IAIK PKCS#11 Wrapper
version 1.5

iaik.pkcs.pkcs11.objects
Class SecretKey

java.lang.Object
  |
  +--iaik.pkcs.pkcs11.objects.Object
        |
        +--iaik.pkcs.pkcs11.objects.Storage
              |
              +--iaik.pkcs.pkcs11.objects.Key
                    |
                    +--iaik.pkcs.pkcs11.objects.SecretKey
All Implemented Interfaces:
java.lang.Cloneable
Direct Known Subclasses:
AESSecretKey, BatonSecretKey, BlowfishSecretKey, CAST128SecretKey, CAST3SecretKey, CAST5SecretKey, CASTSecretKey, CDMFSecretKey, DES2SecretKey, DES3SecretKey, DESSecretKey, GenericSecretKey, IDEASecretKey, JuniperSecretKey, RC2SecretKey, RC4SecretKey, RC5SecretKey, SkipJackSecretKey, TwofishSecretKey

public class SecretKey
extends Key

This is the base class for secret (symmetric) keys. Objects of this class represent secret keys as specified by PKCS#11 v2.11.

Version:
1.0
Author:
Karl Scheibelhofer

Inner classes inherited from class iaik.pkcs.pkcs11.objects.Key
Key.KeyType, Key.VendorDefinedKeyBuilder
 
Inner classes inherited from class iaik.pkcs.pkcs11.objects.Object
Object.ObjectClass, Object.VendorDefinedObjectBuilder
 
Field Summary
protected  BooleanAttribute alwaysSensitive_
          True, if this key was always sensitive.
protected  ByteArrayAttribute checkValue_
          Key checksum of this private key.
protected  BooleanAttribute decrypt_
          True, if this key can be used for decryption.
protected  BooleanAttribute encrypt_
          True, if this key can be used for encryption.
protected  BooleanAttribute extractable_
          True, if this key is extractable from the token.
protected  BooleanAttribute neverExtractable_
          True, if this key was never extractable.
protected  BooleanAttribute sensitive_
          True, if this key is sensitive.
protected  BooleanAttribute sign_
          True, if this key can be used for signing.
protected  BooleanAttribute trusted_
          True, if this public key can be used for wrapping other keys.
protected  BooleanAttribute unwrap_
          True, if this key can be used for unwrapping other keys.
protected  AttributeArray unwrapTemplate_
          Template of the key, that can be unwrapped.
protected  BooleanAttribute verify_
          True, if this key can be used for verification.
protected  BooleanAttribute wrap_
          True, if this key can be used for wrapping other keys.
protected  AttributeArray wrapTemplate_
          Template of the key, that can be wrapped.
protected  BooleanAttribute wrapWithTrusted_
          True, if this private key can only be wrapped with a wrapping key having set the attribute trusted to true.
 
Fields inherited from class iaik.pkcs.pkcs11.objects.Key
allowedMechanisms_, derive_, endDate_, id_, keyGenMechanism_, keyType_, keyTypeNames_, local_, startDate_, vendorKeyBuilder_
 
Fields inherited from class iaik.pkcs.pkcs11.objects.Storage
label_, modifiable_, private_, token_
 
Fields inherited from class iaik.pkcs.pkcs11.objects.Object
attributeTable_, objectClass_, objectClassNames_, objectHandle_, vendorObjectBuilder_
 
Constructor Summary
  SecretKey()
          Default Constructor.
protected SecretKey(Session session, long objectHandle)
          Called by sub-classes to create an instance of a PKCS#11 secret key.
 
