Package com.unboundid.util.ssl.cert
Class PKCS8PrivateKey
- java.lang.Object
-
- com.unboundid.util.ssl.cert.PKCS8PrivateKey
-
- All Implemented Interfaces:
java.io.Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class PKCS8PrivateKey extends java.lang.Object implements java.io.Serializable
This class provides support for decoding an X.509 private key encoded in the PKCS #8 format as defined in RFC 5958. The private key is encoded using the ASN.1 Distinguished Encoding Rules (DER), which is a subset of BER, and is supported by the code in thecom.unboundid.asn1
package. The ASN.1 specification is as follows:OneAsymmetricKey ::= SEQUENCE { version Version, privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, privateKey PrivateKey, attributes [0] Attributes OPTIONAL, ..., [[2: publicKey [1] PublicKey OPTIONAL ]], ... } PrivateKeyInfo ::= OneAsymmetricKey -- PrivateKeyInfo is used by [P12]. If any items tagged as version -- 2 are used, the version must be v2, else the version should be -- v1. When v1, PrivateKeyInfo is the same as it was in [RFC5208]. Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2) PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier { PUBLIC-KEY, { PrivateKeyAlgorithms } } PrivateKey ::= OCTET STRING -- Content varies based on type of key. The -- algorithm identifier dictates the format of -- the key. PublicKey ::= BIT STRING -- Content varies based on type of key. The -- algorithm identifier dictates the format of -- the key. Attributes ::= SET OF Attribute { { OneAsymmetricKeyAttributes } } OneAsymmetricKeyAttributes ATTRIBUTE ::= { ... -- For local profiles }
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description PKCS8PrivateKey(byte[] privateKeyBytes)
Decodes the contents of the provided byte array as a PKCS #8 private key.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ASN1Element
getAttributesElement()
Retrieves an ASN.1 element containing an encoded set of private key attributes, if available.DecodedPrivateKey
getDecodedPrivateKey()
Retrieves the decoded private key, if available.ASN1OctetString
getEncodedPrivateKey()
Retrieves the encoded private key data.byte[]
getPKCS8PrivateKeyBytes()
Retrieves the bytes that comprise the encoded representation of this PKCS #8 private key.java.lang.String
getPrivateKeyAlgorithmName()
Retrieves the private key algorithm name, if available.java.lang.String
getPrivateKeyAlgorithmNameOrOID()
Retrieves the private key algorithm name, if available, or a string representation of the OID if the name is not available.OID
getPrivateKeyAlgorithmOID()
Retrieves the private key algorithm OID.ASN1Element
getPrivateKeyAlgorithmParameters()
Retrieves the encoded private key algorithm parameters, if present.ASN1BitString
getPublicKey()
Retrieves the public key included in the private key, if available.PKCS8PrivateKeyVersion
getVersion()
Retrieves the private key version.java.util.List<java.lang.String>
toEncryptedPEM(char[] encryptionPassword, PKCS8EncryptionProperties encryptionProperties)
Retrieves a list of the lines that comprise a PEM representation of this private key that is encrypted with the provided settings.java.lang.String
toEncryptedPEMString(char[] encryptionPassword, PKCS8EncryptionProperties encryptionProperties)
Retrieves a multi-line string containing a PEM representation of this private key that is encrypted with the provided settings.java.util.List<java.lang.String>
toPEM()
Retrieves a list of the lines that comprise a PEM representation of this PKCS #8 private key.java.lang.String
toPEMString()
Retrieves a multi-line string containing a PEM representation of this PKCS #8 private key.java.security.PrivateKey
toPrivateKey()
Converts this PKCS #8 private key object to a JavaPrivateKey
object.java.lang.String
toString()
Retrieves a string representation of the decoded X.509 certificate.void
toString(java.lang.StringBuilder buffer)
Appends a string representation of the decoded X.509 certificate to the provided buffer.
-
-
-
Constructor Detail
-
PKCS8PrivateKey
public PKCS8PrivateKey(@NotNull byte[] privateKeyBytes) throws CertException
Decodes the contents of the provided byte array as a PKCS #8 private key.- Parameters:
privateKeyBytes
- The byte array containing the encoded PKCS #8 private key.- Throws:
CertException
- If the contents of the provided byte array could not be decoded as a valid PKCS #8 private key.
-
-
Method Detail
-
getPKCS8PrivateKeyBytes
@NotNull public byte[] getPKCS8PrivateKeyBytes()
Retrieves the bytes that comprise the encoded representation of this PKCS #8 private key.- Returns:
- The bytes that comprise the encoded representation of this PKCS #8 private key.
