Module ibm.crypto.hdwrcca
Package com.ibm.crypto.hdwrCCA.provider

Class ECPrivateHWKeySpec

java.lang.Object
com.ibm.crypto.hdwrCCA.provider.ECPrivateHWKeySpec
All Implemented Interfaces:
KeySpec
public class ECPrivateHWKeySpec extends Object implements KeySpec
This class specifies an Elliptic Curve private key with its associated parameter. It represents a key to be used for import or export. Note that private hardware keys are only valid on the machine they are generated on, they cannot be exported to another machine or imported from another machine.

  • Constructor Details

    • ECPrivateHWKeySpec

      public ECPrivateHWKeySpec(byte[] tokenOrLabel, ECParameterSpec spec, byte type)
      Create an instance of this class from either an external PKA private key token or a PKDS record label, and the key type. Key usage will default to key management if key management is supported by Elliptic Curve keys. If key management is not supported, then the default usage will be signature.
      Parameters:
      tokenOrLabel - either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encoding
      spec - the Elliptic Curve domain parameters
      type - the hardware type of the private key. Please note that it is recommended to use the KeyLabelKeySpec class to create a key specification using a KeyHWAttributeValues.PKDS type of key.
      Throws:
      NullPointerException - if either tokenOrLabel or spec is null
      IllegalArgumentException - if type is not valid or if tokenOrLabel is not valid for the specified type of private key

    • ECPrivateHWKeySpec

      public ECPrivateHWKeySpec(byte[] tokenOrLabel, ECParameterSpec spec, byte type, byte usage)
      Create an instance of this class from either an external PKA private key token or a PKDS record label, the key type and key usage.
      Parameters:
      tokenOrLabel - either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encoding
      spec - the Elliptic Curve domain parameters
      type - the hardware type of the private key. Please note that it is recommended to use the KeyLabelKeySpec class to create a key specification using a KeyHWAttributeValues.PKDS type of key.
      usage - indicates how the private key will be used
      Throws:
      NullPointerException - if either tokenOrLabel or spec is null
      IllegalArgumentException - if type or usage is not valid, or if tokenOrLabel is not valid for the specified type of private key

  • Method Details

    • getToken

      public byte[] getToken()
      Return a clone of either the external private key token or the PKDS record label.

      Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.

      Returns:
      A clone of either the external private key token or the PKDS record label

    • getAttributes

      public ECHWKeyAttributes getAttributes()
      Return the private key attributes.
      Returns:
      private key attributes

    • getParams

      public ECParameterSpec getParams()
      Returns the Elliptic Curve domain parameters.
      Returns:
      the Elliptic Curve domain parameters