Package org.conscrypt

Class OpenSSLKey

java.lang.Object

org.conscrypt.OpenSSLKey

final class OpenSSLKey
extends java.lang.Object

Represents a BoringSSL EVP_PKEY.

Field Summary

Fields

Modifier and Type	Field	Description
private NativeRef.EVP_PKEY	ctx
private boolean	hardwareBacked
private boolean	wrapped

Constructor Summary

Constructors

Constructor	Description
OpenSSLKey(long ctx)
OpenSSLKey(long ctx, boolean wrapped)
OpenSSLKey(long ctx, boolean wrapped, boolean hardwareBacked)

Method Summary

Modifier and Type	Method	Description
boolean	equals(java.lang.Object o)
(package private) static OpenSSLKey	fromECPrivateKeyForTLSStackOnly(java.security.PrivateKey key, java.security.spec.ECParameterSpec ecParams)	Gets an OpenSSLKey instance backed by the provided EC private key.
private static OpenSSLKey	fromKeyMaterial(java.security.PrivateKey key)	Gets an OpenSSLKey instance initialized with the key material of the provided key.
(package private) static OpenSSLKey	fromPrivateKey(java.security.PrivateKey key)
(package private) static OpenSSLKey	fromPrivateKeyForTLSStackOnly(java.security.PrivateKey privateKey, java.security.PublicKey publicKey)	Gets an OpenSSLKey instance backed by the provided private key.
(package private) static OpenSSLKey	fromPrivateKeyPemInputStream(java.io.InputStream is)	Parse a private key in PEM encoding from the provided input stream.
(package private) static OpenSSLKey	fromPublicKey(java.security.PublicKey key)
(package private) static OpenSSLKey	fromPublicKeyPemInputStream(java.io.InputStream is)	Parse a public key in PEM encoding from the provided input stream.
(package private) NativeRef.EVP_PKEY	getNativeRef()	Returns the EVP_PKEY context for use in JNI calls.
private static OpenSSLKey	getOpenSSLKey(java.security.PrivateKey key)	Gets the OpenSSLKey instance of the provided key.
(package private) java.security.PrivateKey	getPrivateKey()
(package private) static java.security.PrivateKey	getPrivateKey(java.security.spec.PKCS8EncodedKeySpec keySpec, int type)
(package private) java.security.PublicKey	getPublicKey()
(package private) static java.security.PublicKey	getPublicKey(java.security.spec.X509EncodedKeySpec keySpec, int type)
int	hashCode()
(package private) boolean	isHardwareBacked()
(package private) boolean	isWrapped()
private static OpenSSLKey	wrapJCAPrivateKeyForTLSStackOnly(java.security.PrivateKey privateKey, java.security.PublicKey publicKey)	Wraps the provided private key for use in the TLS/SSL stack only.
private static OpenSSLKey	wrapPrivateKey(java.security.PrivateKey key)

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Field Detail

ctx

private final NativeRef.EVP_PKEY ctx

wrapped

private final boolean wrapped

hardwareBacked

private final boolean hardwareBacked

Constructor Detail

OpenSSLKey

OpenSSLKey(long ctx)

OpenSSLKey

OpenSSLKey(long ctx,
           boolean wrapped)

OpenSSLKey

OpenSSLKey(long ctx,
           boolean wrapped,
           boolean hardwareBacked)

Method Detail

getNativeRef

NativeRef.EVP_PKEY getNativeRef()

Returns the EVP_PKEY context for use in JNI calls.

isWrapped

boolean isWrapped()

isHardwareBacked

boolean isHardwareBacked()

fromPrivateKey

static OpenSSLKey fromPrivateKey(java.security.PrivateKey key)
                          throws java.security.InvalidKeyException

Throws:

java.security.InvalidKeyException

fromPrivateKeyPemInputStream

static OpenSSLKey fromPrivateKeyPemInputStream(java.io.InputStream is)
                                        throws java.security.InvalidKeyException

Parse a private key in PEM encoding from the provided input stream.

