Uses of Class
org.mozilla.jss.crypto.TokenException
Packages that use TokenException
Package
Description
Configuration and top-level operations of the JSS system.
Generic cryptographic operations, such as signing and key pair generation.
Encoding and decoding pkcs10 request
Creating and interpreting PKCS #12 blobs.
Creating and interpeting PKCS #7 blobs.
Encoding and decoding X.509 certificates and certificate extensions.
Creating and interpeting CMS blobs.
The PKIX CRMF protocol.
Frequently-used primitive ASN.1 types, such as AlgorithmIdentifier,
PrivateKeyInfo, and X.500 Name.
A facility for encrypting and decrypting small amounts of data with
a symmetric key.
-
Uses of TokenException in org.dogtagpki.jss.tomcat
Methods in org.dogtagpki.jss.tomcat that throw TokenException -
Uses of TokenException in org.mozilla.jss
Methods in org.mozilla.jss that throw TokenExceptionModifier and TypeMethodDescriptionCryptoManager.buildCertificateChain
(X509Certificate leaf) Given a certificate, constructs its certificate chain.(package private) X509Certificate[]
CryptoManager.buildCertificateChainNative
(PK11Cert leaf) CryptoManager.findCertByIssuerAndSerialNumber
(byte[] derIssuer, INTEGER serialNumber) Looks up a certificate by issuer and serial number.private X509Certificate
CryptoManager.findCertByIssuerAndSerialNumberNative
(byte[] derIssuer, byte[] serialNumber) CryptoManager.findCertByNickname
(String nickname) Looks up a certificate given its nickname.protected X509Certificate
CryptoManager.findCertByNicknameNative
(String nickname) CryptoManager.findCertsByNickname
(String nickname) Returns all certificates with the given nickname.protected X509Certificate[]
CryptoManager.findCertsByNicknameNative
(String nickname) CryptoManager.findPrivKeyByCert
(X509Certificate cert) Looks up the PrivateKey matching the given certificate.protected PrivateKey
CryptoManager.findPrivKeyByCertNative
(X509Certificate cert) CryptoManager.importCACertPackage
(byte[] certPackage) Imports a chain of certificates, none of which is a user certificate.CryptoManager.importCertPackage
(byte[] certPackage, String nickname) Imports a chain of certificates.private X509Certificate
CryptoManager.importCertPackageNative
(byte[] certPackage, String nickname, boolean noUser, boolean leafIsCA) CryptoManager.importCertToPerm
(X509Certificate cert, String nickname) Imports a single certificate into the permanent certificate database.private InternalCertificate
CryptoManager.importCertToPermNative
(X509Certificate cert, String nickname) void
Imports a CRL, and stores it into the cert7.db Validate CRL then import it to the dbase.private void
CryptoManager.importCRLNative
(byte[] crl, String url, int rl_type) Imports a CRL, and stores it into the cert7.dbCryptoManager.importUserCACertPackage
(byte[] certPackage, String nickname) Imports a chain of certificates.boolean
CryptoManager.isCertValid
(byte[] certPackage, boolean checkSig, CryptoManager.CertUsage certUsage) Verify a certificate in memory.private boolean
CryptoManager.verifyCertTempNative
(byte[] certPackage, boolean checkSig, int cUsage) -
Uses of TokenException in org.mozilla.jss.crypto
Methods in org.mozilla.jss.crypto that throw TokenExceptionModifier and TypeMethodDescriptionvoid
CryptoToken.changePassword
(PasswordCallback oldpw, PasswordCallback newpw) Change the password of this token.KeyGenerator.clone
(SymmetricKey key) Allows a SymmetricKey to be cloned on a different token.CryptoToken.cloneKey
(SymmetricKey key) Clones a SymmetricKey from a different token onto this token.byte[]
SecretDecoderRing.decrypt
(byte[] ciphertext) Decrypts the given ciphertext with the Secret Decoder Ring key stored in the NSS key database.SecretDecoderRing.decryptToString
(byte[] ciphertext) Decrypts the given ciphertext with the Secret Decoder Ring key stored in the NSS key database, returning the original plaintext string.void
CryptoStore.deleteCert
(X509Certificate cert) Deletes a certificate and the corresponding keys.void
CryptoStore.deleteCertOnly
(X509Certificate cert) Deletes a certificate without deleting the corresponding keys.void
