Class AESP12Generator

java.lang.Object
org.cryptacular.generator.AbstractP12Generator
org.cryptacular.generator.AESP12Generator
All Implemented Interfaces:
P12Generator

public class AESP12Generator extends AbstractP12Generator
Generates PKCS12 containers using the PBES2 algorithm with the AES-256-CBC cipher for encryption, which is the most portable and secure algorithm in use with PKCS12 at this time.
Author:
Marvin S. Addison
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final Set<org.bouncycastle.asn1.ASN1ObjectIdentifier>
    Set of supported digest algorithms.
  • Constructor Summary

    Constructors
    Constructor
    Description
    Creates a new instance that encrypts with AES-256-CBC and SHA256 using 2048 rounds of hashing.
    AESP12Generator(int iterations)
    Creates a new instance that encrypts with AES-256-CBC and SHA256 using the given number of hashing rounds.
    AESP12Generator(org.bouncycastle.asn1.ASN1ObjectIdentifier digestAlgId, int iterations)
    Creates a new instances that uses AES-256-CBC and the given digest algorithm to encrypt data.
  • Method Summary

    Modifier and Type
    Method
    Description
    protected org.bouncycastle.operator.OutputEncryptor
    dataOutputEncryptor(char[] password)
    Builds a new output encryptor that performs password-based encryption on encrypted data in the P12 file.
    protected org.bouncycastle.asn1.ASN1ObjectIdentifier
     
    protected DigestSpec
     
    int
     
    protected org.bouncycastle.operator.OutputEncryptor
    keyOutputEncryptor(char[] password)
    Builds a new output encryptor that performs password-based encryption on keys in the P12 file.

    Methods inherited from class org.cryptacular.generator.AbstractP12Generator

    generate, generate

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

    • SUPPORTED_DIGEST_ALGORITHMS

      public static final Set<org.bouncycastle.asn1.ASN1ObjectIdentifier> SUPPORTED_DIGEST_ALGORITHMS
      Set of supported digest algorithms.
  • Constructor Details

    • AESP12Generator

      public AESP12Generator()
      Creates a new instance that encrypts with AES-256-CBC and SHA256 using 2048 rounds of hashing.
    • AESP12Generator

      public AESP12Generator(int iterations)
      Creates a new instance that encrypts with AES-256-CBC and SHA256 using the given number of hashing rounds.
      Parameters:
      iterations - Number of rounds of encryption.
    • AESP12Generator

      public AESP12Generator(org.bouncycastle.asn1.ASN1ObjectIdentifier digestAlgId, int iterations)
      Creates a new instances that uses AES-256-CBC and the given digest algorithm to encrypt data.
      Parameters:
      digestAlgId - Digest algorithm identifier.
      iterations - Number of rounds of hashing.
  • Method Details

    • getIterations

      public int getIterations()
      Specified by:
      getIterations in class AbstractP12Generator
      Returns:
      Number of hashing rounds.
    • getDigestAlgorithmId

      protected org.bouncycastle.asn1.ASN1ObjectIdentifier getDigestAlgorithmId()
      Specified by:
      getDigestAlgorithmId in class AbstractP12Generator
      Returns:
      Digest algorithm object identifier.
    • getDigestSpec

      protected DigestSpec getDigestSpec()
      Specified by:
      getDigestSpec in class AbstractP12Generator
      Returns:
      Digest specification.
    • keyOutputEncryptor

      protected org.bouncycastle.operator.OutputEncryptor keyOutputEncryptor(char[] password)
      Description copied from class: AbstractP12Generator
      Builds a new output encryptor that performs password-based encryption on keys in the P12 file.
      Specified by:
      keyOutputEncryptor in class AbstractP12Generator
      Parameters:
      password - Password tha will the basis of an encryption key.
      Returns:
      Output encryptor.
    • dataOutputEncryptor

      protected org.bouncycastle.operator.OutputEncryptor dataOutputEncryptor(char[] password)
      Description copied from class: AbstractP12Generator
      Builds a new output encryptor that performs password-based encryption on encrypted data in the P12 file.
      Specified by:
      dataOutputEncryptor in class AbstractP12Generator
      Parameters:
      password - Password tha will the basis of an encryption key.
      Returns:
      Output encryptor.