PKCS : Java Glossary

by Roedy Green ©1996-2009 Canadian Mind Products
index page for letter ⇒ punctuation 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)

PKCS

A series of standards for digital certificates for code signing, SSL encryption etc.

RSA PKCS Standards
Type	Holds Multiple Certificates?	Holds Private Keys?	Password Required?	Notes
PKCS#1	n/a	n/a	n/a	The RSA encryption standard. This standard defines mechanisms for encrypting and signing data using the RSA public key system. Cipher sometimes uses PCKS#1 padding.
PKCS#2	n/a	n/a	n/a	Obsolete. Now part of PKCS#2.
PKCS#3	n/a	n/a	n/a	Defines the Diffie-Hellman key agreement protocol. Allows two parties who have never exchanged anything before to negotiate a common secret key to use for encrypted message exchanges.
PKCS#4	n/a	n/a	n/a	Obsolete. Now part of PKCS#2.
PKCS#5	n/a	n/a	n/a	The password-based encryption standard (PBE). This describes a method to generate a Secret Key based on a password.
PKCS#6	n/a	n/a	n/a	The extended-certificate syntax standard. This is currently being phased out in favor of X509 v3.
PKCS#7				The cryptographic message syntax standard. This defines a generic syntax for messages which have cryptography applied to it. Imported by a browser to add to list of trusted certificates or signing authorities. cacerts is not in this format.
PKCS#8				The private-key information syntax standard. This defines a method to store Private Key Information.
PKCS#9	n/a	n/a	n/a	This defines selected attribute types for use in other PKCS standards. Defines the field names for data in a certificate the signing authority attests to, e.g. facsimileTelephoneNumber, stateOrProvinceName, iSDNAddress, streetAddress, localityName, supportedApplicationContext surname, telephoneNumber, organizationName ,teletexTerminalIdentifier physicalDeliveryOfficeName, telexNumber postalAddress, title, postalCode, x121Address, postOfficeBox.
PKCS#10				The certification request syntax standard. This describes a syntax for certification requests.
PKCS#11 / CryptoKi				The cryptographic token interface standard. This defines a technology independent programming interface for cryptographic devices such as smartcards.
PKCS#12				The personal information exchange syntax standard. This describes a portable format for storage and transportation of user private keys, certificates etc. Where a developer stores his code signing keys. .keystore is not in this format, though Java also supports PCKS#12 keystore format.
PKCS#13	n/a	n/a	n/a	The elliptic curve cryptography standard. This describes mechanisms to encrypt and sign data using elliptic curve cryptography.
PKCS#14	n/a	n/a	n/a	This covers pseudo random number generation (PRNG). This is currently under active development.
PKCS#15	n/a	n/a	n/a	The cryptographic token information format standard. This describes a standard for the format of cryptographic credentials stored on cryptographic tokens.

Learning More

To use Sun’PKCS#11 code, make sure you have sunpkcs11.jar in the ext directory.

Sun’s JDK Technote Guide on PKCS#11 : available:

on the web at java.sun.com
in the current JDK 1.6.0_14 on your local Windows J: drive.

cacerts
certificate
keyman: a more user-friendly cacerts manipulator
keystore
KeyTool IUI: third party GUI version of keytool
keytool.exe
PKCS Standards

	Please email your feedback for publication, errors, omissions, broken/redirected link reports and suggestions to improve this page to Roedy Green :
	Canadian Mind Products
	mindprod.com IP:[65.110.21.43]
	Your face IP:[38.103.63.58]
	You are visitor number 11,448.
	You can get a fresh copy of this page from:	or possibly from your local J: drive (Java virtual drive/mindprod.com website mirror)
	http://mindprod.com/jgloss/pkcs.html	J:\mindprod\jgloss\pkcs.html