public class PKCS12PfxPduBuilder
extends java.lang.Object
For example: you can build a basic key store for the user owning privKey as follows:
X509Certificate[] chain = ....
PublicKey pubKey = ....
PrivateKey privKey = ....
JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
PKCS12SafeBagBuilder taCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[2]);
taCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Primary Certificate"));
PKCS12SafeBagBuilder caCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[1]);
caCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Intermediate Certificate"));
PKCS12SafeBagBuilder eeCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[0]);
eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));
PKCS12SafeBagBuilder keyBagBuilder = new JcaPKCS12SafeBagBuilder(privKey, new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(passwd));
keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));
//
// construct the actual key store
//
PKCS12PfxPduBuilder pfxPduBuilder = new PKCS12PfxPduBuilder();
PKCS12SafeBag[] certs = new PKCS12SafeBag[3];
certs[0] = eeCertBagBuilder.build();
certs[1] = caCertBagBuilder.build();
certs[2] = taCertBagBuilder.build();
pfxPduBuilder.addEncryptedData(new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, new CBCBlockCipher(new RC2Engine())).build(passwd), certs);
pfxPduBuilder.addData(keyBagBuilder.build());
PKCS12PfxPdu pfx = pfxPduBuilder.build(new BcPKCS12MacCalculatorBuilder(), passwd);
| Constructor and Description |
|---|
PKCS12PfxPduBuilder() |
| Modifier and Type | Method and Description |
|---|---|
PKCS12PfxPduBuilder |
addData(PKCS12SafeBag data)
Add a SafeBag that is to be included as is.
|
PKCS12PfxPduBuilder |
addEncryptedData(OutputEncryptor dataEncryptor,
PKCS12SafeBag data)
Add a SafeBag that is to be wrapped in a EncryptedData object.
|
PKCS12PfxPduBuilder |
addEncryptedData(OutputEncryptor dataEncryptor,
PKCS12SafeBag[] data)
Add a set of SafeBags that are to be wrapped in a EncryptedData object.
|
PKCS12PfxPdu |
build(PKCS12MacCalculatorBuilder macCalcBuilder,
char[] password)
Build the Pfx structure, protecting it with a MAC calculated against the passed in password.
|
public PKCS12PfxPduBuilder addData(PKCS12SafeBag data) throws java.io.IOException
data - the SafeBag to add.java.io.IOExceptionpublic PKCS12PfxPduBuilder addEncryptedData(OutputEncryptor dataEncryptor, PKCS12SafeBag data) throws java.io.IOException
dataEncryptor - the encryptor to use for encoding the data.data - the SafeBag to include.java.io.IOException - if a issue occurs processing the data.public PKCS12PfxPduBuilder addEncryptedData(OutputEncryptor dataEncryptor, PKCS12SafeBag[] data) throws java.io.IOException
dataEncryptor - the encryptor to use for encoding the data.data - the SafeBags to include.java.io.IOException - if a issue occurs processing the data.public PKCS12PfxPdu build(PKCS12MacCalculatorBuilder macCalcBuilder, char[] password) throws PKCSException
macCalcBuilder - a builder for a PKCS12 mac calculator.password - the password to use.PKCSException - on a encoding or processing error.