javax.crypto: public class: EncryptedPrivateKeyInfo

javax.crypto
public class: EncryptedPrivateKeyInfo [javadoc | source]

java.lang.Object
   javax.crypto.EncryptedPrivateKeyInfo

This class implements the EncryptedPrivateKeyInfo type as defined in PKCS #8.

Its ASN.1 definition is as follows:

EncryptedPrivateKeyInfo ::=  SEQUENCE {
    encryptionAlgorithm   AlgorithmIdentifier,
    encryptedData   OCTET STRING }

AlgorithmIdentifier  ::=  SEQUENCE  {
    algorithm              OBJECT IDENTIFIER,
    parameters             ANY DEFINED BY algorithm OPTIONAL  }

Also see:

java.security.spec.PKCS8EncodedKeySpec

author: Valerie - Peng

since: 1.4 -

Constructor:

Constructor:
public EncryptedPrivateKeyInfo(byte[] encoded) throws IOException { if (encoded == null) { throw new NullPointerException("the encoded parameter " + "must be non-null"); } this.encoded = (byte[])encoded.clone(); DerValue val = new DerValue(this.encoded); DerValue[] seq = new DerValue[2]; seq[0] = val.data.getDerValue(); seq[1] = val.data.getDerValue(); if (val.data.available() != 0) { throw new IOException("overrun, bytes = " + val.data.available()); } this.algid = AlgorithmId.parse(seq[0]); if (seq[0].data.available() != 0) { throw new IOException("encryptionAlgorithm field overrun"); } this.encryptedData = seq[1].getOctetString(); if (seq[1].data.available() != 0) { throw new IOException("encryptedData field overrun"); } } Constructs (i.e., parses) an `EncryptedPrivateKeyInfo` from its ASN.1 encoding. Parameters: `encoded` - the ASN.1 encoding of this object. The contents of the array are copied to protect against subsequent modification. Throws: `NullPointerException` - if the `encoded` is null. `IOException` - if error occurs when parsing the ASN.1 encoding. exception: `NullPointerException` - if the `encoded` is null. exception: `IOException` - if error occurs when parsing the ASN.1 encoding.
public EncryptedPrivateKeyInfo(String algName, byte[] encryptedData) throws NoSuchAlgorithmException { if (algName == null) throw new NullPointerException("the algName parameter " + "must be non-null"); this.algid = AlgorithmId.get(algName); if (encryptedData == null) { throw new NullPointerException("the encryptedData " + "parameter must be non-null"); } else if (encryptedData.length == 0) { throw new IllegalArgumentException("the encryptedData " + "parameter must not be empty"); } else { this.encryptedData = (byte[])encryptedData.clone(); } // delay the generation of ASN.1 encoding until // getEncoded() is called this.encoded = null; } Constructs an `EncryptedPrivateKeyInfo` from the encryption algorithm name and the encrypted data. Note: This constructor will use null as the value of the algorithm parameters. If the encryption algorithm has parameters whose value is not null, a different constructor, e.g. EncryptedPrivateKeyInfo(AlgorithmParameters, byte[]), should be used. Parameters: `algName` - encryption algorithm name. See Appendix A in the Java Cryptography Architecture Reference Guide for information about standard Cipher algorithm names. `encryptedData` - encrypted data. The contents of `encrypedData` are copied to protect against subsequent modification when constructing this object. Throws: `NullPointerException` - if `algName` or `encryptedData` is null. `IllegalArgumentException` - if `encryptedData` is empty, i.e. 0-length. `NoSuchAlgorithmException` - if the specified algName is not supported. exception: `NullPointerException` - if `algName` or `encryptedData` is null. exception: `IllegalArgumentException` - if `encryptedData` is empty, i.e. 0-length. exception: `NoSuchAlgorithmException` - if the specified algName is not supported.
public EncryptedPrivateKeyInfo(AlgorithmParameters algParams, byte[] encryptedData) throws NoSuchAlgorithmException { if (algParams == null) { throw new NullPointerException("algParams must be non-null"); } this.algid = AlgorithmId.get(algParams); if (encryptedData == null) { throw new NullPointerException("encryptedData must be non-null"); } else if (encryptedData.length == 0) { throw new IllegalArgumentException("the encryptedData " + "parameter must not be empty"); } else { this.encryptedData = (byte[])encryptedData.clone(); } // delay the generation of ASN.1 encoding until // getEncoded() is called this.encoded = null; } Constructs an `EncryptedPrivateKeyInfo` from the encryption algorithm parameters and the encrypted data. Parameters: `algParams` - the algorithm parameters for the encryption algorithm. `algParams.getEncoded()` should return the ASN.1 encoded bytes of the `parameters` field of the `AlgorithmIdentifer` component of the `EncryptedPrivateKeyInfo` type. `encryptedData` - encrypted data. The contents of `encrypedData` are copied to protect against subsequent modification when constructing this object. Throws: `NullPointerException` - if `algParams` or `encryptedData` is null. `IllegalArgumentException` - if `encryptedData` is empty, i.e. 0-length. `NoSuchAlgorithmException` - if the specified algName of the specified `algParams` parameter is not supported. exception: `NullPointerException` - if `algParams` or `encryptedData` is null. exception: `IllegalArgumentException` - if `encryptedData` is empty, i.e. 0-length. exception: `NoSuchAlgorithmException` - if the specified algName of the specified `algParams` parameter is not supported.

 public EncryptedPrivateKeyInfo(byte[] encoded) throws IOException {
        if (encoded == null) {
            throw new NullPointerException("the encoded parameter " +
                                           "must be non-null");
        }
        this.encoded = (byte[])encoded.clone();
        DerValue val = new DerValue(this.encoded);
        DerValue[] seq = new DerValue[2];
        seq[0] = val.data.getDerValue();
        seq[1] = val.data.getDerValue();
        if (val.data.available() != 0) {
            throw new IOException("overrun, bytes = " + val.data.available());
        }
        this.algid = AlgorithmId.parse(seq[0]);
        if (seq[0].data.available() != 0) {
            throw new IOException("encryptionAlgorithm field overrun");
        }
        this.encryptedData = seq[1].getOctetString();
        if (seq[1].data.available() != 0) {
            throw new IOException("encryptedData field overrun");
        }
}

EncryptedPrivateKeyInfo

Parameters:

encoded - the ASN.1 encoding of this object. The contents of the array are copied to protect against subsequent modification.

Throws:

NullPointerException - if the encoded is null.

IOException - if error occurs when parsing the ASN.1 encoding.

exception: NullPointerException - if the encoded is null.

exception: IOException - if error occurs when parsing the ASN.1 encoding.

 public EncryptedPrivateKeyInfo(String algName,
    byte[] encryptedData) throws NoSuchAlgorithmException {
        if (algName == null)
                throw new NullPointerException("the algName parameter " +
                                               "must be non-null");
        this.algid = AlgorithmId.get(algName);
        if (encryptedData == null) {
            throw new NullPointerException("the encryptedData " +
                                           "parameter must be non-null");
        } else if (encryptedData.length == 0) {
            throw new IllegalArgumentException("the encryptedData " +
                                                "parameter must not be empty");
        } else {
            this.encryptedData = (byte[])encryptedData.clone();
        }
        // delay the generation of ASN.1 encoding until
        // getEncoded() is called
        this.encoded = null;
}

EncryptedPrivateKeyInfo

Note: This constructor will use null as the value of the algorithm parameters. If the encryption algorithm has parameters whose value is not null, a different constructor, e.g. EncryptedPrivateKeyInfo(AlgorithmParameters, byte[]), should be used.

Parameters:

algName - encryption algorithm name. See Appendix A in the Java Cryptography Architecture Reference Guide for information about standard Cipher algorithm names.

encryptedData - encrypted data. The contents of encrypedData are copied to protect against subsequent modification when constructing this object.

Throws:

NullPointerException - if algName or encryptedData is null.

IllegalArgumentException - if encryptedData is empty, i.e. 0-length.

NoSuchAlgorithmException - if the specified algName is not supported.

exception: NullPointerException - if algName or encryptedData is null.

exception: IllegalArgumentException - if encryptedData is empty, i.e. 0-length.

exception: NoSuchAlgorithmException - if the specified algName is not supported.

 public EncryptedPrivateKeyInfo(AlgorithmParameters algParams,
    byte[] encryptedData) throws NoSuchAlgorithmException {
        if (algParams == null) {
            throw new NullPointerException("algParams must be non-null");
        }
        this.algid = AlgorithmId.get(algParams);
        if (encryptedData == null) {
            throw new NullPointerException("encryptedData must be non-null");
        } else if (encryptedData.length == 0) {
            throw new IllegalArgumentException("the encryptedData " +
                                                "parameter must not be empty");
        } else {
            this.encryptedData = (byte[])encryptedData.clone();
        }
        // delay the generation of ASN.1 encoding until
        // getEncoded() is called
        this.encoded = null;
}

EncryptedPrivateKeyInfo

Parameters:

algParams - the algorithm parameters for the encryption algorithm. algParams.getEncoded() should return the ASN.1 encoded bytes of the parameters field of the AlgorithmIdentifer component of the EncryptedPrivateKeyInfo type.

encryptedData - encrypted data. The contents of encrypedData are copied to protect against subsequent modification when constructing this object.

Throws:

NullPointerException - if algParams or encryptedData is null.

IllegalArgumentException - if encryptedData is empty, i.e. 0-length.

NoSuchAlgorithmException - if the specified algName of the specified algParams parameter is not supported.

exception: NullPointerException - if algParams or encryptedData is null.

exception: IllegalArgumentException - if encryptedData is empty, i.e. 0-length.

exception: NoSuchAlgorithmException - if the specified algName of the specified algParams parameter is not supported.

Method from javax.crypto.EncryptedPrivateKeyInfo Summary:
getAlgName, getAlgParameters, getEncoded, getEncryptedData, getKeySpec, getKeySpec, getKeySpec, getKeySpec

Methods from java.lang.Object:
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from javax.crypto.EncryptedPrivateKeyInfo Detail:
public String getAlgName() { return this.algid.getName(); } Returns the encryption algorithm. Note: Standard name is returned instead of the specified one in the constructor when such mapping is available. See Appendix A in the Java Cryptography Architecture Reference Guide for information about standard Cipher algorithm names.
public AlgorithmParameters getAlgParameters() { return this.algid.getParameters(); } Returns the algorithm parameters used by the encryption algorithm.
public byte[] getEncoded() throws IOException { if (this.encoded == null) { DerOutputStream out = new DerOutputStream(); DerOutputStream tmp = new DerOutputStream(); // encode encryption algorithm algid.encode(tmp); // encode encrypted data tmp.putOctetString(encryptedData); // wrap everything into a SEQUENCE out.write(DerValue.tag_Sequence, tmp); this.encoded = out.toByteArray(); } return (byte[])this.encoded.clone(); } Returns the ASN.1 encoding of this object.
public byte[] getEncryptedData() { return (byte[])this.encryptedData.clone(); } Returns the encrypted data.
public PKCS8EncodedKeySpec getKeySpec(Cipher cipher) throws InvalidKeySpecException { byte[] encoded = null; try { encoded = cipher.doFinal((byte[])encryptedData); checkPKCS8Encoding(encoded); } catch (GeneralSecurityException gse) { InvalidKeySpecException ikse = new InvalidKeySpecException( "Cannot retrieve the PKCS8EncodedKeySpec"); ikse.initCause(gse); throw ikse; } catch (IOException ioe) { InvalidKeySpecException ikse = new InvalidKeySpecException( "Cannot retrieve the PKCS8EncodedKeySpec"); ikse.initCause(ioe); throw ikse; } catch (IllegalStateException ise) { InvalidKeySpecException ikse = new InvalidKeySpecException( "Cannot retrieve the PKCS8EncodedKeySpec"); ikse.initCause(ise); throw ikse; } return new PKCS8EncodedKeySpec(encoded); } Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it. Note: In order to successfully retrieve the enclosed PKCS8EncodedKeySpec object, `cipher` needs to be initialized to either Cipher.DECRYPT_MODE or Cipher.UNWRAP_MODE, with the same key and parameters used for generating the encrypted data.
public PKCS8EncodedKeySpec getKeySpec(Key decryptKey) throws NoSuchAlgorithmException, InvalidKeyException { if (decryptKey == null) { throw new NullPointerException("decryptKey is null"); } return getKeySpecImpl(decryptKey, null); } Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.
public PKCS8EncodedKeySpec getKeySpec(Key decryptKey, String providerName) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException { if (decryptKey == null) { throw new NullPointerException("decryptKey is null"); } if (providerName == null) { throw new NullPointerException("provider is null"); } Provider provider = Security.getProvider(providerName); if (provider == null) { throw new NoSuchProviderException("provider " + providerName + " not found"); } return getKeySpecImpl(decryptKey, provider); } Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.
public PKCS8EncodedKeySpec getKeySpec(Key decryptKey, Provider provider) throws NoSuchAlgorithmException, InvalidKeyException { if (decryptKey == null) { throw new NullPointerException("decryptKey is null"); } if (provider == null) { throw new NullPointerException("provider is null"); } return getKeySpecImpl(decryptKey, provider); } Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.

Method from javax.crypto.EncryptedPrivateKeyInfo Detail:

 public String getAlgName() {
        return this.algid.getName();
}

Note: Standard name is returned instead of the specified one in the constructor when such mapping is available. See Appendix A in the Java Cryptography Architecture Reference Guide for information about standard Cipher algorithm names.

 public AlgorithmParameters getAlgParameters() {
        return this.algid.getParameters();
}

Returns the algorithm parameters used by the encryption algorithm.

 public byte[] getEncoded() throws IOException {
        if (this.encoded == null) {
            DerOutputStream out = new DerOutputStream();
            DerOutputStream tmp = new DerOutputStream();
            // encode encryption algorithm
            algid.encode(tmp);
            // encode encrypted data
            tmp.putOctetString(encryptedData);
            // wrap everything into a SEQUENCE
            out.write(DerValue.tag_Sequence, tmp);
            this.encoded = out.toByteArray();
        }
        return (byte[])this.encoded.clone();
}

Returns the ASN.1 encoding of this object.

 public byte[] getEncryptedData() {
        return (byte[])this.encryptedData.clone();
}

Returns the encrypted data.

 public PKCS8EncodedKeySpec getKeySpec(Cipher cipher) throws InvalidKeySpecException {
        byte[] encoded = null;
        try {
            encoded = cipher.doFinal((byte[])encryptedData);
            checkPKCS8Encoding(encoded);
        } catch (GeneralSecurityException gse) {
            InvalidKeySpecException ikse = new
                InvalidKeySpecException(
                    "Cannot retrieve the PKCS8EncodedKeySpec");
            ikse.initCause(gse);
            throw ikse;
        } catch (IOException ioe) {
            InvalidKeySpecException ikse = new
                InvalidKeySpecException(
                    "Cannot retrieve the PKCS8EncodedKeySpec");
            ikse.initCause(ioe);
            throw ikse;
        } catch (IllegalStateException ise) {
            InvalidKeySpecException ikse = new
                InvalidKeySpecException(
                    "Cannot retrieve the PKCS8EncodedKeySpec");
            ikse.initCause(ise);
            throw ikse;
        }
        return new PKCS8EncodedKeySpec(encoded);
}

cipher

 public PKCS8EncodedKeySpec getKeySpec(Key decryptKey) throws NoSuchAlgorithmException, InvalidKeyException {
        if (decryptKey == null) {
            throw new NullPointerException("decryptKey is null");
        }
        return getKeySpecImpl(decryptKey, null);
}

Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.

 public PKCS8EncodedKeySpec getKeySpec(Key decryptKey,
    String providerName) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException {
        if (decryptKey == null) {
            throw new NullPointerException("decryptKey is null");
        }
        if (providerName == null) {
            throw new NullPointerException("provider is null");
        }
        Provider provider = Security.getProvider(providerName);
        if (provider == null) {
            throw new NoSuchProviderException("provider " +
                providerName + " not found");
        }
        return getKeySpecImpl(decryptKey, provider);
}

Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.

 public PKCS8EncodedKeySpec getKeySpec(Key decryptKey,
    Provider provider) throws NoSuchAlgorithmException, InvalidKeyException {
        if (decryptKey == null) {
            throw new NullPointerException("decryptKey is null");
        }
        if (provider == null) {
            throw new NullPointerException("provider is null");
        }
        return getKeySpecImpl(decryptKey, provider);
}

Extract the enclosed PKCS8EncodedKeySpec object from the encrypted data and return it.