P12PasswordProtection (6.0 API Documentation)

java.lang.Object
- java.security.KeyStore.PasswordProtection
- - iaik.pkcs.pkcs12.P12PasswordProtection

All Implemented Interfaces:: P12Algorithms, java.security.KeyStore.ProtectionParameter, javax.security.auth.Destroyable

public class P12PasswordProtection
extends java.security.KeyStore.PasswordProtection
implements P12Algorithms

Parameters for protecting key entries of a PKCS#12 KeyStore.

P12 key entry protection parameters may be used to specify password and algorithm for protecting a key entry when adding it to a PKCS#12 KeyStore, e.g.:

 // the protection algorithm name
 String protectionAlg = "PBES2";
 // the keystore password
 char[] password = ...;
 // create a new PKCS12 KeyStore
 KeyStore ks = KeyStore.getInstance("PKCS12", "IAIK");
 ks.load(null, null);
 // add a key entry
 PrivateKey privateKey = ...;
 X509Certificate[] certChain = ...;
 String keyAlias = ...;
 KeyStore.PrivateKeyEntry keyEntry = new KeyStore.PrivateKeyEntry(privateKey, certChain);
 P12PasswordProtection pwdProtection = new P12PasswordProtection(password, protectionAlg);
 ks.setEntry(keyAlias, keyEntry, pwdProtection);
 // store keystore
 OutputStream os = ...;
 P12StoreParameter storeParams = new P12StoreParameter(os, password, protectionAlg);
 ks.store(storeParams);

Although it is possible to use any specific supported PBES1 or PBES2 algorithm, it is recommended to use the "PBES2" (for security reasons) or "PBES1" algorithm set (for backwards interoperability reasons to PKCS#12 applications that do not support PBES2 yet).

See Also:: P12KeyStore

Field Summary
- Fields inherited from interface iaik.pkcs.pkcs12.P12Algorithms
  P_ALG_DEFAULT, P_ALG_LEGACY, P_ALG_PBES1, P_ALG_PBES2

Constructor Summary

Constructors
Constructor and Description
`P12PasswordProtection(char[] password)` Creates P12 password protection parameters for the given password.
`P12PasswordProtection(char[] password, java.lang.String protectionAlgorithm)` Creates P12 password protection parameters for the given password and algorithm.

Method Summary
- Methods inherited from class java.security.KeyStore.PasswordProtection
  destroy, getPassword, isDestroyed
- Methods inherited from class java.lang.Object
  clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - P12PasswordProtection
```
public P12PasswordProtection(char[] password)
```
    Creates P12 password protection parameters for the given password.
    When using this constructor, the PBES2 algorithm set (with PBES2WithHmacSHA256AndAES256) is used to protect the key entry.
    
    Parameters:
    password - the password
  - P12PasswordProtection
```
public P12PasswordProtection(char[] password,
                     java.lang.String protectionAlgorithm)
                      throws java.security.NoSuchAlgorithmException
```
    Creates P12 password protection parameters for the given password and algorithm.
    
    Parameters:
    protectionAlgorithm - the name of the protection algorithm (set) to be used, e.g. "PBES2" or "PBES1"
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if the requested algorithm (set) is not supported

Class P12PasswordProtection

Field Summary

Fields inherited from interface iaik.pkcs.pkcs12.P12Algorithms

Constructor Summary

Method Summary

Methods inherited from class java.security.KeyStore.PasswordProtection

Methods inherited from class java.lang.Object

Constructor Detail

P12PasswordProtection

P12PasswordProtection