IAIK PKCS#11 Wrapper
version 1.5

iaik.pkcs.pkcs11
Class MechanismInfo

java.lang.Object
  |
  +--iaik.pkcs.pkcs11.MechanismInfo
All Implemented Interfaces:
java.lang.Cloneable

public class MechanismInfo
extends java.lang.Object
implements java.lang.Cloneable

Objects of this class provide information about a certain mechanism that a token implements.

Version:
1.0
Author:
Karl Scheibelhofer

Field Summary
protected  long flags_
          Contains all feature flags of this mechanism info.
protected  long maxKeySize_
          The maximum key length supported by this algorithm.
protected  long minKeySize_
          The minimum key length supported by this algorithm.
 
Constructor Summary
MechanismInfo()
          Default constructor.
MechanismInfo(CK_MECHANISM_INFO ckMechanismInfo)
          Constructor taking a CK_MECHANISM_INFO object as data source.
 
Method Summary
 MechanismInfo and(MechanismInfo other)
          Create a new MechanismInfo objects whichs flags are a logical AND of this object's flags and the other object's flags.
 java.lang.Object clone()
          Create a (deep) clone of this object.
 boolean equals(java.lang.Object otherObject)
          Override equals to check for the equality of mechanism infos.
 long getMaxKeySize()
          Get the maximum key length supported by this mechanism.
 long getMinKeySize()
          Get the minimum key length supported by this mechanism.
 int hashCode()
          Override hashCode to ensure that hashtable still works after overriding equals.
 boolean isDecrypt()
          Check, if this mechanism can be used for decryption.
 boolean isDerive()
          Check, if this mechanism can be used for key derivation.
 boolean isDigest()
          Check, if this mechanism can be used for digesting.
 boolean isEcCompress()
          Check, if this mechanism can be used with elliptic curve point compressed.
 boolean isEcEcParameters()
          Check, if this mechanism can be used with EC domain parameters of the choice ecParameters.
 boolean isEcF2m()
          Check, if this mechanism can be used with EC domain parameters over F2m.
 boolean isEcFp()
          Check, if this mechanism can be used with EC domain parameters over Fp.
 boolean isEcNamedCurve()
          Check, if this mechanism can be used with EC domain parameters of the choice namedCurve.
 boolean isEcUncompress()
          Check, if this mechanism can be used with elliptic curve point uncompressed.
 boolean isEncrypt()
          Check, if this mechanism can be used for encryption.
 boolean isExtension()
          Check, if there is an extension to the flags; false, if no extensions.
 boolean isGenerate()
          Check, if this mechanism can be used for secret key generation.
 boolean isGenerateKeyPair()
          Check, if this mechanism can be used for key-pair generation.
 boolean isHw()
          Check, if this mechanism is performed in hardware.
 boolean isSign()
          Check, if this mechanism can be used for signing.
 boolean isSignRecover()
          Check, if this mechanism can be used for signing with data recovery.
 boolean isUnwrap()
          Check, if this mechanism can be used for key unwrapping.
 boolean isVerify()
          Check, if this mechanism can be used for verification.
 boolean isVerifyRecover()
          Check, if this mechanism can be used for verification with data recovery.
 boolean isWrap()
          Check, if this mechanism can be used for key wrapping.
 MechanismInfo not()
          Create a new MechanismInfo objects whichs flags are a logical NOT of this object's flags.
 MechanismInfo or(MechanismInfo other)
          Create a new MechanismInfo objects whichs flags are a logical OR of this object's flags and the other object's flags.
 void setDecrypt(boolean decrypt)
          Set if this mechanism can be used for decryption.
 void setDerive(boolean derive)
          Set if this mechanism can be used for key derivation.
 void setDigest(boolean digest)
          Set if this mechanism can be used for digesting.
 void setEcCompress(boolean ecCompress)
          Set if this mechanism can be used with elliptic curve point compressed.
 void setEcEcParameters(boolean ecEcParameters)
          Set if this mechanism can be used with EC domain parameters of the choice ecParameters.
 void setEcF2m(boolean ecF2m)
          Set if this mechanism can be used with EC domain parameters over F2m.
 void setEcFp(boolean ecFp)
          Set if this mechanism can be used with EC domain parameters over Fp.
 void setEcNamedCurve(boolean ecNamedCurve)
          Set if this mechanism can be used with EC domain parameters of the choice namedCurve.
 void setEcUncompress(boolean ecUncompress)
          Set if this mechanism can be used with elliptic curve point uncompressed.
 void setEncrypt(boolean encrypt)
          Set if this mechanism can be used for encryption.
 void setExtension(boolean extension)
          Set if there is an extension to the flags; false, if no extensions.
protected  void setFlagBit(long flagMask, boolean value)
          Set the given feature flag(s) to the given value.
 void setGenerate(boolean generate)
          Set if this mechanism can be used for secret key generation.
 void setGenerateKeyPair(boolean generateKeyPair)
          Set if this mechanism can be used for key-pair generation.
 void setHw(boolean hw)
          Set, if this mechanism is performed in hardware.
 void setMaxKeySize(long maxKeySize)
          /** Set the maximum key length supported by this mechanism.
 void setMinKeySize(long minKeySize)
          Set the minimum key length supported by this mechanism.
 void setSign(boolean sign)
          Set if this mechanism can be used for signing.
 void setSignRecover(boolean signRecover)
          Set if this mechanism can be used for signing with data recovery.
 void setUnwrap(boolean unwrap)
          Set if this mechanism can be used for key unwrapping.
 void setVerify(boolean verfy)
          Set if this mechanism can be used for verification.
 void setVerifyRecover(boolean verifyRecover)
          Set if this mechanism can be used for verification with data recovery.
 void setWrap(boolean wrap)
          Set if this mechanism can be used for key wrapping.
 boolean supports(MechanismInfo requiredFeatures)
          Check, if this mechanism info has those flags set to true, which are set in the given mechanism info.
 java.lang.String toString()
          Returns the string representation of this object.
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

