iaik.pkcs.pkcs12

Class PKCS12Pbes2Algorithm

java.lang.Object

iaik.pkcs.pkcs12.PKCS12Algorithm

iaik.pkcs.pkcs12.PKCS12PbeAlgorithm

iaik.pkcs.pkcs12.PKCS12Pbes2Algorithm

All Implemented Interfaces:

java.lang.Cloneable

public class PKCS12Pbes2Algorithm
extends PKCS12PbeAlgorithm

PKCS#12 PBES2 algorithm.

PKCS#12 PBES2 algorithms are used to password based encrypt (Shrouded)KeyBags contained in unencrypted AuthenticatedSafe objects and/or CertBags contained in encrypted AuthenticatedSafe objects.

This class provides several PBES2 algorithms based on the PKCS#5 PBES2 password based encryption schemes; the default PBE algorithm used by the IAIK PKCS#12 KeyStore implementation is PBES2WithHmacSHA256AndAES256 for both encrypted (Shrouded)KeyBags contained in unencrypted AuthenticatedSafe objects and CertBags contained in encrypted AuthenticatedSafe objects.

If your PKCS#12 KeyStore(s) must be readable with other PKCS#12 applications, too, be careful when selecting another than the default PBES2WithHmacSHA256AndAES256 algorithm. Although we have tested the algorithms to work with well established PKCS#12 applications, it even might happen that an application may only be able to read PKCS#12 KeyStores using the legacy PBES1 algorithms.

Field Summary

Fields

Modifier and Type	Field and Description
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA1AndAES PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA1 as prf) and AES as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA1AndAES256 PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA1 as prf) and AES256 as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA224AndAES PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA224 as prf) and AES as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA224AndAES256 PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA224 as prf) and AES256 as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA256AndAES PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA224 as prf) and AES256 as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA256AndAES256 PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA256 as prf) and AES256 as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA384AndAES PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA384 as prf) and AES as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA384AndAES192 PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA384 as prf) and AES192 as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA384AndAES256 PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA384 as prf) and AES256 as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA512AndAES PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA512 as prf) and AES as encryption scheme.
static PKCS12Pbes2Algorithm	PBES2WithHmacSHA512AndAES256 PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA512 as prf) and AES256 as encryption scheme.

Fields inherited from class iaik.pkcs.pkcs12.PKCS12PbeAlgorithm

NONE, PBEWithSHAAnd3_KeyTripleDES_CBC, PBEWithSHAAnd40BitRC2_CBC

Method Summary

Methods

Modifier and Type	Method and Description
java.lang.Object	clone() Creates a clone of this PKCS12Pbes2Algorithm.
boolean	equals(java.lang.Object obj) Compares this PKCS12Pbes2Algorithm with the given object.
static PKCS12Pbes2Algorithm	getPKCS12Pbes2Algorithm(java.lang.String name) Gets a PKCS12Pbes2Algorithm by its name.
java.lang.String	toString() Gets a String representation of this PKCS12Pbes2Algorithm

Methods inherited from class iaik.pkcs.pkcs12.PKCS12PbeAlgorithm

getPKCS12PbeAlgorithm

Methods inherited from class iaik.pkcs.pkcs12.PKCS12Algorithm

getIterationCount, getSaltLength, setIterationCount, setSalt, setSaltLength

Methods inherited from class java.lang.Object

finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

PBES2WithHmacSHA256AndAES256

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA256AndAES256

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA256 as prf) and AES256 as encryption scheme.

Salt length: 32.
Iteration count: 10000.

This is the password based encryption scheme that is used by default.

PBES2WithHmacSHA256AndAES

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA256AndAES

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA224 as prf) and AES256 as encryption scheme.

Salt length: 32.
Iteration count: 10000.

PBES2WithHmacSHA1AndAES

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA1AndAES

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA1 as prf) and AES as encryption scheme.

Salt length: 20.
Iteration count: 10000.

