com.ibm.security.pkcs12
Class PKCS12

java.lang.Object
  |
  +--com.ibm.security.pkcs12.PKCS12

public final class PKCS12
extends Object

PKCS #12 utility class implementing the general method for deriving keys from passwords and salt.


Field Summary
static byte IV_ID
          Identifier to specify initialization vector generation.
static byte KEY_ID
          Identifier to specify encryption/decryption key generation.
static byte MAC_ID
          Identifier to specify HMAC key generation.
static int NO_ENCRYPT
          Identifier to specify no data privacy.
static int PASSWD_ENCRYPT
          Identifier to specify data privacy via password-based encryption.
static int PUBKEY_ENCRYPT
          Identifier to specify data privacy via public-key encryption.
 
Method Summary
static byte[] genKey(byte id, String digestAlg, char[] pwd, byte[] salt, int iterations, int keysize)
          Generates encryption keys, HMAC keys and initialization vector (IV) values based on PKCS #12 specifications.
static byte[] genKey(byte id, String digestAlg, char[] pwd, byte[] salt, int iterations, int keysize, String provider)
          Generates encryption keys, HMAC keys and initialization vector (IV) values based on PKCS #12 specifications.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

KEY_ID

public static final byte KEY_ID
Identifier to specify encryption/decryption key generation.

IV_ID

public static final byte IV_ID
Identifier to specify initialization vector generation.

MAC_ID

public static final byte MAC_ID
Identifier to specify HMAC key generation.

NO_ENCRYPT

public static final int NO_ENCRYPT
Identifier to specify no data privacy.

PASSWD_ENCRYPT

public static final int PASSWD_ENCRYPT
Identifier to specify data privacy via password-based encryption.

PUBKEY_ENCRYPT

public static final int PUBKEY_ENCRYPT
Identifier to specify data privacy via public-key encryption.
Method Detail

genKey

public static byte[] genKey(byte id,
                            String digestAlg,
                            char[] pwd,
                            byte[] salt,
                            int iterations,
                            int keysize)
                     throws NoSuchAlgorithmException
Generates encryption keys, HMAC keys and initialization vector (IV) values based on PKCS #12 specifications.
Parameters:
id - a specifier to determine whether to generate a key for encryption/decryption (PKCS12.KEY_ID), an HMAC key (PKCS12.MAC_ID) or an initialization vector (PKCS12.IV_ID).
digest - the message digest algorithm to use when generating random bytes. Valid values are SHA1, MD2 and MD5.
pwd - a password from which to derive the key. May be null.
salt - the salt value to use in preparing the key. May be null.
iterations - The number of iterations. The preferred number is over 1024, but Netscape PFXs always use 1.
keysize - the number of random bytes to generate.
provider - a provider to be used.
Throws:
IllegalArgumentException -  
NoSuchAlgorithmException -  

genKey

public static byte[] genKey(byte id,
                            String digestAlg,
                            char[] pwd,
                            byte[] salt,
                            int iterations,
                            int keysize,
                            String provider)
                     throws NoSuchAlgorithmException
Generates encryption keys, HMAC keys and initialization vector (IV) values based on PKCS #12 specifications.
Parameters:
id - a specifier to determine whether to generate a key for encryption/decryption (PKCS12.KEY_ID), an HMAC key (PKCS12.MAC_ID) or an initialization vector (PKCS12.IV_ID).
digest - the message digest algorithm to use when generating random bytes. Valid values are SHA1, MD2 and MD5.
pwd - a password from which to derive the key. May be null.
salt - the salt value to use in preparing the key. May be null.
iterations - The number of iterations. The preferred number is over 1024, but Netscape PFXs always use 1.
keysize - the number of random bytes to generate.
Throws:
IllegalArgumentException -  
NoSuchAlgorithmException -