com.ibm.crypto.pkcs11impl.provider

Class IBMPKCS11Impl

  • java.lang.Object
    • java.util.Dictionary<K,V>
      • java.util.Hashtable<java.lang.Object,java.lang.Object>
        • java.util.Properties
          • java.security.Provider
            • java.security.AuthProvider
              • com.ibm.crypto.pkcs11impl.provider.IBMPKCS11Impl
  • All Implemented Interfaces:
    java.io.Serializable, java.lang.Cloneable, java.util.Map<java.lang.Object,java.lang.Object>

    public final class IBMPKCS11Impl
extends java.security.AuthProvider
    Defines the "IBMPKCS11Impl" provider. Supports algorithms that the configured card supports with in the following limits: This provider only supports the following algorithms. It is possible that the configured card supports more than this: This provider only supports the following algorithms. It is possible that the configured card supports more than this: - MD2 - MD5 - SHA1 SHA256 SHA384 SHA512 - MD2withRSA - MD5withRSA - SHA1withRSA - SHA1withDSA - DES - 3DES - AES - Blowfish - RC4 - RSA - DH Key agreement - HmacMD5 - HmacSHA1 HmacSHA256 HmacSHA384 HmacSHA512
    See Also:
    Serialized Form

    • Nested Class Summary

      • Nested classes/interfaces inherited from class java.security.Provider

        java.security.Provider.Service

    • Constructor Summary

      Constructors 
      Constructor and Description
      IBMPKCS11Impl()
      Creates the provider and expects that the current ACC contains a PKCS11Principal.
      IBMPKCS11Impl(java.io.BufferedReader in)
      Creates the provider using the PKCS #11 library name and slot number.
      IBMPKCS11Impl(java.lang.String fullFileName)
      Creates the provider using the PKCS #11 library name and slot number or via a configuration file (for example cryptoki.dll:0 or /usr/foo/config.card).

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method and Description
      void close()
      Closes all open session and cleans up crypto card resources.
      java.util.Map<java.lang.String,java.lang.String> getAttributeMap(java.lang.String algorithmType, java.lang.String algorithmName) 
      SessionManager getSessionManager() 
      void Init(java.io.BufferedReader in)
      Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
      void Init(java.lang.String fullFileName, char[] passwd)
      Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
      void login(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler handler)
      Log in to the hardware device for the associated session.
      void logout()
      Log out from the associated session
      void removeSession()
      Removes and closes the session that is currently associated with the provider.
      void setCallbackHandler(javax.security.auth.callback.CallbackHandler handler)
      Sets the CallbackHandler for this provider.

      • Methods inherited from class java.security.Provider

        clear, compute, computeIfAbsent, computeIfPresent, elements, entrySet, forEach, get, getInfo, getName, getOrDefault, getProperty, getService, getServices, getVersion, keys, keySet, load, merge, put, putAll, putIfAbsent, remove, remove, replace, replace, replaceAll, toString, values

      • Methods inherited from class java.util.Properties

        getProperty, list, list, load, loadFromXML, propertyNames, save, setProperty, store, store, storeToXML, storeToXML, stringPropertyNames

      • Methods inherited from class java.util.Hashtable

        clone, contains, containsKey, containsValue, equals, hashCode, isEmpty, size

      • Methods inherited from class java.lang.Object

        getClass, notify, notifyAll, wait, wait, wait

    • Constructor Detail

      • IBMPKCS11Impl

        public IBMPKCS11Impl()
        Creates the provider and expects that the current ACC contains a PKCS11Principal.

      • IBMPKCS11Impl

        public IBMPKCS11Impl(java.lang.String fullFileName)
              throws java.lang.Exception
        Creates the provider using the PKCS #11 library name and slot number or via a configuration file (for example cryptoki.dll:0 or /usr/foo/config.card).
        Throws:
        java.lang.Exception

      • IBMPKCS11Impl

        public IBMPKCS11Impl(java.io.BufferedReader in)
              throws java.lang.Exception
        Creates the provider using the PKCS #11 library name and slot number. for example cryptoki.dll:0
        Throws:
        java.lang.Exception

    • Method Detail

      • removeSession

        public void removeSession()
        Removes and closes the session that is currently associated with the provider.

      • Init

        public void Init(java.io.BufferedReader in)
          throws java.io.IOException
        Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
        Throws:
        java.io.IOException

      • Init

        public void Init(java.lang.String fullFileName,
                 char[] passwd)
          throws java.io.IOException
        Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
        Throws:
        java.io.IOException

      • close

        public void close()
        Closes all open session and cleans up crypto card resources.

        Once this API is called, the provider has to be reinitialized to be useful.

      • login

        public void login(javax.security.auth.Subject subject,
                  javax.security.auth.callback.CallbackHandler handler)
           throws javax.security.auth.login.LoginException
        Log in to the hardware device for the associated session.

        Get the PIN using the handler supplied by the caller. This handler must support a PasswordCallback.

        Specified by:
        login in class java.security.AuthProvider
        Parameters:
        subject - this parameter is not used
        handler - the CallbackHandler used by to get the PIN from the user.
        Throws:
        javax.security.auth.login.LoginException - if the login operation is unsuccessful
        java.lang.SecurityException - if the does not pass a security check for SecurityPermission("authProvider.name"), where name is the name of the provider.

      • logout

        public void logout()
            throws javax.security.auth.login.LoginException
        Log out from the associated session
        Specified by:
        logout in class java.security.AuthProvider
        Throws:
        javax.security.auth.login.LoginException - if the logout operation is not successful
        java.lang.SecurityException - if the does not pass a security check for SecurityPermission("authProvider.name"), where name is the value the providers name.

      • setCallbackHandler

        public void setCallbackHandler(javax.security.auth.callback.CallbackHandler handler)
        Sets the CallbackHandler for this provider.

        The provider uses this handler if one is not passed in to the login method. The provider also uses this handler if it invokes login on behalf of callers.

        Specified by:
        setCallbackHandler in class java.security.AuthProvider
        Parameters:
        handler - a CallbackHandler for getting the authentication information. This may be null
        Throws:
        java.lang.SecurityException - if the caller does not have access to authProvider. name ", where name is the value the provider's name.

      • getAttributeMap

        public java.util.Map<java.lang.String,java.lang.String> getAttributeMap(java.lang.String algorithmType,
                                                                        java.lang.String algorithmName)
Skip navigation links

© Portions Copyright 2003, 2017 IBM Corporation. All rights reserved.
© Portions Copyright 2003, 2017, Oracle and/or its affiliates. All rights reserved.