P12CertEntryProtection (6.0 API Documentation)

java.lang.Object
- iaik.pkcs.pkcs12.P12CertEntryProtection

All Implemented Interfaces:

P12Algorithms, java.security.KeyStore.ProtectionParameter
```
public class P12CertEntryProtection
extends java.lang.Object
implements java.security.KeyStore.ProtectionParameter, P12Algorithms
```
Parameters for protecting certificate entries of a PKCS#12 KeyStore.
P12 cert entry protection parameters may be used to specify the algorithm to be used for protecting a trusted certificate entry when adding it to a PKCS#12 KeyStore, e.g.:
```
 // the protection algorithm name
 String protectionAlg = "PBES2";
 // the keystore password
 char[] password = ...;
 // create a new PKCS12 KeyStore
 KeyStore ks = KeyStore.getInstance("PKCS12", "IAIK");
 ks.load(null, null);
 // add a cert entry
 X509Certificate trustedCert = ...;
 String certAlias = ...;
 KeyStore.TrustedCertificateEntry certEntry = new KeyStore.TrustedCertificateEntry(trustedCert);
 P12CertEntryProtection p12Protection = new P12CertEntryProtection(protectionAlg);
 ks.setEntry(certAlias, certEntry, p12Protection);
 // store keystore
 OutputStream os = ...;
 P12StoreParameter storeParams = new P12StoreParameter(os, password, protectionAlg);
 ks.store(storeParams);
 
```
When adding a certificate entry the protection parameters are actually applied when finally storing the KeyStore. Thus, when adding more than one certificate entry and specifying a different protection algorithm for each (or some) certificate entry, the protection algorithm that is specified for the certificate entry that has been added as last one is used for all certificate entries. This means that all certificate entries are protected by the same algorithm.
Although it is possible to use any specific supported PBES1 or PBES1 algorithm, it is recommended to use the "PBES2" (for security reasons) or "PBES1" algorithm set (for backwards interoperability reasons to PKCS#12 applications that do not support PBES2 yet).
See Also:
P12KeyStore

- Field Summary
  - Fields inherited from interface iaik.pkcs.pkcs12.P12Algorithms
    P_ALG_DEFAULT, P_ALG_LEGACY, P_ALG_PBES1, P_ALG_PBES2
- Constructor Summary
  
  Constructors
  Constructor and Description
  
  P12CertEntryProtection(java.lang.String protectionAlgorithm)
  Creates P12 cert entry protection parameters for the given algorithm.
- Method Summary
  
  Methods
  Modifier and Type Method and Description
  
  java.lang.String getProtectionAlgorithm()
  Gets the name of the protection algorithm (set).
  - Methods inherited from class java.lang.Object
    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructors
Constructor and Description
`P12CertEntryProtection(java.lang.String protectionAlgorithm)` Creates P12 cert entry protection parameters for the given algorithm.

Methods
Modifier and Type	Method and Description
`java.lang.String`	`getProtectionAlgorithm()` Gets the name of the protection algorithm (set).

- Constructor Detail
  - P12CertEntryProtection
```
public P12CertEntryProtection(java.lang.String protectionAlgorithm)
                       throws java.security.NoSuchAlgorithmException
```
    Creates P12 cert entry protection parameters for the given algorithm.
    
    Parameters:
    protectionAlgorithm - the name of the protection algorithm (set) to be used, e.g. "PBES2" or "PBES1"
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if the requested algorithm (set) is not supported
- Method Detail
  - getProtectionAlgorithm
```
public java.lang.String getProtectionAlgorithm()
```
    Gets the name of the protection algorithm (set).
    
    Returns:
    the name of the protection algorithm (set), e.g. "PBES2" or "PBES1"

Class P12CertEntryProtection

Field Summary

Fields inherited from interface iaik.pkcs.pkcs12.P12Algorithms

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

P12CertEntryProtection

Method Detail

getProtectionAlgorithm