- java.lang.Object
-
- com.ibm.security.pkcsutil.PKCSDerObject
-
- com.ibm.security.pkcs8.PrivateKeyInfo
-
- com.ibm.crypto.hdwrCCA.provider.DSAPrivateHWKey
-
- All Implemented Interfaces:
java.io.Serializable
,java.lang.Cloneable
,java.security.Key
,java.security.PrivateKey
,javax.security.auth.Destroyable
public final class DSAPrivateHWKey extends com.ibm.security.pkcs8.PrivateKeyInfo implements java.io.Serializable
A private hardware key for the DSA Algorithm. This key contains a label to the stored key and attributes (KeyHWAttributeValues, which include the key type and key usage).- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description DSAPrivateHWKey(byte[] encoded)
Deprecated.this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.DSAPrivateHWKey(byte[] token, java.math.BigInteger p, java.math.BigInteger q, java.math.BigInteger g, DSAKeyHWAttributes attribs)
Deprecated.this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
deletePKDSEntry()
This method is used to delete the PKDS information that is associated with this key object.void
destroy()
Destroy or clear sensitive information contained in this private key.byte[]
getEncoded()
Return the label if the key is in format PKDS or RETAIN, the token if the key is in format TOKEN.java.security.interfaces.DSAParams
getParams()
Returns the DSA parameters associated with this key, or null if the parameters could not be parsed.byte[]
getToken()
Returns the private key Token.byte
getType()
Returns where the key is actually stored the card or the PKDS.java.math.BigInteger
getX()
This function has no meaning for Hardware based keys, but is required by the interface.boolean
isDestroyed()
This method is called to determine whether this key object still contains key material.protected void
parseKeyBits()
This routine parses a PKCS8 encoded string and verifies it for IBM hardware private key.java.lang.String
toString()
Returns a string containing a concise, human-readable description of the receiver.-
Methods inherited from class com.ibm.security.pkcs8.PrivateKeyInfo
addAttribute, addAttributes, clone, decode, encode, equals, finalize, getAlgorithm, getAlgorithmId, getAttribute, getAttributes, getEncodedKeyNoOptionalAttributes, getFormat, getKeyBytes, hasAttribute, hasAttributes, hashCode, parseKey, parseKey
-
-
-
-
Constructor Detail
-
DSAPrivateHWKey
@Deprecated public DSAPrivateHWKey(byte[] token, java.math.BigInteger p, java.math.BigInteger q, java.math.BigInteger g, DSAKeyHWAttributes attribs) throws java.security.InvalidKeyException
Deprecated.this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.Creates a DSA private key from the following parameters.- Parameters:
token
- the byte array that represents the key in the hardware. Only PKDS keys can be created, so the token is the byte representation of the key label. It must conform to the character restrictions imposed by ICSF. In addition, when passed to this method as a byte array, it must be encoded using the "8859_1" code page. For example, if the label is "MyLabel" then the correct form for this parameter is "MyLabel".getBytes("8859_1").p
- is the modulus for this key.q
- is the prime Q for this key.g
- is the prime G for this key.attribs
- are the hardware key attributes to be associated with this key.- Throws:
java.security.InvalidKeyException
- could not DER encode key.
-
DSAPrivateHWKey
@Deprecated public DSAPrivateHWKey(byte[] encoded) throws java.security.InvalidKeyException
Deprecated.this method should not be used by the public, instead the key should be created through the appropriate key factory or key generator.This function can not be used to create a hardware private DSA key. It is just here because it is required by the interface.- Parameters:
encoded
- the encoded parameters.- Throws:
java.security.InvalidKeyException
- the key could not decode the key.
-
-
Method Detail
-
getParams
public java.security.interfaces.DSAParams getParams()
Returns the DSA parameters associated with this key, or null if the parameters could not be parsed.- Returns:
- DSAParams the DSA parameter of this instance.
- Throws:
java.lang.IllegalStateException
- if destroy() has been called in this key object
-
getX
public java.math.BigInteger getX() throws java.lang.UnsupportedOperationException
This function has no meaning for Hardware based keys, but is required by the interface.- Returns:
- This function only throws the exception UnsupportedOperationException.
- Throws:
java.lang.UnsupportedOperationException
- is always thrown.
-
getEncoded
public byte[] getEncoded()
Return the label if the key is in format PKDS or RETAIN, the token if the key is in format TOKEN.- Specified by:
getEncoded
in interfacejava.security.Key
- Overrides:
getEncoded
in classcom.ibm.security.pkcs8.PrivateKeyInfo
- Returns:
- label or token. If a label is returned it will be in the 8859_1 encoding.
- Throws:
java.lang.IllegalStateException
- if destroy() has been called in this key object
-
getToken
public byte[] getToken()
Returns the private key Token.- Returns:
- byte [] the value of key token. If a label is returned it will be in the 8859_1 encoding.
- Throws:
java.lang.IllegalStateException
- if destroy() has been called in this key object
-
getType
public byte getType()
Returns where the key is actually stored the card or the PKDS.- Returns:
- byte the value of key Storage Type either KeyHWAttributeValues.PKDS or KeyHWAttributeValues.CLEAR.
- Throws:
java.lang.IllegalStateException
- if destroy() has been called in this key object
-
parseKeyBits
protected void parseKeyBits() throws java.io.IOException
This routine parses a PKCS8 encoded string and verifies it for IBM hardware private key. If the encoding is not correct an exception is thrown.- Overrides:
parseKeyBits
in classcom.ibm.security.pkcs8.PrivateKeyInfo
- Throws:
java.io.IOException
- the encoded key could not be parsed correctly.java.lang.IllegalStateException
- if destroy() has been called in this key object
-
deletePKDSEntry
public void deletePKDSEntry() throws java.security.InvalidKeyException
This method is used to delete the PKDS information that is associated with this key object.- Throws:
java.security.InvalidKeyException
- Key object is not PKDS type.java.lang.RuntimeException
- PKDS label length is incorrectjava.lang.RuntimeException
- if the ICSF operation is not successfuljava.lang.IllegalStateException
- if destroy() has been called in this key object
-
toString
public java.lang.String toString()
Returns a string containing a concise, human-readable description of the receiver.- Overrides:
toString
in classcom.ibm.security.pkcs8.PrivateKeyInfo
- Returns:
- String the private key in readable form.
- Throws:
java.lang.IllegalStateException
- if destroy() has been called in this key object
-
destroy
public void destroy() throws javax.security.auth.DestroyFailedException
Destroy or clear sensitive information contained in this private key. This method is required because the class implementsECPrivateKey
, which implementsDestroyable
. This method destroys data stored in this java object. It does not delete key material from the PKDS.- Specified by:
destroy
in interfacejavax.security.auth.Destroyable
- Throws:
javax.security.auth.DestroyFailedException
-
isDestroyed
public boolean isDestroyed()
This method is called to determine whether this key object still contains key material.- Specified by:
isDestroyed
in interfacejavax.security.auth.Destroyable
- Returns:
- true if destroy() has been called, otherwise false.
-
-