Throws:

java.security.InvalidKeyException - if parsing fails

fromPrivateKeyForTLSStackOnly

static OpenSSLKey fromPrivateKeyForTLSStackOnly(java.security.PrivateKey privateKey,
                                                java.security.PublicKey publicKey)
                                         throws java.security.InvalidKeyException

Gets an OpenSSLKey instance backed by the provided private key. The resulting key is usable only by this provider's TLS/SSL stack.

Parameters:

privateKey - private key.

publicKey - corresponding public key or null if not available. Some opaque private keys cannot be used by the TLS/SSL stack without the public key.

Throws:

java.security.InvalidKeyException

fromECPrivateKeyForTLSStackOnly

static OpenSSLKey fromECPrivateKeyForTLSStackOnly(java.security.PrivateKey key,
                                                  java.security.spec.ECParameterSpec ecParams)
                                           throws java.security.InvalidKeyException

Gets an OpenSSLKey instance backed by the provided EC private key. The resulting key is usable only by this provider's TLS/SSL stack.

Parameters:

key - private key.

ecParams - EC parameters null if not available. Some opaque private keys cannot be used by the TLS/SSL stack without the parameters because the private key itself might not expose the parameters.

Throws:

java.security.InvalidKeyException

getOpenSSLKey

private static OpenSSLKey getOpenSSLKey(java.security.PrivateKey key)

Gets the OpenSSLKey instance of the provided key.

Returns:

instance or null if the key is not backed by OpenSSL's EVP_PKEY.

fromKeyMaterial

private static OpenSSLKey fromKeyMaterial(java.security.PrivateKey key)
                                   throws java.security.InvalidKeyException

Gets an OpenSSLKey instance initialized with the key material of the provided key.

Returns:

instance or null if the key does not export its key material in a suitable format.

Throws:

java.security.InvalidKeyException

wrapJCAPrivateKeyForTLSStackOnly

private static OpenSSLKey wrapJCAPrivateKeyForTLSStackOnly(java.security.PrivateKey privateKey,
                                                           java.security.PublicKey publicKey)
                                                    throws java.security.InvalidKeyException

Wraps the provided private key for use in the TLS/SSL stack only. Sign/decrypt operations using the key will be delegated to the Signature/Cipher implementation of the provider which accepts the key.

Throws:

java.security.InvalidKeyException

wrapPrivateKey

private static OpenSSLKey wrapPrivateKey(java.security.PrivateKey key)
                                  throws java.security.InvalidKeyException

Throws:

java.security.InvalidKeyException

fromPublicKey

static OpenSSLKey fromPublicKey(java.security.PublicKey key)
                         throws java.security.InvalidKeyException

Throws:

java.security.InvalidKeyException

fromPublicKeyPemInputStream

static OpenSSLKey fromPublicKeyPemInputStream(java.io.InputStream is)
                                       throws java.security.InvalidKeyException

Parse a public key in PEM encoding from the provided input stream.

Throws:

java.security.InvalidKeyException - if parsing fails

getPublicKey

java.security.PublicKey getPublicKey()
                              throws java.security.NoSuchAlgorithmException

Throws:

java.security.NoSuchAlgorithmException

getPublicKey

static java.security.PublicKey getPublicKey(java.security.spec.X509EncodedKeySpec keySpec,
                                            int type)
                                     throws java.security.spec.InvalidKeySpecException

Throws:

java.security.spec.InvalidKeySpecException

getPrivateKey

java.security.PrivateKey getPrivateKey()
                                throws java.security.NoSuchAlgorithmException

Throws:

java.security.NoSuchAlgorithmException

getPrivateKey

static java.security.PrivateKey getPrivateKey(java.security.spec.PKCS8EncodedKeySpec keySpec,
                                              int type)
                                       throws java.security.spec.InvalidKeySpecException

Throws:

java.security.spec.InvalidKeySpecException

equals

public boolean equals(java.lang.Object o)

Overrides:

equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object