Package org.forgerock.secrets.keys
Class KeyFormatPem
- java.lang.Object
-
- org.forgerock.secrets.keys.KeyFormatPem
-
public final class KeyFormatPem extends Object implements KeyFormat<String>
Exports a key in the PEM (Privacy Enhanced Mail) format. This is the base64-encoded ASN.1 DER binary encoding of the key surrounded by markers identifying the beginning and end of the key. The correct headers are produced to allow software to parse these keys directly. To convert to PKCS#1 you can use OpenSSL:openssl pkcs8 -nocrypt -in pkcs8key.pem -out pkcs1key.pem
-
-
Field Summary
Fields Modifier and Type Field Description static KeyFormatPemWITH_CERTIFICATEExports the key material with the certificate as well.static KeyFormatPemWITHOUT_CERTIFICATEExports the key material without any associated certificate.
-
Constructor Summary
Constructors Constructor Description KeyFormatPem(boolean includeCertificate)Constructs a new PEM key format that does not encrypt private keys.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Stringexport(CryptoKey key, Key rawKey)Exports the given crypto key and raw key material.
-
-
-
Field Detail
-
WITHOUT_CERTIFICATE
public static final KeyFormatPem WITHOUT_CERTIFICATE
Exports the key material without any associated certificate.
-
WITH_CERTIFICATE
public static final KeyFormatPem WITH_CERTIFICATE
Exports the key material with the certificate as well. The certificate will be exported before the key.
-
-
Constructor Detail
-
KeyFormatPem
public KeyFormatPem(boolean includeCertificate)
Constructs a new PEM key format that does not encrypt private keys. This should only be used if either no private key material is being exported or it will never be exposed to untrusted sources.- Parameters:
includeCertificate- whether to include any certificate associated with the key in the PEM.
-
-