Package org.conscrypt

Class OpenSSLKey


  • final class OpenSSLKey
    extends java.lang.Object
    Represents a BoringSSL EVP_PKEY.
    • Field Detail

      • wrapped

        private final boolean wrapped
      • hardwareBacked

        private final boolean hardwareBacked
    • Constructor Detail

      • OpenSSLKey

        OpenSSLKey​(long ctx)
      • OpenSSLKey

        OpenSSLKey​(long ctx,
                   boolean wrapped)
      • OpenSSLKey

        OpenSSLKey​(long ctx,
                   boolean wrapped,
                   boolean hardwareBacked)
    • Method Detail

      • getNativeRef

        NativeRef.EVP_PKEY getNativeRef()
        Returns the EVP_PKEY context for use in JNI calls.
      • isWrapped

        boolean isWrapped()
      • isHardwareBacked

        boolean isHardwareBacked()
      • fromPrivateKey

        static OpenSSLKey fromPrivateKey​(java.security.PrivateKey key)
                                  throws java.security.InvalidKeyException
        Throws:
        java.security.InvalidKeyException
      • fromPrivateKeyPemInputStream

        static OpenSSLKey fromPrivateKeyPemInputStream​(java.io.InputStream is)
                                                throws java.security.InvalidKeyException
        Parse a private key in PEM encoding from the provided input stream.
        Throws:
        java.security.InvalidKeyException - if parsing fails
      • fromPrivateKeyForTLSStackOnly

        static OpenSSLKey fromPrivateKeyForTLSStackOnly​(java.security.PrivateKey privateKey,
                                                        java.security.PublicKey publicKey)
                                                 throws java.security.InvalidKeyException
        Gets an OpenSSLKey instance backed by the provided private key. The resulting key is usable only by this provider's TLS/SSL stack.
        Parameters:
        privateKey - private key.
        publicKey - corresponding public key or null if not available. Some opaque private keys cannot be used by the TLS/SSL stack without the public key.
        Throws:
        java.security.InvalidKeyException
      • fromECPrivateKeyForTLSStackOnly

        static OpenSSLKey fromECPrivateKeyForTLSStackOnly​(java.security.PrivateKey key,
                                                          java.security.spec.ECParameterSpec ecParams)
                                                   throws java.security.InvalidKeyException
        Gets an OpenSSLKey instance backed by the provided EC private key. The resulting key is usable only by this provider's TLS/SSL stack.
        Parameters:
        key - private key.
        ecParams - EC parameters null if not available. Some opaque private keys cannot be used by the TLS/SSL stack without the parameters because the private key itself might not expose the parameters.
        Throws:
        java.security.InvalidKeyException
      • getOpenSSLKey

        private static OpenSSLKey getOpenSSLKey​(java.security.PrivateKey key)
        Gets the OpenSSLKey instance of the provided key.
        Returns:
        instance or null if the key is not backed by OpenSSL's EVP_PKEY.
      • fromKeyMaterial

        private static OpenSSLKey fromKeyMaterial​(java.security.PrivateKey key)
                                           throws java.security.InvalidKeyException
        Gets an OpenSSLKey instance initialized with the key material of the provided key.
        Returns:
        instance or null if the key does not export its key material in a suitable format.
        Throws:
        java.security.InvalidKeyException
      • wrapJCAPrivateKeyForTLSStackOnly

        private static OpenSSLKey wrapJCAPrivateKeyForTLSStackOnly​(java.security.PrivateKey privateKey,
                                                                   java.security.PublicKey publicKey)
                                                            throws java.security.InvalidKeyException
        Wraps the provided private key for use in the TLS/SSL stack only. Sign/decrypt operations using the key will be delegated to the Signature/Cipher implementation of the provider which accepts the key.
        Throws:
        java.security.InvalidKeyException
      • wrapPrivateKey

        private static OpenSSLKey wrapPrivateKey​(java.security.PrivateKey key)
                                          throws java.security.InvalidKeyException
        Throws:
        java.security.InvalidKeyException
      • fromPublicKey

        static OpenSSLKey fromPublicKey​(java.security.PublicKey key)
                                 throws java.security.InvalidKeyException
        Throws:
        java.security.InvalidKeyException
      • fromPublicKeyPemInputStream

        static OpenSSLKey fromPublicKeyPemInputStream​(java.io.InputStream is)
                                               throws java.security.InvalidKeyException
        Parse a public key in PEM encoding from the provided input stream.
        Throws:
        java.security.InvalidKeyException - if parsing fails
      • getPublicKey

        java.security.PublicKey getPublicKey()
                                      throws java.security.NoSuchAlgorithmException
        Throws:
        java.security.NoSuchAlgorithmException
      • getPublicKey

        static java.security.PublicKey getPublicKey​(java.security.spec.X509EncodedKeySpec keySpec,
                                                    int type)
                                             throws java.security.spec.InvalidKeySpecException
        Throws:
        java.security.spec.InvalidKeySpecException
      • getPrivateKey

        java.security.PrivateKey getPrivateKey()
                                        throws java.security.NoSuchAlgorithmException
        Throws:
        java.security.NoSuchAlgorithmException
      • getPrivateKey

        static java.security.PrivateKey getPrivateKey​(java.security.spec.PKCS8EncodedKeySpec keySpec,
                                                      int type)
                                               throws java.security.spec.InvalidKeySpecException
        Throws:
        java.security.spec.InvalidKeySpecException
      • equals

        public boolean equals​(java.lang.Object o)
        Overrides:
        equals in class java.lang.Object
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object