBJECT_IDENTIFIER |
PKCS8_SHROUDED_KEY_BAG
A bag containing a private key encrypted a la PKCS #8. |
static OBJECT_IDENTIFIER |
SAFE_CONTENTS_BAG
A bag containing a nested SafeContent . |
static OBJECT_IDENTIFIER |
SECRET_BAG
A bag containing an arbitrary secret. |
Constructor Summary | |
---|---|
SafeBag(OBJECT_IDENTIFIER bagType,
ASN1Value bagContent,
SET bagAttributes)
Creates a new SafeBag from its components. |
Method Summary | |
---|---|
static SafeBag |
createCertBag(byte[] cert,
java.lang.String friendlyName)
Creates a SafeBag that contains an X.509 Certificate. |
static SafeBag |
createCertBag(byte[] cert,
java.lang.String friendlyName,
byte[] localKeyID)
Creates a SafeBag that contains an X.509 Certificate. |
static SafeBag |
createEncryptedPrivateKeyBag(PrivateKeyInfo privk,
java.lang.String friendlyName,
byte[] localKeyID,
Password password)
Creates a SafeBag containing a PKCS-8ShroudedKeyBag, which is an EncryptedPrivateKeyInfo. |
void |
encode(java.io.OutputStream ostream)
Write this value's DER encoding to an output stream using its own base tag. |
void |
encode(Tag implicitTag,
java.io.OutputStream ostream)
Write this value's DER encoding to an output stream using an implicit tag. |
SET |
getBagAttributes()
Returns the attributes of this bag. |
ANY |
getBagContent()
Returns the contents of this bag as an ANY. |
OBJECT_IDENTIFIER |
getBagType()
|
ASN1Value |
getInterpretedBagContent()
Returns the bagContent interpreted by type. |
static byte[] |
getLocalKeyIDFromCert(byte[] derCert)
Computes the LocalKeyID attribute that should be stored with a key and certificate. |
Tag |
getTag()
Returns the base tag for this type, not counting any tags that may be imposed on it by its context. |
static SafeBag.Template |
getTemplate()
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
PKCS12_VERSION_1
public static final OBJECT_IDENTIFIER PKCS12_VERSION_1
- The OID branch for PKCS #12, version 1.0.
PKCS12_BAG_IDS
public static final OBJECT_IDENTIFIER PKCS12_BAG_IDS
- The OID branch for the PKCS #12 bag types.
KEY_BAG
public static final OBJECT_IDENTIFIER KEY_BAG
- A bag containing a private key. The bag content is a KeyBag,
which is equivalent to a PKCS #8 PrivateKeyInfo
PKCS8_SHROUDED_KEY_BAG
public static final OBJECT_IDENTIFIER PKCS8_SHROUDED_KEY_BAG
- A bag containing a private key encrypted a la PKCS #8. The bag
content is a PKCS #8 EncryptedPrivateKeyInfo.
CERT_BAG
public static final OBJECT_IDENTIFIER CERT_BAG
- A bag containing a certificate. The bag content is
CertBag
.
CRL_BAG
public static final OBJECT_IDENTIFIER CRL_BAG
- A bag containing a certificate revocation list.
The bag content is
CRLBag
.
SECRET_BAG
public static final OBJECT_IDENTIFIER SECRET_BAG
- A bag containing an arbitrary secret. The bag content is
SecretBag
.
SAFE_CONTENTS_BAG
public static final OBJECT_IDENTIFIER SAFE_CONTENTS_BAG
- A bag containing a nested SafeContent . The bag content is
SafeContents, which is merely a SEQUENCE of SafeBag.
FRIENDLY_NAME
public static final OBJECT_IDENTIFIER FRIENDLY_NAME
- A FriendlyName attribute. The value is a BMPString.
LOCAL_KEY_ID
public static final OBJECT_IDENTIFIER LOCAL_KEY_ID
- A LocalKeyID attribute. The value is an octet string.
Constructor Detail |
---|
SafeBag
public SafeBag(OBJECT_IDENTIFIER bagType, ASN1Value bagContent, SET bagAttributes)
- Creates a new SafeBag from its components.
- Parameters:
bagType
- The type of this bag. For compatibility, it should be one of the constants defined in this class.bagContent
- The contents of the bag. The type of this parameter is defined by thebagType
parameter.bagAttributes
- A SET of Attributes for this SafeBag. Since attributes are optional, this parameter may be null.
