Module ibm.crypto.hdwrcca
Package com.ibm.crypto.hdwrCCA.provider

Class RSAPrivateHWKeySpec

  • All Implemented Interfaces:
    java.security.spec.KeySpec
    public class RSAPrivateHWKeySpec
extends java.lang.Object
implements java.security.spec.KeySpec
    This class specifies a RSA Hardware key spec to be used with RSAKeyFactory. This is used to make a representation of the key for import or export, but as private hardware keys are only valid on the machine they are generated on they can not be exported to another machine or imported from another machine. This is due to the fact that hardware private keys are either encrypted tokens or labels to the actual stored private key on that machine.

    • Constructor Summary

      Constructors 
      Constructor Description
      RSAPrivateHWKeySpec​(byte[] keyToken, byte type)
      Creates an instance of this class from a key token and key type.
      RSAPrivateHWKeySpec​(byte[] keyToken, byte type, byte usage)
      Creates an instance of this class from a key token, key type and key usage.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      RSAKeyHWAttributes getAttributes()
      Returns the key attributes.
      byte[] getToken()
      Returns a clone of the PKDS label or key token.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • RSAPrivateHWKeySpec

        public RSAPrivateHWKeySpec​(byte[] keyToken,
                           byte type)
        Creates an instance of this class from a key token and key type. The usage is defaulted to KeyHWAttributeValues.KEYMANAGEMENT.
        Parameters:
        keyToken - The token associated with the private key. If this is a key label, then the label must conform to the character restrictions imposed by the platform you are executing on and should be in the ISO_8859_1 character encoding.
        type - The type of the key (KeyHWAttributeValues.RETAIN) or outside the hardware in the PKDS (KeyHWAttributeValues.PKDS) or in the clear (KeyHWAttributeValues.CLEAR). Please note that it is recommended to use the KeyLabelKeySpec class to create a key specification using a KeyHWAttributeValues.PKDS type of key.

      • RSAPrivateHWKeySpec

        public RSAPrivateHWKeySpec​(byte[] keyToken,
                           byte type,
                           byte usage)
        Creates an instance of this class from a key token, key type and key usage.
        Parameters:
        keyToken - The token associated with the private key. If this is a key label, then the label must conform to the character restrictions imposed by the platform you are executing on and should be in the ISO_8859_1 character encoding.
        type - The type of key (KeyHWAttributeValues.RETAIN) or outside the hardware in the PKDS (KeyHWAttributeValues.PKDS) or in the clear (KeyHWAttributeValues.CLEAR (default)). Please note that it is recommended to use the KeyLabelKeySpec class to create a key specification using a KeyHWAttributeValues.PKDS type of key.
        usage - Determines for what purpose the key pair is to be used. KeyHWAttributeValues.SIGNATURE is for signing purposes and KeyHWAttributeValues.KEYMANAGEMENT (default) is for both key management and signing purpose.

    • Method Detail

      • getToken

        public byte[] getToken()
        Returns a clone of the PKDS label or key token.

        Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.

        Returns:
        A clone of the PKDS label or key token.

      • getAttributes

        public RSAKeyHWAttributes getAttributes()
        Returns the key attributes.
        Returns:
        the key attributes.