CryptoStore.deletePrivateKey
(PrivateKey privateKey) Permanently deletes a private key from the token.void
CryptoStore.deletePublicKey
(PublicKey publicKey) Permanently deletes a public key from the token.SymmetricKeyDeriver.derive()
abstract byte[]
Cipher.doFinal()
Completes an cipher operation.abstract byte[]
Cipher.doFinal
(byte[] bytes) Completes an cipher operation.abstract byte[]
Cipher.doFinal
(byte[] bytes, int offset, int length) Completes an cipher operation.byte[]
SecretDecoderRing.encrypt
(byte[] plaintext) Encrypts the given plaintext with the Secret Decoder Ring key stored in the NSS key database.byte[]
Encrypts the given plaintext string with the Secret Decoder Ring key stored in the NSS key database.abstract void
SignatureSpi.engineInitSign
(PrivateKey privateKey) abstract void
SignatureSpi.engineInitSign
(PrivateKey privateKey, SecureRandom random) abstract void
SignatureSpi.engineInitVerify
(PublicKey publicKey) abstract void
SignatureSpi.engineSetParameter
(AlgorithmParameterSpec params) abstract byte[]
SignatureSpi.engineSign()
abstract int
SignatureSpi.engineSign
(byte[] outbuf, int offset, int len) abstract void
SignatureSpi.engineUpdate
(byte b) abstract void
SignatureSpi.engineUpdate
(byte[] b, int off, int len) abstract boolean
SignatureSpi.engineVerify
(byte[] sigBytes) CryptoStore.findPublicKey
(PrivateKey privateKey) Returns the public key corresponding to the private key.KeyGenerator.generate()
Generates a symmetric key.CryptoToken.generateCertRequest
(String subject, int keysize, String keyType, byte[] P, byte[] Q, byte[] G) Generates a b64 encoded PKCS10 blob used for making cert request.abstract KeyPair
KeyPairGeneratorSpi.generateKeyPair()
byte[]
KeyGenerator.generatePBE_IV()
Generates an Initialization Vector using a PBE algorithm.KeyPairGenerator.genKeyPair()
Generates a new key pair.CryptoStore.getCertificates()
Returns all user certificates stored on this token.CryptoToken.getCipherContext
(EncryptionAlgorithm algorithm) Creates a Cipher object, which can be used for encryption and decryption.byte[]
CryptoStore.getEncryptedPrivateKeyInfo
(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) Get an encrypted private key for the given cert.CryptoToken.getKeyGenerator
(KeyGenAlgorithm algorithm) Creates a KeyGenerator object, which can be used to generate symmetric encryption keys.CryptoToken.getKeyPairGenerator
(KeyPairAlgorithm algorithm) Creates a KeyPairGenerator object, which can be used to generate key pairs.CryptoToken.getKeyWrapper
(KeyWrapAlgorithm algorithm) int
CryptoToken.getLoginMode()
Returns the login mode of this token: ONE_TIME, TIMEOUT, or EVERY_TIME.int
CryptoToken.getLoginTimeoutMinutes()
Returns the login timeout period.CryptoToken.getName()
Obtain the nickname, or label, of this token.CryptoStore.getPrivateKeys()
Returns all private keys stored on this token.CryptoStore.getPublicKeys()
Returns all public keys stored on this token.CryptoToken.getSignatureContext
(SignatureAlgorithm algorithm) Creates a Signature object, which can perform signing and signature verification.CryptoToken.getSymmetricKeyDeriver()
CryptoStore.getSymmetricKeys()
Returns all symmetric keys stored on this token.byte[]
PrivateKey.getUniqueID()
Returns the unique ID of this key.CryptoStore.importCert
(byte[] certBytes, String nickname) Imports a certificate into this token.CryptoStore.importPrivateKey
(byte[] key, PrivateKey.Type type) Imports a raw private key into this token (permanently).CryptoStore.importPrivateKey
(byte[] key, PrivateKey.Type type, boolean temporary) Imports a raw private key into this token.void
CryptoToken.importPublicKey
(PublicKey pubKey, boolean permanent) abstract void
Cipher.initDecrypt
(SymmetricKey key) Initializes a decryption context with a symmetric key.abstract void
Cipher.initDecrypt
(SymmetricKey key, AlgorithmParameterSpec parameters) Initializes a decryption context with a symmetric key and algorithm parameters.abstract void
Cipher.initEncrypt
(SymmetricKey key) Initializes a encryption context with a symmetric key.abstract void
Cipher.initEncrypt
