Class CredentialFactory
- java.lang.Object
-
- com.adobe.internal.pdftoolkit.core.credentials.CredentialFactory
-
public class CredentialFactory extends java.lang.Object
The Credential Factory allows us to create credentials that can be used for encryption/digsig related functions.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static PrivateKeyHolder
computeJCEPrivateKey(PrivateKeyHolder privateKeyHolder)
Credentials
createCredentials(byte[] derEncodedPrivateKey, byte[] derEncodedCert, byte[][] derEncodedCertChain)
Create a new instance of aCredentials
object from der encoded bytes representing a private key, certificate, certificate chain.Credentials
createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain)
Create a new instance of aCredentials
object from a private key holder and bytes representing a DER encoded certificate and certificate chain.Credentials
createCredentials(PrivateKeyHolder privateKeyHolder, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] certChain)
Create a new instance of aCredentials
object from a PrivateKeyHolder, an explicit certificate and certificate chain.Credentials
createCredentials(java.security.KeyStore keyStore, java.lang.String alias, char[] password)
This method should not be used except for internal testing.Credentials
createCredentials(java.security.PrivateKey privateKey, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] certChain)
Create a new instance of aCredentials
object from a java private key, cert and certificate chain.Credentials
createEncryptionCredentials(byte[] derEncodedCert, byte[][] derEncodedCertChain)
Create a new instance of aCredentials
object for Encryption from the bytes representing a DER encoded certificate and certificate chain.static java.lang.String
getJCEProviderName(PrivateKeyHolder privateKeyHolder)
static CredentialFactory
newInstance()
-
-
-
Method Detail
-
newInstance
public static CredentialFactory newInstance()
-
createCredentials
public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] certChain) throws PDFInvalidParameterException
Create a new instance of aCredentials
object from a PrivateKeyHolder, an explicit certificate and certificate chain.- Parameters:
privateKeyHolder
- - A container for a private key. It can be be generated using thePrivateKeyHolderFactory
.cert
- - An X509 certificatecertChain
- - An array of certificates in the certificate chain.- Returns:
Credentials
- Throws:
PDFInvalidParameterException
-
createCredentials
public Credentials createCredentials(java.security.PrivateKey privateKey, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] certChain) throws PDFInvalidParameterException
Create a new instance of aCredentials
object from a java private key, cert and certificate chain.- Parameters:
privateKey
- - JCE private keycert
- - an X509 CertificatecertChain
- - an array of certificates- Returns:
Credentials
- Throws:
PDFInvalidParameterException
-
createCredentials
public Credentials createCredentials(byte[] derEncodedPrivateKey, byte[] derEncodedCert, byte[][] derEncodedCertChain) throws PDFInvalidParameterException
Create a new instance of aCredentials
object from der encoded bytes representing a private key, certificate, certificate chain. You cannot use this method if your signature algorithm is DSA. If signature algorithm is DSA use - public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain)- Parameters:
derEncodedPrivateKey
- - byte array representing a DER encoded PKCS8 unencrypted private keyderEncodedCert
- - byte array representing a DER encoded X509 certificatederEncodedCertChain
- - array of byte arrays representing a DER encoded certificate chain.- Returns:
Credentials
- Throws:
PDFInvalidParameterException
-
createCredentials
public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain) throws PDFInvalidParameterException
Create a new instance of aCredentials
object from a private key holder and bytes representing a DER encoded certificate and certificate chain.- Parameters:
privateKeyHolder
- - A container for a private key. It can be be generated using thePrivateKeyHolderFactory
.derEncodedCert
- - byte array representing a DER encoded X509 certificatederEncodedCertChain
- - array of byte arrays representing a DER encoded certificate chain.- Returns:
Credentials
- Throws:
PDFInvalidParameterException
-
createEncryptionCredentials
public Credentials createEncryptionCredentials(byte[] derEncodedCert, byte[][] derEncodedCertChain) throws PDFInvalidParameterException
Create a new instance of aCredentials
object for Encryption from the bytes representing a DER encoded certificate and certificate chain. ThisCredentials
object may be used for encryption only. It may not be used for decryption or Digital Signatures processing.This method may not be used on JDK 1.4.2 with public key length greater than 2048.
- Parameters:
derEncodedCert
- - byte array representing a DER encoded X509 certificatederEncodedCertChain
- - array of byte arrays representing a DER encoded certificate chain.- Returns:
Credentials
- Throws:
PDFInvalidParameterException
-
createCredentials
public Credentials createCredentials(java.security.KeyStore keyStore, java.lang.String alias, char[] password) throws PDFInvalidParameterException
This method should not be used except for internal testing. It will not work for HSM signing or when using the IBMJCE provider. public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain) should be used instead. Create a new instance of aCredentials
object from a keystore entry. This method is synchronized because the underlying KeyStore may not be thread safe.- Parameters:
keyStore
- the keystore containing the certificate and certificate chain.alias
- the alias (or name) of the entry within the keystore containing the certificate and certificate chain.password
- the password for recovering the key.- Returns:
Credentials
- Throws:
PDFInvalidParameterException
- if any of the input parameters specify an invalid or inaccessible entity.
-
computeJCEPrivateKey
public static PrivateKeyHolder computeJCEPrivateKey(PrivateKeyHolder privateKeyHolder) throws java.security.NoSuchAlgorithmException, java.security.spec.InvalidKeySpecException, PDFInvalidParameterException
- Throws:
java.security.NoSuchAlgorithmException
java.security.spec.InvalidKeySpecException
PDFInvalidParameterException
-
getJCEProviderName
public static java.lang.String getJCEProviderName(PrivateKeyHolder privateKeyHolder)
-
-