public class

PKCS8Key

extends Object
implements PrivateKey
java.lang.Object
   ↳ sun.security.pkcs.PKCS8Key
Known Direct Subclasses

Class Overview

Holds a PKCS#8 key, for example a private key

Summary

[Expand]
Inherited Constants
From interface java.security.Key
From interface java.security.PrivateKey
Fields
protected AlgorithmId algid
protected byte[] encodedKey
protected byte[] key
public static final BigInteger version
Public Constructors
PKCS8Key()
Default constructor.
Public Methods
void decode(InputStream in)
Initialize an PKCS8Key object from an input stream.
void decode(byte[] encodedKey)
byte[] encode()
Returns the DER-encoded form of the key as a byte array.
final void encode(DerOutputStream out)
PKCS#8 sequence on the DER output stream.
boolean equals(Object object)
Compares two private keys.
String getAlgorithm()
Returns the algorithm to be used with this key.
AlgorithmId getAlgorithmId()
Returns the algorithm ID to be used with this key.
synchronized byte[] getEncoded()
Returns the DER-encoded form of the key as a byte array.
String getFormat()
Returns the format for this key: "PKCS#8"
int hashCode()
Calculates a hash code value for this object.
static PKCS8Key parse(DerValue in)
static PrivateKey parseKey(DerValue in)
Construct PKCS#8 subject public key from a DER value.
String toString()
Returns a string representation of the object.
Protected Methods
void parseKeyBits()
Parse the key bits.
Object writeReplace()
[Expand]
Inherited Methods
From class java.lang.Object
From interface java.security.Key

Fields

protected AlgorithmId algid

protected byte[] encodedKey

protected byte[] key

public static final BigInteger version

Public Constructors

public PKCS8Key ()

Default constructor. The key constructed must have its key and algorithm initialized before it may be used, for example by using decode.

Public Methods

public void decode (InputStream in)

Initialize an PKCS8Key object from an input stream. The data on that input stream must be encoded using DER, obeying the PKCS#8 format: a sequence consisting of a version, an algorithm ID and a bit string which holds the key. (That bit string is often used to encapsulate another DER encoded sequence.)

Subclasses should not normally redefine this method; they should instead provide a parseKeyBits method to parse any fields inside the key member.

Parameters
in an input stream with a DER-encoded PKCS#8 SubjectPublicKeyInfo value
Throws
InvalidKeyException if a parsing error occurs.

public void decode (byte[] encodedKey)

Throws
InvalidKeyException

public byte[] encode ()

Returns the DER-encoded form of the key as a byte array.

Throws
InvalidKeyException if an encoding error occurs.

public final void encode (DerOutputStream out)

PKCS#8 sequence on the DER output stream.

Throws
IOException

public boolean equals (Object object)

Compares two private keys. This returns false if the object with which to compare is not of type Key. Otherwise, the encoding of this key object is compared with the encoding of the given key object.

Parameters
object the object with which to compare
Returns
  • true if this key has the same encoding as the object argument; false otherwise.

public String getAlgorithm ()

Returns the algorithm to be used with this key.

Returns
  • the name of the algorithm associated with this key.

public AlgorithmId getAlgorithmId ()

Returns the algorithm ID to be used with this key.

public synchronized byte[] getEncoded ()

Returns the DER-encoded form of the key as a byte array.

Returns
  • the encoded key, or null if the key does not support encoding.

public String getFormat ()

Returns the format for this key: "PKCS#8"

Returns
  • the primary encoding format of the key.

public int hashCode ()

Calculates a hash code value for this object. Objects which are equal will also have the same hashcode.

Returns
  • a hash code value for this object.

public static PKCS8Key parse (DerValue in)

Throws
IOException

public static PrivateKey parseKey (DerValue in)

Construct PKCS#8 subject public key from a DER value. If the runtime environment is configured with a specific class for this kind of key, a subclass is returned. Otherwise, a generic PKCS8Key object is returned.

This mechanism gurantees that keys (and algorithms) may be freely manipulated and transferred, without risk of losing information. Also, when a key (or algorithm) needs some special handling, that specific need can be accomodated.

Parameters
in the DER-encoded SubjectPublicKeyInfo value
Throws
IOException on data format errors

public String toString ()

Returns a string representation of the object. In general, the toString method returns a string that "textually represents" this object. The result should be a concise but informative representation that is easy for a person to read. It is recommended that all subclasses override this method.

The toString method for class Object returns a string consisting of the name of the class of which the object is an instance, the at-sign character `@', and the unsigned hexadecimal representation of the hash code of the object. In other words, this method returns a string equal to the value of: 

 getClass().getName() + '@' + Integer.toHexString(hashCode())

Returns
  • a string representation of the object.

Protected Methods

protected void parseKeyBits ()

Parse the key bits. This may be redefined by subclasses to take advantage of structure within the key. For example, RSA public keys encapsulate two unsigned integers (modulus and exponent) as DER values within the key bits; Diffie-Hellman and DSS/DSA keys encapsulate a single unsigned integer.

This function is called when creating PKCS#8 SubjectPublicKeyInfo values using the PKCS8Key member functions, such as parse and decode.

Throws
IOException if a parsing error occurs.
InvalidKeyException if the key encoding is invalid.

protected Object writeReplace ()

Throws
ObjectStreamException