com.ibm.crypto.fips.provider

Class ECPrivateKey

java.lang.Object

com.ibm.security.pkcsutil.PKCSDerObject

com.ibm.security.pkcs8.PrivateKeyInfo

com.ibm.crypto.fips.provider.ECPrivateKey

All Implemented Interfaces:

java.io.Serializable, java.lang.Cloneable, java.security.interfaces.ECKey, java.security.interfaces.ECPrivateKey, java.security.Key, java.security.PrivateKey, javax.security.auth.Destroyable

public final class ECPrivateKey
extends com.ibm.security.pkcs8.PrivateKeyInfo
implements java.security.interfaces.ECPrivateKey, java.security.interfaces.ECKey, java.io.Serializable

Key implementation for EC private keys. ASN.1 syntax for EC private keys from SEC 1 v1.5 (draft):

 EXPLICIT TAGS

 ECPrivateKey ::= SEQUENCE {
   version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
   privateKey OCTET STRING,
   parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
   publicKey [1] BIT STRING OPTIONAL
 }
 

We currently ignore the optional parameters and publicKey fields. We require that the parameters are encoded as part of the AlgorithmIdentifier, not in the private key structure.

Since:

1.6

See Also:

Serialized Form

Field Summary

Fields inherited from class com.ibm.security.pkcs8.PrivateKeyInfo

algid, attributes, key, version

Fields inherited from class com.ibm.security.pkcsutil.PKCSDerObject

provider

Constructor Summary

Constructors

Constructor and Description
ECPrivateKey(java.math.BigInteger s, java.security.spec.ECParameterSpec params) Construct a key from its components.
ECPrivateKey(java.math.BigInteger s, java.security.spec.ECParameterSpec params, ECPublicKey publicKey) Construct a key from its components.
ECPrivateKey(byte[] encoded) Construct a key from its encoding.
ECPrivateKey(ibm.security.internal.spec.RFC5915ECPrivateKeyEncodedKeySpec encodedKeySpec) Construct a key from its ECPrivateKey encoding.

Method Summary

Methods

Modifier and Type	Method and Description
protected void	finalize() This function zeroizes the key so that it isn't in memory when GC is done.
byte[]	getEncoded(java.lang.String algorithm)
java.security.spec.ECParameterSpec	getParams()
ECPublicKey	getPublicKey()
java.math.BigInteger	getS()
protected void	parseKeyBits() Parse the key.
void	zeroize() This function zeroizes the key so that it isn't in memory

Methods inherited from class com.ibm.security.pkcs8.PrivateKeyInfo

addAttribute, addAttributes, clone, decode, encode, equals, getAlgorithm, getAlgorithmId, getAttribute, getAttributes, getEncoded, getFormat, getKeyBytes, hasAttribute, hasAttributes, hashCode, parseKey, parseKey, toString

Methods inherited from class com.ibm.security.pkcsutil.PKCSDerObject

decode, encode, getObjectIdentifier, read, readBASE64, write, write, writeBASE64

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Key

getAlgorithm, getEncoded, getFormat

Methods inherited from interface javax.security.auth.Destroyable

destroy, isDestroyed

Constructor Detail

ECPrivateKey

public ECPrivateKey(byte[] encoded)
             throws java.security.InvalidKeyException

Construct a key from its encoding.

Parameters:

encoded -

Throws:

java.security.InvalidKeyException

ECPrivateKey

public ECPrivateKey(java.math.BigInteger s,
            java.security.spec.ECParameterSpec params)
             throws java.security.InvalidKeyException,
                    java.security.spec.InvalidParameterSpecException

Construct a key from its components.

Parameters:

s -

params -

Throws:

java.security.InvalidKeyException

java.security.spec.InvalidParameterSpecException

ECPrivateKey

public ECPrivateKey(java.math.BigInteger s,
            java.security.spec.ECParameterSpec params,
            ECPublicKey publicKey)
             throws java.security.InvalidKeyException,
                    java.security.spec.InvalidParameterSpecException

Construct a key from its components.

Parameters:

s -

params -

publicKey -

Throws:

java.security.InvalidKeyException

java.security.spec.InvalidParameterSpecException

ECPrivateKey

public ECPrivateKey(ibm.security.internal.spec.RFC5915ECPrivateKeyEncodedKeySpec encodedKeySpec)
             throws java.security.InvalidKeyException

Construct a key from its ECPrivateKey encoding.

Parameters:

encodedKeySpec -

Throws:

java.security.InvalidKeyException

Method Detail

parseKeyBits

protected void parseKeyBits()
                     throws java.io.IOException

Parse the key. Called by PKCS8Key. "key" is a byte array containing the Der-encoded key which resides within the parent class PrivateKeyInfo. The PKCS class named PrivateKeyInfo contains the "decode" method for all PrivateKeys. It expects that the PrivateKey it is decoding contains a version number, an AlgorithmID (containing the OID and AlgorithmParameters), and the encoded key itself. It calls parseKeyBits( ) of the appropriate key class to parse the encoded key.

Overrides:

parseKeyBits in class com.ibm.security.pkcs8.PrivateKeyInfo

Throws:

java.io.IOException

getS

public java.math.BigInteger getS()

Specified by:

getS in interface java.security.interfaces.ECPrivateKey

getParams

public java.security.spec.ECParameterSpec getParams()

Specified by:

getParams in interface java.security.interfaces.ECKey

getPublicKey

public ECPublicKey getPublicKey()

getEncoded

public byte[] getEncoded(java.lang.String algorithm)

zeroize

public void zeroize()

This function zeroizes the key so that it isn't in memory

finalize

protected void finalize()

This function zeroizes the key so that it isn't in memory when GC is done.

Overrides:

finalize in class com.ibm.security.pkcs8.PrivateKeyInfo