|
JSS 3.1.1 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
A CryptoToken performs cryptographic operations and stores cryptographic items, such as keys and certs. It corresponds to a Cryptographic Service Provider (CSP) in CDSA, and to a PKCS #11 token.
Instances of CryptoToken are obtained from CryptoManager.
CryptoManager
Field Summary | |
static int |
EVERY_TIME
Need to provide a password before each crypto operation. |
static int |
ONE_TIME
Login once, never need to re-enter the password until you log out. |
static int |
TIMEOUT
Need to re-login after a period of time. |
Method Summary | |
void |
changePassword(PasswordCallback oldpw,
PasswordCallback newpw)
Change the password of this token. |
SymmetricKey |
cloneKey(SymmetricKey key)
Clones a SymmetricKey from a different token onto this token. |
boolean |
doesAlgorithm(Algorithm alg)
Determines whether this token supports the given algorithm. |
boolean |
equals(java.lang.Object object)
Deep comparison operation. |
java.lang.String |
generateCertRequest(java.lang.String subject,
int keysize,
java.lang.String keyType,
byte[] P,
byte[] Q,
byte[] G)
Generates a b64 encoded PKCS10 blob used for making cert request. |
Cipher |
getCipherContext(EncryptionAlgorithm algorithm)
Creates a Cipher object, which can be used for encryption and decryption. |
CryptoStore |
getCryptoStore()
Get the CryptoStore interface to this token's objects. |
JSSMessageDigest |
getDigestContext(DigestAlgorithm algorithm)
Creates a Digest object. |
KeyGenerator |
getKeyGenerator(KeyGenAlgorithm algorithm)
Creates a KeyGenerator object, which can be used to generate symmetric encryption keys. |
KeyPairGenerator |
getKeyPairGenerator(KeyPairAlgorithm algorithm)
Creates a KeyPairGenerator object, which can be used to generate key pairs. |
KeyWrapper |
getKeyWrapper(KeyWrapAlgorithm algorithm)
|
int |
getLoginMode()
Returns the login mode of this token: ONE_TIME, TIMEOUT, or EVERY_TIME. |
int |
getLoginTimeoutMinutes()
Returns the login timeout period. |
java.lang.String |
getName()
Obtain the nickname, or label, of this token. |
Signature |
getSignatureContext(SignatureAlgorithm algorithm)
Creates a Signature object, which can perform signing and signature verification. |
void |
initPassword(PasswordCallback securityOfficerPW,
PasswordCallback userPW)
Initialize the password of this token. |
boolean |
isLoggedIn()
Find out if the token is currently logged in. |
boolean |
isPresent()
Determines whether this token is currently present. |
void |
login(PasswordCallback pwcb)
Login to the token. |
void |
logout()
Logout of the token. |
boolean |
passwordIsInitialized()
Determine whether the password has been initialized yet. |
void |
setLoginMode(int mode)
Sets the login mode of this token. |
void |
setLoginTimeoutMinutes(int timeoutMinutes)
Sets the timeout period for logging in. |
Field Detail |
public static final int ONE_TIME
public static final int TIMEOUT
setLoginTimeoutMinutes(int)
public static final int EVERY_TIME
Method Detail |
public Signature getSignatureContext(SignatureAlgorithm algorithm) throws java.security.NoSuchAlgorithmException, TokenException
algorithm
- The algorithm used for the signing/verification.java.security.NoSuchAlgorithmException
- If the given
algorithm is not supported by this provider.public JSSMessageDigest getDigestContext(DigestAlgorithm algorithm) throws java.security.NoSuchAlgorithmException, java.security.DigestException
algorithm
- The algorithm used for digesting.java.security.NoSuchAlgorithmException
- If this provider
does not support the given algorithm.public Cipher getCipherContext(EncryptionAlgorithm algorithm) throws java.security.NoSuchAlgorithmException, TokenException
algorithm
- The algorithm used for encryption/decryption.java.security.NoSuchAlgorithmException
- If this provider
does not support the given algorithm.public KeyWrapper getKeyWrapper(KeyWrapAlgorithm algorithm) throws java.security.NoSuchAlgorithmException, TokenException
public KeyGenerator getKeyGenerator(KeyGenAlgorithm algorithm) throws java.security.NoSuchAlgorithmException, TokenException
algorithm
