Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography 1.47
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.bouncycastle.pkcs
Class PKCS12PfxPduBuilder

java.lang.Object
  extended by org.bouncycastle.pkcs.PKCS12PfxPduBuilder

public class PKCS12PfxPduBuilder
extends java.lang.Object

A builder for the PKCS#12 Pfx key and certificate store.

For example: you can build a basic key store for the user owning privKey as follows: 

      X509Certificate[] chain = ....
      PublicKey         pubKey = ....
      PrivateKey        privKey = ....
      JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();

      PKCS12SafeBagBuilder taCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[2]);

      taCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Primary Certificate"));

      PKCS12SafeBagBuilder caCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[1]);

      caCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Intermediate Certificate"));

      PKCS12SafeBagBuilder eeCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[0]);

      eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
      eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));

      PKCS12SafeBagBuilder keyBagBuilder = new JcaPKCS12SafeBagBuilder(privKey, new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(passwd));

      keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
      keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));

      //
      // construct the actual key store
      //
      PKCS12PfxPduBuilder pfxPduBuilder = new PKCS12PfxPduBuilder();

      PKCS12SafeBag[] certs = new PKCS12SafeBag[3];

      certs[0] = eeCertBagBuilder.build();
      certs[1] = caCertBagBuilder.build();
      certs[2] = taCertBagBuilder.build();

      pfxPduBuilder.addEncryptedData(new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, new CBCBlockCipher(new RC2Engine())).build(passwd), certs);

      pfxPduBuilder.addData(keyBagBuilder.build());

      PKCS12PfxPdu pfx = pfxPduBuilder.build(new BcPKCS12MacCalculatorBuilder(), passwd);

Constructor Summary
PKCS12PfxPduBuilder()
           
 
Method Summary
 PKCS12PfxPduBuilder addData(PKCS12SafeBag data)
          Add a SafeBag that is to be included as is.
 PKCS12PfxPduBuilder addEncryptedData(org.bouncycastle.operator.OutputEncryptor dataEncryptor, PKCS12SafeBag data)
          Add a SafeBag that is to be wrapped in a EncryptedData object.
 PKCS12PfxPduBuilder addEncryptedData(org.bouncycastle.operator.OutputEncryptor dataEncryptor, PKCS12SafeBag[] data)
          Add a set of SafeBags that are to be wrapped in a EncryptedData object.
 PKCS12PfxPdu build(PKCS12MacCalculatorBuilder macCalcBuilder, char[] password)
          Build the Pfx structure, protecting it with a MAC calculated against the passed in password.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PKCS12PfxPduBuilder

public PKCS12PfxPduBuilder()
Method Detail

addData

public PKCS12PfxPduBuilder addData(PKCS12SafeBag data)
                            throws java.io.IOException
Add a SafeBag that is to be included as is.

Parameters:
data - the SafeBag to add.
Returns:
this builder.
Throws:
java.io.IOException

addEncryptedData

public PKCS12PfxPduBuilder addEncryptedData(org.bouncycastle.operator.OutputEncryptor dataEncryptor,
                                            PKCS12SafeBag data)
                                     throws java.io.IOException
Add a SafeBag that is to be wrapped in a EncryptedData object.

Parameters:
dataEncryptor - the encryptor to use for encoding the data.
data - the SafeBag to include.
Returns:
this builder.
Throws:
java.io.IOException - if a issue occurs processing the data.

addEncryptedData

public PKCS12PfxPduBuilder addEncryptedData(org.bouncycastle.operator.OutputEncryptor dataEncryptor,
                                            PKCS12SafeBag[] data)
                                     throws java.io.IOException
Add a set of SafeBags that are to be wrapped in a EncryptedData object.

Parameters:
dataEncryptor - the encryptor to use for encoding the data.
data - the SafeBags to include.
Returns:
this builder.
Throws:
java.io.IOException - if a issue occurs processing the data.

build

public PKCS12PfxPdu build(PKCS12MacCalculatorBuilder macCalcBuilder,
                          char[] password)
                   throws PKCSException
Build the Pfx structure, protecting it with a MAC calculated against the passed in password.

Parameters:
macCalcBuilder - a builder for a PKCS12 mac calculator.
password - the password to use.
Returns:
a Pfx object.
Throws:
PKCSException - on a encoding or processing error.
Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography 1.47
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD