org.mozilla.jss.crypto
public interface CryptoToken
Instances of CryptoToken are obtained from CryptoManager.
See Also: CryptoManager
Field Summary | |
---|---|
static int | EVERY_TIME
Need to provide a password before each crypto operation. |
static int | ONE_TIME
Login once, never need to re-enter the password until you log out. |
static int | TIMEOUT
Need to re-login after a period of time. |
Method Summary | |
---|---|
abstract void | changePassword(PasswordCallback oldpw, PasswordCallback newpw)
Change the password of this token.
|
SymmetricKey | cloneKey(SymmetricKey key)
Clones a SymmetricKey from a different token onto this token.
|
boolean | doesAlgorithm(Algorithm alg)
Determines whether this token supports the given algorithm.
|
boolean | equals(Object object)
Deep comparison operation. |
abstract String | generateCertRequest(String subject, int keysize, String keyType, byte[] P, byte[] Q, byte[] G)
Generates a b64 encoded PKCS10 blob used for making cert
request. |
abstract Cipher | getCipherContext(EncryptionAlgorithm algorithm)
Creates a Cipher object, which can be used for encryption and
decryption. |
abstract CryptoStore | getCryptoStore()
Get the CryptoStore interface to this token's objects. |
abstract JSSMessageDigest | getDigestContext(DigestAlgorithm algorithm)
Creates a Digest object. |
abstract KeyGenerator | getKeyGenerator(KeyGenAlgorithm algorithm)
Creates a KeyGenerator object, which can be used to generate
symmetric encryption keys. |
abstract KeyPairGenerator | getKeyPairGenerator(KeyPairAlgorithm algorithm)
Creates a KeyPairGenerator object, which can be used to generate
key pairs. |
abstract KeyWrapper | getKeyWrapper(KeyWrapAlgorithm algorithm) |
abstract int | getLoginMode()
Returns the login mode of this token: ONE_TIME, TIMEOUT, or
EVERY_TIME. |
abstract int | getLoginTimeoutMinutes()
Returns the login timeout period. |
abstract String | getName()
Obtain the nickname, or label, of this token.
|
abstract Signature | getSignatureContext(SignatureAlgorithm algorithm)
Creates a Signature object, which can perform signing and signature
verification. |
abstract void | initPassword(PasswordCallback securityOfficerPW, PasswordCallback userPW)
Initialize the password of this token.
|
boolean | isLoggedIn()
Find out if the token is currently logged in.
|
boolean | isPresent()
Determines whether this token is currently present.
|
abstract void | login(PasswordCallback pwcb)
Login to the token. |
abstract void | logout()
Logout of the token.
|
boolean | needsLogin()
returns true if this token needs to be logged into before
it can be used.
|
abstract boolean | passwordIsInitialized()
Determine whether the password has been initialized yet. |
abstract void | setLoginMode(int mode)
Sets the login mode of this token.
|
abstract void | setLoginTimeoutMinutes(int timeoutMinutes)
Sets the timeout period for logging in. |
See Also: CryptoToken
Parameters: oldpw A callback (which could be just a Password) to retrieve the current password. newpw A callback (which could be just a Password) to retrieve the new password.
Throws: IncorrectPasswordException If the supplied old password is incorrect.
Deprecated: Use the JCA interface instead (javax.crypto.SecretKeyFactory)
Clones a SymmetricKey from a different token onto this token.Throws: SymmetricKey.NotExtractableException If the key material cannot be extracted from the current token. InvalidKeyException If the owning token cannot process the key to be cloned.
Parameters: alg A JSS algorithm. Note that for Signature, a token may fail to support a specific SignatureAlgorithm (such as RSASignatureWithMD5Digest) even though it does support the generic algorithm (RSASignature). In this case, the signature operation will be performed on that token, but the digest operation will be performed on the internal token.
Returns: true if the token supports the algorithm.
Parameters: subject subject dn of the certificate keysize size of the key keyType "rsa" or "dsa" P The DSA prime parameter Q The DSA sub-prime parameter G The DSA base parameter
Returns: base64 encoded pkcs10 certificate request with Begin/end brackets
Deprecated: Use the JCA interface instead (javax.crypto.Cipher)
Creates a Cipher object, which can be used for encryption and decryption. Cryptographic operations will take place on this token. The keys used in the operations must be located on this token.Parameters: algorithm The algorithm used for encryption/decryption.
Throws: java.security.NoSuchAlgorithmException If this provider does not support the given algorithm.
Deprecated: Use the JCA interface instead (java.security.MessageDigest)
Creates a Digest object. Digesting cryptographic operations will take place on this token.Parameters: algorithm The algorithm used for digesting.
Throws: java.security.NoSuchAlgorithmException If this provider does not support the given algorithm.
Deprecated: Use the JCA interface instead (javax.crypto.KeyGenerator)
Creates a KeyGenerator object, which can be used to generate symmetric encryption keys. Any keys generated with this KeyGenerator will be generated on this token.Parameters: algorithm The algorithm that the keys will be used with.
Throws: java.security.NoSuchAlgorithmException If this token does not support the given algorithm.
Deprecated: Use the JCA interface instead (java.security.KeyPairGenerator)
Creates a KeyPairGenerator object, which can be used to generate key pairs. Any keypairs generated with this generator will be generated on this token.Parameters: algorithm The algorithm that the keys will be used with (RSA, DSA, EC, etc.)
Throws: java.security.NoSuchAlgorithmException If this token does not support the given algorithm.
Deprecated: Use the JCA interface instead (javax.crypto.Cipher)
Throws: TokenException If an error occurs on the token.
See Also: CryptoToken
Throws: TokenException If an error occurs on the token.
See Also: CryptoToken
Throws: TokenException If an error occurs on the token.
Deprecated: Use the JCA interface instead (java.security.Signature)
Creates a Signature object, which can perform signing and signature verification. Signing and verification cryptographic operations will take place on this token. The signing key must be located on this token.Parameters: algorithm The algorithm used for the signing/verification.
Throws: java.security.NoSuchAlgorithmException If the given algorithm is not supported by this provider.
Parameters: securityOfficerPW A callback to obtain the password of the SecurityOfficer. Pass in a NullPasswordCallback if there is no security officer password. Must not be null. userPW A callback to obtain the new password for this token. Must not be null.
Throws: IncorrectPasswordException If the supplied security officer password is incorrect. AlreadyInitializedException If the token only allows one password initialization, and it has already occurred. TokenException If an error occurs on the token.
See Also: CryptoToken CryptoToken
Parameters: password The password for this token.
Throws: IncorrectPasswordException If the supplied password is incorrect.
See Also: CryptoToken CryptoManager
See Also: CryptoToken CryptoToken
Throws: TokenException If an error occurs on the token.
Parameters: mode ONE_TIME, TIMEOUT, or EVERY_TIME
Throws: TokenException If this mode is not supported by this token, or an error occurs on the token.
See Also: CryptoToken CryptoToken
Throws: TokenException If timeouts are not supported by this token, or an error occurs on the token.
See Also: CryptoToken