org.bouncycastle.jce.provider

Class JDKPKCS12KeyStore

Implemented Interfaces:
BCKeyStore, PKCSObjectIdentifiers, X509ObjectIdentifiers
Known Direct Subclasses:
JDKPKCS12KeyStore.BCPKCS12KeyStore, JDKPKCS12KeyStore.DefPKCS12KeyStore

public class JDKPKCS12KeyStore
extends KeyStoreSpi
implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore

Nested Class Summary

static class
JDKPKCS12KeyStore.BCPKCS12KeyStore
static class
JDKPKCS12KeyStore.DefPKCS12KeyStore

Field Summary

protected SecureRandom
random

Fields inherited from interface org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers

RC2_CBC, bagtypes, canNotDecryptAny, certBag, certTypes, crlBag, crlTypes, data, des_EDE3_CBC, dhKeyAgreement, digestAlgorithm, digestedData, encryptedData, encryptionAlgorithm, envelopedData, id_PBES2, id_PBKDF2, id_RSAES_OAEP, id_RSASSA_PSS, id_aa, id_aa_commitmentType, id_aa_contentHint, id_aa_contentIdentifier, id_aa_encrypKeyPref, id_aa_ets_archiveTimestamp, id_aa_ets_certCRLTimestamp, id_aa_ets_certValues, id_aa_ets_certificateRefs, id_aa_ets_commitmentType, id_aa_ets_contentTimestamp, id_aa_ets_escTimeStamp, id_aa_ets_otherSigCert, id_aa_ets_revocationRefs, id_aa_ets_revocationValues, id_aa_ets_sigPolicyId, id_aa_ets_signerAttr, id_aa_ets_signerLocation, id_aa_otherSigCert, id_aa_receiptRequest, id_aa_sigPolicyId, id_aa_signatureTimeStampToken, id_aa_signerLocation, id_aa_signingCertificate, id_aa_signingCertificateV2, id_alg_CMS3DESwrap, id_alg_CMSRC2wrap, id_alg_PWRI_KEK, id_ct, id_ct_TSTInfo, id_ct_compressedData, id_cti, id_cti_ets_proofOfApproval, id_cti_ets_proofOfCreation, id_cti_ets_proofOfDelivery, id_cti_ets_proofOfOrigin, id_cti_ets_proofOfReceipt, id_cti_ets_proofOfSender, id_hmacWithSHA1, id_hmacWithSHA224, id_hmacWithSHA256, id_hmacWithSHA384, id_hmacWithSHA512, id_mgf1, id_pSpecified, id_spq, id_spq_ets_unotice, id_spq_ets_uri, keyBag, md2, md2WithRSAEncryption, md4, md4WithRSAEncryption, md5, md5WithRSAEncryption, pbeWithMD2AndDES_CBC, pbeWithMD2AndRC2_CBC, pbeWithMD5AndDES_CBC, pbeWithMD5AndRC2_CBC, pbeWithSHA1AndDES_CBC, pbeWithSHA1AndRC2_CBC, pbeWithSHAAnd128BitRC2_CBC, pbeWithSHAAnd128BitRC4, pbeWithSHAAnd2_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC4, pbewithSHAAnd40BitRC2_CBC, pkcs8ShroudedKeyBag, pkcs_1, pkcs_12, pkcs_12PbeIds, pkcs_3, pkcs_5, pkcs_7, pkcs_9, pkcs_9_at_challengePassword, pkcs_9_at_contentType, pkcs_9_at_counterSignature, pkcs_9_at_emailAddress, pkcs_9_at_extendedCertificateAttributes, pkcs_9_at_extensionRequest, pkcs_9_at_friendlyName, pkcs_9_at_localKeyId, pkcs_9_at_messageDigest, pkcs_9_at_signingDescription, pkcs_9_at_signingTime, pkcs_9_at_smimeCapabilities, pkcs_9_at_unstructuredAddress, pkcs_9_at_unstructuredName, preferSignedData, rsaEncryption, sMIMECapabilitiesVersions, safeContentsBag, sdsiCertificate, secretBag, sha1WithRSAEncryption, sha224WithRSAEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption, sha512WithRSAEncryption, signedAndEnvelopedData, signedData, srsaOAEPEncryptionSET, x509Certificate, x509Crl, x509certType

