Package org.mozilla.jss.pkcs11
Class PK11KeyPairGenerator
- java.lang.Object
-
- org.mozilla.jss.crypto.KeyPairGeneratorSpi
-
- org.mozilla.jss.pkcs11.PK11KeyPairGenerator
-
public final class PK11KeyPairGenerator extends KeyPairGeneratorSpi
A Key Pair Generator implemented using PKCS #11.- See Also:
PQGParams
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.mozilla.jss.crypto.KeyPairGeneratorSpi
KeyPairGeneratorSpi.Usage
-
-
Field Summary
Fields Modifier and Type Field Description static PQGParamsPQG1024Pre-cooked PQG values for 1024-bit keypairs, along with the seed, counter, and H values needed to verify them.static PQGParamsPQG512Pre-cooked PQG values for 512-bit keypairs, along with the seed, counter, and H values needed to verify them.static PQGParamsPQG768Pre-cooked PQG values for 768-bit keypairs, along with the seed, counter, and H values needed to verify them.
-
Constructor Summary
Constructors Constructor Description PK11KeyPairGenerator(PK11Token token, KeyPairAlgorithm algorithm)Constructor for PK11KeyPairGenerator.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidextractablePairs(boolean extractable)java.security.KeyPairgenerateKeyPair()Generates a key pair on a token.intgetCurveCodeByName(java.lang.String curveName)voidinitialize(int strength, java.security.SecureRandom random)Initializes this KeyPairGenerator with the given key strength.voidinitialize(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random)Initializes this KeyPairGenerator with the given algorithm-specific parameters.booleankeygenOnInternalToken()voidsensitivePairs(boolean sensitive)voidsetKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, KeyPairGeneratorSpi.Usage[] usages_mask)Sets the requested key usages desired for the generated key pair.voidtemporaryPairs(boolean temp)
-
-
-
Field Detail
-
PQG1024
public static final PQGParams PQG1024
Pre-cooked PQG values for 1024-bit keypairs, along with the seed, counter, and H values needed to verify them.
-
PQG768
public static final PQGParams PQG768
Pre-cooked PQG values for 768-bit keypairs, along with the seed, counter, and H values needed to verify them.
-
PQG512
public static final PQGParams PQG512
Pre-cooked PQG values for 512-bit keypairs, along with the seed, counter, and H values needed to verify them.
-
-
Constructor Detail
-
PK11KeyPairGenerator
public PK11KeyPairGenerator(PK11Token token, KeyPairAlgorithm algorithm) throws java.security.NoSuchAlgorithmException, TokenException
Constructor for PK11KeyPairGenerator.- Parameters:
token- The PKCS #11 token that the keypair will be generated on.algorithm- The type of key that will be generated. Currently,KeyPairAlgorithm.RSA,KeyPairAlgorithm.DSAandKeyPairAlgorithm.ECare supported.- Throws:
java.security.NoSuchAlgorithmExceptionTokenException
-
-
Method Detail
-
initialize
public void initialize(int strength, java.security.SecureRandom random) throws java.security.InvalidParameterExceptionInitializes this KeyPairGenerator with the given key strength.For DSA key generation, pre-cooked PQG values will be used be used if the key size is 512, 768, or 1024. Otherwise, an InvalidParameterException will be thrown.
- Specified by:
initializein classKeyPairGeneratorSpi- Parameters:
strength- The strength (size) of the keys that will be generated.random- Ignored- Throws:
java.security.InvalidParameterException- If the key strength is not supported by the algorithm or this implementation.
-
initialize
public void initialize(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) throws java.security.InvalidAlgorithmParameterExceptionInitializes this KeyPairGenerator with the given algorithm-specific parameters.- Specified by:
initializein classKeyPairGeneratorSpi- Parameters:
params- The algorithm-specific parameters that will govern key pair generation.random- Ignored- Throws:
java.security.InvalidAlgorithmParameterException- If the parameters are inappropriate for the key type or are not supported by this implementation.
-
generateKeyPair
public java.security.KeyPair generateKeyPair() throws TokenExceptionGenerates a key pair on a token. Uses parameters if they were passed in through a call toinitialize, otherwise uses defaults.- Specified by:
generateKeyPairin classKeyPairGeneratorSpi- Returns:
- Throws:
TokenException
-
keygenOnInternalToken
public boolean keygenOnInternalToken()
- Specified by:
keygenOnInternalTokenin classKeyPairGeneratorSpi- Returns:
- true if the keypair generation will be done on the internal token and then moved to this token.
-
temporaryPairs
public void temporaryPairs(boolean temp)
- Specified by:
temporaryPairsin classKeyPairGeneratorSpi
-
sensitivePairs
public void sensitivePairs(boolean sensitive)
- Specified by:
sensitivePairsin classKeyPairGeneratorSpi
-
extractablePairs
public void extractablePairs(boolean extractable)
- Specified by:
extractablePairsin classKeyPairGeneratorSpi
-
setKeyPairUsages
public void setKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, KeyPairGeneratorSpi.Usage[] usages_mask)
Sets the requested key usages desired for the generated key pair. This allows the caller to suggest how NSS generates the key pair.- Specified by:
setKeyPairUsagesin classKeyPairGeneratorSpi- Parameters:
usages- List of desired key usages.usages_mask- Corresponding mask for the key usages. if a usages is desired, make sure it is in the mask as well.
-
getCurveCodeByName
public int getCurveCodeByName(java.lang.String curveName) throws java.security.InvalidParameterException- Specified by:
getCurveCodeByNamein classKeyPairGeneratorSpi- Throws:
java.security.InvalidParameterException
-
-