org.mozilla.jss.pkcs11

Class PK11KeyPairGenerator

public final class PK11KeyPairGenerator extends KeyPairGeneratorSpi

A Key Pair Generator implemented using PKCS #11.

See Also: PQGParams

Field Summary
static PQGParamsPQG1024
Pre-cooked PQG values for 1024-bit keypairs, along with the seed, counter, and H values needed to verify them.
static PQGParamsPQG512
Pre-cooked PQG values for 512-bit keypairs, along with the seed, counter, and H values needed to verify them.
static PQGParamsPQG768
Pre-cooked PQG values for 768-bit keypairs, along with the seed, counter, and H values needed to verify them.
Constructor Summary
PK11KeyPairGenerator(PK11Token token, KeyPairAlgorithm algorithm)
Constructor for PK11KeyPairGenerator.
Method Summary
voidextractablePairs(boolean extractable)
KeyPairgenerateKeyPair()
Generates a key pair on a token.
voidinitialize(int strength, SecureRandom random)
Initializes this KeyPairGenerator with the given key strength.
voidinitialize(AlgorithmParameterSpec params, SecureRandom random)
Initializes this KeyPairGenerator with the given algorithm-specific parameters.
booleankeygenOnInternalToken()
voidsensitivePairs(boolean sensitive)
voidsetKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, KeyPairGeneratorSpi.Usage[] usages_mask)
Sets the requested key usages desired for the generated key pair.
voidtemporaryPairs(boolean temp)

Field Detail

PQG1024

public static final PQGParams PQG1024
Pre-cooked PQG values for 1024-bit keypairs, along with the seed, counter, and H values needed to verify them.

PQG512

public static final PQGParams PQG512
Pre-cooked PQG values for 512-bit keypairs, along with the seed, counter, and H values needed to verify them.

PQG768

public static final PQGParams PQG768
Pre-cooked PQG values for 768-bit keypairs, along with the seed, counter, and H values needed to verify them.

Constructor Detail

PK11KeyPairGenerator

public PK11KeyPairGenerator(PK11Token token, KeyPairAlgorithm algorithm)
Constructor for PK11KeyPairGenerator.

Parameters: token The PKCS #11 token that the keypair will be generated on. algorithm The type of key that will be generated. Currently, KeyPairAlgorithm.RSA , KeyPairAlgorithm.DSA and KeyPairAlgorithm.EC are supported.

Method Detail

extractablePairs

public void extractablePairs(boolean extractable)

generateKeyPair

public KeyPair generateKeyPair()
Generates a key pair on a token. Uses parameters if they were passed in through a call to initialize, otherwise uses defaults.

initialize

public void initialize(int strength, SecureRandom random)
Initializes this KeyPairGenerator with the given key strength.

For DSA key generation, pre-cooked PQG values will be used be used if the key size is 512, 768, or 1024. Otherwise, an InvalidParameterException will be thrown.

Parameters: strength The strength (size) of the keys that will be generated. random Ignored

Throws: InvalidParameterException If the key strength is not supported by the algorithm or this implementation.

initialize

public void initialize(AlgorithmParameterSpec params, SecureRandom random)
Initializes this KeyPairGenerator with the given algorithm-specific parameters.

Parameters: params The algorithm-specific parameters that will govern key pair generation. random Ignored

Throws: InvalidAlgorithmParameterException If the parameters are inappropriate for the key type or are not supported by this implementation.

keygenOnInternalToken

public boolean keygenOnInternalToken()

Returns: true if the keypair generation will be done on the internal token and then moved to this token.

sensitivePairs

public void sensitivePairs(boolean sensitive)

setKeyPairUsages

public void setKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, KeyPairGeneratorSpi.Usage[] usages_mask)
Sets the requested key usages desired for the generated key pair. This allows the caller to suggest how NSS generates the key pair.

Parameters: usages List of desired key usages. usages_mask Corresponding mask for the key usages. if a usages is desired, make sure it is in the mask as well.

temporaryPairs

public void temporaryPairs(boolean temp)