com.ibm.security.pkcs8
Class EncryptedPrivateKeyInfo

java.lang.Object
  |
  +--com.ibm.security.pkcsutil.PKCSDerObject
        |
        +--com.ibm.security.pkcs8.EncryptedPrivateKeyInfo

public final class EncryptedPrivateKeyInfo
extends PKCSDerObject

Implements the EncryptedPrivateKeyInfo data type as defined in PKCS #8.

EncryptedPrivateKeyInfo ::= SEQUENCE { encryptionAlgorithm EncryptionAlgorithmIdentifier, encryptedData EncryptedData } EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier EncryptedData ::= OCTET STRING

EncryptedPrivateKeyInfo objects are immutable; they cannot be changed once created.


Fields inherited from class com.ibm.security.pkcsutil.PKCSDerObject
provider
 
Constructor Summary
EncryptedPrivateKeyInfo(AlgorithmId alg, byte[] encryptedKey)
          Create an EncryptedPrivateKeyInfo object with the specified values.
EncryptedPrivateKeyInfo(AlgorithmId alg, byte[] encryptedKey, String provider)
          Create an EncryptedPrivateKeyInfo object with the specified values.
EncryptedPrivateKeyInfo(byte[] der)
          Create an EncryptedPrivateKeyInfo object with a DER byte array.
EncryptedPrivateKeyInfo(byte[] der, String provider)
          Create an EncryptedPrivateKeyInfo object with a DER byte array.
EncryptedPrivateKeyInfo(char[] passwd, PrivateKeyInfo pki, String digest, String cryptoAlg)
          Constructs an EncryptedPrivateKeyInfo from the key data in this object using a password-based encryption algorithm and the input password.
EncryptedPrivateKeyInfo(char[] passwd, PrivateKeyInfo pki, String digest, String cryptoAlg, String provider)
          Constructs an EncryptedPrivateKeyInfo from the key data in this object using a password-based encryption algorithm and the input password.
EncryptedPrivateKeyInfo(String filename, boolean base64)
          Create an EncryptedPrivateKeyInfo with the filename of the DER-encoded or BASE64-encoded object.
EncryptedPrivateKeyInfo(String filename, boolean base64, String provider)
          Create an EncryptedPrivateKeyInfo with the filename of the DER-encoded or BASE64-encoded object.
 
Method Summary
 Object clone()
          Creates a clone of this EncryptedPrivateKeyInfo object.
protected  void decode(com.ibm.security.pkcs8.DerValue encoding)
          Initializes an EncryptedPrivateKeyInfo object from a DerValue.
 byte[] decrypt(char[] passwd)
          Decrypts the encrypted private key info using the input password.
 void encode(OutputStream os)
          Encodes this object to an OutputStream.
 boolean equals(Object other)
          Determines if this EncryptedPrivateKeyInfo object is equivalent to the input object.
 String getAlgorithm()
          Returns the encryption algorithm name.
 AlgorithmId getAlgorithmId()
          Returns the encryption algorithm identifier.
 byte[] getEncryptedData()
          Returns a copy of the encrypted data.
 String toString()
          Returns a string representation of this EncryptedPrivateKeyInfo object.
 
