org.mozilla.jss.crypto

Interface KeyGenerator

Known Implementing Classes:
PK11KeyGenerator

public interface KeyGenerator

Generates symmetric keys for encryption and decryption.

Nested Class Summary

static interface
KeyGenerator.CharToByteConverter
An interface for converting a password of Java characters into an array of bytes.

Method Summary

SymmetricKey
clone(SymmetricKey key)
Allows a SymmetricKey to be cloned on a different token.
SymmetricKey
generate()
Generates a symmetric key.
byte[]
generatePBE_IV()
Generates an Initialization Vector using a PBE algorithm.
void
initialize(AlgorithmParameterSpec parameters)
void
initialize(int strength)
void
sensitiveKeys(boolean sensitive)
Tells the generator to generate sensitive or insensitive keys.
void
setCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
Sets the character to byte converter for passwords.
void
setKeyUsages(SymmetricKey.Usage[] usages)
void
temporaryKeys(boolean temp)
Tells the generator to generate temporary or permanent keys.

Method Details

clone

public SymmetricKey clone(SymmetricKey key)
            throws SymmetricKey.NotExtractableException,
                   InvalidKeyException,
                   TokenException
Allows a SymmetricKey to be cloned on a different token.
Throws:
SymmetricKey.NotExtractableException - If the key material cannot be extracted from the current token.

generate

public SymmetricKey generate()
            throws IllegalStateException,
                   TokenException,
                   CharConversionException
Generates a symmetric key.

generatePBE_IV

public byte[] generatePBE_IV()
            throws IllegalStateException,
                   TokenException,
                   CharConversionException
Generates an Initialization Vector using a PBE algorithm. In order to call this method, the algorithm must be a PBE algorithm, and the KeyGenerator must have been initialized with an instance of PBEKeyGenParams.
Returns:
The initialization vector derived from the password and salt using the PBE algorithm.
Throws:
TokenException - If an error occurs on the CryptoToken while generating the IV.

initialize

public void initialize(AlgorithmParameterSpec parameters)
            throws InvalidAlgorithmParameterException

initialize

public void initialize(int strength)
            throws InvalidAlgorithmParameterException
Parameters:
strength - Key size in bits. Must be evenly divisible by 8.

sensitiveKeys

public void sensitiveKeys(boolean sensitive)
Tells the generator to generate sensitive or insensitive keys. Certain attributes of a sensitive key cannot be revealed in plaintext outside the token. If this method is not called, the default is token dependent.

setCharToByteConverter

public void setCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
Sets the character to byte converter for passwords. The default conversion is UTF8 with no null termination.

setKeyUsages

public void setKeyUsages(SymmetricKey.Usage[] usages)
Parameters:
usages - The operations the key will be used for after it is generated. You have to specify these so that the key can be properly marked with the operations it supports. Some PKCS #11 tokens require that a key be marked for an operation before it can perform that operation. The default is SymmetricKey.Usage.SIGN and SymmetricKey.Usage.ENCRYPT.

temporaryKeys

public void temporaryKeys(boolean temp)
Tells the generator to generate temporary or permanent keys. Temporary keys are not written permanently to the token. They are destroyed by the garbage collector. If this method is not called, the default is temporary keys.