Method Detail |
---|
getBagType
public OBJECT_IDENTIFIER getBagType()
getBagContent
public ANY getBagContent()
- Returns the contents of this bag as an ANY.
getInterpretedBagContent
public ASN1Value getInterpretedBagContent() throws InvalidBERException
- Returns the bagContent interpreted by type.
- Returns:
- If type is KeyBag, a PrivateKeyInfo.
If type is PKCS-8ShroudedKeyBag, an EncryptedPrivateKeyInfo.
If type is CertBag, a CertBag.
For any other type, returns an ANY. - Throws:
InvalidBERException
getBagAttributes
public SET getBagAttributes()
- Returns the attributes of this bag. May return null if this bag
has no attributes. Each element of the set is a
org.mozilla.jss.pkix.primitive.Attribute
.
createCertBag
public static SafeBag createCertBag(byte[] cert, java.lang.String friendlyName) throws java.security.DigestException, java.security.NoSuchAlgorithmException, InvalidBERException
- Creates a SafeBag that contains an X.509 Certificate.
The SafeBag will have a localKeyID attribute equal
to the SHA-1 hash of the certificate, and a friendlyName
attribute equal to the supplied string. This is the way Communicator
makes a CertBag. The same localKeyID attribute should be stored
in the matching private key bag.
- Parameters:
cert
- A DER-encoded X.509 certificate.friendlyName
- Will be stored in the friendlyName attribute of the SafeBag. Should be the nickname of the cert.- Throws:
java.security.DigestException
java.security.NoSuchAlgorithmException
InvalidBERException
createCertBag
public static SafeBag createCertBag(byte[] cert, java.lang.String friendlyName, byte[] localKeyID) throws InvalidBERException
- Creates a SafeBag that contains an X.509 Certificate.
The SafeBag will have the given localKeyID attribute,
and a friendlyName
attribute equal to the supplied string. This is the way Communicator
makes a CertBag. The same localKeyID attribute should be stored
in the matching private key bag.
- Parameters:
cert
- A DER-encoded X.509 certificate.friendlyName
- Will be stored in the friendlyName attribute of the SafeBag. Should be the nickname of the cert.localKeyID
- The bytes to used for the localKeyID. These should be obtained from thegetLocalKeyIDFromCert
method.- Throws:
InvalidBERException
- If the cert is not a valid DER encoding.- See Also:
getLocalKeyIDFromCert(byte[])
getLocalKeyIDFromCert
public static final byte[] getLocalKeyIDFromCert(byte[] derCert) throws java.security.DigestException, java.security.NoSuchAlgorithmException
- Computes the LocalKeyID attribute that should be stored with a key
and certificate.
- Parameters:
derCert
- A DER-encoded X.509 certificate.- Returns:
- The SHA-1 hash of the cert, which should be used as the localKeyID attribute for the cert's SafeBag.
- Throws:
java.security.DigestException
java.security.NoSuchAlgorithmException
createEncryptedPrivateKeyBag
public static SafeBag createEncryptedPrivateKeyBag(PrivateKeyInfo privk, java.lang.String friendlyName, byte[] localKeyID, Password password) throws CryptoManager.NotInitializedException, TokenException
- Creates a SafeBag containing a PKCS-8ShroudedKeyBag, which is
an EncryptedPrivateKeyInfo. The key will be encrypted using
a triple-DES PBE algorithm, using the supplied password.
- Parameters:
privk
- The PrivateKeyInfo containing the private key.friendlyName
- The nickname for the key; should be the same as the nickname of the associated cert.localKeyID
- The localKeyID for the key; should be the same as the localKeyID of the associated cert.The
- password used to encrypt the private key.- Throws:
CryptoManager.NotInitializedException
TokenException
getTag
public Tag getTag()
- Description copied from interface:
ASN1Value
- Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
encode
public void encode(java.io.OutputStream ostream) throws java.io.IOException
- Description copied from interface:
ASN1Value
- Write this value's DER encoding to an output stream using
its own base tag.
- Throws:
java.io.IOException
encode
public void encode(Tag implicitTag, java.io.OutputStream ostream) throws java.io.IOException
- Description copied from interface:
ASN1Value
- Write this value's DER encoding to an output stream using
an implicit tag.
- Throws:
java.io.IOException
getTemplate
public static SafeBag.Template getTemplate()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |