Package netscape.security.pkcs
Class PKCS12Util
- java.lang.Object
-
- netscape.security.pkcs.PKCS12Util
-
public class PKCS12Util extends java.lang.Object
-
-
Field Summary
Fields Modifier and Type Field Description static org.mozilla.jss.crypto.PBEAlgorithm
DEFAULT_CERT_ENCRYPTION
static java.lang.String
DEFAULT_CERT_ENCRYPTION_NAME
static org.mozilla.jss.crypto.PBEAlgorithm
DEFAULT_KEY_ENCRYPTION
static java.lang.String
DEFAULT_KEY_ENCRYPTION_NAME
static java.lang.String
NO_ENCRYPTION
static java.util.List<org.mozilla.jss.crypto.PBEAlgorithm>
SUPPORTED_CERT_ENCRYPTIONS
static java.util.List<org.mozilla.jss.crypto.PBEAlgorithm>
SUPPORTED_KEY_ENCRYPTIONS
-
Constructor Summary
Constructors Constructor Description PKCS12Util()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCertBag(PKCS12CertInfo certInfo, org.mozilla.jss.asn1.SEQUENCE safeContents)
void
addKeyBag(PKCS12KeyInfo keyInfo, org.mozilla.jss.util.Password password, org.mozilla.jss.asn1.SEQUENCE encSafeContents)
Add a private key to the PKCS #12 object.org.mozilla.jss.asn1.ASN1Value
create_EPKI_with_PBE_PKCS5_PBES2(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.PrivateKey privateKey, org.mozilla.jss.util.Password password)
org.mozilla.jss.asn1.ASN1Value
create_EPKI_with_PBE_SHA1_DES3_CBC(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.PrivateKey privateKey, org.mozilla.jss.util.Password password)
PKCS12CertInfo
createCertInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert)
PKCS12CertInfo
createCertInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert, java.lang.String friendlyName)
PKCS12KeyInfo
createKeyInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert, org.mozilla.jss.crypto.PrivateKey privateKey)
PKCS12KeyInfo
createKeyInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert, org.mozilla.jss.crypto.PrivateKey privateKey, java.lang.String friendlyName)
org.mozilla.jss.pkcs12.PFX
generatePFX(PKCS12 pkcs12, org.mozilla.jss.util.Password password)
PKCS12CertInfo
getCertBySubjectDN(PKCS12 pkcs12, java.lang.String subjectDN)
org.mozilla.jss.crypto.PBEAlgorithm
getCertEncryption()
PKCS12CertInfo
getCertInfo(org.mozilla.jss.pkcs12.SafeBag bag)
void
getCertInfos(PKCS12 pkcs12, org.mozilla.jss.pkcs12.PFX pfx, org.mozilla.jss.util.Password password)
org.mozilla.jss.crypto.PBEAlgorithm
getKeyEncryption()
PKCS12KeyInfo
getKeyInfo(org.mozilla.jss.pkcs12.SafeBag bag, org.mozilla.jss.util.Password password)
Loads key bags (for IMPORT and other operations on existing PKCS #12 files).void
getKeyInfos(PKCS12 pkcs12, org.mozilla.jss.pkcs12.PFX pfx, org.mozilla.jss.util.Password password)
org.mozilla.jss.crypto.PrivateKey.Type
getPrivateKeyType(java.security.PublicKey publicKey)
java.lang.String
getTrustFlags(org.mozilla.jss.crypto.X509Certificate cert)
void
importKey(PKCS12 pkcs12, org.mozilla.jss.util.Password password, java.lang.String nickname, PKCS12KeyInfo keyInfo)
boolean
isTrustFlagsEnabled()
void
loadCertFromNSS(PKCS12 pkcs12, java.lang.String nickname, boolean includeKey, boolean includeChain)
void
loadCertFromNSS(PKCS12 pkcs12, java.lang.String nickname, boolean includeKey, boolean includeChain, java.lang.String friendlyName)
void
loadCertFromNSS(PKCS12 pkcs12, org.mozilla.jss.crypto.X509Certificate cert, boolean includeKey, boolean includeChain)
void
loadCertFromNSS(PKCS12 pkcs12, org.mozilla.jss.crypto.X509Certificate cert, boolean includeKey, boolean includeChain, java.lang.String friendlyName)
PKCS12
loadFromByteArray(byte[] b, org.mozilla.jss.util.Password password)
PKCS12
loadFromFile(java.lang.String filename)
PKCS12
loadFromFile(java.lang.String filename, org.mozilla.jss.util.Password password)
void
loadFromNSS(PKCS12 pkcs12)
void
loadFromNSS(PKCS12 pkcs12, boolean includeKey, boolean includeChain)
void
setCertEncryption(java.lang.String name)
void
setCertEncryption(org.mozilla.jss.crypto.PBEAlgorithm algorithm)
void
setKeyEncryption(java.lang.String name)
void
setKeyEncryption(org.mozilla.jss.crypto.PBEAlgorithm algorithm)
void
setTrustFlags(org.mozilla.jss.crypto.X509Certificate cert, java.lang.String trustFlags)
void
setTrustFlagsEnabled(boolean trustFlagsEnabled)
void
storeCertIntoNSS(PKCS12 pkcs12, org.mozilla.jss.util.Password password, java.lang.String nickname, boolean overwrite)
void
storeCertIntoNSS(PKCS12 pkcs12, org.mozilla.jss.util.Password password, PKCS12CertInfo certInfo, boolean overwrite)
Store a certificate (and key, if present) in NSSDB.void
storeIntoFile(PKCS12 pkcs12, java.lang.String filename, org.mozilla.jss.util.Password password)
void
storeIntoNSS(PKCS12 pkcs12, org.mozilla.jss.util.Password password, boolean overwrite)
-
-
-
Field Detail
-
NO_ENCRYPTION
public static final java.lang.String NO_ENCRYPTION
- See Also:
- Constant Field Values
-
SUPPORTED_CERT_ENCRYPTIONS
public static final java.util.List<org.mozilla.jss.crypto.PBEAlgorithm> SUPPORTED_CERT_ENCRYPTIONS
-
SUPPORTED_KEY_ENCRYPTIONS
public static final java.util.List<org.mozilla.jss.crypto.PBEAlgorithm> SUPPORTED_KEY_ENCRYPTIONS
-
DEFAULT_CERT_ENCRYPTION
public static final org.mozilla.jss.crypto.PBEAlgorithm DEFAULT_CERT_ENCRYPTION
-
DEFAULT_CERT_ENCRYPTION_NAME
public static final java.lang.String DEFAULT_CERT_ENCRYPTION_NAME
- See Also:
- Constant Field Values
-
DEFAULT_KEY_ENCRYPTION
public static final org.mozilla.jss.crypto.PBEAlgorithm DEFAULT_KEY_ENCRYPTION
-
DEFAULT_KEY_ENCRYPTION_NAME
public static final java.lang.String DEFAULT_KEY_ENCRYPTION_NAME
-
-
Method Detail
-
setCertEncryption
public void setCertEncryption(java.lang.String name) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setCertEncryption
public void setCertEncryption(org.mozilla.jss.crypto.PBEAlgorithm algorithm) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getCertEncryption
public org.mozilla.jss.crypto.PBEAlgorithm getCertEncryption()
-
setKeyEncryption
public void setKeyEncryption(java.lang.String name) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setKeyEncryption
public void setKeyEncryption(org.mozilla.jss.crypto.PBEAlgorithm algorithm) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getKeyEncryption
public org.mozilla.jss.crypto.PBEAlgorithm getKeyEncryption()
-
isTrustFlagsEnabled
public boolean isTrustFlagsEnabled()
-
setTrustFlagsEnabled
public void setTrustFlagsEnabled(boolean trustFlagsEnabled)
-
getTrustFlags
public java.lang.String getTrustFlags(org.mozilla.jss.crypto.X509Certificate cert)
-
setTrustFlags
public void setTrustFlags(org.mozilla.jss.crypto.X509Certificate cert, java.lang.String trustFlags) throws java.lang.Exception
- Throws:
java.lang.Exception
-
addKeyBag
public void addKeyBag(PKCS12KeyInfo keyInfo, org.mozilla.jss.util.Password password, org.mozilla.jss.asn1.SEQUENCE encSafeContents) throws java.lang.Exception
Add a private key to the PKCS #12 object. The PKCS12KeyInfo object received comes about in two different scenarios: - The private key could be in encrypted byte[] form (e.g. when we have merely loaded a PKCS #12 file for inspection or e.g. to delete a certificate and its associated key). In this case we simply re-use this encrypted private key info byte[]. - The private key could be a be an NSS PrivateKey handle. In this case we must export the PrivateKey from the token to obtain the EncryptedPrivateKeyInfo. The common final step is to add the encrypted private key data to a "Shrouded Key Bag" to the PKCS #12 object. Unencrypted key material is never seen.- Throws:
java.lang.Exception
-
create_EPKI_with_PBE_SHA1_DES3_CBC
public org.mozilla.jss.asn1.ASN1Value create_EPKI_with_PBE_SHA1_DES3_CBC(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.PrivateKey privateKey, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
create_EPKI_with_PBE_PKCS5_PBES2
public org.mozilla.jss.asn1.ASN1Value create_EPKI_with_PBE_PKCS5_PBES2(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.PrivateKey privateKey, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
addCertBag
public void addCertBag(PKCS12CertInfo certInfo, org.mozilla.jss.asn1.SEQUENCE safeContents) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadFromNSS
public void loadFromNSS(PKCS12 pkcs12) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadFromNSS
public void loadFromNSS(PKCS12 pkcs12, boolean includeKey, boolean includeChain) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, java.lang.String nickname, boolean includeKey, boolean includeChain) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, java.lang.String nickname, boolean includeKey, boolean includeChain, java.lang.String friendlyName) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, org.mozilla.jss.crypto.X509Certificate cert, boolean includeKey, boolean includeChain) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadCertFromNSS
public void loadCertFromNSS(PKCS12 pkcs12, org.mozilla.jss.crypto.X509Certificate cert, boolean includeKey, boolean includeChain, java.lang.String friendlyName) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createCertInfoFromNSS
public PKCS12CertInfo createCertInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createCertInfoFromNSS
public PKCS12CertInfo createCertInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert, java.lang.String friendlyName) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createKeyInfoFromNSS
public PKCS12KeyInfo createKeyInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert, org.mozilla.jss.crypto.PrivateKey privateKey) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createKeyInfoFromNSS
public PKCS12KeyInfo createKeyInfoFromNSS(org.mozilla.jss.crypto.X509Certificate cert, org.mozilla.jss.crypto.PrivateKey privateKey, java.lang.String friendlyName) throws java.lang.Exception
- Throws:
java.lang.Exception
-
generatePFX
public org.mozilla.jss.pkcs12.PFX generatePFX(PKCS12 pkcs12, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
storeIntoFile
public void storeIntoFile(PKCS12 pkcs12, java.lang.String filename, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getKeyInfo
public PKCS12KeyInfo getKeyInfo(org.mozilla.jss.pkcs12.SafeBag bag, org.mozilla.jss.util.Password password) throws java.lang.Exception
Loads key bags (for IMPORT and other operations on existing PKCS #12 files). Does not decrypt EncryptedPrivateKeyInfo values, but stores them in PKCS12KeyInfo objects for possible later use.- Throws:
java.lang.Exception
-
getCertInfo
public PKCS12CertInfo getCertInfo(org.mozilla.jss.pkcs12.SafeBag bag) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getKeyInfos
public void getKeyInfos(PKCS12 pkcs12, org.mozilla.jss.pkcs12.PFX pfx, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getCertInfos
public void getCertInfos(PKCS12 pkcs12, org.mozilla.jss.pkcs12.PFX pfx, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadFromFile
public PKCS12 loadFromFile(java.lang.String filename, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadFromByteArray
public PKCS12 loadFromByteArray(byte[] b, org.mozilla.jss.util.Password password) throws java.lang.Exception
- Throws:
java.lang.Exception
-
loadFromFile
public PKCS12 loadFromFile(java.lang.String filename) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getPrivateKeyType
public org.mozilla.jss.crypto.PrivateKey.Type getPrivateKeyType(java.security.PublicKey publicKey)
-
getCertBySubjectDN
public PKCS12CertInfo getCertBySubjectDN(PKCS12 pkcs12, java.lang.String subjectDN) throws java.security.cert.CertificateException
- Throws:
java.security.cert.CertificateException
-
importKey
public void importKey(PKCS12 pkcs12, org.mozilla.jss.util.Password password, java.lang.String nickname, PKCS12KeyInfo keyInfo) throws java.lang.Exception
- Throws:
java.lang.Exception
-
storeCertIntoNSS
public void storeCertIntoNSS(PKCS12 pkcs12, org.mozilla.jss.util.Password password, PKCS12CertInfo certInfo, boolean overwrite) throws java.lang.Exception
Store a certificate (and key, if present) in NSSDB.- Throws:
java.lang.Exception
-
storeCertIntoNSS
public void storeCertIntoNSS(PKCS12 pkcs12, org.mozilla.jss.util.Password password, java.lang.String nickname, boolean overwrite) throws java.lang.Exception
- Throws:
java.lang.Exception
-
storeIntoNSS
public void storeIntoNSS(PKCS12 pkcs12, org.mozilla.jss.util.Password password, boolean overwrite) throws java.lang.Exception
- Throws:
java.lang.Exception
-
-