Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.utils
Class KeyAndCertificate

java.lang.Object
  |
  +--iaik.utils.KeyAndCertificate
public class KeyAndCertificate
extends Object

A simple class for storing a private key and a certificate chain in one file.

The private key typically will be the private key belonging to the end entity´s public key being certified by the certificate located at the first position of the chain (e.g.. chain[0]).

This class may be used to build a KeyAndCertificate structure from given private key and certificate chain, to store this structure in a file using DER or PEM encoding, and to read in private key and certificate chain from the file again.

Assuming to already have created a X509Certificate chain and a private key, the following proceeding may be chosen for create a KeyAndCertificate structure, save it to a file and read in the contents again: 

 // create a KeyAndCertificate structure from given private key and
 // certificate chain and save it to a file using DER encoding:
 KeyAndCertificate keyAndCert = new KeyAndCertificate(private_key, cert_chain);
 keyAndCert.saveTo("key_and_cert.der", ASN1.DER);
 // read in from file again:
 KeyAndCertificate key_and_cert = new KeyAndCertificate("key_and_cert.der");
 // obtain the private key:
 PrivateKey priv_key = key_and_cert.getPrivateKey();
 // obtain the certificate chain:
 X509Certificate[] chain = key_and_cert.getCertificateChain();

Version:
File Revision 22

Constructor Summary
KeyAndCertificate(byte[] bytes)
          Creates a KeyAndCertificate object from the given byte array.
KeyAndCertificate(InputStream in)
          Creates a KeyAndCertificate object from the given InputStream.
KeyAndCertificate(PrivateKey privateKey, X509Certificate[] certificateChain)
          Creates a KeyAndCertificate object from given private key and X509 certificate chain.
KeyAndCertificate(String fileName)
          Creates a KeyAndCertificate object from a given file.
 
Method Summary
 PrivateKey decrypt(char[] password)
          Decrypts the private key in this KeyAndCertificate with the given password.
 void encrypt(char[] password, AlgorithmID encryptionAlgorithm, SecureRandom random)
          Encrypt the private key with the specified password, the encryption algorithm and the specified random number generated.
 X509Certificate[] getCertificateChain()
          Gets the certificate chain from this KeyAndCertificate object.
 PrivateKey getPrivateKey()
          Gets the private key from this KeyAndCertificate object.
 boolean isEncrypted()
          Test whether this KeyAndCertificate object contains an encrypted private key.
 void saveTo(String fileName, int format)
          Saves the private key and the certificate chain to a file using DER or PEM encoding.
 void writeTo(OutputStream os, int format)
          Write the private key and the certificate chain to an OutputStream.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

KeyAndCertificate

public KeyAndCertificate(String fileName)
                  throws IOException
Creates a KeyAndCertificate object from a given file.

The given file supplies the KeyAndCertificate structure in DER or PEM encoding format., e.g.:

KeyAndCertificate key_and_cert = new KeyAndCertificate("key_and_cert.der");

Parameters:
fileName - the name of the DER or PEM file from where to read in private key and certificate chain
Throws:
IOException - if an error occurs when reading from the file

KeyAndCertificate

public KeyAndCertificate(InputStream in)
                  throws IOException
Creates a KeyAndCertificate object from the given InputStream.

KeyAndCertificate

public KeyAndCertificate(byte[] bytes)
                  throws IOException
Creates a KeyAndCertificate object from the given byte array.

KeyAndCertificate

public KeyAndCertificate(PrivateKey privateKey,
                         X509Certificate[] certificateChain)
Creates a KeyAndCertificate object from given private key and X509 certificate chain.

Parameters:
privateKey - the private key
certificateChain - the X509 certificate chain
Method Detail

getCertificateChain

public X509Certificate[] getCertificateChain()
Gets the certificate chain from this KeyAndCertificate object.
Returns:
the X509 certifcate chain

getPrivateKey

public PrivateKey getPrivateKey()
Gets the private key from this KeyAndCertificate object.
Returns:
the private key

writeTo

public void writeTo(OutputStream os,
                    int format)
             throws IOException
Write the private key and the certificate chain to an OutputStream. For more info saveTo().

saveTo

public void saveTo(String fileName,
                   int format)
            throws IOException
Saves the private key and the certificate chain to a file using DER or PEM encoding.

For instance: 

 KeyAndCertificate keyAndCert = new KeyAndCertificate(private_key, cert_chain);
 keyAndCert.saveTo("key_and_cert.der", ASN1.DER);

Parameters:
fileName - the name of the file where the data shall be written to
format - the saving format (ASN1.DER or ASN1.PEM)

isEncrypted

public boolean isEncrypted()
Test whether this KeyAndCertificate object contains an encrypted private key.
Returns:
true if the private key is encrypted (EncryptedPrivateKeyInfo)

encrypt

public void encrypt(char[] password,
                    AlgorithmID encryptionAlgorithm,
                    SecureRandom random)
             throws NoSuchAlgorithmException
Encrypt the private key with the specified password, the encryption algorithm and the specified random number generated. If encryptionAlgorithm is null TripleDES will be used, if random is null a new instance will be generated via SecRandom. This method does nothing if the private key is already encrypted.

decrypt

public PrivateKey decrypt(char[] password)
                   throws NoSuchAlgorithmException
Decrypts the private key in this KeyAndCertificate with the given password. If the private key already was decrypted, it is returned immediately. Note that it is changed in this object, later calls to getPrivatKey() will return the decrypted key.
Returns:
the decrypted key or null if the decryption process fails
Throws:
NoSuchAlgorithmException - if the key or key- encryption algorithm is not supported
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK