- java.lang.Object
-
- com.ibm.crypto.hdwrCCA.provider.AESKey
-
- All Implemented Interfaces:
java.io.Serializable
,java.security.Key
,javax.crypto.SecretKey
,javax.security.auth.Destroyable
public class AESKey extends java.lang.Object implements javax.crypto.SecretKey
This class represents an AES key.- See Also:
- Serialized Form
-
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
deleteCKDSEntry()
Delete the CKDS entry associated with this key object if this is a"CKDSLabel"
key object.boolean
equals(java.lang.Object obj)
Performs a deep compare to determine whether the given object represents a key identical to the key represented by this object.protected void
finalize()
Deprecated.java.lang.String
getAlgorithm()
Returns the encryption algorithm associated with this key object.protected boolean
getCanBeStored()
Returns whether this key object is eligible to be stored in a keystore.byte[]
getEncoded()
Returns a clone of the encoded key value for a"RAW"
type key, or an ICSF token for an"ICSFToken"
type key, or a CKDS label for a"CKDSLabel"
type key.java.lang.String
getFormat()
Returns the key type or key format of this key object, either"RAW"
,"ICSFToken"
or"CKDSLabel"
.byte[]
getLabel()
Deprecated.This method is being replaced by the methodgetLabelString()
java.lang.String
getLabelString()
Returns a copy of the CKDS label associated with this key object if this is a"CKDSLabel"
key object.byte[]
getPairedExternalToken()
Returns the paired ICSF token in an exported form, wrapped by an EXPORTER key.byte[]
getToken()
Returns a clone of the ICSF token associated with this key object if this is an"ICSFToken"
key object.int
hashCode()
Calculates a hash code value for this key object.protected void
setCanBeStored(boolean value)
Sets whether this key object is eligible to be stored in a keystore.
-
-
-
Method Detail
-
getEncoded
public byte[] getEncoded()
Returns a clone of the encoded key value for a"RAW"
type key, or an ICSF token for an"ICSFToken"
type key, or a CKDS label for a"CKDSLabel"
type key.Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.
- Specified by:
getEncoded
in interfacejava.security.Key
- Returns:
- a clone of the encoded key value if key type is
"RAW"
. If the key type is"ICSFToken"
or"CKDSLabel"
, then an ICSF token or a CKDS label will be returned, respectively. If a CKDS label is returned it will be returned in the IBM-1047 codepage. If an error is encountered, null is returned.
-
getToken
public byte[] getToken() throws java.security.InvalidKeyException
Returns a clone of the ICSF token associated with this key object if this is an"ICSFToken"
key object.Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.
- Returns:
- a clone of the ICSF token if this is an
"ICSFToken"
key object. - Throws:
java.security.InvalidKeyException
- if this is not an"ICSFToken"
key object.
-
getLabel
@Deprecated public byte[] getLabel() throws java.security.InvalidKeyException
Deprecated.This method is being replaced by the methodgetLabelString()
Returns a clone of the CKDS label associated with this key object if this is a"CKDSLabel"
key object.- Returns:
- a clone of the CKDS label if this is a
"CKDSLabel"
key object. The label will be returned in the IBM-1047 codepage. - Throws:
java.security.InvalidKeyException
- if this is not a"CKDSLabel"
key object.
-
getLabelString
public java.lang.String getLabelString() throws java.security.InvalidKeyException
Returns a copy of the CKDS label associated with this key object if this is a"CKDSLabel"
key object.- Returns:
- a copy of the CKDS label if this is a
"CKDSLabel"
key object. This value will be exactly what is used within the CCA key repository as a label, including trailing blanks. - Throws:
java.security.InvalidKeyException
- if this is not a"CKDSLabel"
key object.
-
getPairedExternalToken
public byte[] getPairedExternalToken()
Returns the paired ICSF token in an exported form, wrapped by an EXPORTER key.ICSF may generate symmetric keys in pairs, such as Key Encrypting Keys (KEK). Key encrypting keys are always generated in either EXPORTER/IMPORTER or IMPORTER/EXPORTER key pairs.
For keys that are generated in pairs, the key forms currently supported is OPEX. This means that the first key (or the primary key) is an operational key on the key generating system, and the second key (or the paired key) is a non-operational key in exportable form.
This method returns the second (or the paired) key, which is in ICSF external symmetric key token format and is a non-operational key wrapped by an EXPORTER key.
- Returns:
- the paired ICSF token in an exported form, wrapped by an EXPORTER key.
-
getAlgorithm
public java.lang.String getAlgorithm()
Returns the encryption algorithm associated with this key object.- Specified by:
getAlgorithm
in interfacejava.security.Key
- Returns:
- the String value "AES".
-
getFormat
public java.lang.String getFormat()
Returns the key type or key format of this key object, either"RAW"
,"ICSFToken"
or"CKDSLabel"
.- Specified by:
getFormat
in interfacejava.security.Key
- Returns:
- the key type of this key object. Either
"RAW"
,"ICSFToken"
or"CKDSLabel"
.
-
setCanBeStored
protected void setCanBeStored(boolean value)
Sets whether this key object is eligible to be stored in a keystore.- Parameters:
value
- true if this key can be stored in a keystore, false otherwise.
-
getCanBeStored
protected boolean getCanBeStored()
Returns whether this key object is eligible to be stored in a keystore. The default value is true unless set bysetCanBeStored(boolean)
to false.- Returns:
- true if the key can be stored in a keystore, false otherwise.
-
deleteCKDSEntry
public void deleteCKDSEntry() throws java.security.InvalidKeyException
Delete the CKDS entry associated with this key object if this is a"CKDSLabel"
key object.- Throws:
java.security.InvalidKeyException
- if this is not a"CKDSLabel"
key object.java.lang.RuntimeException
- if there is an error while deleting the CKDS entry.
-
hashCode
public int hashCode()
Calculates a hash code value for this key object. Objects that are equal will also have the same hash value.- Overrides:
hashCode
in classjava.lang.Object
- Returns:
- the hash code value for this key object.
-
equals
public boolean equals(java.lang.Object obj)
Performs a deep compare to determine whether the given object represents a key identical to the key represented by this object.- Overrides:
equals
in classjava.lang.Object
- Parameters:
obj
- The object to compare to this key object- Returns:
- true if the given object is equal to this key object, false otherwise.
-
finalize
@Deprecated protected void finalize()
Deprecated.Sets the bytes of this key, ICSF token, or CKDS label to zero when there are no more references to this key object. This method is called by the garbage collector on an object when garbage collection determines that there are no more references to the object.- Overrides:
finalize
in classjava.lang.Object
-
-