(SymmetricKey key, AlgorithmParameterSpec parameters) Initializes an encryption context with a symmetric key and algorithm parameters.void
CryptoToken.initPassword
(PasswordCallback securityOfficerPW, PasswordCallback userPW) Initialize the password of this token.void
Signature.initSign
(PrivateKey privateKey) Initialize the signature context for signing.void
Signature.initVerify
(PublicKey publicKey) Initialize the signature context for verifying.boolean
CryptoToken.isLoggedIn()
Find out if the token is currently logged in.void
CryptoToken.login
(PasswordCallback pwcb) Login to the token.void
CryptoToken.logout()
Logout of the token.boolean
CryptoToken.needsLogin()
returns true if this token needs to be logged into before it can be used.boolean
CryptoToken.passwordIsInitialized()
Determine whether the password has been initialized yet.void
CryptoToken.setLoginMode
(int mode) Sets the login mode of this token.void
CryptoToken.setLoginTimeoutMinutes
(int timeoutMinutes) Sets the timeout period for logging in.void
Signature.setParameter
(AlgorithmParameterSpec params) Set parameters for the signing algorithm.byte[]
Signature.sign()
Finish a signing operation and return the signature.int
Signature.sign
(byte[] outbuf, int offset, int len) Finish a signing operation and store the signature in the provided buffer.KeyWrapper.unwrapPrivate
(byte[] wrapped, PrivateKey.Type type, PublicKey publicKey) Unwraps a private key, creating a permanent private key object.KeyWrapper.unwrapSymmetric
(byte[] wrapped, SymmetricKey.Type type, int keyLength) Unwraps a key and allows it to be used for all operations.KeyWrapper.unwrapSymmetric
(byte[] wrapped, SymmetricKey.Type type, SymmetricKey.Usage usage, int keyLength) KeyWrapper.unwrapSymmetricPerm
(byte[] wrapped, SymmetricKey.Type type, int keyLength) Unwraps a key and allows it to be used for all operations.KeyWrapper.unwrapSymmetricPerm
(byte[] wrapped, SymmetricKey.Type type, SymmetricKey.Usage usage, int keyLength) KeyWrapper.unwrapTemporaryPrivate
(byte[] wrapped, PrivateKey.Type type, PublicKey publicKey) Unwraps a private key, creating a temporary private key object.abstract byte[]
Cipher.update
(byte[] bytes) Updates the encryption context with additional input.abstract byte[]
Cipher.update
(byte[] bytes, int offset, int length) Updates the encryption context with additional plaintext.void
Signature.update
(byte b) Provide more data for a signature or verification operation.void
Signature.update
(byte[] data) Provide more data for a signature or verification operation.void
Signature.update
(byte[] data, int off, int len) Provide more data for a signature or verification operation.boolean
Signature.verify
(byte[] signature) Finish a verification operation.byte[]
KeyWrapper.wrap
(PrivateKey toBeWrapped) byte[]
KeyWrapper.wrap
(SymmetricKey toBeWrapped) -
Uses of TokenException in org.mozilla.jss.pkcs10
Methods in org.mozilla.jss.pkcs10 that throw TokenExceptionModifier and TypeMethodDescriptionvoid
CertificationRequest.verify()
Verifies the signature on this CertificationRequest.void
Verifies the signature on this CertificationRequest, using the given public key.void
CertificationRequest.verify
(PublicKey key, CryptoToken token) Verifies the signature on this CertificationRequest, using the given public key and CryptoToken.Constructors in org.mozilla.jss.pkcs10 that throw TokenExceptionModifierConstructorDescriptionCertificationRequest
(CertificationRequestInfo info, PrivateKey privKey, SignatureAlgorithm signingAlg) Creates and signs an X.509 CertificationRequest. -
Uses of TokenException in org.mozilla.jss.pkcs11
Methods in org.mozilla.jss.pkcs11 that throw TokenExceptionModifier and TypeMethodDescriptionprivate PrivateKey
PK11KeyWrapper.baseUnwrapPrivate
(byte[] wrapped, PrivateKey.Type type, PublicKey publicKey, boolean temporary) protected void
PK11Token.changePassword
(byte[] oldPIN, byte[] newPIN) Change the password on the token from the old one to the new one.void
PK11Token.changePassword
(PasswordCallback oldPINcb, PasswordCallback newPINcb) Change password.PK11KeyGenerator.clone
(SymmetricKey key) Allows a SymmetricKey to be cloned on a different token.static SymmetricKey
PK11KeyGenerator.clone
(SymmetricKey key, PK11Token token) Allows a SymmetricKey to be cloned on a different token.PK11Token.cloneKey
(SymmetricKey key) Allows a SymmetricKey to be cloned on a different token.void
PK11Store.deleteCert
(X509Certificate cert) Deletes the specified certificate and its associated private key from the store.void
PK11Store.deleteCertOnly
(X509Certificate cert) Deletes the specified certificate from the store.void
PK11Store.deletePrivateKey
(PrivateKey privateKey) void
PK11Store.deletePublicKey
(PublicKey publicKey) PK11SymmetricKeyDeriver.derive()
private SymmetricKey
PK11SymmetricKeyDeriver.deriveSymKey
(SymmetricKey baseKey, SymmetricKey secondaryKey, long deriveMechanism, byte[] param, byte[] iv, long targetMechanism, long operation, long keySize) byte[]
PK11Cipher.doFinal()
Deprecated.isPadded() in EncryptionAlgorithm has been deprecatedbyte[]
PK11Cipher.doFinal
(byte[] bytes) Deprecated.isPadded() in EncryptionAlgorithm has been deprecatedbyte[]
PK11Cipher.doFinal
(byte[] bytes, int offset, int length) void
PK11Signature.engineInitSign
(PrivateKey privateKey) void
PK11Signature.engineInitSign
(PrivateKey privateKey, SecureRandom random) This is just here for JCA compliance, we don't take randoms this way.void
PK11Signature.engineInitVerify
(PublicKey publicKey) private static byte[]
PK11Signature.engineRawSignNative
(PK11Token token, PrivateKey key, byte[] hash) Performs raw signing of the given hash with the given private key.protected static boolean
PK11Signature.engineRawVerifyNative
(PK11Token token, PublicKey key, byte[] hash, byte[] signature) Performs raw verification of the signature of a hash using the given public key, on the given token.void
PK11Signature.engineSetParameter
(AlgorithmParameterSpec params) byte[]
PK11Signature.engineSign()
int
PK11Signature.engineSign
(byte[] outbuf, int offset, int len) private byte[]
PK11Signature.engineSignNative()
void
PK11Signature.engineUpdate
(byte b) void
PK11Signature.engineUpdate
(byte[] b, int off, int len) protected void
PK11Signature.engineUpdateNative
(byte[] b, int off, int len) boolean
PK11Signature.engineVerify
(byte[] sigBytes) protected boolean
PK11Signature.engineVerifyNative
(byte[] sigBytes) private static byte[]
PK11Cipher.finalizeContext
(CipherContextProxy context, int blocksize, boolean padded) PK11Store.findPublicKey
(PrivateKey privateKey) static PK11PrivKey
PK11PrivKey.fromPrivateKeyInfo
(byte[] pki, CryptoToken token) Imports a PrivateKeyInfo, storing it as a temporary PrivateKey on the given token.static PK11PrivKey
PK11PrivKey.fromPrivateKeyInfo
(byte[] pki, CryptoToken token, byte[] publicValue) Imports a PrivateKeyInfo, storing it as a temporary PrivateKey on the given token.static PK11PrivKey
PK11PrivKey.fromPrivateKeyInfo
(PKCS8EncodedKeySpec spec, CryptoToken token) Imports a PrivateKeyInfo, storing it as a temporary PrivateKey on the given token.PK11KeyGenerator.generate()
Generates the key.PK11Token.generateCertRequest
(String subject, int keysize, String keyType, byte[] prime, byte[] subPrime, byte[] base) Generates a PKCS#10 certificate request including Begin/End bracketsprivate KeyPair
PK11KeyPairGenerator.generateDSAKeyPair
(PK11Token token, byte[] P, byte[] Q, byte[] G, boolean temporary, int sensitive, int extractable) Generates a DSA key pair with the given P, Q, and G values.private KeyPair
PK11KeyPairGenerator.generateDSAKeyPairWithOpFlags
(PK11Token token, byte[] P, byte[] Q, byte[] G, boolean temporary, int sensitive, int extractable, int op_flags, int op_flags_mask) Generates a DSA key pair with the given P, Q, and G values.private KeyPair
PK11KeyPairGenerator.generateECKeyPair
(PK11Token token, byte[] Curve, boolean temporary, int sensitive, int extractable) Generates a EC key pair with the given a curve.private KeyPair
PK11KeyPairGenerator.generateECKeyPairWithOpFlags
(PK11Token token, byte[] Curve, boolean temporary, int sensitive, int extractable, int op_flags, int op_flags_mask) Generates a EC key pair with the given a curve.private static SymmetricKey
PK11KeyGenerator.generateKBKDF
(PK11Token token, PK11SymKey baseKeyObj, long algorithm, NativeProxy pointer, long pointer_size, long derivedKeyAlgorithm, int strength, int opFlags, boolean temporary, int sensitive) A native method to generate a key using KBKDF.PK11KeyPairGenerator.generateKeyPair()
Generates a key pair on a token.private static SymmetricKey
PK11KeyGenerator.generateNormal
(PK11Token token, KeyGenAlgorithm algorithm, int strength, int opFlags, boolean temporary, int sensitive) A native method to generate a non-PBE key.private static SymmetricKey
PK11KeyGenerator.generatePBE
(PK11Token token, KeyGenAlgorithm algorithm, EncryptionAlgorithm encAlg, HMACAlgorithm hashAlg, byte[] pass, byte[] salt, int iterationCount) A native method to generate a PBE key.byte[]
PK11KeyGenerator.generatePBE_IV()
Generates an Initialization Vector using a PBE algorithm.private static byte[]
PK11KeyGenerator.generatePBE_IV
(KeyGenAlgorithm alg, byte[] password, byte[] salt, int iterations) A native method to generate an IV using a PBE algorithm.protected String
PK11Token.generatePK10
(String subject, int keysize, String keyType, byte[] P, byte[] Q, byte[] G) private KeyPair
PK11KeyPairGenerator.generateRSAKeyPair
(PK11Token token, int keySize, long publicExponent, boolean temporary, int sensitive, int extractable) Generates an RSA key pair with the given size and public exponent.private KeyPair
PK11KeyPairGenerator.generateRSAKeyPairWithOpFlags
(PK11Token token, int keySize, long publicExponent, boolean temporary, int sensitive, int extractable, int op_flags, int op_flags_mask) Generates an RSA key pair with the given size and public exponent.PK11Store.getCertificates()
PK11Token.getCipherContext
(EncryptionAlgorithm algorithm) protected DSAParameterSpec
PK11PrivKey.getDSAParams()
private byte[][]
PK11PrivKey.getDSAParamsNative()
byte[]
PK11Store.getEncryptedPrivateKeyInfo
(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) PK11Token.getKeyGenerator
(KeyGenAlgorithm algorithm) PK11Token.getKeyPairGenerator
(KeyPairAlgorithm algorithm) PK11Token.getKeyWrapper
(KeyWrapAlgorithm algorithm) int
PK11Token.getLoginMode()
int
PK11Token.getLoginTimeoutMinutes()
PK11Store.getPrivateKeys()
PK11Store.getPublicKeys()
PK11Token.getRandomGenerator()
PK11Token.getSignatureContext
(SignatureAlgorithm algorithm) PK11Store.getSymmetricKeys()
byte[]
PK11PrivKey.getUniqueID()
PK11Store.importCert
(byte[] certBytes, String nickname) PK11Store.importPrivateKey
(byte[] key, PrivateKey.Type type) Imports a raw private key into this token.PK11Store.importPrivateKey
(byte[] key, PrivateKey.Type type, boolean temporary) void
PK11Token.importPublicKey
(PublicKey pubKey, boolean permanent) private static CipherContextProxy
PK11Cipher.initContext
(boolean encrypt, SymmetricKey key, EncryptionAlgorithm alg, byte[] IV, boolean padded) private static CipherContextProxy
PK11Cipher.initContextWithKeyBits
(boolean encrypt, SymmetricKey key, EncryptionAlgorithm alg, byte[] IV, int keyBits, boolean padded) void
PK11Cipher.initDecrypt
(SymmetricKey key) void
PK11Cipher.initDecrypt
(SymmetricKey key, AlgorithmParameterSpec parameters) Deprecated.isPadded() in EncryptionAlgorithm has been deprecatedvoid
PK11Cipher.initEncrypt
(SymmetricKey key) void
PK11Cipher.initEncrypt
(SymmetricKey key, AlgorithmParameterSpec parameters) Deprecated.isPadded() in EncryptionAlgorithm has been deprecatedprotected void
PK11Token.initPassword
(byte[] ssopw, byte[] userpw) void
PK11Token.initPassword
(PasswordCallback ssopwcb, PasswordCallback userpwcb) Initialize PIN.protected void
PK11Signature.initSigContext()
Creates a signing context, initializes it, and sets the sigContext field.protected void
PK11Signature.initVfyContext()
boolean
PK11Token.isLoggedIn()
protected void
PK11Store.loadPrivateKeys
(Collection<PrivateKey> privateKeys) protected void
PK11Store.loadPublicKeys
(Collection<PublicKey> privateKeys) void
PK11Token.login
(PasswordCallback callback) Log into the token.void
PK11Token.logout()
Log out of the token.private static SymmetricKey
PK11KeyGenerator.nativeClone