Methods inherited from class com.ibm.security.pkcsutil.PKCSDerObject
decode, decode, encode, getObjectIdentifier, hashCode, read, readBASE64, write, write, writeBASE64
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(byte[] der)
                        throws IOException
Create an EncryptedPrivateKeyInfo object with a DER byte array.
Parameters:
der - a DER byte array of an EncryptedPrivateKeyInfo object.
Throws:
IOException - on decoding errors.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(byte[] der,
                               String provider)
                        throws IOException
Create an EncryptedPrivateKeyInfo object with a DER byte array.
Parameters:
der - a DER byte array of an EncryptedPrivateKeyInfo object.
provider - the provider to be used.
Throws:
IOException - on decoding errors.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(AlgorithmId alg,
                               byte[] encryptedKey)
Create an EncryptedPrivateKeyInfo object with the specified values.
Parameters:
alg - the algorithm identifier representing the algorithm used to encrypt the key data.
encryptedKey - a byte[] encoding of the encrypted key data.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(AlgorithmId alg,
                               byte[] encryptedKey,
                               String provider)
Create an EncryptedPrivateKeyInfo object with the specified values.
Parameters:
alg - the algorithm identifier representing the algorithm used to encrypt the key data.
encryptedKey - a byte[] encoding of the encrypted key data.
provider - the provider to be used.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(char[] passwd,
                               PrivateKeyInfo pki,
                               String digest,
                               String cryptoAlg)
                        throws PKCSException,
                               IOException
Constructs an EncryptedPrivateKeyInfo from the key data in this object using a password-based encryption algorithm and the input password. The encryption cipher used depends upon the input digest function and input cryptographic algorithm. The cipher name is in the form "PBEWithXXXAndYYY", where XXX is the input digest function and YYY is the input cryptographic algorithm. Valid digest-algorithm combinations are those that result in a standard-defined encryption algorithm. Both PKCS #5 and PKCS #12 define several algorithms.
Parameters:
passwd - the password to use in the encryption process.
digest - the message digest function to be used in the encryption process. Valid values are MD2, MD5 and SHA1 (for PKCS #5 defined algorithms) and SHA (for PKCS #12 defined algorithms).
cryptoAlg - the crytographic algorithm to use in the encryption process. Valid values are RC2 and DES (for PKCS #5 defined algorithms) and 40BitRC2, 128BitRC2, 40BitRC4, 128BitRC4, 3KeyTripleDES and 2KeyTripleDES (for PKCS #12 defined algorithms).
Throws:
IllegalArgumentException - if the passwd is not specified.
IOException - if the key cannot be encoded.
PKCSException - on key encryption errors.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(char[] passwd,
                               PrivateKeyInfo pki,
                               String digest,
                               String cryptoAlg,
                               String provider)
                        throws PKCSException,
                               IOException
Constructs an EncryptedPrivateKeyInfo from the key data in this object using a password-based encryption algorithm and the input password. The encryption cipher used depends upon the input digest function and input cryptographic algorithm. The cipher name is in the form "PBEWithXXXAndYYY", where XXX is the input digest function and YYY is the input cryptographic algorithm. Valid digest-algorithm combinations are those that result in a standard-defined encryption algorithm. Both PKCS #5 and PKCS #12 define several algorithms.
Parameters:
passwd - the password to use in the encryption process.
digest - the message digest function to be used in the encryption process. Valid values are MD2, MD5 and SHA1 (for PKCS #5 defined algorithms) and SHA (for PKCS #12 defined algorithms).
cryptoAlg - the crytographic algorithm to use in the encryption process. Valid values are RC2 and DES (for PKCS #5 defined algorithms) and 40BitRC2, 128BitRC2, 40BitRC4, 128BitRC4, 3KeyTripleDES and 2KeyTripleDES (for PKCS #12 defined algorithms).
provider - the provider to be used
Throws:
IllegalArgumentException - if the passwd is not specified.
IOException - if the key cannot be encoded.
PKCSException - on key encryption errors.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(String filename,
                               boolean base64)
                        throws IOException
Create an EncryptedPrivateKeyInfo with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
Throws:
IOException - on decoding errors.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(String filename,
                               boolean base64,
                               String provider)
                        throws IOException
Create an EncryptedPrivateKeyInfo with the filename of the DER-encoded or BASE64-encoded object.
Parameters:
filename - name of the DER-encoded or base64-encoded object
base64 - true if BASE64-encoded, false if DER-encoded
provider - the provider to be used
Throws:
IOException - on decoding errors.
Method Detail

clone

public Object clone()
Creates a clone of this EncryptedPrivateKeyInfo object.
Overrides:
clone in class Object
Returns:
clone of this EncryptedPrivateKeyInfo object.

encode

public void encode(OutputStream os)
            throws IOException
Encodes this object to an OutputStream.
Overrides:
encode in class PKCSDerObject
Parameters:
os - the OutputStream to write the encoded data to.
Throws:
IOException - on encoding errors.

equals

public boolean equals(Object other)
Determines if this EncryptedPrivateKeyInfo object is equivalent to the input object.
Overrides:
equals in class PKCSDerObject
Parameters:
other - the object to compare this one to.
Returns:
true, if the two objects are equivalent, false otherwise.

getAlgorithm

public String getAlgorithm()
Returns the encryption algorithm name. The encryption algorithm name is an immutable object.

getAlgorithmId

public AlgorithmId getAlgorithmId()
Returns the encryption algorithm identifier. The encryption algorithm identifier is an immutable object.

getEncryptedData

public byte[] getEncryptedData()
Returns a copy of the encrypted data.

decrypt

public byte[] decrypt(char[] passwd)
               throws IOException,
                      PKCSException
Decrypts the encrypted private key info using the input password.
Parameters:
passwd - the password to use in the decryption operation.
Returns:
the decrypted PrivateKeyInfo as a DER encoding.
Throws:
IOException - if cipher parameters cannot be determined.
PKCSException - on key decryption errors.

toString

public String toString()
Returns a string representation of this EncryptedPrivateKeyInfo object.
Overrides:
toString in class PKCSDerObject
Returns:
a string representation of this object.

decode

protected void decode(com.ibm.security.pkcs8.DerValue encoding)
               throws IOException
Initializes an EncryptedPrivateKeyInfo object from a DerValue. The DER encoding must be in the format specified by the EncryptedPrivateKeyInfo ASN.1 notation.
Parameters:
encoding - a DER-encoded EncryptedPrivateKeyInfo object.
Throws:
IOException - on parsing errors.