org.mozilla.jss.pkcs11
Class PK11KeyPairGenerator
public final class PK11KeyPairGenerator
A Key Pair Generator implemented using PKCS #11.
static PQGParams | PQG1024 - Pre-cooked PQG values for 1024-bit keypairs, along with the seed,
counter, and H values needed to verify them.
|
static PQGParams | PQG512 - Pre-cooked PQG values for 512-bit keypairs, along with the seed,
counter, and H values needed to verify them.
|
static PQGParams | PQG768 - Pre-cooked PQG values for 768-bit keypairs, along with the seed,
counter, and H values needed to verify them.
|
PQG1024
public static final PQGParams PQG1024
Pre-cooked PQG values for 1024-bit keypairs, along with the seed,
counter, and H values needed to verify them.
PQG512
public static final PQGParams PQG512
Pre-cooked PQG values for 512-bit keypairs, along with the seed,
counter, and H values needed to verify them.
PQG768
public static final PQGParams PQG768
Pre-cooked PQG values for 768-bit keypairs, along with the seed,
counter, and H values needed to verify them.
PK11KeyPairGenerator
public PK11KeyPairGenerator(PK11Token token,
KeyPairAlgorithm algorithm)
throws NoSuchAlgorithmException,
TokenException
Constructor for PK11KeyPairGenerator.
token
- The PKCS #11 token that the keypair will be generated on.algorithm
- The type of key that will be generated. Currently,
KeyPairAlgorithm.RSA
,
KeyPairAlgorithm.DSA
and
KeyPairAlgorithm.EC
are supported.
generateKeyPair
public KeyPair generateKeyPair()
throws TokenException
Generates a key pair on a token. Uses parameters if they were passed
in through a call to initialize
, otherwise uses defaults.
- generateKeyPair in interface KeyPairGeneratorSpi
initialize
public void initialize(AlgorithmParameterSpec params,
SecureRandom random)
throws InvalidAlgorithmParameterException
Initializes this KeyPairGenerator with the given algorithm-specific
parameters.
- initialize in interface KeyPairGeneratorSpi
params
- The algorithm-specific parameters that will govern
key pair generation.random
- Ignored
initialize
public void initialize(int strength,
SecureRandom random)
throws InvalidParameterException
Initializes this KeyPairGenerator with the given key strength.
For DSA key generation, pre-cooked PQG values will be used
be used if the key size is 512, 768, or 1024. Otherwise, an
InvalidParameterException will be thrown.
- initialize in interface KeyPairGeneratorSpi
strength
- The strength (size) of the keys that will be generated.random
- Ignored
keygenOnInternalToken
public boolean keygenOnInternalToken()
- keygenOnInternalToken in interface KeyPairGeneratorSpi
- true if the keypair generation will be done on the
internal token and then moved to this token.
setKeyPairUsages
public void setKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages,
KeyPairGeneratorSpi.Usage[] usages_mask)
Sets the requested key usages desired for the
generated key pair.
This allows the caller to suggest how NSS generates the key pair.
- setKeyPairUsages in interface KeyPairGeneratorSpi
usages
- List of desired key usages.usages_mask
- Corresponding mask for the key usages.
if a usages is desired, make sure it is in the mask as well.