- The algorithm that the keys will be used with.java.security.NoSuchAlgorithmException
- If this token does not
support the given algorithm.public SymmetricKey cloneKey(SymmetricKey key) throws SymmetricKey.NotExtractableException, java.security.InvalidKeyException, TokenException
SymmetricKey.NotExtractableException
- If the key material
cannot be extracted from the current token.java.security.InvalidKeyException
- If the owning token cannot process
the key to be cloned.public KeyPairGenerator getKeyPairGenerator(KeyPairAlgorithm algorithm) throws java.security.NoSuchAlgorithmException, TokenException
algorithm
- The algorithm that the keys will be used with (RSA,
DSA, etc.)java.security.NoSuchAlgorithmException
- If this token does
not support the given algorithm.public java.lang.String generateCertRequest(java.lang.String subject, int keysize, java.lang.String keyType, byte[] P, byte[] Q, byte[] G) throws TokenException, java.security.InvalidParameterException, PQGParamGenException
subject
- subject dn of the certificatekeysize
- size of the keykeyType
- "rsa" or "dsa"P
- The DSA prime parameterQ
- The DSA sub-prime parameterG
- The DSA base parameterpublic boolean doesAlgorithm(Algorithm alg)
alg
- A JSS algorithm. Note that for Signature, a token may
fail to support a specific SignatureAlgorithm (such as
RSASignatureWithMD5Digest) even though it does support the
generic algorithm (RSASignature). In this case, the signature
operation will be performed on that token, but the digest
operation will be performed on the internal token.public void login(PasswordCallback pwcb) throws IncorrectPasswordException, TokenException
password
- The password for this token.IncorrectPasswordException
- If the supplied password is
incorrect.setLoginMode(int)
,
CryptoManager.setPasswordCallback(org.mozilla.jss.util.PasswordCallback)
public void logout() throws TokenException
public int getLoginMode() throws TokenException
TokenException
- If an error occurs on the token.getLoginTimeoutMinutes()
public void setLoginMode(int mode) throws TokenException
mode
- ONE_TIME, TIMEOUT, or EVERY_TIMETokenException
- If this mode is not supported by this token,
or an error occurs on the token.login(org.mozilla.jss.util.PasswordCallback)
,
setLoginTimeoutMinutes(int)
public int getLoginTimeoutMinutes() throws TokenException
TokenException
- If an error occurs on the token.getLoginMode()
public void setLoginTimeoutMinutes(int timeoutMinutes) throws TokenException
TokenException
- If timeouts are not supported by this
token, or an error occurs on the token.setLoginMode(int)
public boolean isLoggedIn() throws TokenException
login(org.mozilla.jss.util.PasswordCallback)
,
logout()
public void initPassword(PasswordCallback securityOfficerPW, PasswordCallback userPW) throws IncorrectPasswordException, AlreadyInitializedException, TokenException
securityOfficerPW
- A callback to obtain the password of the
SecurityOfficer. Pass in a NullPasswordCallback if there is
no security officer password. Must not be null.userPW
- A callback to obtain the new password for this token.
Must not be null.IncorrectPasswordException
- If the supplied security officer
password is incorrect.AlreadyInitializedException
- If the token only allows one
password initialization, and it has already occurred.TokenException
- If an error occurs on the token.public boolean passwordIsInitialized() throws TokenException
TokenException
- If an error occurs on the token.public void changePassword(PasswordCallback oldpw, PasswordCallback newpw) throws IncorrectPasswordException, TokenException
oldpw
- A callback (which could be just a Password) to retrieve
the current password.newpw
- A callback (which could be just a Password) to retrieve
the new password.IncorrectPasswordException
- If the supplied old password is
incorrect.public java.lang.String getName() throws TokenException
TokenException
- If an error occurs on the token.public CryptoStore getCryptoStore()
public boolean equals(java.lang.Object object)
equals
in class java.lang.Object
public boolean isPresent()
|
JSS 3.1.1 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |