JSS 3.1.1

org.mozilla.jss.pkcs11
Class PK11KeyPairGenerator

java.lang.Object
  |
  +--org.mozilla.jss.crypto.KeyPairGeneratorSpi
        |
        +--org.mozilla.jss.pkcs11.PK11KeyPairGenerator

public final class PK11KeyPairGenerator
extends KeyPairGeneratorSpi

A Key Pair Generator implemented using PKCS #11.

See Also:
PQGParams

Field Summary
private  KeyPairAlgorithm algorithm
           
private static int counter1024
           
private static int counter512
           
private static int counter768
           
private static int DEFAULT_RSA_KEY_SIZE
           
private static java.math.BigInteger DEFAULT_RSA_PUBLIC_EXPONENT
           
private static boolean defaultsTested
           
private static java.lang.String g1024
           
private static java.lang.String g512
           
private static java.lang.String g768
           
private static java.lang.String h1024
           
private static java.lang.String h512
           
private static java.lang.String h768
           
private  boolean mKeygenOnInternalToken
           
private static java.lang.String p1024
           
private static java.lang.String p512
           
private static java.lang.String p768
           
private  java.security.spec.AlgorithmParameterSpec params
           
static PQGParams PQG1024
          Pre-cooked PQG values for 1024-bit keypairs, along with the seed, counter, and H values needed to verify them.
static PQGParams PQG512
          Pre-cooked PQG values for 512-bit keypairs, along with the seed, counter, and H values needed to verify them.
static PQGParams PQG768
          Pre-cooked PQG values for 768-bit keypairs, along with the seed, counter, and H values needed to verify them.
private static java.lang.String q1024
           
private static java.lang.String q512
           
private static java.lang.String q768
           
private static java.lang.String seed1024
           
private static java.lang.String seed512
           
private static java.lang.String seed768
           
private  boolean temporaryPairMode
           
private  PK11Token token
           
 
Constructor Summary
PK11KeyPairGenerator(PK11Token token, KeyPairAlgorithm algorithm)
          Constructor for PK11KeyPairGenerator.
 
Method Summary
private  java.security.KeyPair generateDSAKeyPair(PK11Token token, byte[] P, byte[] Q, byte[] G, boolean temporary)
          Generates a DSA key pair with the given P, Q, and G values.
 java.security.KeyPair generateKeyPair()
          Generates a key pair on a token.
private  java.security.KeyPair generateRSAKeyPair(PK11Token token, int keySize, long publicExponent, boolean temporary)
          Generates an RSA key pair with the given size and public exponent.
 void initialize(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random)
          Initializes this KeyPairGenerator with the given algorithm-specific parameters.
 void initialize(int strength, java.security.SecureRandom random)
          Initializes this KeyPairGenerator with the given key strength.
 boolean keygenOnInternalToken()
           
 void temporaryPairs(boolean temp)
           
private static void testDefaults()
           
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, registerNatives, toString, wait, wait, wait
 

Field Detail

DEFAULT_RSA_KEY_SIZE

private static final int DEFAULT_RSA_KEY_SIZE

DEFAULT_RSA_PUBLIC_EXPONENT

private static final java.math.BigInteger DEFAULT_RSA_PUBLIC_EXPONENT

p1024

private static final java.lang.String p1024

q1024

private static final java.lang.String q1024

g1024

private static final java.lang.String g1024

h1024

private static final java.lang.String h1024

seed1024

private static final java.lang.String seed1024

counter1024

private static final int counter1024

PQG1024

public static final PQGParams PQG1024
Pre-cooked PQG values for 1024-bit keypairs, along with the seed, counter, and H values needed to verify them.

p768

private static final java.lang.String p768

q768

private static final java.lang.String q768

g768

private static final java.lang.String g768

seed768

private static final java.lang.String seed768

counter768

private static final int counter768

h768

private static final java.lang.String h768

PQG768

public static final PQGParams PQG768
Pre-cooked PQG values for 768-bit keypairs, along with the seed, counter, and H values needed to verify them.

p512

private static final java.lang.String p512

q512

private static final java.lang.String q512

g512

private static final java.lang.String g512

h512

private static final java.lang.String h512

seed512

private static final java.lang.String seed512

counter512

private static final int counter512

PQG512

public static final PQGParams PQG512
Pre-cooked PQG values for 512-bit keypairs, along with the seed, counter, and H values needed to verify them.

defaultsTested

private static boolean defaultsTested

token

private PK11Token token

params

private java.security.spec.AlgorithmParameterSpec params

algorithm

private KeyPairAlgorithm algorithm

mKeygenOnInternalToken

private boolean mKeygenOnInternalToken

temporaryPairMode

private boolean temporaryPairMode
Constructor Detail

PK11KeyPairGenerator

public PK11KeyPairGenerator(PK11Token token,
                            KeyPairAlgorithm algorithm)
                     throws java.security.NoSuchAlgorithmException,
                            TokenException
Constructor for PK11KeyPairGenerator.
Parameters:
token - The PKCS #11 token that the keypair will be generated on.
algorithm - The type of key that will be generated. Currently, KeyPairAlgorithm.RSA and KeyPairAlgorithm.DSA are supported.
Method Detail

initialize

public void initialize(int strength,
                       java.security.SecureRandom random)
                throws java.security.InvalidParameterException
Initializes this KeyPairGenerator with the given key strength.

For DSA key generation, pre-cooked PQG values will be used be used if the key size is 512, 768, or 1024. Otherwise, an InvalidParameterException will be thrown.

Overrides:
initialize in class KeyPairGeneratorSpi
Parameters:
strength - The strength (size) of the keys that will be generated.
random - Ignored
Throws:
java.security.InvalidParameterException - If the key strength is not supported by the algorithm or this implementation.

initialize

public void initialize(java.security.spec.AlgorithmParameterSpec params,
                       java.security.SecureRandom random)
                throws java.security.InvalidAlgorithmParameterException
Initializes this KeyPairGenerator with the given algorithm-specific parameters.
Overrides:
initialize in class KeyPairGeneratorSpi
Parameters:
params - The algorithm-specific parameters that will govern key pair generation.
random - Ignored
Throws:
java.security.InvalidAlgorithmParameterException - If the parameters are inappropriate for the key type or are not supported by this implementation.

generateKeyPair

public java.security.KeyPair generateKeyPair()
                                      throws TokenException
Generates a key pair on a token. Uses parameters if they were passed in through a call to initialize, otherwise uses defaults.
Overrides:
generateKeyPair in class KeyPairGeneratorSpi

keygenOnInternalToken

public boolean keygenOnInternalToken()
Overrides:
keygenOnInternalToken in class KeyPairGeneratorSpi
Returns:
true if the keypair generation will be done on the internal token and then moved to this token.

generateRSAKeyPair

private java.security.KeyPair generateRSAKeyPair(PK11Token token,
                                                 int keySize,
                                                 long publicExponent,
                                                 boolean temporary)
                                          throws TokenException
Generates an RSA key pair with the given size and public exponent.

generateDSAKeyPair

private java.security.KeyPair generateDSAKeyPair(PK11Token token,
                                                 byte[] P,
                                                 byte[] Q,
                                                 byte[] G,
                                                 boolean temporary)
                                          throws TokenException
Generates a DSA key pair with the given P, Q, and G values. P, Q, and G are stored as big-endian twos-complement octet strings.

testDefaults

private static void testDefaults()

temporaryPairs

public void temporaryPairs(boolean temp)
Overrides:
temporaryPairs in class KeyPairGeneratorSpi

JSS 3.1.1