org.mozilla.jss.pkcs11

Class PK11KeyGenerator

Implemented Interfaces:
KeyGenerator

public final class PK11KeyGenerator
extends java.lang.Object
implements KeyGenerator

Method Summary

SymmetricKey
clone(SymmetricKey key)
Allows a SymmetricKey to be cloned on a different token.
static SymmetricKey
clone(SymmetricKey key, PK11Token token)
Allows a SymmetricKey to be cloned on a different token.
SymmetricKey
generate()
Generates the key.
byte[]
generatePBE_IV()
Generates an Initialization Vector using a PBE algorithm.
void
initialize(AlgorithmParameterSpec parameters)
void
initialize(int strength)
void
sensitiveKeys(boolean sensitive)
Tells the generator to generate sensitive or insensitive keys.
void
setCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
Sets the character to byte converter for passwords.
void
setKeyUsages(SymmetricKey.Usage[] usages)
void
temporaryKeys(boolean temp)
Tells the generator to generate temporary or permanent keys.

Method Details

clone

public SymmetricKey clone(SymmetricKey key)
            throws SymmetricKey.NotExtractableException,
                   InvalidKeyException,
                   TokenException
Allows a SymmetricKey to be cloned on a different token.
Specified by:
clone in interface KeyGenerator
Throws:
SymmetricKey.NotExtractableException - If the key material cannot be extracted from the current token.

clone

public static SymmetricKey clone(SymmetricKey key,
                                 PK11Token token)
            throws SymmetricKey.NotExtractableException,
                   InvalidKeyException,
                   TokenException
Allows a SymmetricKey to be cloned on a different token.
Parameters:
key - The key to clone.
token - The token on which to clone the key.
Throws:
SymmetricKey.NotExtractableException - If the key material cannot be extracted from the current token.

generate

public SymmetricKey generate()
            throws IllegalStateException,
                   TokenException,
                   CharConversionException
Generates the key. This is the public interface, the actual work is done by native methods.
Specified by:
generate in interface KeyGenerator

generatePBE_IV

public byte[] generatePBE_IV()
            throws TokenException,
                   CharConversionException
Generates an Initialization Vector using a PBE algorithm. In order to call this method, the algorithm must be a PBE algorithm, and the KeyGenerator must have been initialized with an instance of PBEKeyGenParams.
Specified by:
generatePBE_IV in interface KeyGenerator
Returns:
The initialization vector derived from the password and salt using the PBE algorithm.

initialize

public void initialize(AlgorithmParameterSpec parameters)
            throws InvalidAlgorithmParameterException
Specified by:
initialize in interface KeyGenerator

initialize

public void initialize(int strength)
            throws InvalidAlgorithmParameterException
Specified by:
initialize in interface KeyGenerator
Parameters:
strength - Key size in bits. Must be evenly divisible by 8.

sensitiveKeys

public void sensitiveKeys(boolean sensitive)
Tells the generator to generate sensitive or insensitive keys. Certain attributes of a sensitive key cannot be revealed in plaintext outside the token. If this method is not called, the default is token dependent.
Specified by:
sensitiveKeys in interface KeyGenerator

setCharToByteConverter

public void setCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
Sets the character to byte converter for passwords. The default conversion is UTF8 with no null termination.
Specified by:
setCharToByteConverter in interface KeyGenerator

setKeyUsages

public void setKeyUsages(SymmetricKey.Usage[] usages)
Specified by:
setKeyUsages in interface KeyGenerator
Parameters:
usages - The operations the key will be used for after it is generated. You have to specify these so that the key can be properly marked with the operations it supports. Some PKCS #11 tokens require that a key be marked for an operation before it can perform that operation. The default is SymmetricKey.Usage.SIGN and SymmetricKey.Usage.ENCRYPT.

temporaryKeys

public void temporaryKeys(boolean temp)
Tells the generator to generate temporary or permanent keys. Temporary keys are not written permanently to the token. They are destroyed by the garbage collector. If this method is not called, the default is temporary keys.
Specified by:
temporaryKeys in interface KeyGenerator