JSS 3.1.1

org.mozilla.jss.pkcs11
Class PK11KeyGenerator

java.lang.Object
  |
  +--org.mozilla.jss.pkcs11.PK11KeyGenerator
All Implemented Interfaces:
KeyGenerator

public final class PK11KeyGenerator
extends java.lang.Object
implements KeyGenerator


Inner classes inherited from class org.mozilla.jss.crypto.KeyGenerator
KeyGenerator.CharToByteConverter
 
Field Summary
private  KeyGenAlgorithm algorithm
           
private  KeyGenerator.CharToByteConverter charToByte
           
private  java.security.spec.AlgorithmParameterSpec parameters
           
private  int strength
           
private  PK11Token token
           
 
Constructor Summary
private PK11KeyGenerator()
           
(package private) PK11KeyGenerator(PK11Token token, KeyGenAlgorithm algorithm)
           
 
Method Summary
 SymmetricKey clone(SymmetricKey key)
          Allows a SymmetricKey to be cloned on a different token.
static SymmetricKey clone(SymmetricKey key, PK11Token token)
          Allows a SymmetricKey to be cloned on a different token.
 SymmetricKey generate()
          Generates the key.
private static SymmetricKey generateNormal(PK11Token token, KeyGenAlgorithm algorithm, int strength)
          A native method to generate a non-PBE key.
 byte[] generatePBE_IV()
          Generates an Initialization Vector using a PBE algorithm.
private static byte[] generatePBE_IV(KeyGenAlgorithm alg, byte[] password, byte[] salt, int iterations)
          A native method to generate an IV using a PBE algorithm.
private static SymmetricKey generatePBE(PK11Token token, KeyGenAlgorithm algorithm, byte[] pass, byte[] salt, int iterationCount)
          A native method to generate a PBE key.
 void initialize(java.security.spec.AlgorithmParameterSpec parameters)
           
 void initialize(int strength)
           
private static SymmetricKey nativeClone(PK11Token token, SymmetricKey toBeCloned)
           
 void setCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
          Sets the character to byte converter for passwords.
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, registerNatives, toString, wait, wait, wait
 

Field Detail

token

private PK11Token token

algorithm

private KeyGenAlgorithm algorithm

strength

private int strength

parameters

private java.security.spec.AlgorithmParameterSpec parameters

charToByte

private KeyGenerator.CharToByteConverter charToByte
Constructor Detail

PK11KeyGenerator

private PK11KeyGenerator()

PK11KeyGenerator

PK11KeyGenerator(PK11Token token,
                 KeyGenAlgorithm algorithm)
Method Detail

setCharToByteConverter

public void setCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
Sets the character to byte converter for passwords. The default conversion is UTF8 with no null termination.
Specified by:
setCharToByteConverter in interface KeyGenerator

initialize

public void initialize(int strength)
                throws java.security.InvalidAlgorithmParameterException
Specified by:
initialize in interface KeyGenerator
Parameters:
strength - Key size in bits. Must be evenly divisible by 8.

initialize

public void initialize(java.security.spec.AlgorithmParameterSpec parameters)
                throws java.security.InvalidAlgorithmParameterException
Specified by:
initialize in interface KeyGenerator

generate

public SymmetricKey generate()
                      throws java.lang.IllegalStateException,
                             TokenException,
                             java.io.CharConversionException
Generates the key. This is the public interface, the actual work is done by native methods.
Specified by:
generate in interface KeyGenerator

generatePBE_IV

public byte[] generatePBE_IV()
                      throws TokenException,
                             java.io.CharConversionException
Generates an Initialization Vector using a PBE algorithm. In order to call this method, the algorithm must be a PBE algorithm, and the KeyGenerator must have been initialized with an instance of PBEKeyGenParams.
Specified by:
generatePBE_IV in interface KeyGenerator
Returns:
The initialization vector derived from the password and salt using the PBE algorithm.

generatePBE_IV

private static byte[] generatePBE_IV(KeyGenAlgorithm alg,
                                     byte[] password,
                                     byte[] salt,
                                     int iterations)
                              throws TokenException
A native method to generate an IV using a PBE algorithm. None of the parameters should be NULL.

clone

public SymmetricKey clone(SymmetricKey key)
                   throws SymmetricKey.NotExtractableException,
                          java.security.InvalidKeyException,
                          TokenException
Allows a SymmetricKey to be cloned on a different token.
Specified by:
clone in interface KeyGenerator
Throws:
SymmetricKey.NotExtractableException - If the key material cannot be extracted from the current token.
java.security.InvalidKeyException - If the owning token cannot process the key to be cloned.

clone

public static SymmetricKey clone(SymmetricKey key,
                                 PK11Token token)
                          throws SymmetricKey.NotExtractableException,
                                 java.security.InvalidKeyException,
                                 TokenException
Allows a SymmetricKey to be cloned on a different token.
Parameters:
key - The key to clone.
token - The token on which to clone the key.
Throws:
SymmetricKey.NotExtractableException - If the key material cannot be extracted from the current token.
java.security.InvalidKeyException - If the owning token cannot process the key to be cloned.

nativeClone

private static SymmetricKey nativeClone(PK11Token token,
                                        SymmetricKey toBeCloned)
                                 throws SymmetricKey.NotExtractableException,
                                        TokenException

generateNormal

private static SymmetricKey generateNormal(PK11Token token,
                                           KeyGenAlgorithm algorithm,
                                           int strength)
                                    throws TokenException
A native method to generate a non-PBE key.
Parameters:
strength - The key size in bits, should be 0 for fixed-length key algorithms.

generatePBE

private static SymmetricKey generatePBE(PK11Token token,
                                        KeyGenAlgorithm algorithm,
                                        byte[] pass,
                                        byte[] salt,
                                        int iterationCount)
                                 throws TokenException
A native method to generate a PBE key. None of the parameters should be null.

JSS 3.1.1