Class PKCS8PEMFileReader

  • All Implemented Interfaces:
    java.io.Closeable, java.lang.AutoCloseable

    @ThreadSafety(level=NOT_THREADSAFE)
    public final class PKCS8PEMFileReader
    extends java.lang.Object
    implements java.io.Closeable
    This class provides a mechanism for reading a PEM-encoded PKCS #8 private key from a specified file. While it is generally expected that a private key file will contain only a single key, it is possible to read multiple keys from the same file. Each private key should consist of the following:
    • A line containing only the string "-----BEGIN PRIVATE KEY-----" or ""-----BEGIN RSA PRIVATE KEY-----.
    • One or more lines representing the base64-encoded representation of the bytes that comprise the PKCS #8 private key.
    • A line containing only the string "-----END PRIVATE KEY-----" or ""-----END RSA PRIVATE KEY-----.


    Any spaces that appear at the beginning or end of each line will be ignored. Empty lines and lines that start with the octothorpe (#) character will also be ignored.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String BEGIN_ENCRYPTED_PRIVATE_KEY_HEADER
      The header string that should appear on a line by itself before the base64-encoded representation of the bytes that comprise an encrypted PKCS #8 private key.
      static java.lang.String BEGIN_PRIVATE_KEY_HEADER
      The header string that should appear on a line by itself before the base64-encoded representation of the bytes that comprise a PKCS #8 private key.
      static java.lang.String BEGIN_RSA_PRIVATE_KEY_HEADER
      An alternative begin header string that may appear on a line by itself for cases in which the certificate uses an RSA key pair.
      static java.lang.String END_ENCRYPTED_PRIVATE_KEY_FOOTER
      The footer string that should appear on a line by itself after the base64-encoded representation of the bytes that comprise an encrypted PKCS #8 private key.
      static java.lang.String END_PRIVATE_KEY_FOOTER
      The footer string that should appear on a line by itself after the base64-encoded representation of the bytes that comprise a PKCS #8 private key.
      static java.lang.String END_RSA_PRIVATE_KEY_FOOTER
      An alternative end footer string that may appear on a line by itself for cases in which the certificate uses an RSA key pair.
    • Constructor Summary

      Constructors 
      Constructor Description
      PKCS8PEMFileReader​(java.io.File pemFile)
      Creates a new PKCS #8 PEM file reader that will read private key information from the specified file.
      PKCS8PEMFileReader​(java.io.InputStream inputStream)
      Creates a new PKCS #8 PEM file reader that will read private key information from the provided input stream.
      PKCS8PEMFileReader​(java.lang.String pemFilePath)
      Creates a new PKCS #8 PEM file reader that will read private key information from the specified file.
    • Constructor Detail

      • PKCS8PEMFileReader

        public PKCS8PEMFileReader​(@NotNull
                                  java.lang.String pemFilePath)
                           throws java.io.IOException
        Creates a new PKCS #8 PEM file reader that will read private key information from the specified file.
        Parameters:
        pemFilePath - The path to the PEM file from which the private key should be read. This must not be null and the file must exist.
        Throws:
        java.io.IOException - If a problem occurs while attempting to open the file for reading.
      • PKCS8PEMFileReader

        public PKCS8PEMFileReader​(@NotNull
                                  java.io.File pemFile)
                           throws java.io.IOException
        Creates a new PKCS #8 PEM file reader that will read private key information from the specified file.
        Parameters:
        pemFile - The PEM file from which the private key should be read. This must not be null and the file must exist.
        Throws:
        java.io.IOException - If a problem occurs while attempting to open the file for reading.
      • PKCS8PEMFileReader

        public PKCS8PEMFileReader​(@NotNull
                                  java.io.InputStream inputStream)
        Creates a new PKCS #8 PEM file reader that will read private key information from the provided input stream.
        Parameters:
        inputStream - The input stream from which the private key should be read. This must not be null and it must be open for reading.
    • Method Detail

      • readPrivateKey

        @Nullable
        public PKCS8PrivateKey readPrivateKey()
                                       throws java.io.IOException,
                                              CertException
        Reads the next private key from the PEM file. The private key must be unencrypted.
        Returns:
        The private key that was read, or null if the end of the file has been reached.
        Throws:
        java.io.IOException - If a problem occurs while trying to read data from the PEM file.
        CertException - If a problem occurs while trying to interpret data read from the PEM file as a PKCS #8 private key.
      • readPrivateKey

        @Nullable
        public PKCS8PrivateKey readPrivateKey​(@Nullable
                                              char[] encryptionPassword)
                                       throws java.io.IOException,
                                              CertException
        Reads the next private key from the PEM file. The private key may optionally be encrypted.
        Parameters:
        encryptionPassword - The password used to encrypt the private key. It must not be null if the private key is encrypted. It may be null if the private key is not encrypted.
        Returns:
        The private key that was read, or null if the end of the file has been reached.
        Throws:
        java.io.IOException - If a problem occurs while trying to read data from the PEM file.
        CertException - If a problem occurs while trying to interpret data read from the PEM file as a PKCS #8 private key.
      • close

        public void close()
                   throws java.io.IOException
        Closes this PKCS #8 PEM file reader.
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable
        Throws:
        java.io.IOException - If a problem is encountered while attempting to close the reader.