Package org.mozilla.jss.crypto
Class KeyPairGenerator
- java.lang.Object
-
- org.mozilla.jss.crypto.KeyPairGenerator
-
public class KeyPairGenerator extends java.lang.Object
Generates RSA and DSA key pairs. Each CryptoToken provides a KeyPairGenerator, which can be used to generate key pairs on that token. A given token may not support all algorithms, and some tokens may not support any key pair generation. If a token does not support key pair generation, the Netscape internal token may do it instead. CallkeygenOnInternalToken
to find out if this is happening.
-
-
Field Summary
Fields Modifier and Type Field Description protected KeyPairAlgorithm
algorithm
protected KeyPairGeneratorSpi
engine
-
Constructor Summary
Constructors Constructor Description KeyPairGenerator(KeyPairAlgorithm algorithm, KeyPairGeneratorSpi engine)
Creates a new key pair generator.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
extractablePairs(boolean extractable)
Tells the generator to generate extractable or unextractable keypairs.java.security.KeyPair
genKeyPair()
Generates a new key pair.KeyPairAlgorithm
getAlgorithm()
int
getCurveCodeByName(java.lang.String curveName)
void
initialize(int strength)
Initializes the generator with the strength of the keys.void
initialize(int strength, java.security.SecureRandom random)
Initializes the generator with the strength of the keys.void
initialize(java.security.spec.AlgorithmParameterSpec params)
Initializes the generator with algorithm-specific parameters.void
initialize(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random)
Initializes the generator with algorithm-specific parameters.boolean
keygenOnInternalToken()
void
sensitivePairs(boolean sensitive)
Tells the generator to generate sensitive or insensitive keypairs.void
setKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, KeyPairGeneratorSpi.Usage[] usages_mask)
void
temporaryPairs(boolean temp)
Tells the generator to generate temporary or permanent keypairs.
-
-
-
Field Detail
-
algorithm
protected KeyPairAlgorithm algorithm
-
engine
protected KeyPairGeneratorSpi engine
-
-
Constructor Detail
-
KeyPairGenerator
public KeyPairGenerator(KeyPairAlgorithm algorithm, KeyPairGeneratorSpi engine)
Creates a new key pair generator. KeyPairGenerators should be obtained by callingCryptoToken.getKeyPairGenerator
instead of calling this constructor.- Parameters:
algorithm
- The type of keys that the generator will be used to generate.engine
- The engine object that provides the implementation for the class.
-
-
Method Detail
-
genKeyPair
public java.security.KeyPair genKeyPair() throws TokenException
Generates a new key pair.- Returns:
- A new key pair. The keys reside on the CryptoToken that
provided this
KeyPairGenerator
. - Throws:
TokenException
- If an error occurs on the CryptoToken in the process of generating the key pair.
-
getAlgorithm
public KeyPairAlgorithm getAlgorithm()
- Returns:
- The type of key that this generator generates.
-
initialize
public void initialize(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) throws java.security.InvalidAlgorithmParameterException
Initializes the generator with algorithm-specific parameters. The SecureRandom parameters is ignored.- Parameters:
params
- Algorithm-specific parameters for the key pair generation.random
- This parameter is ignored. NSS does not accept an external source of random numbers.- Throws:
java.security.InvalidAlgorithmParameterException
- If the parameters are inappropriate for the type of key pair that is being generated, or they are not supported by this generator.- See Also:
RSAParameterSpec
,DSAParameterSpec
-
initialize
public void initialize(java.security.spec.AlgorithmParameterSpec params) throws java.security.InvalidAlgorithmParameterException
Initializes the generator with algorithm-specific parameters.- Parameters:
params
- Algorithm-specific parameters for the key pair generation.- Throws:
java.security.InvalidAlgorithmParameterException
- If the parameters are inappropriate for the type of key pair that is being generated, or they are not supported by this generator.- See Also:
RSAParameterSpec
,DSAParameterSpec
-
initialize
public void initialize(int strength, java.security.SecureRandom random)
Initializes the generator with the strength of the keys. The SecureRandom parameter is ignored.- Parameters:
strength
- The strength of the keys that will be generated. Usually this is the length of the key in bits.random
- This parameter is ignored. NSS does not accept an external source of random numbers.
-
initialize
public void initialize(int strength)
Initializes the generator with the strength of the keys.- Parameters:
strength
- The strength of the keys that will be generated. Usually this is the length of the key in bits.
-
keygenOnInternalToken
public boolean keygenOnInternalToken()
- Returns:
- true if the keypair generation will take place on the internal token rather than the current token. This will happen if the token does not support keypair generation but does support this algorithm and is writable. In this case the keypair will be generated on the Netscape internal token and then moved to this token.
-
temporaryPairs
public void temporaryPairs(boolean temp)
Tells the generator to generate temporary or permanent keypairs. Temporary keys are not written permanently to the token. They are destroyed by the garbage collector. If this method is not called, the default is permanent keypairs.- Parameters:
temp
- True to generate temporary keypairs.
-
sensitivePairs
public void sensitivePairs(boolean sensitive)
Tells the generator to generate sensitive or insensitive keypairs. Certain attributes of a sensitive key cannot be revealed in plaintext outside the token. If this method is not called, the default depends on the temporaryPairs mode for backward compatibility. The default is sensitive keypairs if the temporaryPairs mode is false, or insensitive keypairs if the temporaryPairs mode is true.- Parameters:
sensitive
- To generate sensitive keypairs.
-
extractablePairs
public void extractablePairs(boolean extractable)
Tells the generator to generate extractable or unextractable keypairs. Extractable keys can be extracted from the token after wrapping. If this method is not called, the default is token dependent.- Parameters:
extractable
- True to generate extractable keypairs.
-
setKeyPairUsages
public void setKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, KeyPairGeneratorSpi.Usage[] usages_mask)
-
getCurveCodeByName
public int getCurveCodeByName(java.lang.String curveName) throws java.security.InvalidParameterException
- Throws:
java.security.InvalidParameterException
-
-