iaik.pkcs.pkcs11.provider.keyfactories

Class SecretKeyFactory

java.lang.Object

javax.crypto.SecretKeyFactorySpi

iaik.pkcs.pkcs11.provider.keyfactories.PKCS11SecretKeyFactory

iaik.pkcs.pkcs11.provider.keyfactories.SecretKeyFactory

All Implemented Interfaces:

PKCS11EngineClass

Direct Known Subclasses:

AesKeyFactory, Cast128KeyFactory, Cast3KeyFactory, CastKeyFactory, DesEdeKeyFactory, DesKeyFactory, GenericKeyFactory, IdeaKeyFactory, Rc2KeyFactory, Rc4KeyFactory, Rc5KeyFactory

public abstract class SecretKeyFactory
extends PKCS11SecretKeyFactory

This is a generic secret key factory that transforms secret key specs into PKCS#11 key objects and vice versa.

Author:

Karl Scheibelhofer

Field Summary

Fields inherited from class iaik.pkcs.pkcs11.provider.keyfactories.PKCS11SecretKeyFactory

pkcs11KeySpec_, pkcs11OperationInitialized_, session_, softwareDelegate_, tokenManager_

Constructor Summary

Constructors

Constructor and Description
SecretKeyFactory() Default constructor.

Method Summary

Modifier and Type	Method and Description
protected abstract iaik.pkcs.pkcs11.objects.Object	createKeyCreationTemplate(java.security.spec.KeySpec secretKeySpec) Create the key template to use as input for the object creation.
protected byte[]	extractKeyMaterial(iaik.pkcs.pkcs11.objects.Key keyObject) Get the key material of the given key object.
protected java.lang.String	getSoftwareDelegateAlgorithm() Return the name of the software algorithm to use, if this object must use a software delegation object.
protected abstract boolean	isAlgorithmAccepted(java.lang.String algorithmName) Check, if this factory can handle keys of the algorithm given by its name.
protected boolean	isFormatAccepted(java.lang.String formatName) Check, if this factory can handle keys encoded in the given format.
protected javax.crypto.SecretKey	pkcs11GenerateSecret(java.security.spec.KeySpec keySpec) Converts the given key specification (key material) into a SecretKey object.
protected java.security.spec.KeySpec	pkcs11GetKeySpec(javax.crypto.SecretKey key, java.lang.Class keySpecClass) Returns a specification (key material) of the given key object.
protected void	validateKeySpec(java.security.spec.KeySpec keySpec) Check, if this factory can handle the given key specification.

Methods inherited from class iaik.pkcs.pkcs11.provider.keyfactories.PKCS11SecretKeyFactory

createKey, engineGenerateSecret, engineGetKeySpec, engineTranslateKey, finalize, finalizePkcs11Operation, getAlgorithmName, initializePkcs11Operation, initializeSession, initializeSoftwareDelegate, isSessionAppropriate, isSupportedBy, pkcs11TranslateKey

Methods inherited from class java.lang.Object

clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecretKeyFactory

public SecretKeyFactory()

Default constructor.

Method Detail

createKeyCreationTemplate

protected abstract iaik.pkcs.pkcs11.objects.Object createKeyCreationTemplate(java.security.spec.KeySpec secretKeySpec)
                                                                      throws java.security.spec.InvalidKeySpecException

Create the key template to use as input for the object creation. The given secret key specification provides application defined attributes.

Parameters:

secretKeySpec - The key spec providing algorithm specific key attributes.

Returns:

The key template to serve as input for the PKCS#11 object creation.

Throws:

java.security.spec.InvalidKeySpecException - If the given key material is inappropriate for this factory.

Postconditions:

(result <> null)

Preconditions:

(secretKeySpec <> null)

pkcs11GenerateSecret

protected javax.crypto.SecretKey pkcs11GenerateSecret(java.security.spec.KeySpec keySpec)
                                               throws java.security.spec.InvalidKeySpecException

Converts the given key specification (key material) into a SecretKey object.

Specified by:

pkcs11GenerateSecret in class PKCS11SecretKeyFactory

Parameters:

keySpec - the specification (key material) to be converted into SecretKey representation.

Returns:

the SecretKey object

Throws:

java.security.spec.InvalidKeySpecException - if the given key material cannot be converted into a SecretKey object by this key factory

See Also:

SecretKeyFactorySpi.engineGenerateSecret(KeySpec)

pkcs11GetKeySpec

protected java.security.spec.KeySpec pkcs11GetKeySpec(javax.crypto.SecretKey key,
                                                      java.lang.Class keySpecClass)
                                               throws java.security.spec.InvalidKeySpecException

Returns a specification (key material) of the given key object. keySpec identifies the specification class in which the key material should be returned. It could, for example, be DHPublicKeySpec.class, to indicate that the key material should be returned in an instance of the DHPublicKeySpec class.

Specified by:

pkcs11GetKeySpec in class PKCS11SecretKeyFactory

Parameters:

key - The key.

keySpecClass - The specification class in which the key material should be returned.

Returns:

The underlying key specification (key material) in an instance of the requested specification class.

Throws:

java.security.spec.InvalidKeySpecException - if the requested key specification is inappropriate for the given key, or the given key cannot be dealt with (e.g., the given key has an unrecognized format).

Postconditions:

(result <> null)

Preconditions:

(key <> null) and (keySpecClass <> null) and (keySpecClass.equals(PKCS11KeySpec.class) or keySpecClass.equals(SecretKeySpec.class))

extractKeyMaterial

protected byte[] extractKeyMaterial(iaik.pkcs.pkcs11.objects.Key keyObject)
                             throws java.security.spec.InvalidKeySpecException,
                                    NonExtractableComponentException,
                                    IAIKPkcs11Exception

Get the key material of the given key object.

Parameters:

keyObject - The key.

Returns:

The name of the key algorithm of this factory.

Throws:

java.security.spec.InvalidKeySpecException - If the key object is not accepted by this factory.

NonExtractableComponentException - If any attribute is sensitive.

IAIKPkcs11Exception - If any attribute is not present.

Postconditions:

(result <> null)

getSoftwareDelegateAlgorithm

protected java.lang.String getSoftwareDelegateAlgorithm()

Return the name of the software algorithm to use, if this object must use a software delegation object.

Specified by:

getSoftwareDelegateAlgorithm in class PKCS11SecretKeyFactory

Returns:

The name of the software secure random; e.g. AES.

Postconditions:

(result <> null)

isAlgorithmAccepted

protected abstract boolean isAlgorithmAccepted(java.lang.String algorithmName)

Check, if this factory can handle keys of the algorithm given by its name.

Parameters:

algorithmName - The name of the key algorithm.

Returns:

True, if this factory can handle keys of this algorithm.

isFormatAccepted

protected boolean isFormatAccepted(java.lang.String formatName)

Check, if this factory can handle keys encoded in the given format.

Parameters:

formatName - The name of the encoding.

Returns:

True, if this factory can handle keys encoded in this format.

validateKeySpec

protected void validateKeySpec(java.security.spec.KeySpec keySpec)
                        throws java.security.spec.InvalidKeySpecException

Check, if this factory can handle the given key specification. This method throws an InvalidKeySpecException if the given keySpec is invalid.

Parameters:

keySpec - The key specification.

Throws:

java.security.spec.InvalidKeySpecException - If the requested key specification is inappropriate for the given key, or the given key cannot be dealt with (e.g., the given key has an unrecognized format).

Preconditions:

(secretKeySpec <> null)