- java.lang.Object
-
- com.ibm.crypto.hdwrCCA.provider.ECPrivateHWKeySpec
-
- All Implemented Interfaces:
java.security.spec.KeySpec
public class ECPrivateHWKeySpec extends java.lang.Object implements java.security.spec.KeySpec
This class specifies an Elliptic Curve private key with its associated parameter. It represents a key to be used for import or export. Note that private hardware keys are only valid on the machine they are generated on, they cannot be exported to another machine or imported from another machine.
-
-
Constructor Summary
Constructors Constructor Description ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type)
Create an instance of this class from either an external PKA private key token or a PKDS record label, and the key type.ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type, byte usage)
Create an instance of this class from either an external PKA private key token or a PKDS record label, the key type and key usage.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ECHWKeyAttributes
getAttributes()
Return the private key attributes.java.security.spec.ECParameterSpec
getParams()
Returns the Elliptic Curve domain parameters.byte[]
getToken()
Return a clone of either the external private key token or the PKDS record label.
-
-
-
Constructor Detail
-
ECPrivateHWKeySpec
public ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type)
Create an instance of this class from either an external PKA private key token or a PKDS record label, and the key type. Key usage will default to key management if key management is supported by Elliptic Curve keys. If key management is not supported, then the default usage will be signature.- Parameters:
tokenOrLabel
- either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encodingspec
- the Elliptic Curve domain parameterstype
- the hardware type of the private key. Please note that it is recommended to use theKeyLabelKeySpec
class to create a key specification using aKeyHWAttributeValues.PKDS
type of key.- Throws:
java.lang.NullPointerException
- if eithertokenOrLabel
orspec
is nulljava.lang.IllegalArgumentException
- iftype
is not valid or iftokenOrLabel
is not valid for the specifiedtype
of private key
-
ECPrivateHWKeySpec
public ECPrivateHWKeySpec(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type, byte usage)
Create an instance of this class from either an external PKA private key token or a PKDS record label, the key type and key usage.- Parameters:
tokenOrLabel
- either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encodingspec
- the Elliptic Curve domain parameterstype
- the hardware type of the private key. Please note that it is recommended to use theKeyLabelKeySpec
class to create a key specification using aKeyHWAttributeValues.PKDS
type of key.usage
- indicates how the private key will be used- Throws:
java.lang.NullPointerException
- if eithertokenOrLabel
orspec
is nulljava.lang.IllegalArgumentException
- iftype
orusage
is not valid, or iftokenOrLabel
is not valid for the specifiedtype
of private key
-
-
Method Detail
-
getToken
public byte[] getToken()
Return a clone of either the external private key token or the PKDS record label.Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.
- Returns:
- A clone of either the external private key token or the PKDS record label
-
getAttributes
public ECHWKeyAttributes getAttributes()
Return the private key attributes.- Returns:
- private key attributes
-
getParams
public java.security.spec.ECParameterSpec getParams()
Returns the Elliptic Curve domain parameters.- Returns:
- the Elliptic Curve domain parameters
-
-