iaik.pkcs.pkcs8

Class PrivateKeyInfo

java.lang.Object

iaik.pkcs.pkcs8.PrivateKeyInfo

All Implemented Interfaces:

ASN1Type, java.io.Serializable, java.security.Key, java.security.PrivateKey

Direct Known Subclasses:

DHPrivateKey, DSAPrivateKey, ECDSAPrivateKey, EcPrivateKey, ESDHPrivateKey, RSAPrivateKey

public abstract class PrivateKeyInfo
extends java.lang.Object
implements java.io.Serializable, ASN1Type, java.security.PrivateKey

This class implements the Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification Version 1.2 (RFC 5208) for storing private keys.

A Private-key information according to PKCS#8 combines a private key (of a public-key algorithm) and some attributes, which are used for developing trust in information like public keys from top-level certification authorities (see http://www.imc.org/rfc5208). PKCS#8 defines PrivateKeyInfo as an ASN.1 SEQUENCE containing the following components:

 PrivateKeyInfo ::= SEQUENCE {
   version Version,
   privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
   privateKey PrivateKey
   attributes [0] IMPLICIT Attributes OPTIONAL }
 

where:

 Version ::= INTEGER   -- Syntax Version Number
 PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier  -- private key algorithm, e.g. rsaEncryption from PKCS#1
 PrivateKey ::= OCTET STRING   -- the value of the private key, e.g. a BER encoded RSAPrivateKey value
 Attributes ::= SET OF Attribute  -- additional information, encrypted together with the private-key information
 

This class may be extended for every particular private key implemetation wishing to support PKCS#8 PrivateKeyInfo.

This class provides a variety of methods for creating, parsing, de- and encoding private key informations.

See Also:

DHPrivateKey, DSAPrivateKey, RSAPrivateKey, Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected AlgorithmID	private_key_algorithm Identifies the appertaining private-key algorithm.
protected ASN1	private_key_info

Fields inherited from interface java.security.PrivateKey

serialVersionUID

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	PrivateKeyInfo() Default Constructor for derived classes.
	PrivateKeyInfo(ASN1Object obj) Creates a new PrivateKeyInfo from an ASN1Object.
	PrivateKeyInfo(byte[] arr) Creates a new PrivateKeyInfo from a byte array.
	PrivateKeyInfo(java.io.InputStream is) Creates a new PrivateKeyInfo from an InputStream.

Method Summary

Methods

Modifier and Type	Method and Description
protected void	createPrivateKeyInfo() Creates a PrivateKeyInfo ASN.1 data structure (PKCS#8).
void	decode(ASN1Object obj) Decodes the given ASN.1 PrivateKeyInfo object for parsing the internal structure.
protected abstract void	decode(byte[] privateKey) Abstract method to be implemented for decoding a DER encoded private key.
protected abstract byte[]	encode() Abstract method to be implemented for encoding this private key according to DER.
boolean	equals(java.lang.Object obj) Compares this private key to another private key.
abstract java.lang.String	getAlgorithm() Returns the name of the algorithm.
byte[]	getEncoded() Returns this PrivateKeyInfo as a DER encoded ASN.1 data structure.
java.lang.String	getFormat() Returns the name of the encoding format..
static java.security.PrivateKey	getPrivateKey(ASN1Object privateKeyInfo) Creates a PrivateKeyInfo from an ASN1Object.
static java.security.PrivateKey	getPrivateKey(byte[] privateKeyInfo) Creates a PrivateKey from a DER encoded byte array in PKCS#8 PrivateKeyInfo format.
ASN1Object	toASN1Object() Returns this PrivateKeyInfo as ASN1Object.
java.lang.String	toString() Returns a string that represents the contents of this private key.
void	writeTo(java.io.OutputStream os) Writes this private key to an output stream.

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

private_key_info

protected ASN1 private_key_info

private_key_algorithm

protected AlgorithmID private_key_algorithm

Identifies the appertaining private-key algorithm.

Constructor Detail

PrivateKeyInfo

protected PrivateKeyInfo()

Default Constructor for derived classes.

PrivateKeyInfo

public PrivateKeyInfo(ASN1Object obj)
               throws java.security.InvalidKeyException

Creates a new PrivateKeyInfo from an ASN1Object.

This constructor may be used for parsing an already existing PrivateKeyInfo object, supplied as ASN1Object that may have been created by calling toASN1Object.

Parameters:

obj - the PrivateKeyInfo as ASN1Object

Throws:

java.security.InvalidKeyException - if the data can not be parsed

PrivateKeyInfo

public PrivateKeyInfo(java.io.InputStream is)
               throws java.security.InvalidKeyException,
                      java.io.IOException

Creates a new PrivateKeyInfo from an InputStream.

This constructor reads a PrivateKeyInfo previously written with method writeTo. This constructor cannot be used to read a serialized object.

Parameters:

is - the input stream from where the PrivateKeyInfo shall be read

Throws:

java.security.InvalidKeyException - if the data can not be parsed

java.io.IOException - if an I/O error occurs

PrivateKeyInfo

public PrivateKeyInfo(byte[] arr)
               throws java.security.InvalidKeyException

Creates a new PrivateKeyInfo from a byte array.

