com.unboundid.util.ssl.cert

Class PKCS8EncryptionHandler

java.lang.Object

com.unboundid.util.ssl.cert.PKCS8EncryptionHandler

@ThreadSafety(level=COMPLETELY_THREADSAFE)
public final class PKCS8EncryptionHandler
extends java.lang.Object

This class provides a set of utility methods for interacting with encrypted PKCS #8 private keys.

Method Summary

Modifier and Type	Method and Description
static PKCS8PrivateKey	decryptPrivateKey(byte[] encryptedPrivateKeyBytes, char[] encryptionPassword) Attempts to decrypt the provided data as a PKCS #8 private key.
static byte[]	encryptPrivateKey(byte[] privateKeyBytes, char[] encryptionPassword, PKCS8EncryptionProperties encryptionProperties) Encrypts the provided PKCS #8 private key using the provided settings.
static byte[]	encryptPrivateKey(PKCS8PrivateKey privateKey, char[] encryptionPassword, PKCS8EncryptionProperties encryptionProperties) Encrypts the provided PKCS #8 private key using the provided settings.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

encryptPrivateKey

@NotNull
public static byte[] encryptPrivateKey(@NotNull
                                                PKCS8PrivateKey privateKey,
                                                @NotNull
                                                char[] encryptionPassword,
                                                @NotNull
                                                PKCS8EncryptionProperties encryptionProperties)
                                         throws CertException

Encrypts the provided PKCS #8 private key using the provided settings.

Parameters:

privateKey - The private key to encrypt. It must not be null.

encryptionPassword - The password to use to generate the encryption key. It must not be null.

encryptionProperties - The properties to use when encrypting the key. It must not be null.

Returns:

The bytes that contain the DER-encoded encrypted representation of the private key.

Throws:

CertException - If a problem occurs while attempting to encrypt the provided certificate with the given settings.

encryptPrivateKey

@NotNull
public static byte[] encryptPrivateKey(@NotNull
                                                byte[] privateKeyBytes,
                                                @NotNull
                                                char[] encryptionPassword,
                                                @NotNull
                                                PKCS8EncryptionProperties encryptionProperties)
                                         throws CertException

Encrypts the provided PKCS #8 private key using the provided settings.

Parameters:

privateKeyBytes - The bytes that comprise the private key to encrypt. It must not be null.

encryptionPassword - The password to use to generate the encryption key. It must not be null.

encryptionProperties - The properties to use when encrypting the key. It must not be null.

Returns:

The bytes that contain the DER-encoded encrypted representation of the private key.

Throws:

CertException - If a problem occurs while attempting to encrypt the provided certificate with the given settings.

decryptPrivateKey

@NotNull
public static PKCS8PrivateKey decryptPrivateKey(@NotNull
                                                         byte[] encryptedPrivateKeyBytes,
                                                         @NotNull
                                                         char[] encryptionPassword)
                                                  throws CertException

Attempts to decrypt the provided data as a PKCS #8 private key.

Parameters:

encryptedPrivateKeyBytes - The bytes that comprise the encrypted representation of a PKCS #8 private key. It must not be null.

encryptionPassword - The password used to generate the encryption key. It must not be null.

Returns:

The decrypted and decoded PKCS #8 private key.

Throws:

CertException - If a problem occurs while attempting to decrypt the encrypted private key.