Class DSAPrivateHWKey

  • All Implemented Interfaces:
    java.io.Serializable, java.lang.Cloneable, java.security.Key, java.security.PrivateKey, javax.security.auth.Destroyable

    public final class DSAPrivateHWKey
    extends com.ibm.security.pkcs8.PrivateKeyInfo
    implements java.io.Serializable
    A private hardware key for the DSA Algorithm. This key contains a label to the stored key and attributes (KeyHWAttributeValues, which include the key type and key usage).
    See Also:
    Serialized Form
    • Field Summary

      • Fields inherited from class com.ibm.security.pkcs8.PrivateKeyInfo

        algid, attributes, encodedKeyNoOptional, key, version
      • Fields inherited from class com.ibm.security.pkcsutil.PKCSDerObject

        provider
    • Constructor Summary

      Constructors 
      Constructor Description
      DSAPrivateHWKey​(byte[] encoded)
      Deprecated.
      this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.
      DSAPrivateHWKey​(byte[] token, java.math.BigInteger p, java.math.BigInteger q, java.math.BigInteger g, DSAKeyHWAttributes attribs)
      Deprecated.
      this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void deletePKDSEntry()
      This method is used to delete the PKDS information that is associated with this key object.
      void destroy()
      Destroy or clear sensitive information contained in this private key.
      byte[] getEncoded()
      Return the label if the key is in format PKDS or RETAIN, the token if the key is in format TOKEN.
      java.security.interfaces.DSAParams getParams()
      Returns the DSA parameters associated with this key, or null if the parameters could not be parsed.
      byte[] getToken()
      Returns the private key Token.
      byte getType()
      Returns where the key is actually stored the card or the PKDS.
      java.math.BigInteger getX()
      This function has no meaning for Hardware based keys, but is required by the interface.
      boolean isDestroyed()
      This method is called to determine whether this key object still contains key material.
      protected void parseKeyBits()
      This routine parses a PKCS8 encoded string and verifies it for IBM hardware private key.
      java.lang.String toString()
      Returns a string containing a concise, human-readable description of the receiver.
      • Methods inherited from class com.ibm.security.pkcs8.PrivateKeyInfo

        addAttribute, addAttributes, clone, decode, encode, equals, finalize, getAlgorithm, getAlgorithmId, getAttribute, getAttributes, getEncodedKeyNoOptionalAttributes, getFormat, getKeyBytes, hasAttribute, hasAttributes, hashCode, parseKey, parseKey
      • Methods inherited from class com.ibm.security.pkcsutil.PKCSDerObject

        decode, encode, getObjectIdentifier, read, readBASE64, write, write, writeBASE64
      • Methods inherited from class java.lang.Object

        getClass, notify, notifyAll, wait, wait, wait
    • Constructor Detail

      • DSAPrivateHWKey

        @Deprecated
        public DSAPrivateHWKey​(byte[] token,
                               java.math.BigInteger p,
                               java.math.BigInteger q,
                               java.math.BigInteger g,
                               DSAKeyHWAttributes attribs)
                        throws java.security.InvalidKeyException
        Deprecated.
        this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.
        Creates a DSA private key from the following parameters.
        Parameters:
        token - the byte array that represents the key in the hardware. Only PKDS keys can be created, so the token is the byte representation of the key label. It must conform to the character restrictions imposed by ICSF. In addition, when passed to this method as a byte array, it must be encoded using the "8859_1" code page. For example, if the label is "MyLabel" then the correct form for this parameter is "MyLabel".getBytes("8859_1").
        p - is the modulus for this key.
        q - is the prime Q for this key.
        g - is the prime G for this key.
        attribs - are the hardware key attributes to be associated with this key.
        Throws:
        java.security.InvalidKeyException - could not DER encode key.
      • DSAPrivateHWKey

        @Deprecated
        public DSAPrivateHWKey​(byte[] encoded)
                        throws java.security.InvalidKeyException
        Deprecated.
        this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.
        This function can not be used to create a hardware private DSA key. It is just here because it is required by the interface.
        Parameters:
        encoded - the encoded parameters.
        Throws:
        java.security.InvalidKeyException - the key could not decode the key.
    • Method Detail

      • getParams

        public java.security.interfaces.DSAParams getParams()
        Returns the DSA parameters associated with this key, or null if the parameters could not be parsed.
        Returns:
        DSAParams the DSA parameter of this instance.
        Throws:
        java.lang.IllegalStateException - if destroy() has been called in this key object
      • getX

        public java.math.BigInteger getX()
                                  throws java.lang.UnsupportedOperationException
        This function has no meaning for Hardware based keys, but is required by the interface.
        Returns:
        This function only throws the exception UnsupportedOperationException.
        Throws:
        java.lang.UnsupportedOperationException - is always thrown.
      • getEncoded

        public byte[] getEncoded()
        Return the label if the key is in format PKDS or RETAIN, the token if the key is in format TOKEN.
        Specified by:
        getEncoded in interface java.security.Key
        Overrides:
        getEncoded in class com.ibm.security.pkcs8.PrivateKeyInfo
        Returns:
        label or token. If a label is returned it will be in the 8859_1 encoding.
        Throws:
        java.lang.IllegalStateException - if destroy() has been called in this key object
      • getToken

        public byte[] getToken()
        Returns the private key Token.
        Returns:
        byte [] the value of key token. If a label is returned it will be in the 8859_1 encoding.
        Throws:
        java.lang.IllegalStateException - if destroy() has been called in this key object
      • getType

        public byte getType()
        Returns where the key is actually stored the card or the PKDS.
        Returns:
        byte the value of key Storage Type either KeyHWAttributeValues.PKDS or KeyHWAttributeValues.CLEAR.
        Throws:
        java.lang.IllegalStateException - if destroy() has been called in this key object
      • parseKeyBits

        protected void parseKeyBits()
                             throws java.io.IOException
        This routine parses a PKCS8 encoded string and verifies it for IBM hardware private key. If the encoding is not correct an exception is thrown.
        Overrides:
        parseKeyBits in class com.ibm.security.pkcs8.PrivateKeyInfo
        Throws:
        java.io.IOException - the encoded key could not be parsed correctly.
        java.lang.IllegalStateException - if destroy() has been called in this key object
      • deletePKDSEntry

        public void deletePKDSEntry()
                             throws java.security.InvalidKeyException
        This method is used to delete the PKDS information that is associated with this key object.
        Throws:
        java.security.InvalidKeyException - Key object is not PKDS type.
        java.lang.RuntimeException - PKDS label length is incorrect
        java.lang.RuntimeException - if the ICSF operation is not successful
        java.lang.IllegalStateException - if destroy() has been called in this key object
      • toString

        public java.lang.String toString()
        Returns a string containing a concise, human-readable description of the receiver.
        Overrides:
        toString in class com.ibm.security.pkcs8.PrivateKeyInfo
        Returns:
        String the private key in readable form.
        Throws:
        java.lang.IllegalStateException - if destroy() has been called in this key object
      • destroy

        public void destroy()
                     throws javax.security.auth.DestroyFailedException
        Destroy or clear sensitive information contained in this private key. This method is required because the class implements ECPrivateKey, which implements Destroyable. This method destroys data stored in this java object. It does not delete key material from the PKDS.
        Specified by:
        destroy in interface javax.security.auth.Destroyable
        Throws:
        javax.security.auth.DestroyFailedException
      • isDestroyed

        public boolean isDestroyed()
        This method is called to determine whether this key object still contains key material.
        Specified by:
        isDestroyed in interface javax.security.auth.Destroyable
        Returns:
        true if destroy() has been called, otherwise false.