org.mozilla.jss.crypto

Class KeyPairGenerator


public class KeyPairGenerator
extends java.lang.Object

Generates RSA and DSA key pairs. Each CryptoToken provides a KeyPairGenerator, which can be used to generate key pairs on that token. A given token may not support all algorithms, and some tokens may not support any key pair generation. If a token does not support key pair generation, the Netscape internal token may do it instead. Call keygenOnInternalToken to find out if this is happening.
See Also:
CryptoToken.getKeyPairGenerator(KeyPairAlgorithm)

Field Summary

protected KeyPairAlgorithm
algorithm
protected KeyPairGeneratorSpi
engine

Constructor Summary

KeyPairGenerator(KeyPairAlgorithm algorithm, KeyPairGeneratorSpi engine)
Creates a new key pair generator.

Method Summary

java.security.KeyPair
genKeyPair()
Generates a new key pair.
KeyPairAlgorithm
getAlgorithm()
void
initialize(AlgorithmParameterSpec params)
Initializes the generator with algorithm-specific parameters.
void
initialize(AlgorithmParameterSpec params, SecureRandom random)
Initializes the generator with algorithm-specific parameters.
void
initialize(int strength)
Initializes the generator with the strength of the keys.
void
initialize(int strength, SecureRandom random)
Initializes the generator with the strength of the keys.
boolean
keygenOnInternalToken()
void
temporaryPairs(boolean temp)
Tells the generator to generate temporary, rather than permanent, keypairs.

Field Details

algorithm

protected KeyPairAlgorithm algorithm

engine

protected KeyPairGeneratorSpi engine

Constructor Details

KeyPairGenerator

public KeyPairGenerator(KeyPairAlgorithm algorithm,
                        KeyPairGeneratorSpi engine)
Creates a new key pair generator. KeyPairGenerators should be obtained by calling CryptoToken.getKeyPairGenerator instead of calling this constructor.
Parameters:
algorithm - The type of keys that the generator will be used to generate.
engine - The engine object that provides the implementation for the class.

Method Details

genKeyPair

public java.security.KeyPair genKeyPair()
            throws TokenException
Generates a new key pair.
Returns:
A new key pair. The keys reside on the CryptoToken that provided this KeyPairGenerator.
Throws:
TokenException - If an error occurs on the CryptoToken in the process of generating the key pair.

getAlgorithm

public KeyPairAlgorithm getAlgorithm()
Returns:
The type of key that this generator generates.

initialize

public void initialize(AlgorithmParameterSpec params)
            throws InvalidAlgorithmParameterException
Initializes the generator with algorithm-specific parameters.
Parameters:
params - Algorithm-specific parameters for the key pair generation.
See Also:
RSAParameterSpec, java.security.spec.DSAParameterSpec

initialize

public void initialize(AlgorithmParameterSpec params,
                       SecureRandom random)
            throws InvalidAlgorithmParameterException
Initializes the generator with algorithm-specific parameters. The SecureRandom parameters is ignored.
Parameters:
params - Algorithm-specific parameters for the key pair generation.
random - This parameter is ignored. NSS does not accept an external source of random numbers.
See Also:
RSAParameterSpec, java.security.spec.DSAParameterSpec

initialize

public void initialize(int strength)
Initializes the generator with the strength of the keys.
Parameters:
strength - The strength of the keys that will be generated. Usually this is the length of the key in bits.

initialize

public void initialize(int strength,
                       SecureRandom random)
Initializes the generator with the strength of the keys. The SecureRandom parameter is ignored.
Parameters:
strength - The strength of the keys that will be generated. Usually this is the length of the key in bits.
random - This parameter is ignored. NSS does not accept an exterrnal source of random numbers.

keygenOnInternalToken

public boolean keygenOnInternalToken()
Returns:
true if the keypair generation will take place on the internal token rather than the current token. This will happen if the token does not support keypair generation but does support this algorithm and is writable. In this case the keypair will be generated on the Netscape internal token and then moved to this token.

temporaryPairs

public void temporaryPairs(boolean temp)
Tells the generator to generate temporary, rather than permanent, keypairs. Temporary keys are not written permanently to the token. They are destroyed by the garbage collector.