iaik.pkcs.pkcs11.objects

Class Key

java.lang.Object

iaik.pkcs.pkcs11.objects.PKCS11Object

iaik.pkcs.pkcs11.objects.Storage

iaik.pkcs.pkcs11.objects.Key

Direct Known Subclasses:

PrivateKey, PublicKey, SecretKey

public class Key
extends Storage

An object of this class represents a key as defined by PKCS#11 2.11. A key is of a specific type: RSA, DSA, DH, ECDSA, EC, X9_42_DH, KEA, GENERIC_SECRET, RC2, RC4, DES, DES2, DES3, CAST, CAST3, CAST5, CAST128, RC5, IDEA, SKIPJACK, BATON, JUNIPER, CDMF, AES or VENDOR_DEFINED. If an application needs to use vendor-defined keys, it must set a VendorDefinedKeyeBuilder using the setVendorDefinedKeyBuilder method.

Version:

1.0

Author:

Karl Scheibelhofer

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	Key.KeyType This interface defines the available key types as defined by PKCS#11 v2.11: RSA, DSA, DH, ECDSA, KEA, GENERIC_SECRET, RC2, RC4, DES, DES2, DES3, CAST, CAST3, CAST5, CAST128, RC5, IDEA, SKIPJACK, BATON, JUNIPER, CDMF, AES, EC, X9_42_DH or VENDOR_DEFINED.
static interface	Key.VendorDefinedKeyBuilder If an application uses vendor defined keys, it must implement this interface and install such an object handler using setVendorDefinedKeyBuilder.

Nested classes/interfaces inherited from class iaik.pkcs.pkcs11.objects.PKCS11Object

PKCS11Object.ObjectClass, PKCS11Object.VendorDefinedObjectBuilder

Field Summary

Fields

Modifier and Type	Field and Description
protected MechanismArrayAttribute	allowedMechanisms The list of mechanism that can be used with this key.
protected BooleanAttribute	derive True, if other keys can be derived from this key.
protected DateAttribute	endDate The end date of this key's validity.
protected ByteArrayAttribute	id The identifier (ID) of this key.
protected MechanismAttribute	keyGenMechanism The mechanism used to generate the key material.
protected KeyTypeAttribute	keyType The type of this key.
protected static Hashtable<Long,String>	keyTypeNames A table holding string representations for all known key types.
protected BooleanAttribute	local True, if this key was created (generated or copied from a different key) on the token.
protected DateAttribute	startDate The start date of this key's validity.
protected static Key.VendorDefinedKeyBuilder	vendorKeyBuilder The currently set vendor defined key builder, or null.

Fields inherited from class iaik.pkcs.pkcs11.objects.Storage

label, modifiable, private_, token

Fields inherited from class iaik.pkcs.pkcs11.objects.PKCS11Object

attributeTable, objectClass, objectClassNames, objectHandle, vendorObjectBuilder

Constructor Summary

Constructors

Modifier	Constructor and Description
	Key() The default constructor.
protected	Key(Session session, long objectHandle) Called by sub-classes to create an instance of a PKCS#11 key.

Method Summary

Modifier and Type	Method and Description
protected void	allocateAttributes() Allocates the attribute objects for this class and adds them to the attribute table.
boolean	equals(Object otherObject) Compares all member variables of this object with the other object.
MechanismArrayAttribute	getAllowedMechanisms() Get the list of mechanisms that are allowed to use with this key.
BooleanAttribute	getDerive() Check, if other keys can be derived from this key.
DateAttribute	getEndDate() Gets the end date attribute of the validity of this key.
ByteArrayAttribute	getId() Gets the ID attribute of this key.
MechanismAttribute	getKeyGenMechanism() Get the mechanism used to generate the key material for this key.
LongAttribute	getKeyType() Gets the key type attribute of the PKCS#11 key.
static String	getKeyTypeName(Long keyType) Get the given key type as string.
BooleanAttribute	getLocal() Check, if this key is a local key; i.e.
DateAttribute	getStartDate() Gets the start date attribute of the validity of this key.
static Key.VendorDefinedKeyBuilder	getVendorDefinedKeyBuilder() Get the currently set vendor-defined key builder.
int	hashCode() The overriding of this method should ensure that the objects of this class work correctly in a hashtable.
protected static void	putAttributesInTable(Key object) Put all attributes of the given object into the attributes table of this object.
void	readAttributes(Session session) Read the values of the attributes of this object from the token.
static void	setVendorDefinedKeyBuilder(Key.VendorDefinedKeyBuilder builder) Set a vendor-defined key builder that should be called to create an instance of an vendor-defined PKCS#11 key; i.e.
String	toString() Returns a string representation of the current object.

Methods inherited from class iaik.pkcs.pkcs11.objects.Storage

getLabel, getModifiable, getPrivate, getToken, putAttributesInTable

Methods inherited from class iaik.pkcs.pkcs11.objects.PKCS11Object

getAttribute, getAttributeTable, getAttributeValue, getAttributeValues, getInstance, getObjectClass, getObjectClassName, getObjectHandle, getSetAttributes, getSetAttributes, getUnknownObject, getVendorDefinedObjectBuilder, putAttribute, putAttributesInTable, removeAttribute, setObjectHandle, setVendorDefinedObjectBuilder, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

vendorKeyBuilder

protected static Key.VendorDefinedKeyBuilder vendorKeyBuilder

The currently set vendor defined key builder, or null.

keyTypeNames

protected static Hashtable<Long,String> keyTypeNames

A table holding string representations for all known key types. Table key is the key type as Long object.

keyType

protected KeyTypeAttribute keyType

The type of this key. Its value is one of KeyType, or one that has a bigger value than VENDOR_DEFINED.

id

protected ByteArrayAttribute id

The identifier (ID) of this key.

startDate

protected DateAttribute startDate

The start date of this key's validity.

endDate

protected DateAttribute endDate

The end date of this key's validity.

derive

protected BooleanAttribute derive

True, if other keys can be derived from this key.

local

protected BooleanAttribute local

True, if this key was created (generated or copied from a different key) on the token.

keyGenMechanism

protected MechanismAttribute keyGenMechanism

The mechanism used to generate the key material.

allowedMechanisms

protected MechanismArrayAttribute allowedMechanisms

The list of mechanism that can be used with this key.

Constructor Detail

Key

public Key()

The default constructor. An application use this constructor to instantiate a key that serves as a template. It may also be useful for working with vendor-defined keys.

Key

protected Key(Session session,
              long objectHandle)
       throws TokenException

Called by sub-classes to create an instance of a PKCS#11 key.

Parameters:

session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.

objectHandle - The object handle as given from the PKCS#111 module.

Throws:

TokenException - If getting the attributes failed.

Method Detail

setVendorDefinedKeyBuilder

public static void setVendorDefinedKeyBuilder(Key.VendorDefinedKeyBuilder builder)

Set a vendor-defined key builder that should be called to create an instance of an vendor-defined PKCS#11 key; i.e. an instance of a vendor defined sub-class of this class.

Parameters:

builder - The vendor-defined key builder. Null to clear any previously installed vendor-defined builder.

getVendorDefinedKeyBuilder

public static Key.VendorDefinedKeyBuilder getVendorDefinedKeyBuilder()

Get the currently set vendor-defined key builder.

Returns:

The currently set vendor-defined key builder or null if none is set.

getKeyTypeName

public static String getKeyTypeName(Long keyType)

Get the given key type as string.

Parameters:

keyType - The key type to get as string.

Returns:

A string denoting the key type; e.g. "RSA".

putAttributesInTable

protected static void putAttributesInTable(Key object)

Put all attributes of the given object into the attributes table of this object. This method is only static to be able to access invoke the implementation of this method for each class separately.

Parameters:

object - The object to handle.

allocateAttributes

protected void allocateAttributes()

Allocates the attribute objects for this class and adds them to the attribute table.

Overrides:

allocateAttributes in class Storage

equals

public boolean equals(Object otherObject)

Compares all member variables of this object with the other object. Returns only true, if all are equal in both objects.

Overrides:

equals in class Storage

Parameters:

otherObject - The other object to compare to.

Returns:

True, if other is an instance of this class and all member variables of both objects are equal. False, otherwise.

getKeyType

public LongAttribute getKeyType()

Gets the key type attribute of the PKCS#11 key. Its value must be one of those defined in the KeyType interface or one with an value bigger than KeyType.VENDOR_DEFINED.

Returns:

The key type identifier.

getId

public ByteArrayAttribute getId()

Gets the ID attribute of this key.

Returns:

The key identifier attribute.

getStartDate

public DateAttribute getStartDate()

Gets the start date attribute of the validity of this key.

Returns:

The start date of validity.

getEndDate

public DateAttribute getEndDate()

Gets the end date attribute of the validity of this key.

Returns:

The end date of validity.

getDerive

public BooleanAttribute getDerive()

Check, if other keys can be derived from this key.

Returns:

Its value is true, if other keys can be derived from this key.

getLocal

public BooleanAttribute getLocal()

Check, if this key is a local key; i.e. was generated on the token or created via copy from a different key on the token.

Returns:

Its value is true, if the key was created on the token.

getKeyGenMechanism

public MechanismAttribute getKeyGenMechanism()

Get the mechanism used to generate the key material for this key.

Returns:

The mechanism attribute used to generate the key material for this key.

getAllowedMechanisms

public MechanismArrayAttribute getAllowedMechanisms()

Get the list of mechanisms that are allowed to use with this key. This attribute can only be used with PKCS#11 modules supporting cryptoki version 2.20 or higher.

Returns:

The list of mechanisms that are allowed to use with this key.

hashCode

public int hashCode()

The overriding of this method should ensure that the objects of this class work correctly in a hashtable.

Overrides:

hashCode in class Storage

Returns:

The hash code of this object.

readAttributes

public void readAttributes(Session session)
                    throws TokenException

Read the values of the attributes of this object from the token.

Overrides:

readAttributes in class Storage

Parameters:

session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.

Throws:

TokenException - If getting the attributes failed.

toString

public String toString()

Returns a string representation of the current object. The output is only for debugging purposes and should not be used for other purposes.

Overrides:

toString in class Storage

Returns:

A string presentation of this object for debugging output.