com.ibm.crypto.hdwrCCA.provider
Class ECPrivateHWKeySpec
- java.lang.Object
-
- com.ibm.crypto.hdwrCCA.provider.ECPrivateHWKeySpec
-
- All Implemented Interfaces:
- java.security.spec.KeySpec
public class ECPrivateHWKeySpec extends java.lang.Object implements java.security.spec.KeySpecThis class specifies an Elliptic Curve private key with its associated parameter. It represents a key to be used for import or export. Note that private hardware keys are only valid on the machine they are generated on, they cannot be exported to another machine or imported from another machine.
-
-
Constructor Summary
Constructors Constructor and Description ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type)Create an instance of this class from either an external PKA private key token or a PKDS record label, and the key type.ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type, byte usage)Create an instance of this class from either an external PKA private key token or a PKDS record label, the key type and key usage.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method and Description ECHWKeyAttributesgetAttributes()Return the private key attributes.java.security.spec.ECParameterSpecgetParams()Returns the Elliptic Curve domain parameters.byte[]getToken()Return a clone of either the external private key token or the PKDS record label.
-
-
-
Constructor Detail
-
ECPrivateHWKeySpec
public ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type)Create an instance of this class from either an external PKA private key token or a PKDS record label, and the key type. Key usage will default to key management if key management is supported by Elliptic Curve keys. If key management is not supported, then the default usage will be signature.- Parameters:
tokenOrLabel- either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encodingspec- the Elliptic Curve domain parameterstype- the hardware type of the private key. Please note that it is recommended to use theKeyLabelKeySpecclass to create a key specification using aKeyHWAttributeValues.PKDStype of key.- Throws:
java.lang.NullPointerException- if eithertokenOrLabelorspecis nulljava.lang.IllegalArgumentException- iftypeis not valid or iftokenOrLabelis not valid for the specifiedtypeof private key
-
ECPrivateHWKeySpec
public ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type, byte usage)Create an instance of this class from either an external PKA private key token or a PKDS record label, the key type and key usage.- Parameters:
tokenOrLabel- either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encodingspec- the Elliptic Curve domain parameterstype- the hardware type of the private key. Please note that it is recommended to use theKeyLabelKeySpecclass to create a key specification using aKeyHWAttributeValues.PKDStype of key.usage- indicates how the private key will be used- Throws:
java.lang.NullPointerException- if eithertokenOrLabelorspecis nulljava.lang.IllegalArgumentException- iftypeorusageis not valid, or iftokenOrLabelis not valid for the specifiedtypeof private key
-
-
Method Detail
-
getToken
public byte[] getToken()
Return a clone of either the external private key token or the PKDS record label.Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.
- Returns:
- A clone of either the external private key token or the PKDS record label
-
getAttributes
public ECHWKeyAttributes getAttributes()
Return the private key attributes.- Returns:
- private key attributes
-
getParams
public java.security.spec.ECParameterSpec getParams()
Returns the Elliptic Curve domain parameters.- Returns:
- the Elliptic Curve domain parameters
-
-