(PK11Token token, SymmetricKey toBeCloned) protected void
PK11Token.nativeLogin
(PasswordCallback callback) private static PrivateKey
PK11KeyWrapper.nativeUnwrapPrivWithSym
(PK11Token token, SymmetricKey unwrappingKey, byte[] wrappedKey, KeyWrapAlgorithm alg, Algorithm type, byte[] publicValue, byte[] IV, boolean temporary) Unwrap a private with a symmetric.private static SymmetricKey
PK11KeyWrapper.nativeUnwrapSymWithPriv
(PK11Token token, PrivateKey unwrappingKey, byte[] wrappedKey, KeyWrapAlgorithm alg, Algorithm type, int keyLen, NativeProxy params, long params_size, int usageEnum) Unwrap a symmetric with a private.private static SymmetricKey
PK11KeyWrapper.nativeUnwrapSymWithSym
(PK11Token token, SymmetricKey unwrappingKey, byte[] wrappedKey, KeyWrapAlgorithm alg, Algorithm type, int keyLen, byte[] IV, int usageEnum, boolean temporary) Unwrap a symmetric with a symmetric.private static byte[]
PK11KeyWrapper.nativeWrapPrivWithSym
(PK11Token token, PrivateKey toBeWrapped, SymmetricKey wrappingKey, KeyWrapAlgorithm alg, byte[] IV) Wrap a private with a symmetricprivate static byte[]
PK11KeyWrapper.nativeWrapSymWithPub
(PK11Token token, SymmetricKey toBeWrapped, PublicKey wrappingKey, KeyWrapAlgorithm alg, NativeProxy params, long params_size) Wrap a symmetric with a publicprivate static byte[]
PK11KeyWrapper.nativeWrapSymWithSym
(PK11Token token, SymmetricKey toBeWrapped, SymmetricKey wrappingKey, KeyWrapAlgorithm alg, byte[] IV) Wrap a symmetric with a symmetricboolean
PK11Token.needsLogin()
boolean
PK11Token.passwordIsInitialized()
Determine whether the token has been initialized yet.protected void
PK11Store.putCertsInVector
(Vector<X509Certificate> certs) protected void
PK11Store.putSymKeysInVector
(Vector<SymmetricKey> symKeys) protected boolean
PK11Token.PWInitable()
Make sure the PIN can be initialized.void
PK11Token.setLoginMode
(int mode) void
PK11Token.setLoginTimeoutMinutes
(int timeoutMinutes) protected boolean
PK11Token.SSOPasswordIsCorrect
(byte[] ssopw) PK11KeyWrapper.unwrapPrivate
(byte[] wrapped, PrivateKey.Type type, PublicKey publicKey) Unwraps a private key, creating a permanent private key object.PK11KeyWrapper.unwrapSymmetric
(byte[] wrapped, SymmetricKey.Type type, int keyLen) private SymmetricKey
PK11KeyWrapper.unwrapSymmetric
(byte[] wrapped, SymmetricKey.Type type, int usageEnum, int keyLen) PK11KeyWrapper.unwrapSymmetric
(byte[] wrapped, SymmetricKey.Type type, SymmetricKey.Usage usage, int keyLen) PK11KeyWrapper.unwrapSymmetricPerm
(byte[] wrapped, SymmetricKey.Type type, int keyLen) private SymmetricKey
PK11KeyWrapper.unwrapSymmetricPerm
(byte[] wrapped, SymmetricKey.Type type, int usageEnum, int keyLen) PK11KeyWrapper.unwrapSymmetricPerm
(byte[] wrapped, SymmetricKey.Type type, SymmetricKey.Usage usage, int keyLen) PK11KeyWrapper.unwrapTemporaryPrivate
(byte[] wrapped, PrivateKey.Type type, PublicKey publicKey) Unwraps a private key, creating a temporary private key object.byte[]
PK11Cipher.update
(byte[] bytes) byte[]
PK11Cipher.update
(byte[] bytes, int offset, int length) private static byte[]
PK11Cipher.updateContext
(CipherContextProxy context, byte[] input, int blocksize) protected boolean
PK11Token.userPasswordIsCorrect
(byte[] pw) Check the given password, return true if it's right, false if it's wrong.byte[]
PK11KeyWrapper.wrap
(PrivateKey toBeWrapped) byte[]
PK11KeyWrapper.wrap
(SymmetricKey toBeWrapped) Constructors in org.mozilla.jss.pkcs11 that throw TokenExceptionModifierConstructorDescriptionPK11KeyPairGenerator
(PK11Token token, KeyPairAlgorithm algorithm) Constructor for PK11KeyPairGenerator.PK11Signature
(PK11Token token, SignatureAlgorithm algorithm) -
Uses of TokenException in org.mozilla.jss.pkcs12
Methods in org.mozilla.jss.pkcs12 that throw TokenExceptionModifier and TypeMethodDescriptionvoid
AuthenticatedSafes.addEncryptedSafeContents
(PBEAlgorithm keyGenAlg, Password password, byte[] salt, int iterationCount, SEQUENCE safeContents) Encrypts a SafeContents and adds it to the AuthenticatedSafes.void
PFX.computeMacData
(Password password, byte[] salt, int iterationCount) Computes the macData field and adds it to the PFX.static SafeBag