minKeySize_

protected long minKeySize_
The minimum key length supported by this algorithm.

maxKeySize_

protected long maxKeySize_
The maximum key length supported by this algorithm.

flags_

protected long flags_
Contains all feature flags of this mechanism info.
Constructor Detail

MechanismInfo

public MechanismInfo()
Default constructor. All memeber variables get the defualt value for their tpye.

MechanismInfo

public MechanismInfo(CK_MECHANISM_INFO ckMechanismInfo)
Constructor taking a CK_MECHANISM_INFO object as data source.
Parameters:
ckMechanismInfo - The CK_MECHANISM_INFO object that provides the data.
Method Detail

clone

public java.lang.Object clone()
Create a (deep) clone of this object.
Overrides:
clone in class java.lang.Object
Returns:
A clone of this object.

equals

public boolean equals(java.lang.Object otherObject)
Override equals to check for the equality of mechanism infos.
Overrides:
equals in class java.lang.Object
Parameters:
otherObject - The other MechanismInfo object.
Returns:
True, if other is an instance of this class and all member variables are equal.

hashCode

public int hashCode()
Override hashCode to ensure that hashtable still works after overriding equals.
Overrides:
hashCode in class java.lang.Object
Returns:
The hash code of this object. Taken from the mechanism code.

getMinKeySize

public long getMinKeySize()
Get the minimum key length supported by this mechanism.
Returns:
The minimum key length supported by this mechanism..

getMaxKeySize

public long getMaxKeySize()
Get the maximum key length supported by this mechanism.
Returns:
The maximum key length supported by this mechanism.

isHw

public boolean isHw()
Check, if this mechanism is performed in hardware.
Returns:
True, if this mechanism is performed in hardware.

isEncrypt

public boolean isEncrypt()
Check, if this mechanism can be used for encryption.
Returns:
True, if this mechanism can be used for encrpytion.

isDecrypt

public boolean isDecrypt()
Check, if this mechanism can be used for decryption.
Returns:
True, if this mechanism can be used for decrpytion.

isDigest

public boolean isDigest()
Check, if this mechanism can be used for digesting.
Returns:
True, if this mechanism can be used for digesting.

isSign

public boolean isSign()
Check, if this mechanism can be used for signing.
Returns:
True, if this mechanism can be used for signing.

isSignRecover

public boolean isSignRecover()
Check, if this mechanism can be used for signing with data recovery.
Returns:
True, if this mechanism can be used for signing with data recovery.

isVerify

public boolean isVerify()
Check, if this mechanism can be used for verification.
Returns:
True, if this mechanism can be used for verification.

isVerifyRecover

public boolean isVerifyRecover()
Check, if this mechanism can be used for verification with data recovery.
Returns:
True, if this mechanism can be used for verification with data recovery.

isGenerate

public boolean isGenerate()
Check, if this mechanism can be used for secret key generation.
Returns:
True, if this mechanism can be used for secret key generation.

isGenerateKeyPair

public boolean isGenerateKeyPair()
Check, if this mechanism can be used for key-pair generation.
Returns:
True, if this mechanism can be used for key-pair generation.

isWrap

public boolean isWrap()
Check, if this mechanism can be used for key wrapping.
Returns:
True, if this mechanism can be used for key wrapping.

isUnwrap

public boolean isUnwrap()
Check, if this mechanism can be used for key unwrapping.
Returns:
True, if this mechanism can be used for key unwrapping.

isDerive

public boolean isDerive()
Check, if this mechanism can be used for key derivation.
Returns:
True, if this mechanism can be used for key derivation.

isEcFp

public boolean isEcFp()
Check, if this mechanism can be used with EC domain parameters over Fp.
Returns:
True, if this mechanism can be used with EC domain parameters over Fp.

isEcF2m

public boolean isEcF2m()
Check, if this mechanism can be used with EC domain parameters over F2m.
Returns:
True, if this mechanism can be used with EC domain parameters over F2m.

isEcEcParameters

public boolean isEcEcParameters()
Check, if this mechanism can be used with EC domain parameters of the choice ecParameters.
Returns:
True, if this mechanism can be used with EC domain parameters of the choice ecParameters.

isEcNamedCurve

public boolean isEcNamedCurve()
Check, if this mechanism can be used with EC domain parameters of the choice namedCurve.
Returns:
True, if this mechanism can be used with EC domain parameters of the choice namedCurve.

isEcUncompress

public boolean isEcUncompress()
Check, if this mechanism can be used with elliptic curve point uncompressed.
Returns:
True, if this mechanism can be used with elliptic curve point uncompressed.

isEcCompress

public boolean isEcCompress()
Check, if this mechanism can be used with elliptic curve point compressed.
Returns:
True, if this mechanism can be used with elliptic curve point compressed.

isExtension

public boolean isExtension()
Check, if there is an extension to the flags; false, if no extensions. Must be false for this version of PKCS#11.
Returns:
False for this version.

or

public MechanismInfo or(MechanismInfo other)
Create a new MechanismInfo objects whichs flags are a logical OR of this object's flags and the other object's flags. The minimum key size is set to the lower of both key sizes and the maximum key size is set to the higher of both key sizes. If the other is null, the new object has the same contents as this object.
Parameters:
other - The other MechanismInfo object.
Returns:
A new MechanismInfo that is a logical OR of this and other.

and

public MechanismInfo and(MechanismInfo other)
Create a new MechanismInfo objects whichs flags are a logical AND of this object's flags and the other object's flags. The minimum key size is set to the higher of both key sizes and the maximum key size is set to the lower of both key sizes. If the other is null, the new object has no flags set and its key sizes set to zero.
Parameters:
other - The other MechanismInfo object.
Returns:
A new MechanismInfo that is a logical AND of this and other.

not

public MechanismInfo not()
Create a new MechanismInfo objects whichs flags are a logical NOT of this object's flags. The key sizes remain the same.
Returns:
A new MechanismInfo that is a logical NOT of this object.

setMinKeySize

public void setMinKeySize(long minKeySize)
Set the minimum key length supported by this mechanism.
Parameters:
minKeySize - The minimum key length supported by this mechanism.

setMaxKeySize

public void setMaxKeySize(long maxKeySize)
/** Set the maximum key length supported by this mechanism.
Parameters:
maxKeySize - The maximum key length supported by this mechanism.

setHw

public void setHw(boolean hw)
Set, if this mechanism is performed in hardware.
Parameters:
hw - True, if this mechanism is performed in hardware.

setEncrypt

public void setEncrypt(boolean encrypt)
Set if this mechanism can be used for encryption.
Parameters:
encrypt - True, if this mechanism can be used for encrpytion.

setDecrypt

public void setDecrypt(boolean decrypt)
Set if this mechanism can be used for decryption.
Parameters:
decrypt - True, if this mechanism can be used for decrpytion.

