org.mozilla.jss.SecretDecoderRing

Class KeyManager


public class KeyManager
extends java.lang.Object

Creates, finds, and deletes keys for SecretDecoderRing.

Field Summary

static KeyGenAlgorithm
DEFAULT_KEYGEN_ALG
The default key generation algorithm, currently DES3.
static int
DEFAULT_KEYSIZE
The default key size (in bytes).

Constructor Summary

KeyManager(CryptoToken token)
Creates a new KeyManager using the given CryptoToken.

Method Summary

void
deleteKey(SecretKey key)
Deletes this key from this token.
void
deleteKey(byte[] keyID)
Deletes the key with the given keyID from this token.
byte[]
generateKey()
Generates an SDR key with the default algorithm and key size.
byte[]
generateKey(KeyGenAlgorithm alg, int keySize)
Generates an SDR key with the given algorithm and key size.
SecretKey
lookupKey(EncryptionAlgorithm alg, byte[] keyid)
Looks up the key on this token with the given algorithm and key ID.

Field Details

DEFAULT_KEYGEN_ALG

public static final KeyGenAlgorithm DEFAULT_KEYGEN_ALG
The default key generation algorithm, currently DES3.


DEFAULT_KEYSIZE

public static final int DEFAULT_KEYSIZE
The default key size (in bytes). This is only relevant for algorithms with variable-length keys, such as AES.

Field Value:
0

Constructor Details

KeyManager

public KeyManager(CryptoToken token)
Creates a new KeyManager using the given CryptoToken.

Parameters:
token - The token on which this KeyManager operates.

Method Details

deleteKey

public void deleteKey(SecretKey key)
            throws TokenException,
                   InvalidKeyException
Deletes this key from this token.


deleteKey

public void deleteKey(byte[] keyID)
            throws TokenException,
                   InvalidKeyException
Deletes the key with the given keyID from this token.


generateKey

public byte[] generateKey()
            throws TokenException
Generates an SDR key with the default algorithm and key size. The default algorithm is stored in the constant DEFAULT_KEYGEN_ALG. The default key size is stored in the constant DEFAULT_KEYSIZE.

Returns:
The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.


generateKey

public byte[] generateKey(KeyGenAlgorithm alg,
                          int keySize)
            throws TokenException
Generates an SDR key with the given algorithm and key size.

Parameters:
keySize - Length of key in bytes. This is only relevant for algorithms that take more than one key size. Otherwise it can just be set to 0.

Returns:
The keyID of the generated key. A random keyID will be chosen that is not currently used on the token. The keyID must be stored by the application in order to use this key for encryption in the future.


lookupKey

public SecretKey lookupKey(EncryptionAlgorithm alg,
                           byte[] keyid)
            throws TokenException
Looks up the key on this token with the given algorithm and key ID.

Parameters:
alg - The algorithm that this key will be used for. This is necessary because it will be stored along with the key for later use by the security library. It should match the actual algorithm of the key you are looking for. If you pass in a different algorithm and try to use the key that is returned, the results are undefined.

Returns:
The key, or null if the key is not found.