Package oracle.nosql.driver.iam.pki

Class Pem

java.lang.Object

oracle.nosql.driver.iam.pki.Pem

public abstract class Pem
extends Object

Services for working with PEM encoded private keys, public keys and certificates. Read a public key

 PublicKey readPublicKey(Path path) {
  try (ReadableByteChannel pem = Files.newByteChannel(path)) {
   return Pem.decoder()
             .decodePublicKey(pem);
   }
 }
 

Read an unencrypted private key

 PrivateKey readPrivateKey(Path path) {
  try (ReadableByteChannel pem = Files.newByteChannel(path)) {
   return Pem.decoder()
             .decodePrivateKey(pem);
   }
 }
 

Read an encrypted private key

 PrivateKey readPrivateKey(Path path, char[] passphrase) {
  try (ReadableByteChannel pem = Files.newByteChannel(path)) {
   return Pem.decoder()
             .with(passphrase)
             .decodePrivateKey(pem);
   }
 }
 

Write a public key

 void writePublicKey(Path path,final PublicKey publicKey) {
  try (WritableByteChannel pem = Files.newByteChannel(path)) {
   return Pem.encoder()
             .write(pem,publicKey);
   }
 }
 

Write an unencrypted private key

 void writePrivateKey(Path path,final PrivateKey privateKey) {
  try (WritableByteChannel pem = Files.newByteChannel(path)) {
   return Pem.encoder()
             .write(pem,privateKey);
   }
 }
 

Write an encrypted private key in PKCS1 format

 void writePkcs1PrivateKey(Path path,final PrivateKey privateKey, char[] passphrase) {
  try (WritableByteChannel pem = Files.newByteChannel(path)) {
   return Pem.encoder()
             .with(Pem.Format.LEGACY)
             .with(passphrase)
             .write(pem,privateKey);
   }
 }
 

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	Pem.Decoder	Decodes PEM encoded text streams into the desired format
static class	Pem.Encoder	Encode certificates, public keys and private keys into PEM encoded format
static class	Pem.Encryption	Configures how private keys are encrypted
static enum	Pem.Format	Denotes the specific syntax used for encoding public and private keys (Does not affect the encoding of certificates)
static interface	Pem.Passphrase	Holds a passphrase using a try-with-resources model to assure the passphrase plain-text is erased once it has been used

Method Summary

Modifier and Type	Method	Description
static Pem.Decoder	decoder()	Return a decoder for certificates, public keys and unencrypted private keys.
static Pem.Encoder	encoder()	Return an encoder that does not encrypt private keys and formats private keys in PKCS8, and public keys or certificates in X509.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

encoder

public static Pem.Encoder encoder()

Return an encoder that does not encrypt private keys and formats private keys in PKCS8, and public keys or certificates in X509.

To encode encrypted private keys call Pem.Encoder.with(Encryption)

To format private keys and public keys in PKCS1, call Pem.Encoder.with(Format) e.g.:

     Pem.Encoder encoder = Pem.encoder().with(Format.LEGACY);
 

Returns:

Encoder instance

decoder

public static Pem.Decoder decoder()

Return a decoder for certificates, public keys and unencrypted private keys.

To decode encrypted private keys call Pem.Decoder.with(Passphrase).

Returns:

Decoder instance