org.mozilla.jss.SecretDecoderRing
Class KeyManager
java.lang.Object
org.mozilla.jss.SecretDecoderRing.KeyManager
public class KeyManager
extends java.lang.Object
Creates, finds, and deletes keys for SecretDecoderRing.
DEFAULT_KEYGEN_ALG
public static final KeyGenAlgorithm DEFAULT_KEYGEN_ALG
The default key generation algorithm, currently DES3.
DEFAULT_KEYSIZE
public static final int DEFAULT_KEYSIZE
The default key size (in bytes). This is only relevant for algorithms
with variable-length keys, such as AES.
KeyManager
public KeyManager(CryptoToken token)
Creates a new KeyManager using the given CryptoToken.
token
- The token on which this KeyManager operates.
deleteKey
public void deleteKey(SecretKey key)
throws TokenException,
InvalidKeyException
Deletes this key from this token.
deleteKey
public void deleteKey(byte[] keyID)
throws TokenException,
InvalidKeyException
Deletes the key with the given keyID from this token.
deleteUniqueNamedKey
public void deleteUniqueNamedKey(String nickname)
throws TokenException,
InvalidKeyException
If it exists, delete the key with the specified nickname from this
token.
generateKey
public byte[] generateKey()
throws TokenException
Generates an SDR key with the default algorithm and key size.
The default algorithm is stored in the constant DEFAULT_KEYGEN_ALG.
The default key size is stored in the constant DEFAULT_KEYSIZE.
- The keyID of the generated key. A random keyID will be chosen
that is not currently used on the token. The keyID must be stored
by the application in order to use this key for encryption in the
future.
generateKey
public byte[] generateKey(KeyGenAlgorithm alg,
int keySize)
throws TokenException
Generates an SDR key with the given algorithm and key size.
keySize
- Length of key in bytes. This is only relevant for
algorithms that take more than one key size. Otherwise it can just
be set to 0.
- The keyID of the generated key. A random keyID will be chosen
that is not currently used on the token. The keyID must be stored
by the application in order to use this key for encryption in the
future.
generateUniqueNamedKey
public byte[] generateUniqueNamedKey(String nickname)
throws TokenException
Generates an SDR key with the default algorithm and key size.
and names it with the specified nickname.
The default algorithm is stored in the constant DEFAULT_KEYGEN_ALG.
The default key size is stored in the constant DEFAULT_KEYSIZE.
nickname
- the name of the symmetric key. Duplicate keynames
will be checked for, and are not allowed.
- The keyID of the generated key. A random keyID will be chosen
that is not currently used on the token. The keyID must be stored
by the application in order to use this key for encryption in the
future.
generateUniqueNamedKey
public byte[] generateUniqueNamedKey(KeyGenAlgorithm alg,
int keySize,
String nickname)
throws TokenException
Generates an SDR key with the given algorithm, key size, and nickname.
alg
- The algorithm that this key will be used for.
This is necessary because it will be stored along with the
key for later use by the security library.keySize
- Length of key in bytes. This is only relevant for
algorithms that take more than one key size. Otherwise it can just
be set to 0.nickname
- the name of the symmetric key. Duplicate keynames
will be checked for, and are not allowed.
- The keyID of the generated key. A random keyID will be chosen
that is not currently used on the token. The keyID must be stored
by the application in order to use this key for encryption in the
future.
lookupKey
public SecretKey lookupKey(EncryptionAlgorithm alg,
byte[] keyid)
throws TokenException
Looks up the key on this token with the given algorithm and key ID.
alg
- The algorithm that this key will be used for.
This is necessary because it will be stored along with the
key for later use by the security library. It should match
the actual algorithm of the key you are looking for. If you
pass in a different algorithm and try to use the key that is returned,
the results are undefined.
- The key, or null if the key is not found.
lookupUniqueNamedKey
public SecretKey lookupUniqueNamedKey(EncryptionAlgorithm alg,
String nickname)
throws TokenException
Looks up the key on this token with the given algorithm and nickname.
alg
- The algorithm that this key will be used for.
This is necessary because it will be stored along with the
key for later use by the security library. It should match
the actual algorithm of the key you are looking for. If you
pass in a different algorithm and try to use the key that is returned,
the results are undefined.nickname
- the name of the symmetric key. Duplicate keynames
will be checked for, and are not allowed.
- The key, or null if the key is not found.
uniqueNamedKeyExists
public boolean uniqueNamedKeyExists(String nickname)
throws TokenException