This section describes private and public key encoding standards: PKCS#8 is used for encoding private keys and X.509 is used for encoding public keys.
What is Key Encoding?
Key encoding is the process of converting encryption and decryption keys, or private and public keys,
into a specific encoding format for storing them in files or transmitting them to remote systems.
As you can see from the previous chapter, JDK supports two commonly used key encoding standards:
PKCS#8 - PKCS stands for Public-Key Cryptography Standards, developed by RSA Security currently
a division of EMC. PKCS#8 describes syntax for private-key information, including a private key
for some public-key algorithm and a set of attributes. PKCS#8 is mainly used to encode private keys.
X.509 - X.509 is an ITU-T standard for a public key infrastructure (PKI) for single sign-on
and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things,
standard formats for public key certificates, certificate revocation lists, attribute certificates,
and a certification path validation algorithm.
To manage different key encoding standards, JDK offers a group of classes:
KeyFactory - A class to convert keys between Key objects and EncodedKeySpec objects.
EncodedKeySpec - An abstract class offers a grouping point of all sub classes that represent
various key encoding standards.
PKCS8EncodedKeySpec - A sub class of EncodedKeySpec represents the ASN.1 encoding
of a private key based on PKCS#8 standard.
X509EncodedKeySpec - A sub class of EncodedKeySpec represents the ASN.1 encoding
of a public key based on X.509 standard.
See next sections on how to use these key encoding classes.