SafeBag.createEncryptedPrivateKeyBag
(PrivateKeyInfo privk, String friendlyName, byte[] localKeyID, Password password) Creates a SafeBag containing a PKCS-8ShroudedKeyBag, which is an EncryptedPrivateKeyInfo.AuthenticatedSafes.getSafeContentsAt
(Password password, int index) Returns the SafeContents at the given index in the AuthenticatedSafes, decrypting it if necessary.Constructors in org.mozilla.jss.pkcs12 that throw TokenExceptionModifierConstructorDescriptionCreates a MacData by computing a HMAC on the given bytes.MacData
(Password password, byte[] macSalt, int iterations, byte[] toBeMACed, AlgorithmIdentifier algID) Creates a MacData by computing a HMAC on the given bytes. -
Uses of TokenException in org.mozilla.jss.pkcs7
Methods in org.mozilla.jss.pkcs7 that throw TokenExceptionModifier and TypeMethodDescriptionstatic EncryptedContentInfo
EncryptedContentInfo.createPBE
(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, byte[] toBeEncrypted) Creates a new EncryptedContentInfo, where the data is encrypted with a password-based key.byte[]
EncryptedContentInfo.decrypt
(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) Decrypts the content of an EncryptedContentInfo encrypted with a PBE key.void
SignerInfo.verify
(byte[] messageDigest, OBJECT_IDENTIFIER contentType) Verifies that this SignerInfo contains a valid signature of the given message digest.void
SignerInfo.verify
(byte[] messageDigest, OBJECT_IDENTIFIER contentType, PublicKey pubkey) Verifies that this SignerInfo contains a valid signature of the given message digest.private void
SignerInfo.verifyWithAuthenticatedAttributes
(byte[] messageDigest, OBJECT_IDENTIFIER contentType, PublicKey pubkey) Verifies a SignerInfo with authenticated attributes.private void
SignerInfo.verifyWithoutAuthenticatedAttributes
(byte[] messageDigest, OBJECT_IDENTIFIER contentType, PublicKey pubkey) Verifies that the message digest passed in, when encrypted with the given public key, matches the encrypted digest in the SignerInfo.Constructors in org.mozilla.jss.pkcs7 that throw TokenExceptionModifierConstructorDescriptionSignerInfo
(IssuerAndSerialNumber issuerAndSerialNumber, SET authenticatedAttributes, SET unauthenticatedAttributes, OBJECT_IDENTIFIER contentType, byte[] messageDigest, SignatureAlgorithm signingAlg, PrivateKey signingKey) A constructor for creating a new SignerInfo from scratch. -
Uses of TokenException in org.mozilla.jss.pkix.cert
Constructors in org.mozilla.jss.pkix.cert that throw TokenExceptionModifierConstructorDescriptionCertificate
(CertificateInfo info, PrivateKey privKey, SignatureAlgorithm signingAlg) Creates and signs an X.509 Certificate. -
Uses of TokenException in org.mozilla.jss.pkix.cms
Methods in org.mozilla.jss.pkix.cms that throw TokenExceptionModifier and TypeMethodDescriptionstatic EncryptedContentInfo
EncryptedContentInfo.createPBE
(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, byte[] toBeEncrypted) Creates a new EncryptedContentInfo, where the data is encrypted with a password-based key.byte[]
EncryptedContentInfo.decrypt
(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) Decrypts the content of an EncryptedContentInfo encrypted with a PBE key.void
SignerInfo.verify
(byte[] messageDigest, OBJECT_IDENTIFIER contentType) Verifies that this SignerInfo contains a valid signature of the given message digest.void
SignerInfo.verify
(byte[] messageDigest, OBJECT_IDENTIFIER contentType, PublicKey pubkey) Verifies that this SignerInfo contains a valid signature of the given message digest.private void
SignerInfo.verifyWithoutSignedAttributes
(byte[] messageDigest, OBJECT_IDENTIFIER contentType, PublicKey pubkey) Verifies that the message digest passed in, when encrypted with the given public key, matches the encrypted digest in the SignerInfo.private void
SignerInfo.verifyWithSignedAttributes
(byte[] messageDigest, OBJECT_IDENTIFIER contentType, PublicKey pubkey) Verifies a SignerInfo with signed attributes.Constructors in org.mozilla.jss.pkix.cms that throw TokenExceptionModifierConstructorDescriptionSignerInfo
