javax.crypto

Class EncryptedPrivateKeyInfo

java.lang.Object

javax.crypto.EncryptedPrivateKeyInfo

public class EncryptedPrivateKeyInfo
extends java.lang.Object

This class implements the EncryptedPrivateKeyInfo type as defined in PKCS #8.

Its ASN.1 definition is as follows:

 EncryptedPrivateKeyInfo ::=  SEQUENCE {
     encryptionAlgorithm   AlgorithmIdentifier,
     encryptedData   OCTET STRING }

 AlgorithmIdentifier  ::=  SEQUENCE  {
     algorithm              OBJECT IDENTIFIER,
     parameters             ANY DEFINED BY algorithm OPTIONAL  }
 

Since:

1.4

See Also:

PKCS8EncodedKeySpec

Constructor Summary

Constructors

Constructor and Description
EncryptedPrivateKeyInfo(java.security.AlgorithmParameters algParams, byte[] encryptedData) Constructs an EncryptedPrivateKeyInfo from the encryption algorithm parameters and the encrypted data.
EncryptedPrivateKeyInfo(byte[] encoded) Constructs (i.e., parses) an EncryptedPrivateKeyInfo from its ASN.1 encoding.
EncryptedPrivateKeyInfo(java.lang.String algName, byte[] encryptedData) Constructs an EncryptedPrivateKeyInfo from the encryption algorithm name and the encrypted data.

Method Summary

Modifier and Type	Method and Description
java.lang.String	getAlgName() Returns the encryption algorithm.
java.security.AlgorithmParameters	getAlgParameters() Returns the algorithm parameters used by the encryption algorithm.
byte[]	getEncoded() Returns the ASN.1 encoding of this object.
byte[]	getEncryptedData() Returns the encrypted data.
java.security.spec.PKCS8EncodedKeySpec	getKeySpec(Cipher cipher) Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.
java.security.spec.PKCS8EncodedKeySpec	getKeySpec(java.security.Key decryptKey) Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.
java.security.spec.PKCS8EncodedKeySpec	getKeySpec(java.security.Key decryptKey, java.security.Provider provider) Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.
java.security.spec.PKCS8EncodedKeySpec	getKeySpec(java.security.Key decryptKey, java.lang.String providerName) Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(byte[] encoded)
                        throws java.io.IOException

Constructs (i.e., parses) an EncryptedPrivateKeyInfo from its ASN.1 encoding.

Parameters:

encoded - the ASN.1 encoding of this object. The contents of the array are copied to protect against subsequent modification.

Throws:

java.lang.NullPointerException - if the encoded is null.

java.io.IOException - if error occurs when parsing the ASN.1 encoding.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(java.lang.String algName,
                               byte[] encryptedData)
                        throws java.security.NoSuchAlgorithmException

Constructs an EncryptedPrivateKeyInfo from the encryption algorithm name and the encrypted data.

Note: This constructor will use null as the value of the algorithm parameters. If the encryption algorithm has parameters whose value is not null, a different constructor, e.g. EncryptedPrivateKeyInfo(AlgorithmParameters, byte[]), should be used.

Parameters:

algName - encryption algorithm name. See Appendix A in the Java Cryptography Extension Reference Guide for information about standard Cipher algorithm names.

encryptedData - encrypted data. The contents of encrypedData are copied to protect against subsequent modification when constructing this object.

Throws:

java.lang.NullPointerException - if algName or encryptedData is null.

java.lang.IllegalArgumentException - if encryptedData is empty, i.e. 0-length.

java.security.NoSuchAlgorithmException - if the specified algName is not supported.

EncryptedPrivateKeyInfo

public EncryptedPrivateKeyInfo(java.security.AlgorithmParameters algParams,
                               byte[] encryptedData)
                        throws java.security.NoSuchAlgorithmException

Constructs an EncryptedPrivateKeyInfo from the encryption algorithm parameters and the encrypted data.

Parameters:

algParams - the algorithm parameters for the encryption algorithm. algParams.getEncoded() should return the ASN.1 encoded bytes of the parameters field of the AlgorithmIdentifer component of the EncryptedPrivateKeyInfo type.

encryptedData - encrypted data. The contents of encrypedData are copied to protect against subsequent modification when constructing this object.