This constructor may be used for parsing an already existing PrivateKeyInfo object, supplied as DER encoded ASN.1 structure, which may have been created by calling the getEncoded method of this class.

Parameters:

arr - the array containing the encoded PrivateKeyInfo

Throws:

java.security.InvalidKeyException - if the data can not be parsed

Method Detail

decode

protected abstract void decode(byte[] privateKey)
                        throws java.security.InvalidKeyException

Abstract method to be implemented for decoding a DER encoded private key.

Parameters:

privateKey - the private key as DER encoded byte array

Throws:

java.security.InvalidKeyException - if the does not match to the implemented public-key algorithm

encode

protected abstract byte[] encode()

Abstract method to be implemented for encoding this private key according to DER.

Returns:

the private key as a DER encoded ASN.1 data structure

getAlgorithm

public abstract java.lang.String getAlgorithm()

Returns the name of the algorithm.

Specified by:

getAlgorithm in interface java.security.Key

Returns:

the name of the algorithm

decode

public void decode(ASN1Object obj)
            throws CodingException

Decodes the given ASN.1 PrivateKeyInfo object for parsing the internal structure.

This method implements the ASN1Type interface and internally is called when creating a PKCS#8 PrivateKeyInfo object from an already existing PrivateKeyInfo object, supplied as ASN1Object or DER encoded ASN1Object.

Specified by:

decode in interface ASN1Type

Parameters:

obj - the PrivateKeyInfo as ASN1Object

Throws:

CodingException - if the ASN1Object could not be parsed

createPrivateKeyInfo

protected void createPrivateKeyInfo()

Creates a PrivateKeyInfo ASN.1 data structure (PKCS#8).

This method is called by extending classes for creating a PrivateKeyInfo. This method creates a PrivateKeyInfo as an ASN.1 SEQUENCE object with components as specified in the Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification Version 1.2 (RFC 5208):

• Version (integer)
• PrivateKeyAlgorithmIdentifier
• PrivateKey (OCTET STRING)
• Attributes (SET Of Attribute; optional)

getPrivateKey

public static java.security.PrivateKey getPrivateKey(ASN1Object privateKeyInfo)
                                              throws java.security.InvalidKeyException

Creates a PrivateKeyInfo from an ASN1Object.

This is a static method and therefore may be called for creating a PrivateKeyInfo from the given ASN1Object without explicitly instantiating this class, e.g:

 PrivateKeyInfo priv_ki = PrivateKeyInfo.getPrivateKeyInfo(asn1_obj);
 

The given ASN1Object represents an already existing PrivateKeyInfo object, and may have been created by calling toASN1Object.

This method uses a KeyFactory for the registered algorithm to create the PrivateKeyInfo from the DER encoding of the supplied ASN1Object.

Parameters:

privateKeyInfo - the PrivateKeyInfo as ASN1Object

Returns:

a RSAPrivateKey, DSAPrivateKey or DHPrivateKey, depending on the AgorithmID inherent to the given ASN1Object

Throws:

java.security.InvalidKeyException - if the ASN1Object cannot be parsed or the inherent AlgorithmID does not match to any implemented private-key algorithm

getPrivateKey

public static java.security.PrivateKey getPrivateKey(byte[] privateKeyInfo)
                                              throws java.security.InvalidKeyException

Creates a PrivateKey from a DER encoded byte array in PKCS#8 PrivateKeyInfo format. This is a static method and therefore may be called for creating a PrivateKey from the given DER encoded ASN1Object without explicitly instantiating this class, e.g:

 PrivateKey priv_ki = PrivateKeyInfo.getPrivateKey(key_array);
 

This method uses a KeyFactory for the registered algorithm to create the PrivateKey from the supplied DER encoded byte array.

Parameters:

privateKey - the PrivateKey as DER encoded byte array

Returns:

a RSAPrivateKey, DSAPrivateKey or DHPrivateKey, depending on the AgorithmID inherent to the given privateKeyInfo

Throws:

java.security.InvalidKeyException - if the privateKey cannot be parsed

toASN1Object

public ASN1Object toASN1Object()

Returns this PrivateKeyInfo as ASN1Object.

Specified by:

toASN1Object in interface ASN1Type

Returns:

this PrivateKeyInfo as ASN1Object

equals

public boolean equals(java.lang.Object obj)

Compares this private key to another private key. This method simply compares der DER encoded version of the keys.

Overrides:

equals in class java.lang.Object

Returns:

true, if the 2 private keys are equal, false otherwise

getEncoded

public byte[] getEncoded()

Returns this PrivateKeyInfo as a DER encoded ASN.1 data structure.

Specified by:

getEncoded in interface java.security.Key

Returns:

this PrivateKeyInfo as DER encoded byte array

getFormat

public java.lang.String getFormat()

Returns the name of the encoding format..

Specified by:

getFormat in interface java.security.Key

Returns:

the string "PKCS#8"

writeTo

public void writeTo(java.io.OutputStream os)
             throws java.io.IOException

Writes this private key to an output stream.

Parameters:

os - the output stream

Throws:

java.io.IOException - if an I/O error occurs

toString

public java.lang.String toString()

Returns a string that represents the contents of this private key.

Overrides:

toString in class java.lang.Object

Returns:

the string representation