Method Summary
protected  void allocateAttributes()
          Allocates the attribute objects for this class and adds them to the attribute table.
 java.lang.Object clone()
          Create a (deep) clone of this object.
 boolean equals(java.lang.Object otherObject)
          Compares all member variables of this object with the other object.
 BooleanAttribute getAlwaysSensitive()
          Gets the always sensitive attribute of this key.
 ByteArrayAttribute getCheckValue()
          Gets the check value attribute of this key.
 BooleanAttribute getDecrypt()
          Gets the decrypt attribute of this key.
 BooleanAttribute getEncrypt()
          Gets the encrypt attribute of this key.
 BooleanAttribute getExtractable()
          Gets the extractable attribute of this key.
static Object getInstance(Session session, long objectHandle)
          The getInstance method of the Object class uses this method to create an instance of a PKCS#11 secret key.
 BooleanAttribute getNeverExtractable()
          Gets the never extractable attribute of this key.
 BooleanAttribute getSensitive()
          Gets the sensitive attribute of this key.
 BooleanAttribute getSign()
          Gets the sign attribute of this key.
 BooleanAttribute getTrusted()
          Gets the trusted attribute of this key.
protected static Object getUnknownSecretKey(Session session, long objectHandle)
          Try to create a key which has no or an unknown secret key type type attribute.
 BooleanAttribute getUnwrap()
          Gets the unwrap attribute of this key.
 AttributeArray getUnwrapTemplate()
          Gets the unwrap template attribute of this key.
 BooleanAttribute getVerify()
          Gets the verify attribute of this key.
 BooleanAttribute getWrap()
          Gets the wrap attribute of this key.
 AttributeArray getWrapTemplate()
          Gets the wrap template attribute of this key.
 BooleanAttribute getWrapWithTrusted()
          Gets the wrap with trusted attribute of this key.
protected static void putAttributesInTable(SecretKey object)
          Put all attributes of the given object into the attributes table of this object.
 java.lang.String toString()
          This method returns a string representation of the current object.
 
Methods inherited from class iaik.pkcs.pkcs11.objects.Key
getAllowedMechanisms, getDerive, getEndDate, getId, getKeyGenMechanism, getKeyType, getKeyTypeName, getLocal, getStartDate, getVendorDefinedKeyBuilder, hashCode, putAttributesInTable, setVendorDefinedKeyBuilder
 
Methods inherited from class iaik.pkcs.pkcs11.objects.Storage
getLabel, getModifiable, getPrivate, getToken, putAttributesInTable
 
Methods inherited from class iaik.pkcs.pkcs11.objects.Object
checkAttributesState, checkAttributeState, getAttribute, getAttributeTable, getAttributeValue, getAttributeValues, getObjectClass, getObjectClassName, getObjectHandle, getSetAttributes, getSetAttributes, getUnknownObject, getVendorDefinedObjectBuilder, putAttribute, putAttributesInTable, readAttributes, removeAttribute, setObjectHandle, setVendorDefinedObjectBuilder, toString
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

sensitive_

protected BooleanAttribute sensitive_
True, if this key is sensitive.

encrypt_

protected BooleanAttribute encrypt_
True, if this key can be used for encryption.

decrypt_

protected BooleanAttribute decrypt_
True, if this key can be used for decryption.

sign_

protected BooleanAttribute sign_
True, if this key can be used for signing.

verify_

protected BooleanAttribute verify_
True, if this key can be used for verification.

wrap_

protected BooleanAttribute wrap_
True, if this key can be used for wrapping other keys.

unwrap_

protected BooleanAttribute unwrap_
True, if this key can be used for unwrapping other keys.

extractable_

protected BooleanAttribute extractable_
True, if this key is extractable from the token.

alwaysSensitive_

protected BooleanAttribute alwaysSensitive_
True, if this key was always sensitive.

neverExtractable_

protected BooleanAttribute neverExtractable_
True, if this key was never extractable.

checkValue_

protected ByteArrayAttribute checkValue_
Key checksum of this private key.

wrapWithTrusted_

protected BooleanAttribute wrapWithTrusted_
True, if this private key can only be wrapped with a wrapping key having set the attribute trusted to true.

trusted_

protected BooleanAttribute trusted_
True, if this public key can be used for wrapping other keys.

wrapTemplate_

protected AttributeArray wrapTemplate_
Template of the key, that can be wrapped.

unwrapTemplate_

protected AttributeArray unwrapTemplate_
Template of the key, that can be unwrapped.
Constructor Detail

SecretKey

public SecretKey()
Default Constructor.

SecretKey

protected SecretKey(Session session,
                    long objectHandle)
             throws TokenException
Called by sub-classes to create an instance of a PKCS#11 secret key.
Parameters:
session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.
objectHandle - The object handle as given from the PKCS#111 module.
Throws:
TokenException - If getting the attributes failed.
Method Detail

getInstance

public static Object getInstance(Session session,
                                 long objectHandle)
                          throws TokenException
The getInstance method of the Object class uses this method to create an instance of a PKCS#11 secret key. This method reads the key type attribute and calls the getInstance method of the according sub-class. If the key type is a vendor defined it uses the VendorDefinedKeyBuilder set by the application. If no secret key could be constructed, this method returns null.
Parameters:
session - The session to use for reading attributes. This session must have the appropriate rights; i.e. it must be a user-session, if it is a private object.
objectHandle - The object handle as given from the PKCS#111 module.
Returns:
The object representing the PKCS#11 object. The returned object can be casted to the according sub-class.
Throws:
TokenException - If getting the attributes failed.

