com.adobe.internal.pdftoolkit.core.credentials

Class CredentialFactory

java.lang.Object

com.adobe.internal.pdftoolkit.core.credentials.CredentialFactory

public class CredentialFactory
extends Object

The Credential Factory allows us to create credentials that can be used for encryption/digsig related functions.

Method Summary

Modifier and Type	Method and Description
static PrivateKeyHolder	computeJCEPrivateKey(PrivateKeyHolder privateKeyHolder)
Credentials	createCredentials(byte[] derEncodedPrivateKey, byte[] derEncodedCert, byte[][] derEncodedCertChain) Create a new instance of a Credentials object from der encoded bytes representing a private key, certificate, certificate chain.
Credentials	createCredentials(KeyStore keyStore, String alias, char[] password) This method should not be used except for internal testing.
Credentials	createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain) Create a new instance of a Credentials object from a private key holder and bytes representing a DER encoded certificate and certificate chain.
Credentials	createCredentials(PrivateKeyHolder privateKeyHolder, X509Certificate cert, Certificate[] certChain) Create a new instance of a Credentials object from a PrivateKeyHolder, an explicit certificate and certificate chain.
Credentials	createCredentials(PrivateKey privateKey, X509Certificate cert, Certificate[] certChain) Create a new instance of a Credentials object from a java private key, cert and certificate chain.
Credentials	createEncryptionCredentials(byte[] derEncodedCert, byte[][] derEncodedCertChain) Create a new instance of a Credentials object for Encryption from the bytes representing a DER encoded certificate and certificate chain.
static String	getJCEProviderName(PrivateKeyHolder privateKeyHolder)
static CredentialFactory	newInstance()

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

newInstance

public static CredentialFactory newInstance()

createCredentials

public Credentials createCredentials(PrivateKeyHolder privateKeyHolder,
                                     X509Certificate cert,
                                     Certificate[] certChain)
                              throws PDFInvalidParameterException

Create a new instance of a Credentials object from a PrivateKeyHolder, an explicit certificate and certificate chain.

Parameters:

privateKeyHolder - - A container for a private key. It can be be generated using the PrivateKeyHolderFactory.

cert - - An X509 certificate

certChain - - An array of certificates in the certificate chain.

Returns:

Credentials

Throws:

PDFInvalidParameterException

createCredentials

public Credentials createCredentials(PrivateKey privateKey,
                                     X509Certificate cert,
                                     Certificate[] certChain)
                              throws PDFInvalidParameterException

Create a new instance of a Credentials object from a java private key, cert and certificate chain.

Parameters:

privateKey - - JCE private key

cert - - an X509 Certificate

certChain - - an array of certificates

Returns:

Credentials

Throws:

PDFInvalidParameterException

createCredentials

public Credentials createCredentials(byte[] derEncodedPrivateKey,
                                     byte[] derEncodedCert,
                                     byte[][] derEncodedCertChain)
                              throws PDFInvalidParameterException

Create a new instance of a Credentials object from der encoded bytes representing a private key, certificate, certificate chain. You cannot use this method if your signature algorithm is DSA. If signature algorithm is DSA use - public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain)

Parameters:

derEncodedPrivateKey - - byte array representing a DER encoded PKCS8 unencrypted private key

derEncodedCert - - byte array representing a DER encoded X509 certificate

derEncodedCertChain - - array of byte arrays representing a DER encoded certificate chain.

Returns:

Credentials

Throws:

PDFInvalidParameterException

createCredentials

public Credentials createCredentials(PrivateKeyHolder privateKeyHolder,
                                     byte[] derEncodedCert,
                                     byte[][] derEncodedCertChain)
                              throws PDFInvalidParameterException

Create a new instance of a Credentials object from a private key holder and bytes representing a DER encoded certificate and certificate chain.

Parameters:

privateKeyHolder - - A container for a private key. It can be be generated using the PrivateKeyHolderFactory.

derEncodedCert - - byte array representing a DER encoded X509 certificate

derEncodedCertChain - - array of byte arrays representing a DER encoded certificate chain.

Returns:

Credentials

Throws:

PDFInvalidParameterException

createEncryptionCredentials

public Credentials createEncryptionCredentials(byte[] derEncodedCert,
                                               byte[][] derEncodedCertChain)
                                        throws PDFInvalidParameterException

Create a new instance of a Credentials object for Encryption from the bytes representing a DER encoded certificate and certificate chain. This Credentials object may be used for encryption only. It may not be used for decryption or Digital Signatures processing.

This method may not be used on JDK 1.4.2 with public key length greater than 2048.

Parameters:

derEncodedCert - - byte array representing a DER encoded X509 certificate

derEncodedCertChain - - array of byte arrays representing a DER encoded certificate chain.

Returns:

Credentials

Throws:

PDFInvalidParameterException

createCredentials

public Credentials createCredentials(KeyStore keyStore,
                                     String alias,
                                     char[] password)
                              throws PDFInvalidParameterException

This method should not be used except for internal testing. It will not work for HSM signing or when using the IBMJCE provider. public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain) should be used instead. Create a new instance of a Credentials object from a keystore entry. This method is synchronized because the underlying KeyStore may not be thread safe.

Parameters:

keyStore - the keystore containing the certificate and certificate chain.

alias - the alias (or name) of the entry within the keystore containing the certificate and certificate chain.

password - the password for recovering the key.

Returns:

Credentials

Throws:

PDFInvalidParameterException - if any of the input parameters specify an invalid or inaccessible entity.

computeJCEPrivateKey

public static PrivateKeyHolder computeJCEPrivateKey(PrivateKeyHolder privateKeyHolder)
                                             throws NoSuchAlgorithmException,
                                                    InvalidKeySpecException,
                                                    PDFInvalidParameterException

Throws:

NoSuchAlgorithmException

InvalidKeySpecException

PDFInvalidParameterException

getJCEProviderName

public static String getJCEProviderName(PrivateKeyHolder privateKeyHolder)