Class KeyManager
java.lang.Object
org.mozilla.jss.SecretDecoderRing.KeyManager
Creates, finds, and deletes keys for SecretDecoderRing.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final KeyGenAlgorithm
The default key generation algorithm, currently DES3.static final int
The default key size (in bytes).private static final int
private static final String
private static final String
private CryptoToken
-
Constructor Summary
ConstructorsConstructorDescriptionKeyManager
(CryptoToken token) Creates a new KeyManager using the given CryptoToken. -
Method Summary
Modifier and TypeMethodDescriptionvoid
deleteKey
(byte[] keyID) Deletes the key with the given keyID from this token.void
Deletes this key from this token.private void
deleteKeyNative
(CryptoToken token, SymmetricKey key) void
deleteUniqueNamedKey
(String nickname) If it exists, delete the key with the specified nickname from this token.byte[]
Generates an SDR key with the default algorithm and key size.byte[]
generateKey
(KeyGenAlgorithm alg, int keySize) Generates an SDR key with the given algorithm and key size.private void
generateKeyNative
(CryptoToken token, KeyGenAlgorithm alg, byte[] keyID, int keySize) byte[]
generateUniqueNamedKey
(String nickname) Generates an SDR key with the default algorithm and key size.byte[]
generateUniqueNamedKey
(KeyGenAlgorithm alg, int keySize, String nickname) Generates an SDR key with the given algorithm, key size, and nickname.private void
generateUniqueNamedKeyNative
(CryptoToken token, KeyGenAlgorithm alg, byte[] keyID, int keySize, String nickname) private byte[]
Generates a key ID that is currently unused on this token.private boolean
keyExists
(byte[] keyid) lookupKey
(EncryptionAlgorithm alg, byte[] keyid) Looks up the key on this token with the given algorithm and key ID.private SymmetricKey
lookupKeyNative
(CryptoToken token, EncryptionAlgorithm alg, byte[] keyid) lookupUniqueNamedKey
(EncryptionAlgorithm alg, String nickname) Looks up the key on this token with the given algorithm and nickname.private SymmetricKey
lookupUniqueNamedKeyNative
(CryptoToken token, EncryptionAlgorithm alg, String nickname) boolean
uniqueNamedKeyExists
(String nickname)
-
Field Details
-
KEYID_LEN
private static final int KEYID_LEN- See Also:
-
RNG_ALG
- See Also:
-
RNG_PROVIDER
- See Also:
-
DEFAULT_KEYGEN_ALG
The default key generation algorithm, currently DES3. -
DEFAULT_KEYSIZE
public static final int DEFAULT_KEYSIZEThe default key size (in bytes). This is only relevant for algorithms with variable-length keys, such as AES.- See Also:
-
token
-
-
Constructor Details
-
KeyManager
Creates a new KeyManager using the given CryptoToken.- Parameters:
token
- The token on which this KeyManager operates.
-
-
Method Details
-
generateKey
Generates an SDR key with the default algorithm and key size. The default algorithm is stored in the constant DEFAULT_KEYGEN_ALG. The default key size is stored in the constant DEFAULT_KEYSIZE.- Returns:
- The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
- Throws:
TokenException
-
generateKey
Generates an SDR key with the given algorithm and key size.- Parameters:
keySize
- Length of key in bytes. This is only relevant for algorithms that take more than one key size. Otherwise it can just be set to 0.- Returns:
- The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
- Throws:
TokenException
-
generateKeyNative
- Parameters:
keySize
- Key length in bytes.
-
generateUniqueNamedKey
Generates an SDR key with the default algorithm and key size. and names it with the specified nickname. The default algorithm is stored in the constant DEFAULT_KEYGEN_ALG. The default key size is stored in the constant DEFAULT_KEYSIZE.- Parameters:
nickname
- the name of the symmetric key. Duplicate keynames will be checked for, and are not allowed.- Returns:
- The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
- Throws:
TokenException
-
generateUniqueNamedKey
public byte[] generateUniqueNamedKey(KeyGenAlgorithm alg, int keySize, String nickname) throws TokenException Generates an SDR key with the given algorithm, key size, and nickname.- Parameters:
alg
- The algorithm that this key will be used for. This is necessary because it will be stored along with the key for later use by the security library.keySize
- Length of key in bytes. This is only relevant for algorithms that take more than one key size. Otherwise it can just be set to 0.nickname
- the name of the symmetric key. Duplicate keynames will be checked for, and are not allowed.- Returns:
- The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
- Throws:
TokenException
-
generateUniqueNamedKeyNative
private void generateUniqueNamedKeyNative(CryptoToken token, KeyGenAlgorithm alg, byte[] keyID, int keySize, String nickname) - Parameters:
keySize
- Key length in bytes.nickname
- the name of the symmetric key. Duplicate keynames will be checked for, and are not allowed.
-
generateUnusedKeyID
Generates a key ID that is currently unused on this token. The caller is responsible for synchronization issues that may arise if keys are generated by different threads.- Throws:
TokenException
-
keyExists
- Throws:
TokenException
-
lookupKey
Looks up the key on this token with the given algorithm and key ID.- Parameters:
alg
- The algorithm that this key will be used for. This is necessary because it will be stored along with the key for later use by the security library. It should match the actual algorithm of the key you are looking for. If you pass in a different algorithm and try to use the key that is returned, the results are undefined.- Returns:
- The key, or
null
if the key is not found. - Throws:
TokenException
-
lookupKeyNative
private SymmetricKey lookupKeyNative(CryptoToken token, EncryptionAlgorithm alg, byte[] keyid) throws TokenException - Throws:
TokenException
-
uniqueNamedKeyExists
- Throws:
TokenException
-
lookupUniqueNamedKey
public SecretKey lookupUniqueNamedKey(EncryptionAlgorithm alg, String nickname) throws TokenException Looks up the key on this token with the given algorithm and nickname.- Parameters:
alg
- The algorithm that this key will be used for. This is necessary because it will be stored along with the key for later use by the security library. It should match the actual algorithm of the key you are looking for. If you pass in a different algorithm and try to use the key that is returned, the results are undefined.nickname
- the name of the symmetric key. Duplicate keynames will be checked for, and are not allowed.- Returns:
- The key, or
null
if the key is not found. - Throws:
TokenException
-
lookupUniqueNamedKeyNative
private SymmetricKey lookupUniqueNamedKeyNative(CryptoToken token, EncryptionAlgorithm alg, String nickname) throws TokenException - Throws:
TokenException
-
deleteKey
Deletes the key with the given keyID from this token.- Throws:
InvalidKeyException
- If the key does not exist on this token.TokenException
-
deleteUniqueNamedKey
If it exists, delete the key with the specified nickname from this token.- Throws:
TokenException
InvalidKeyException
-
deleteKey
Deletes this key from this token.- Throws:
InvalidKeyException
- If the key does not reside on this token, or is not a JSS key.TokenException
-
deleteKeyNative
- Throws:
TokenException
-