getUnknownSecretKey

protected static Object getUnknownSecretKey(Session session,
                                            long objectHandle)
                                     throws TokenException
Try to create a key which has no or an unknown secret key type type attribute. This implementation will try to use a vendor defined key builder, if such has been set. If this is impossible or fails, it will create just a simple SecretKey .
Parameters:
session - The session to use.
objectHandle - The handle of the object
Returns:
A new Object.
Throws:
TokenException - If no object could be created.

putAttributesInTable

protected static void putAttributesInTable(SecretKey object)
Put all attributes of the given object into the attributes table of this object. This method is only static to be able to access invoke the implementation of this method for each class separately (see use in clone()).
Parameters:
object - The object to handle.

allocateAttributes

protected void allocateAttributes()
Allocates the attribute objects for this class and adds them to the attribute table.
Overrides:
allocateAttributes in class Key

clone

public java.lang.Object clone()
Create a (deep) clone of this object.
Overrides:
clone in class Key
Returns:
A clone of this object.

equals

public boolean equals(java.lang.Object otherObject)
Compares all member variables of this object with the other object. Returns only true, if all are equal in both objects.
Overrides:
equals in class Key
Parameters:
otherObject - The other object to compare to.
Returns:
True, if other is an instance of this class and all member variables of both objects are equal. False, otherwise.

getSensitive

public BooleanAttribute getSensitive()
Gets the sensitive attribute of this key.
Returns:
The sensitive attribute.

getEncrypt

public BooleanAttribute getEncrypt()
Gets the encrypt attribute of this key.
Returns:
The encrypt attribute.

getVerify

public BooleanAttribute getVerify()
Gets the verify attribute of this key.
Returns:
The verify attribute.

getDecrypt

public BooleanAttribute getDecrypt()
Gets the decrypt attribute of this key.
Returns:
The decrypt attribute.

getSign

public BooleanAttribute getSign()
Gets the sign attribute of this key.
Returns:
The sign attribute.

getWrap

public BooleanAttribute getWrap()
Gets the wrap attribute of this key.
Returns:
The wrap attribute.

getUnwrap

public BooleanAttribute getUnwrap()
Gets the unwrap attribute of this key.
Returns:
The unwrap attribute.

getExtractable

public BooleanAttribute getExtractable()
Gets the extractable attribute of this key.
Returns:
The extractable attribute.

getAlwaysSensitive

public BooleanAttribute getAlwaysSensitive()
Gets the always sensitive attribute of this key.
Returns:
The always sensitive attribute.

getNeverExtractable

public BooleanAttribute getNeverExtractable()
Gets the never extractable attribute of this key.
Returns:
The never extractable attribute.

getCheckValue

public ByteArrayAttribute getCheckValue()
Gets the check value attribute of this key.
Returns:
The check value attribute.

getWrapWithTrusted

public BooleanAttribute getWrapWithTrusted()
Gets the wrap with trusted attribute of this key.
Returns:
The wrap with trusted attribute.

getTrusted

public BooleanAttribute getTrusted()
Gets the trusted attribute of this key.
Returns:
The trusted attribute.

getWrapTemplate

public AttributeArray getWrapTemplate()
Gets the wrap template attribute of this key. This attribute can only be used with PKCS#11 modules supporting cryptoki version 2.20 or higher.
Returns:
The wrap template attribute.

getUnwrapTemplate

public AttributeArray getUnwrapTemplate()
Gets the unwrap template attribute of this key. This attribute can only be used with PKCS#11 modules supporting cryptoki version 2.20 or higher.
Returns:
The unwrap template attribute.

toString

public java.lang.String toString()
This method returns a string representation of the current object. The output is only for debugging purposes and should not be used for other purposes.
Overrides:
toString in class Key
Returns:
A string presentation of this object for debugging output.

IAIK PKCS#11 Wrapper
version 1.5

IAIK JavaSecurity Website http://jce.iaik.tugraz.at/

IAIK at Graz University of Technology, Austria, Europe
Copyright 2001-2004, IAIK, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. All Rights Reserved.
version 1.5