org.mozilla.jss.crypto

Interface KeyGenerator

public interface KeyGenerator

Deprecated: Use the JCA interface instead (javax.crypto.KeyGenerator)

Generates symmetric keys for encryption and decryption.
Nested Class Summary
static interfaceKeyGenerator.CharToByteConverter
An interface for converting a password of Java characters into an array of bytes.
Method Summary
SymmetricKeyclone(SymmetricKey key)
Allows a SymmetricKey to be cloned on a different token.
SymmetricKeygenerate()
Generates a symmetric key.
byte[]generatePBE_IV()
Generates an Initialization Vector using a PBE algorithm.
voidinitialize(int strength)
voidinitialize(AlgorithmParameterSpec parameters)
voidsensitiveKeys(boolean sensitive)
Tells the generator to generate sensitive or insensitive keys.
voidsetCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
Sets the character to byte converter for passwords.
voidsetKeyUsages(SymmetricKey.Usage[] usages)
voidtemporaryKeys(boolean temp)
Tells the generator to generate temporary or permanent keys.

Method Detail

clone

public SymmetricKey clone(SymmetricKey key)
Allows a SymmetricKey to be cloned on a different token.

Throws: SymmetricKey.NotExtractableException If the key material cannot be extracted from the current token. InvalidKeyException If the owning token cannot process the key to be cloned.

generate

public SymmetricKey generate()
Generates a symmetric key.

generatePBE_IV

public byte[] generatePBE_IV()
Generates an Initialization Vector using a PBE algorithm. In order to call this method, the algorithm must be a PBE algorithm, and the KeyGenerator must have been initialized with an instance of PBEKeyGenParams.

Returns: The initialization vector derived from the password and salt using the PBE algorithm.

Throws: IllegalStateException If the algorithm is not a PBE algorithm, or the KeyGenerator has not been initialized with an instance of PBEKeyGenParams. TokenException If an error occurs on the CryptoToken while generating the IV.

initialize

public void initialize(int strength)

Parameters: strength Key size in bits. Must be evenly divisible by 8.

initialize

public void initialize(AlgorithmParameterSpec parameters)

sensitiveKeys

public void sensitiveKeys(boolean sensitive)
Tells the generator to generate sensitive or insensitive keys. Certain attributes of a sensitive key cannot be revealed in plaintext outside the token. If this method is not called, the default is token dependent.

setCharToByteConverter

public void setCharToByteConverter(KeyGenerator.CharToByteConverter charToByte)
Sets the character to byte converter for passwords. The default conversion is UTF8 with no null termination.

setKeyUsages

public void setKeyUsages(SymmetricKey.Usage[] usages)

Parameters: usages The operations the key will be used for after it is generated. You have to specify these so that the key can be properly marked with the operations it supports. Some PKCS #11 tokens require that a key be marked for an operation before it can perform that operation. The default is SymmetricKey.Usage.SIGN and SymmetricKey.Usage.ENCRYPT.

temporaryKeys

public void temporaryKeys(boolean temp)
Tells the generator to generate temporary or permanent keys. Temporary keys are not written permanently to the token. They are destroyed by the garbage collector. If this method is not called, the default is temporary keys.