Throws:

java.lang.NullPointerException - if algParams or encryptedData is null.

java.lang.IllegalArgumentException - if encryptedData is empty, i.e. 0-length.

java.security.NoSuchAlgorithmException - if the specified algName of the specified algParams parameter is not supported.

Method Detail

getAlgName

public java.lang.String getAlgName()

Returns the encryption algorithm.

Note: Standard name is returned instead of the specified one in the constructor when such mapping is available. See Appendix A in the Java Cryptography Extension Reference Guide for information about standard Cipher algorithm names.

Returns:

the encryption algorithm name.

getAlgParameters

public java.security.AlgorithmParameters getAlgParameters()

Returns the algorithm parameters used by the encryption algorithm.

Returns:

the algorithm parameters.

getEncryptedData

public byte[] getEncryptedData()

Returns the encrypted data.

Returns:

the encrypted data. Returns a new array each time this method is called.

getKeySpec

public java.security.spec.PKCS8EncodedKeySpec getKeySpec(Cipher cipher)
                                                  throws java.security.spec.InvalidKeySpecException

Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.
Note: In order to successfully retrieve the enclosed PKCS8EncodedKeySpec object, cipher needs to be initialized to either Cipher.DECRYPT_MODE or Cipher.UNWRAP_MODE, with the same key and parameters used for generating the encrypted data.

Parameters:

cipher - the initialized cipher object which will be used for decrypting the encrypted data.

Returns:

the PKCS8EncodedKeySpec object.

Throws:

java.lang.NullPointerException - if cipher is null.

java.security.spec.InvalidKeySpecException - if the given cipher is inappropriate for the encrypted data or the encrypted data is corrupted and cannot be decrypted.

getKeySpec

public java.security.spec.PKCS8EncodedKeySpec getKeySpec(java.security.Key decryptKey)
                                                  throws java.security.NoSuchAlgorithmException,
                                                         java.security.InvalidKeyException

Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.

Parameters:

decryptKey - key used for decrypting the encrypted data.

Returns:

the PKCS8EncodedKeySpec object.

Throws:

java.lang.NullPointerException - if decryptKey is null.

java.security.NoSuchAlgorithmException - if cannot find appropriate cipher to decrypt the encrypted data.

java.security.InvalidKeyException - if decryptKey cannot be used to decrypt the encrypted data or the decryption result is not a valid PKCS8KeySpec.

Since:

1.5

getKeySpec

public java.security.spec.PKCS8EncodedKeySpec getKeySpec(java.security.Key decryptKey,
                                                         java.lang.String providerName)
                                                  throws java.security.NoSuchProviderException,
                                                         java.security.NoSuchAlgorithmException,
                                                         java.security.InvalidKeyException

Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.

Parameters:

decryptKey - key used for decrypting the encrypted data.

providerName - the name of provider whose Cipher implementation will be used.

Returns:

the PKCS8EncodedKeySpec object.

Throws:

java.lang.NullPointerException - if decryptKey or providerName is null.

java.security.NoSuchProviderException - if no provider providerName is registered.

java.security.NoSuchAlgorithmException - if cannot find appropriate cipher to decrypt the encrypted data.

java.security.InvalidKeyException - if decryptKey cannot be used to decrypt the encrypted data or the decryption result is not a valid PKCS8KeySpec.

Since:

1.5

getKeySpec

public java.security.spec.PKCS8EncodedKeySpec getKeySpec(java.security.Key decryptKey,
                                                         java.security.Provider provider)
                                                  throws java.security.NoSuchAlgorithmException,
                                                         java.security.InvalidKeyException

Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.

Parameters:

decryptKey - key used for decrypting the encrypted data.

provider - the name of provider whose Cipher implementation will be used.

Returns:

the PKCS8EncodedKeySpec object.

Throws:

java.lang.NullPointerException - if decryptKey or provider is null.

java.security.NoSuchAlgorithmException - if cannot find appropriate cipher to decrypt the encrypted data in provider.

java.security.InvalidKeyException - if decryptKey cannot be used to decrypt the encrypted data or the decryption result is not a valid PKCS8KeySpec.

Since:

1.5

getEncoded

public byte[] getEncoded()
                  throws java.io.IOException

Returns the ASN.1 encoding of this object.

Returns:

the ASN.1 encoding. Returns a new array each time this method is called.

Throws:

java.io.IOException - if error occurs when constructing its ASN.1 encoding.