(SignerIdentifier signerIdentifier, SET signedAttributes, SET unsignedAttributes, OBJECT_IDENTIFIER contentType, byte[] messageDigest, SignatureAlgorithm signingAlg, PrivateKey signingKey) A constructor for creating a new SignerInfo from scratch. -
Uses of TokenException in org.mozilla.jss.pkix.crmf
Methods in org.mozilla.jss.pkix.crmf that throw TokenExceptionModifier and TypeMethodDescriptionvoid
CertReqMsg.verify()
void
CertReqMsg.verify
(CryptoToken token) -
Uses of TokenException in org.mozilla.jss.pkix.primitive
Methods in org.mozilla.jss.pkix.primitive that throw TokenExceptionModifier and TypeMethodDescriptionstatic EncryptedPrivateKeyInfo
EncryptedPrivateKeyInfo.createPBE
(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKey pri, CryptoToken token) Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key- with wrapping/unwrapping happening on token.static EncryptedPrivateKeyInfo
EncryptedPrivateKeyInfo.createPBE
(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo pki) Creates a new EncryptedPrivateKeyInfo, where the data is encrypted with a password-based key.static EncryptedPrivateKeyInfo
EncryptedPrivateKeyInfo.createPBES2
(int saltLen, int kdfIterations, EncryptionAlgorithm encAlg, Password pwd, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKeyInfo privateKeyInfo) Export a private key in PBES2 format, using a random PBKDF2 salt.EncryptedPrivateKeyInfo.decrypt
(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) Decrypts an EncryptedPrivateKeyInfo that was encrypted with a PBE algorithm. -
Uses of TokenException in org.mozilla.jss.provider.java.security
Methods in org.mozilla.jss.provider.java.security that throw TokenExceptionModifier and TypeMethodDescriptionprivate Signature
JSSSignatureSpi.getSigContext
(PrivateKey privateKey) -
Uses of TokenException in org.mozilla.jss.provider.javax.crypto
Methods in org.mozilla.jss.provider.javax.crypto that throw TokenExceptionModifier and TypeMethodDescriptionprivate SecretKey
JSSSecretKeyFactorySpi.generateKeyFromBits
(byte[] bits, SymmetricKey.Type keyType) -
Uses of TokenException in org.mozilla.jss.SecretDecoderRing
Methods in org.mozilla.jss.SecretDecoderRing that throw TokenExceptionModifier and TypeMethodDescriptionbyte[]
Decryptor.decrypt
(byte[] ciphertext) Decrypts the given ciphertext.void
KeyManager.deleteKey
(byte[] keyID) Deletes the key with the given keyID from this token.void
Deletes this key from this token.private void
KeyManager.deleteKeyNative
(CryptoToken token, SymmetricKey key) void
KeyManager.deleteUniqueNamedKey
(String nickname) If it exists, delete the key with the specified nickname from this token.byte[]
KeyManager.generateKey()
Generates an SDR key with the default algorithm and key size.byte[]
KeyManager.generateKey
(KeyGenAlgorithm alg, int keySize) Generates an SDR key with the given algorithm and key size.byte[]
KeyManager.generateUniqueNamedKey
(String nickname) Generates an SDR key with the default algorithm and key size.byte[]
KeyManager.generateUniqueNamedKey
(KeyGenAlgorithm alg, int keySize, String nickname) Generates an SDR key with the given algorithm, key size, and nickname.private byte[]
KeyManager.generateUnusedKeyID()
Generates a key ID that is currently unused on this token.private boolean
KeyManager.keyExists
(byte[] keyid) KeyManager.lookupKey
(EncryptionAlgorithm alg, byte[] keyid) Looks up the key on this token with the given algorithm and key ID.private SymmetricKey
KeyManager.lookupKeyNative
(CryptoToken token, EncryptionAlgorithm alg, byte[] keyid) KeyManager.lookupUniqueNamedKey
(EncryptionAlgorithm alg, String nickname) Looks up the key on this token with the given algorithm and nickname.private SymmetricKey
KeyManager.lookupUniqueNamedKeyNative
(CryptoToken token, EncryptionAlgorithm alg, String nickname) boolean
KeyManager.uniqueNamedKeyExists
(String nickname) Constructors in org.mozilla.jss.SecretDecoderRing that throw TokenExceptionModifierConstructorDescriptionEncryptor
(CryptoToken token, byte[] keyID, EncryptionAlgorithm alg) Creates an Encryptor on the given CryptoToken, using the key with the given keyID and algorithm