org.mozilla.jss.SecretDecoderRing
public class KeyManager extends Object
Field Summary | |
---|---|
static KeyGenAlgorithm | DEFAULT_KEYGEN_ALG
The default key generation algorithm, currently DES3. |
static int | DEFAULT_KEYSIZE
The default key size (in bytes). |
Constructor Summary | |
---|---|
KeyManager(CryptoToken token)
Creates a new KeyManager using the given CryptoToken. |
Method Summary | |
---|---|
void | deleteKey(byte[] keyID)
Deletes the key with the given keyID from this token. |
void | deleteKey(SecretKey key)
Deletes this key from this token. |
void | deleteUniqueNamedKey(String nickname)
If it exists, delete the key with the specified nickname from this
token. |
byte[] | generateKey()
Generates an SDR key with the default algorithm and key size.
|
byte[] | generateKey(KeyGenAlgorithm alg, int keySize)
Generates an SDR key with the given algorithm and key size. |
byte[] | generateUniqueNamedKey(String nickname)
Generates an SDR key with the default algorithm and key size.
and names it with the specified nickname.
|
byte[] | generateUniqueNamedKey(KeyGenAlgorithm alg, int keySize, String nickname)
Generates an SDR key with the given algorithm, key size, and nickname. |
SecretKey | lookupKey(EncryptionAlgorithm alg, byte[] keyid)
Looks up the key on this token with the given algorithm and key ID. |
SecretKey | lookupUniqueNamedKey(EncryptionAlgorithm alg, String nickname)
Looks up the key on this token with the given algorithm and nickname. |
boolean | uniqueNamedKeyExists(String nickname) |
Parameters: token The token on which this KeyManager operates.
Throws: InvalidKeyException If the key does not exist on this token.
Throws: InvalidKeyException If the key does not reside on this token, or is not a JSS key.
Returns: The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
Parameters: keySize Length of key in bytes. This is only relevant for algorithms that take more than one key size. Otherwise it can just be set to 0.
Returns: The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
Parameters: nickname the name of the symmetric key. Duplicate keynames will be checked for, and are not allowed.
Returns: The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
Parameters: alg The algorithm that this key will be used for. This is necessary because it will be stored along with the key for later use by the security library. keySize Length of key in bytes. This is only relevant for algorithms that take more than one key size. Otherwise it can just be set to 0. nickname the name of the symmetric key. Duplicate keynames will be checked for, and are not allowed.
Returns: The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.
Parameters: alg The algorithm that this key will be used for. This is necessary because it will be stored along with the key for later use by the security library. It should match the actual algorithm of the key you are looking for. If you pass in a different algorithm and try to use the key that is returned, the results are undefined.
Returns: The key, or null if the key is not found.
Parameters: alg The algorithm that this key will be used for. This is necessary because it will be stored along with the key for later use by the security library. It should match the actual algorithm of the key you are looking for. If you pass in a different algorithm and try to use the key that is returned, the results are undefined. nickname the name of the symmetric key. Duplicate keynames will be checked for, and are not allowed.
Returns: The key, or null if the key is not found.