setDigest

public void setDigest(boolean digest)
Set if this mechanism can be used for digesting.
Parameters:
digest - True, if this mechanism can be used for digesting.

setSign

public void setSign(boolean sign)
Set if this mechanism can be used for signing.
Parameters:
sign - True, if this mechanism can be used for signing.

setSignRecover

public void setSignRecover(boolean signRecover)
Set if this mechanism can be used for signing with data recovery.
Parameters:
signRecover - True, if this mechanism can be used for signing with data recovery.

setVerify

public void setVerify(boolean verfy)
Set if this mechanism can be used for verification.
Parameters:
verfy - True, if this mechanism can be used for verification.

setVerifyRecover

public void setVerifyRecover(boolean verifyRecover)
Set if this mechanism can be used for verification with data recovery.
Parameters:
verifyRecover - True, if this mechanism can be used for verification with data recovery.

setGenerate

public void setGenerate(boolean generate)
Set if this mechanism can be used for secret key generation.
Parameters:
generate - True, if this mechanism can be used for secret key generation.

setGenerateKeyPair

public void setGenerateKeyPair(boolean generateKeyPair)
Set if this mechanism can be used for key-pair generation.
Parameters:
generateKeyPair - True, if this mechanism can be used for key-pair generation.

setWrap

public void setWrap(boolean wrap)
Set if this mechanism can be used for key wrapping.
Parameters:
wrap - True, if this mechanism can be used for key wrapping.

setUnwrap

public void setUnwrap(boolean unwrap)
Set if this mechanism can be used for key unwrapping.
Parameters:
unwrap - True, if this mechanism can be used for key unwrapping.

setDerive

public void setDerive(boolean derive)
Set if this mechanism can be used for key derivation.
Parameters:
derive - True, if this mechanism can be used for key derivation.

setEcFp

public void setEcFp(boolean ecFp)
Set if this mechanism can be used with EC domain parameters over Fp.
Parameters:
ecFp - True, if this mechanism can be used with EC domain parameters over Fp.

setEcF2m

public void setEcF2m(boolean ecF2m)
Set if this mechanism can be used with EC domain parameters over F2m.
Parameters:
ecF2m - True, if this mechanism can be used with EC domain parameters over F2m.

setEcEcParameters

public void setEcEcParameters(boolean ecEcParameters)
Set if this mechanism can be used with EC domain parameters of the choice ecParameters.
Parameters:
ecEcParameters - True, if this mechanism can be used with EC domain parameters of the choice ecParameters.

setEcNamedCurve

public void setEcNamedCurve(boolean ecNamedCurve)
Set if this mechanism can be used with EC domain parameters of the choice namedCurve.
Parameters:
ecNamedCurve - True, if this mechanism can be used with EC domain parameters of the choice namedCurve.

setEcUncompress

public void setEcUncompress(boolean ecUncompress)
Set if this mechanism can be used with elliptic curve point uncompressed.
Parameters:
ecUncompress - True, if this mechanism can be used with elliptic curve point uncompressed.

setEcCompress

public void setEcCompress(boolean ecCompress)
Set if this mechanism can be used with elliptic curve point compressed.
Parameters:
ecCompress - True, if this mechanism can be used with elliptic curve point compressed.

setExtension

public void setExtension(boolean extension)
Set if there is an extension to the flags; false, if no extensions. Must be false for this version.
Parameters:
extension - False for this version.

supports

public boolean supports(MechanismInfo requiredFeatures)
Check, if this mechanism info has those flags set to true, which are set in the given mechanism info. This may be used as a simple check, if some operations are supported. This also checks the key length range, if they are specified in the given mechaism object; i.e. if they are not zero.
Parameters:
requiredFeatures - The required features.
Returns:
True, if the required features are supported.

toString

public java.lang.String toString()
Returns the string representation of this object.
Overrides:
toString in class java.lang.Object
Returns:
the string representation of this object

setFlagBit

protected void setFlagBit(long flagMask,
                          boolean value)
Set the given feature flag(s) to the given value.
Parameters:
flagMask - The mask of the flag bit(s).
value - True to set the flag(s), false to clear the flag(s).

IAIK PKCS#11 Wrapper
version 1.5

IAIK JavaSecurity Website http://jce.iaik.tugraz.at/

IAIK at Graz University of Technology, Austria, Europe
Copyright 2001-2004, IAIK, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. All Rights Reserved.
version 1.5