The KeyFactory Class:
The KeyFactory
class is an engine class that is
designed to provide opaque cryptographic keys (of type Key
)
and key specifications (transparent representations of the underlying
key material).
- DSA
The keys generated by this provider are similar to the keys that are available in a software provider. However, the keys have more methods that relate to the PKCS#11 standard attributes.
The
KeyFactory
class can be used to generate a DSA Private PKCS#11 key from aDSAPrivateKeySpec
or aPKCS11KeySpec
. TheKeyFactory
can also be used to generate a DSA public key from aDSAPublicKeySpec
, anX509EncodedKeySpec
, or aPKCS11KeySpec
.The
KeyFactory
class can also derive aDSAPrivateKeySpec
from a DSA Private PKCS#11 key or aDSAPublicKeySpec
orX509PublicKeySpec
from a DSA public key.The KeyPairGenerator class requires the use of the classPKCS11DSAKeyPairParameterSpec
if the defaults are not to be used. An application is not allowed to only specify the key size, or the key size and source of randomness. This class is required for all non-default key pair generations.Note: That specifying a source of randomness is not required, because the device uses its own source to generate keys.- RSA
This provider handles RSA keys similar to the DSA keys listed previously.
RSA is similar to DSA in that the
KeyFactory
class can be used to generate a RSA Private PKCS#11 key from anRSAPrivateCrtKeySpec
,RSAPrivateKeySpec
or aPKCS11KeySpec
. TheKeyFactory
can also be used to generate an RSA public key from anRSAPublicKeySpec
, anX509EncodedKeySpec
, or anPKCS11KeySpec
. The opposite can also be done to generate anRSAPrivateCrtKeySpec
or anRSAPrivateKeySpec
from an RSA private PKCS#11 key and anRSAPublicKeySpec
orX509EncodeKeySpec
can be generated from an RSA public key.The KeyPairGenerator class is also similar and if an application needs to create an RSA key pair that does not use the defaults, thePKCS11RSAKeyPairParameterSpec
class must be used. An application is not allowed to only specify the key size, or the key size and source of randomness. This class is required for all non-default key pair generations.Note: That specifying a source of randomness is not required, because the device uses its own source to generate keys.- EC
-
This provider handles EC keys similar to the DSA keys listed previously.
EC is similar to DSA in that the
KeyFactory
class can be used to generate a EC Private PKCS#11 key from anECPrivateKeySpec
or aPKCS11KeySpec
. TheKeyFactory
can also be used to generate an EC public key from anECPublicKeySpec
, anX509EncodedKeySpec
, or anPKCS11KeySpec
. The opposite can also be done to generate anECPrivateKeySpec
from an EC private PKCS#11 key and anECPublicKeySpec
orX509EncodeKeySpec
can be generated from an EC public key.The KeyPairGenerator class is also similar, theECParameterSpec
class can be used to generate key pair or an application can only specify the key size, or the key size and source of randomness to generate key pair.Note: That specifying a source of randomness is not required, because the device uses its own source to generate keys.