net.named_data.jndn.security

Class SafeBag

java.lang.Object

net.named_data.jndn.security.SafeBag

public class SafeBag
extends Object

A SafeBag represents a container for sensitive related information such as a certificate and private key.

Constructor Summary

Constructors

Constructor and Description
SafeBag(Data certificate, Blob privateKeyBag) Create a SafeBag with the given certificate and private key.
SafeBag(Name keyName, Blob privateKeyBag, Blob publicKeyEncoding) Create a SafeBag with given private key and a new self-signed certificate for the given public key, using DigestAlgorithm.SHA256 to sign it.
SafeBag(Name keyName, Blob privateKeyBag, Blob publicKeyEncoding, ByteBuffer password) Create a SafeBag with given private key and a new self-signed certificate for the given public key, using DigestAlgorithm.SHA256 to sign it.
SafeBag(Name keyName, Blob privateKeyBag, Blob publicKeyEncoding, ByteBuffer password, DigestAlgorithm digestAlgorithm) Create a SafeBag with given private key and a new self-signed certificate for the given public key.
SafeBag(Name keyName, Blob privateKeyBag, Blob publicKeyEncoding, ByteBuffer password, DigestAlgorithm digestAlgorithm, WireFormat wireFormat) Create a SafeBag with given private key and a new self-signed certificate for the given public key.

Method Summary

Modifier and Type	Method and Description
Data	getCertificate() Get the certificate data packet.
Blob	getPrivateKeyBag() Get the encoded private key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SafeBag

public SafeBag(Data certificate,
               Blob privateKeyBag)

Create a SafeBag with the given certificate and private key.

Parameters:

certificate - The certificate data packet. This copies the object.

privateKeyBag - The encoded private key. If encrypted, this is a PKCS #8 EncryptedPrivateKeyInfo. If not encrypted, this is an unencrypted PKCS #8 PrivateKeyInfo.

SafeBag

public SafeBag(Name keyName,
               Blob privateKeyBag,
               Blob publicKeyEncoding,
               ByteBuffer password,
               DigestAlgorithm digestAlgorithm,
               WireFormat wireFormat)
        throws TpmBackEnd.Error,
               Pib.Error

Create a SafeBag with given private key and a new self-signed certificate for the given public key.

Parameters:

keyName - The name of the public key. The certificate name will be {keyName}/self/{version} where the version is based on the current time. This copies the Name.

privateKeyBag - The encoded private key. If encrypted, this is a PKCS #8 EncryptedPrivateKeyInfo. If not encrypted, this is an unencrypted PKCS #8 PrivateKeyInfo.

publicKeyEncoding - The encoded public key for the certificate.

password - The password for decrypting the private key in order to sign the self-signed certificate. If the password is used to decrypt the PKCS #8 EncryptedPrivateKeyInfo.

digestAlgorithm - The digest algorithm for signing the self-signed certificate.

wireFormat - A WireFormat object used to encode the self-signed certificate in order to sign it.

Throws:

TpmBackEnd.Error

Pib.Error

SafeBag

public SafeBag(Name keyName,
               Blob privateKeyBag,
               Blob publicKeyEncoding,
               ByteBuffer password,
               DigestAlgorithm digestAlgorithm)
        throws TpmBackEnd.Error,
               Pib.Error

Create a SafeBag with given private key and a new self-signed certificate for the given public key. Use getDefaultWireFormat() to encode the self-signed certificate in order to sign it.

Parameters:

keyName - The name of the public key. The certificate name will be {keyName}/self/{version} where the version is based on the current time. This copies the Name.

privateKeyBag - The encoded private key. If encrypted, this is a PKCS #8 EncryptedPrivateKeyInfo. If not encrypted, this is an unencrypted PKCS #8 PrivateKeyInfo.

publicKeyEncoding - The encoded public key for the certificate.

password - The password for decrypting the private key in order to sign the self-signed certificate. If the password is used to decrypt the PKCS #8 EncryptedPrivateKeyInfo.

digestAlgorithm - The digest algorithm for signing the self-signed certificate.

Throws:

TpmBackEnd.Error

Pib.Error

SafeBag

public SafeBag(Name keyName,
               Blob privateKeyBag,
               Blob publicKeyEncoding,
               ByteBuffer password)
        throws TpmBackEnd.Error,
               Pib.Error

Create a SafeBag with given private key and a new self-signed certificate for the given public key, using DigestAlgorithm.SHA256 to sign it. Use getDefaultWireFormat() to encode the self-signed certificate in order to sign it.

Parameters:

keyName - The name of the public key. The certificate name will be {keyName}/self/{version} where the version is based on the current time. This copies the Name.

privateKeyBag - The encoded private key. If encrypted, this is a PKCS #8 EncryptedPrivateKeyInfo. If not encrypted, this is an unencrypted PKCS #8 PrivateKeyInfo.

publicKeyEncoding - The encoded public key for the certificate.

password - The password for decrypting the private key in order to sign the self-signed certificate. If the password is used to decrypt the PKCS #8 EncryptedPrivateKeyInfo.

Throws:

TpmBackEnd.Error

Pib.Error

SafeBag

public SafeBag(Name keyName,
               Blob privateKeyBag,
               Blob publicKeyEncoding)
        throws TpmBackEnd.Error,
               Pib.Error

Create a SafeBag with given private key and a new self-signed certificate for the given public key, using DigestAlgorithm.SHA256 to sign it. Use getDefaultWireFormat() to encode the self-signed certificate in order to sign it.

Parameters:

keyName - The name of the public key. The certificate name will be {keyName}/self/{version} where the version is based on the current time. This copies the Name.

privateKeyBag - The encoded private key, as an unencrypted PKCS #8 PrivateKeyInfo.

publicKeyEncoding - The encoded public key for the certificate.

Throws:

TpmBackEnd.Error

Pib.Error

Method Detail

getCertificate

public final Data getCertificate()

Get the certificate data packet.

Returns:

The certificate as a Data packet. If you need to process it as a certificate object then you must create a new CertificateV2(data).

getPrivateKeyBag

public final Blob getPrivateKeyBag()

Get the encoded private key.

Returns:

The encoded private key. If encrypted, this is a PKCS #8 EncryptedPrivateKeyInfo. If not encrypted, this is an unencrypted PKCS #8 PrivateKeyInfo.