Package org.mozilla.jss.crypto
Interface CryptoStore
- All Known Implementing Classes:
PK11Store
public interface CryptoStore
This is an interface for a permanent repository of cryptographic objects,
such as keys, certs, and passwords.
-
Method Summary
Modifier and TypeMethodDescriptionvoid
deleteCert
(X509Certificate cert) Deletes a certificate and the corresponding keys.void
Deletes a certificate without deleting the corresponding keys.void
deletePrivateKey
(PrivateKey privateKey) Permanently deletes a private key from the token.void
deletePublicKey
(PublicKey publicKey) Permanently deletes a public key from the token.findPublicKey
(PrivateKey privateKey) Returns the public key corresponding to the private key.Returns all user certificates stored on this token.byte[]
getEncryptedPrivateKeyInfo
(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k) Get an encrypted private key, with optional password conversion.byte[]
getEncryptedPrivateKeyInfo
(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) Get an encrypted private key for the given cert.Returns all private keys stored on this token.Returns all public keys stored on this token.Returns all symmetric keys stored on this token.importCert
(byte[] certBytes, String nickname) Imports a certificate into this token.void
importEncryptedPrivateKeyInfo
(KeyGenerator.CharToByteConverter conv, Password pw, String nickname, PublicKey pubKey, byte[] epkiBytes) importPrivateKey
(byte[] key, PrivateKey.Type type) Imports a raw private key into this token (permanently).importPrivateKey
(byte[] key, PrivateKey.Type type, boolean temporary) Imports a raw private key into this token.
-
Method Details
-
importPrivateKey
PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type) throws TokenException, KeyAlreadyImportedException Imports a raw private key into this token (permanently).- Parameters:
key
- The private key.- Throws:
TokenException
- If the key cannot be imported to this token.KeyAlreadyImportedException
- If the key already exists on this token.
-
importPrivateKey
PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type, boolean temporary) throws TokenException, KeyAlreadyImportedException Imports a raw private key into this token.- Parameters:
key
- The private key.temporary
- Whether the key should be temporary.- Throws:
TokenException
- If the key cannot be imported to this token.KeyAlreadyImportedException
- If the key already exists on this token.
-
getPrivateKeys
Returns all private keys stored on this token.- Returns:
- An array of all private keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
getPublicKeys
Returns all public keys stored on this token.- Returns:
- An array of all public keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
findPublicKey
Returns the public key corresponding to the private key.- Parameters:
privateKey
-- Returns:
- The corresponding public key.
- Throws:
ObjectNotFoundException
- If the corresponding public key is not found.TokenException
- If an error occurs on the token.
-
getSymmetricKeys
Returns all symmetric keys stored on this token.- Returns:
- An array of all symmetric keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
deletePrivateKey
Permanently deletes a private key from the token.- Parameters:
privateKey
- A private key to be permanently deleted.- Throws:
NoSuchItemOnTokenException
- If the given private key does not reside on this token.TokenException
- If an error occurs on the token while deleting the key.
-
deletePublicKey
Permanently deletes a public key from the token.- Parameters:
publicKey
- A public key to be permanently deleted.- Throws:
NoSuchItemOnTokenException
- If the given public key does not reside on this token.TokenException
- If an error occurs on the token while deleting the key.
-
getEncryptedPrivateKeyInfo
byte[] getEncryptedPrivateKeyInfo(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) throws NotInitializedException, ObjectNotFoundException, TokenException Get an encrypted private key for the given cert.- Parameters:
cert
- Certificate of key to be exportedpbeAlg
- The PBEAlgorithm to usepw
- The password to encrypt withiteration
- Iteration count; default of 2000 if le 0- Throws:
NotInitializedException
ObjectNotFoundException
TokenException
-
getEncryptedPrivateKeyInfo
byte[] getEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k) Get an encrypted private key, with optional password conversion.- Parameters:
conv
- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw
- The passwordalg
- The encryption algorithmn
- Iteration count; default of 2000 if le 0k
- The private key
-
importEncryptedPrivateKeyInfo
void importEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, String nickname, PublicKey pubKey, byte[] epkiBytes) - Parameters:
conv
- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw
- The passwordnickname
- Nickname to use for private keypubKey
- Public key corresponding to private key
-
getCertificates
Returns all user certificates stored on this token. A user certificate is one that has a matching private key.- Returns:
- An array of all user certificates present on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the certificates.
-
importCert
Imports a certificate into this token.- Parameters:
certBytes
- Certificate binariesnickname
- Certificate nickname- Returns:
- X509Certificate object of the imported certificate
- Throws:
TokenException
-
deleteCert
Deletes a certificate and the corresponding keys.- Parameters:
cert
- A certificate to be deleted from this token. The cert must actually reside on this token.- Throws:
NoSuchItemOnTokenException
- If the given cert does not reside on this token.TokenException
- If an error occurred on the token while deleting the certificate.
-
deleteCertOnly
Deletes a certificate without deleting the corresponding keys.- Parameters:
cert
- A certificate to be deleted from this token. The cert must actually reside on this token.- Throws:
NoSuchItemOnTokenException
- If the given cert does not reside on this token.TokenException
- If an error occurred on the token while deleting the certificate.
-