Package com.adobe.internal.pdftoolkit.core.credentials

Class CredentialFactory

  • public class CredentialFactory
extends java.lang.Object
    The Credential Factory allows us to create credentials that can be used for encryption/digsig related functions.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static PrivateKeyHolder computeJCEPrivateKey​(PrivateKeyHolder privateKeyHolder)  
      Credentials createCredentials​(byte[] derEncodedPrivateKey, byte[] derEncodedCert, byte[][] derEncodedCertChain)
      Create a new instance of a Credentials object from der encoded bytes representing a private key, certificate, certificate chain.
      Credentials createCredentials​(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain)
      Create a new instance of a Credentials object from a private key holder and bytes representing a DER encoded certificate and certificate chain.
      Credentials createCredentials​(PrivateKeyHolder privateKeyHolder, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] certChain)
      Create a new instance of a Credentials object from a PrivateKeyHolder, an explicit certificate and certificate chain.
      Credentials createCredentials​(java.security.KeyStore keyStore, java.lang.String alias, char[] password)
      This method should not be used except for internal testing.
      Credentials createCredentials​(java.security.PrivateKey privateKey, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] certChain)
      Create a new instance of a Credentials object from a java private key, cert and certificate chain.
      Credentials createEncryptionCredentials​(byte[] derEncodedCert, byte[][] derEncodedCertChain)
      Create a new instance of a Credentials object for Encryption from the bytes representing a DER encoded certificate and certificate chain.
      static java.lang.String getJCEProviderName​(PrivateKeyHolder privateKeyHolder)  
      static CredentialFactory newInstance()  

      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • createCredentials

        public Credentials createCredentials​(PrivateKeyHolder privateKeyHolder,
                                     java.security.cert.X509Certificate cert,
                                     java.security.cert.Certificate[] certChain)
                              throws PDFInvalidParameterException
        Create a new instance of a Credentials object from a PrivateKeyHolder, an explicit certificate and certificate chain.
        Parameters:
        privateKeyHolder - - A container for a private key. It can be be generated using the PrivateKeyHolderFactory.
        cert - - An X509 certificate
        certChain - - An array of certificates in the certificate chain.
        Returns:
        Credentials
        Throws:
        PDFInvalidParameterException

      • createCredentials

        public Credentials createCredentials​(java.security.PrivateKey privateKey,
                                     java.security.cert.X509Certificate cert,
                                     java.security.cert.Certificate[] certChain)
                              throws PDFInvalidParameterException
        Create a new instance of a Credentials object from a java private key, cert and certificate chain.
        Parameters:
        privateKey - - JCE private key
        cert - - an X509 Certificate
        certChain - - an array of certificates
        Returns:
        Credentials
        Throws:
        PDFInvalidParameterException

      • createCredentials

        public Credentials createCredentials​(byte[] derEncodedPrivateKey,
                                     byte[] derEncodedCert,
                                     byte[][] derEncodedCertChain)
                              throws PDFInvalidParameterException
        Create a new instance of a Credentials object from der encoded bytes representing a private key, certificate, certificate chain. You cannot use this method if your signature algorithm is DSA. If signature algorithm is DSA use - public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain)
        Parameters:
        derEncodedPrivateKey - - byte array representing a DER encoded PKCS8 unencrypted private key
        derEncodedCert - - byte array representing a DER encoded X509 certificate
        derEncodedCertChain - - array of byte arrays representing a DER encoded certificate chain.
        Returns:
        Credentials
        Throws:
        PDFInvalidParameterException

      • createCredentials

        public Credentials createCredentials​(PrivateKeyHolder privateKeyHolder,
                                     byte[] derEncodedCert,
                                     byte[][] derEncodedCertChain)
                              throws PDFInvalidParameterException
        Create a new instance of a Credentials object from a private key holder and bytes representing a DER encoded certificate and certificate chain.
        Parameters:
        privateKeyHolder - - A container for a private key. It can be be generated using the PrivateKeyHolderFactory.
        derEncodedCert - - byte array representing a DER encoded X509 certificate
        derEncodedCertChain - - array of byte arrays representing a DER encoded certificate chain.
        Returns:
        Credentials
        Throws:
        PDFInvalidParameterException

      • createEncryptionCredentials

        public Credentials createEncryptionCredentials​(byte[] derEncodedCert,
                                               byte[][] derEncodedCertChain)
                                        throws PDFInvalidParameterException
        Create a new instance of a Credentials object for Encryption from the bytes representing a DER encoded certificate and certificate chain. This Credentials object may be used for encryption only. It may not be used for decryption or Digital Signatures processing.

        This method may not be used on JDK 1.4.2 with public key length greater than 2048.

        Parameters:
        derEncodedCert - - byte array representing a DER encoded X509 certificate
        derEncodedCertChain - - array of byte arrays representing a DER encoded certificate chain.
        Returns:
        Credentials
        Throws:
        PDFInvalidParameterException

      • createCredentials

        public Credentials createCredentials​(java.security.KeyStore keyStore,
                                     java.lang.String alias,
                                     char[] password)
                              throws PDFInvalidParameterException
        This method should not be used except for internal testing. It will not work for HSM signing or when using the IBMJCE provider. public Credentials createCredentials(PrivateKeyHolder privateKeyHolder, byte[] derEncodedCert, byte[][] derEncodedCertChain) should be used instead. Create a new instance of a Credentials object from a keystore entry. This method is synchronized because the underlying KeyStore may not be thread safe.
        Parameters:
        keyStore - the keystore containing the certificate and certificate chain.
        alias - the alias (or name) of the entry within the keystore containing the certificate and certificate chain.
        password - the password for recovering the key.
        Returns:
        Credentials
        Throws:
        PDFInvalidParameterException - if any of the input parameters specify an invalid or inaccessible entity.

      • getJCEProviderName

        public static java.lang.String getJCEProviderName​(PrivateKeyHolder privateKeyHolder)