PBES2WithHmacSHA1AndAES256

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA1AndAES256

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA1 as prf) and AES256 as encryption scheme.

Salt length: 20.
Iteration count: 10000.

PBES2WithHmacSHA224AndAES

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA224AndAES

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA224 as prf) and AES as encryption scheme.

Salt length: 28.
Iteration count: 10000.

PBES2WithHmacSHA224AndAES256

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA224AndAES256

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA224 as prf) and AES256 as encryption scheme.

Salt length: 28.
Iteration count: 10000.

PBES2WithHmacSHA384AndAES

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA384AndAES

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA384 as prf) and AES as encryption scheme.

Salt length: 48.
Iteration count: 10000.

PBES2WithHmacSHA384AndAES192

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA384AndAES192

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA384 as prf) and AES192 as encryption scheme.

Salt length: 48.
Iteration count: 10000.

PBES2WithHmacSHA384AndAES256

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA384AndAES256

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA384 as prf) and AES256 as encryption scheme.

Salt length: 48.
Iteration count: 10000.

PBES2WithHmacSHA512AndAES

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA512AndAES

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA512 as prf) and AES as encryption scheme.

Salt length: 64.
Iteration count: 10000.

PBES2WithHmacSHA512AndAES256

public static final PKCS12Pbes2Algorithm PBES2WithHmacSHA512AndAES256

PKCS#5 PBES2 password based encryption scheme using PKDF2 key derivation function (with HmacSHA512 as prf) and AES256 as encryption scheme.

Salt length: 64.
Iteration count: 10000.

Method Detail

getPKCS12Pbes2Algorithm

public static final PKCS12Pbes2Algorithm getPKCS12Pbes2Algorithm(java.lang.String name)

Gets a PKCS12Pbes2Algorithm by its name.

Valid names are:

1. "PBES2WithHmacSHA256AndAES256" or "PBEWithHmacSHA256AndAES_256"
2. "PBES2WithHmacSHA256AndAES" or "PBEWithHmacSHA256AndAES"
3. "PBES2WithHmacSHA1AndAES" or "PBEWithHmacSHA1AndAES"
4. "PBES2WithHmacSHA1AndAES256" or "PBEWithHmacSHA1AndAES256"
5. "PBES2WithHmacSHA224AndAES" or "PBEWithHmacSHA224AndAES"
6. "PBES2WithHmacSHA224AndAES256" or "PBEWithHmacSHA224AndAES256"
7. "PBES2WithHmacSHA384AndAES" or "PBEWithHmacSHA384AndAES"
8. "PBES2WithHmacSHA384AndAES192" or "PBEWithHmacSHA384AndAES192"
9. "PBES2WithHmacSHA384AndAES256" or "PBEWithHmacSHA384AndAES256"
10. "PBES2WithHmacSHA512AndAES" or "PBEWithHmacSHA512AndAES"
11. "PBES2WithHmacSHA512AndAES256" or "PBEWithHmacSHA512AndAES256"

Parameters:

name - the name of the PKCS#12 PBES2 algorithm

Returns:

the PKCS12Pbes2Algorithm for the given name, or null if the requested PKCS12Pbes2Algorithm is not supported

clone

public java.lang.Object clone()

Creates a clone of this PKCS12Pbes2Algorithm.

Overrides:

clone in class PKCS12PbeAlgorithm

Returns:

a clone of this PKCS12Pbes2Algorithm

equals

public boolean equals(java.lang.Object obj)

Compares this PKCS12Pbes2Algorithm with the given object.
Compares the algorithm ids and prf and encryption scheme ids, and salt length and iteration count, but not other parameters.

Overrides:

equals in class PKCS12Algorithm

Parameters:

obj - the other object

Returns:

true, if the two objects are equal, false otherwise

toString

public java.lang.String toString()

Gets a String representation of this PKCS12Pbes2Algorithm

Overrides:

toString in class PKCS12Algorithm

Returns:

a String representation