public class KeyManager
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
static KeyGenAlgorithm |
DEFAULT_KEYGEN_ALG
The default key generation algorithm, currently DES3.
|
static int |
DEFAULT_KEYSIZE
The default key size (in bytes).
|
Constructor and Description |
---|
KeyManager(CryptoToken token)
Creates a new KeyManager using the given CryptoToken.
|
Modifier and Type | Method and Description |
---|---|
void |
deleteKey(byte[] keyID)
Deletes the key with the given keyID from this token.
|
void |
deleteKey(javax.crypto.SecretKey key)
Deletes this key from this token.
|
void |
deleteUniqueNamedKey(java.lang.String nickname)
If it exists, delete the key with the specified nickname from this
token.
|
byte[] |
generateKey()
Generates an SDR key with the default algorithm and key size.
|
byte[] |
generateKey(KeyGenAlgorithm alg,
int keySize)
Generates an SDR key with the given algorithm and key size.
|
byte[] |
generateUniqueNamedKey(KeyGenAlgorithm alg,
int keySize,
java.lang.String nickname)
Generates an SDR key with the given algorithm, key size, and nickname.
|
byte[] |
generateUniqueNamedKey(java.lang.String nickname)
Generates an SDR key with the default algorithm and key size.
|
javax.crypto.SecretKey |
lookupKey(EncryptionAlgorithm alg,
byte[] keyid)
Looks up the key on this token with the given algorithm and key ID.
|
javax.crypto.SecretKey |
lookupUniqueNamedKey(EncryptionAlgorithm alg,
java.lang.String nickname)
Looks up the key on this token with the given algorithm and nickname.
|
boolean |
uniqueNamedKeyExists(java.lang.String nickname) |
public static final KeyGenAlgorithm DEFAULT_KEYGEN_ALG
public static final int DEFAULT_KEYSIZE
public KeyManager(CryptoToken token)
token
- The token on which this KeyManager operates.public byte[] generateKey() throws TokenException
TokenException
public byte[] generateKey(KeyGenAlgorithm alg, int keySize) throws TokenException
keySize
- Length of key in bytes. This is only relevant for
algorithms that take more than one key size. Otherwise it can just
be set to 0.TokenException
public byte[] generateUniqueNamedKey(java.lang.String nickname) throws TokenException
nickname
- the name of the symmetric key. Duplicate keynames
will be checked for, and are not allowed.TokenException
public byte[] generateUniqueNamedKey(KeyGenAlgorithm alg, int keySize, java.lang.String nickname) throws TokenException
alg
- The algorithm that this key will be used for.
This is necessary because it will be stored along with the
key for later use by the security library.keySize
- Length of key in bytes. This is only relevant for
algorithms that take more than one key size. Otherwise it can just
be set to 0.nickname
- the name of the symmetric key. Duplicate keynames
will be checked for, and are not allowed.TokenException
public javax.crypto.SecretKey lookupKey(EncryptionAlgorithm alg, byte[] keyid) throws TokenException
alg
- The algorithm that this key will be used for.
This is necessary because it will be stored along with the
key for later use by the security library. It should match
the actual algorithm of the key you are looking for. If you
pass in a different algorithm and try to use the key that is returned,
the results are undefined.null
if the key is not found.TokenException
public boolean uniqueNamedKeyExists(java.lang.String nickname) throws TokenException
TokenException
public javax.crypto.SecretKey lookupUniqueNamedKey(EncryptionAlgorithm alg, java.lang.String nickname) throws TokenException
alg
- The algorithm that this key will be used for.
This is necessary because it will be stored along with the
key for later use by the security library. It should match
the actual algorithm of the key you are looking for. If you
pass in a different algorithm and try to use the key that is returned,
the results are undefined.nickname
- the name of the symmetric key. Duplicate keynames
will be checked for, and are not allowed.null
if the key is not found.TokenException
public void deleteKey(byte[] keyID) throws TokenException, java.security.InvalidKeyException
java.security.InvalidKeyException
- If the key does not exist on this token.TokenException
public void deleteUniqueNamedKey(java.lang.String nickname) throws TokenException, java.security.InvalidKeyException
TokenException
java.security.InvalidKeyException
public void deleteKey(javax.crypto.SecretKey key) throws TokenException, java.security.InvalidKeyException
java.security.InvalidKeyException
- If the key does not reside on this token,
or is not a JSS key.TokenException