Fields inherited from interface org.bouncycastle.asn1.x509.X509ObjectIdentifiers

commonName, countryName, crlAccessMethod, id, id_SHA1, id_ad, id_ad_caIssuers, id_ad_ocsp, id_ea_rsa, id_pe, id_pkix, localityName, ocspAccessMethod, organization, organizationalUnitName, ripemd160, ripemd160WithRSAEncryption, stateOrProvinceName

Constructor Summary

JDKPKCS12KeyStore(String provider)

Method Summary

protected byte[]
cryptData(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data)
Enumeration
engineAliases()
boolean
engineContainsAlias(String alias)
void
engineDeleteEntry(String alias)
this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain...
Certificate
engineGetCertificate(String alias)
simply return the cert for the private key
String
engineGetCertificateAlias(Certificate cert)
Certificate[]
engineGetCertificateChain(String alias)
Date
engineGetCreationDate(String alias)
Key
engineGetKey(String alias, char[] password)
boolean
engineIsCertificateEntry(String alias)
boolean
engineIsKeyEntry(String alias)
void
engineLoad(InputStream stream, char[] password)
void
engineSetCertificateEntry(String alias, Certificate cert)
void
engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain)
void
engineSetKeyEntry(String alias, byte[] key, Certificate[] chain)
int
engineSize()
void
engineStore(OutputStream stream, char[] password)
void
setRandom(SecureRandom rand)
set the random source for the key store
protected PrivateKey
unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero)
protected byte[]
wrapKey(String algorithm, Key key, PKCS12PBEParams pbeParams, char[] password)

Field Details

random

protected SecureRandom random

Constructor Details

JDKPKCS12KeyStore

public JDKPKCS12KeyStore(String provider)

Method Details

cryptData

protected byte[] cryptData(boolean forEncryption,
                           AlgorithmIdentifier algId,
                           char[] password,
                           boolean wrongPKCS12Zero,
                           byte[] data)
            throws IOException

engineAliases

public Enumeration engineAliases()

engineContainsAlias

public boolean engineContainsAlias(String alias)

engineDeleteEntry

public void engineDeleteEntry(String alias)
            throws KeyStoreException
this is not quite complete - we should follow up on the chain, a bit tricky if a certificate appears in more than one chain...

engineGetCertificate

public Certificate engineGetCertificate(String alias)
simply return the cert for the private key

engineGetCertificateAlias

public String engineGetCertificateAlias(Certificate cert)

engineGetCertificateChain

public Certificate[] engineGetCertificateChain(String alias)

engineGetCreationDate

public Date engineGetCreationDate(String alias)

engineGetKey

public Key engineGetKey(String alias,
                        char[] password)
            throws NoSuchAlgorithmException,
                   UnrecoverableKeyException

engineIsCertificateEntry

public boolean engineIsCertificateEntry(String alias)

engineIsKeyEntry

public boolean engineIsKeyEntry(String alias)

engineLoad

public void engineLoad(InputStream stream,
                       char[] password)
            throws IOException

engineSetCertificateEntry

public void engineSetCertificateEntry(String alias,
                                      Certificate cert)
            throws KeyStoreException

engineSetKeyEntry

public void engineSetKeyEntry(String alias,
                              Key key,
                              char[] password,
                              Certificate[] chain)
            throws KeyStoreException

engineSetKeyEntry

public void engineSetKeyEntry(String alias,
                              byte[] key,
                              Certificate[] chain)
            throws KeyStoreException

engineSize

public int engineSize()

engineStore

public void engineStore(OutputStream stream,
                        char[] password)
            throws IOException

setRandom

public void setRandom(SecureRandom rand)
set the random source for the key store
Specified by:
setRandom in interface BCKeyStore

unwrapKey

protected PrivateKey unwrapKey(AlgorithmIdentifier algId,
                               byte[] data,
                               char[] password,
                               boolean wrongPKCS12Zero)
            throws IOException

wrapKey

protected byte[] wrapKey(String algorithm,
                         Key key,
                         PKCS12PBEParams pbeParams,
                         char[] password)
            throws IOException