Class ECPrivateHWKeySpec

  • All Implemented Interfaces:
    java.security.spec.KeySpec

    public class ECPrivateHWKeySpec
    extends java.lang.Object
    implements java.security.spec.KeySpec
    This class specifies an Elliptic Curve private key with its associated parameter. It represents a key to be used for import or export. Note that private hardware keys are only valid on the machine they are generated on, they cannot be exported to another machine or imported from another machine.
    • Constructor Summary

      Constructors 
      Constructor Description
      ECPrivateHWKeySpec​(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type)
      Create an instance of this class from either an external PKA private key token or a PKDS record label, and the key type.
      ECPrivateHWKeySpec​(byte[] tokenOrLabel, java.security.spec.ECParameterSpec spec, byte type, byte usage)
      Create an instance of this class from either an external PKA private key token or a PKDS record label, the key type and key usage.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      ECHWKeyAttributes getAttributes()
      Return the private key attributes.
      java.security.spec.ECParameterSpec getParams()
      Returns the Elliptic Curve domain parameters.
      byte[] getToken()
      Return a clone of either the external private key token or the PKDS record label.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • ECPrivateHWKeySpec

        public ECPrivateHWKeySpec​(byte[] tokenOrLabel,
                                  java.security.spec.ECParameterSpec spec,
                                  byte type)
        Create an instance of this class from either an external PKA private key token or a PKDS record label, and the key type. Key usage will default to key management if key management is supported by Elliptic Curve keys. If key management is not supported, then the default usage will be signature.
        Parameters:
        tokenOrLabel - either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encoding
        spec - the Elliptic Curve domain parameters
        type - the hardware type of the private key. Please note that it is recommended to use the KeyLabelKeySpec class to create a key specification using a KeyHWAttributeValues.PKDS type of key.
        Throws:
        java.lang.NullPointerException - if either tokenOrLabel or spec is null
        java.lang.IllegalArgumentException - if type is not valid or if tokenOrLabel is not valid for the specified type of private key
      • ECPrivateHWKeySpec

        public ECPrivateHWKeySpec​(byte[] tokenOrLabel,
                                  java.security.spec.ECParameterSpec spec,
                                  byte type,
                                  byte usage)
        Create an instance of this class from either an external PKA private key token or a PKDS record label, the key type and key usage.
        Parameters:
        tokenOrLabel - either an external token or a PKDS record label. If a PKDS label, it should be in ISO_8859_1 character encoding
        spec - the Elliptic Curve domain parameters
        type - the hardware type of the private key. Please note that it is recommended to use the KeyLabelKeySpec class to create a key specification using a KeyHWAttributeValues.PKDS type of key.
        usage - indicates how the private key will be used
        Throws:
        java.lang.NullPointerException - if either tokenOrLabel or spec is null
        java.lang.IllegalArgumentException - if type or usage is not valid, or if tokenOrLabel is not valid for the specified type of private key
    • Method Detail

      • getToken

        public byte[] getToken()
        Return a clone of either the external private key token or the PKDS record label.

        Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.

        Returns:
        A clone of either the external private key token or the PKDS record label
      • getAttributes

        public ECHWKeyAttributes getAttributes()
        Return the private key attributes.
        Returns:
        private key attributes
      • getParams

        public java.security.spec.ECParameterSpec getParams()
        Returns the Elliptic Curve domain parameters.
        Returns:
        the Elliptic Curve domain parameters