-
getVersion
@NotNull public PKCS8PrivateKeyVersion getVersion()
Retrieves the private key version.- Returns:
- The private key version.
-
getPrivateKeyAlgorithmOID
@NotNull public OID getPrivateKeyAlgorithmOID()
Retrieves the private key algorithm OID.- Returns:
- The private key algorithm OID.
-
getPrivateKeyAlgorithmName
@Nullable public java.lang.String getPrivateKeyAlgorithmName()
Retrieves the private key algorithm name, if available.- Returns:
- The private key algorithm name, or
null
if private key algorithm OID is not recognized.
-
getPrivateKeyAlgorithmNameOrOID
@NotNull public java.lang.String getPrivateKeyAlgorithmNameOrOID()
Retrieves the private key algorithm name, if available, or a string representation of the OID if the name is not available.- Returns:
- The private key algorithm name if it is available, or a string representation of the private key algorithm OID if it is not.
-
getPrivateKeyAlgorithmParameters
@Nullable public ASN1Element getPrivateKeyAlgorithmParameters()
Retrieves the encoded private key algorithm parameters, if present.- Returns:
- The encoded private key algorithm parameters, or
null
if there are no private key algorithm parameters.
-
getEncodedPrivateKey
@NotNull public ASN1OctetString getEncodedPrivateKey()
Retrieves the encoded private key data.- Returns:
- The encoded private key data.
-
getDecodedPrivateKey
@Nullable public DecodedPrivateKey getDecodedPrivateKey()
Retrieves the decoded private key, if available.- Returns:
- The decoded private key, or
null
if the decoded key is not available.
-
getAttributesElement
@Nullable public ASN1Element getAttributesElement()
Retrieves an ASN.1 element containing an encoded set of private key attributes, if available.- Returns:
- An ASN.1 element containing an encoded set of private key
attributes, or
null
if the private key does not have any attributes.
-
getPublicKey
@Nullable public ASN1BitString getPublicKey()
Retrieves the public key included in the private key, if available.- Returns:
- The public key included in the private key, or
null
if the private key does not include a public key.
-
toPrivateKey
@NotNull public java.security.PrivateKey toPrivateKey() throws java.security.GeneralSecurityException
Converts this PKCS #8 private key object to a JavaPrivateKey
object.- Returns:
- The Java
PrivateKey
object that corresponds to this PKCS #8 private key. - Throws:
java.security.GeneralSecurityException
- If a problem is encountered while performing the conversion.
-
toString
@NotNull public java.lang.String toString()
Retrieves a string representation of the decoded X.509 certificate.- Overrides:
toString
in classjava.lang.Object
- Returns:
- A string representation of the decoded X.509 certificate.
-
toString
public void toString(@NotNull java.lang.StringBuilder buffer)
Appends a string representation of the decoded X.509 certificate to the provided buffer.- Parameters:
buffer
- The buffer to which the information should be appended.
-
toPEM
@NotNull public java.util.List<java.lang.String> toPEM()
Retrieves a list of the lines that comprise a PEM representation of this PKCS #8 private key.- Returns:
- A list of the lines that comprise a PEM representation of this PKCS #8 private key.
-
toPEMString
@NotNull public java.lang.String toPEMString()
Retrieves a multi-line string containing a PEM representation of this PKCS #8 private key.- Returns:
- A multi-line string containing a PEM representation of this PKCS #8 private key.
-
toEncryptedPEM
@NotNull public java.util.List<java.lang.String> toEncryptedPEM(@NotNull char[] encryptionPassword, @NotNull PKCS8EncryptionProperties encryptionProperties) throws CertException
Retrieves a list of the lines that comprise a PEM representation of this private key that is encrypted with the provided settings.- Parameters:
encryptionPassword
- The password to use to generate the encryption key. It must not benull
.encryptionProperties
- The properties to use when encrypting the key. It must not benull
.- Returns:
- A list of the lines that comprise a PEM representation of this private key that is encrypted with the provided settings.
- Throws:
CertException
- If a problem occurs while encrypting the private key.
-
toEncryptedPEMString
@NotNull public java.lang.String toEncryptedPEMString(@NotNull char[] encryptionPassword, @NotNull PKCS8EncryptionProperties encryptionProperties) throws CertException
Retrieves a multi-line string containing a PEM representation of this private key that is encrypted with the provided settings.- Parameters:
encryptionPassword
- The password to use to generate the encryption key. It must not benull
.encryptionProperties
- The properties to use when encrypting the key. It must not benull
.- Returns:
- A multi-line string containing a PEM representation of this private key that is encrypted with the provided settings.
- Throws:
CertException
- If a problem occurs while encrypting the private key.
-
-