public class CryptoUtil
extends java.lang.Object
| Modifier and Type | Field and Description |
|---|---|
static java.util.List<java.lang.Integer> |
clientECCipherList |
static java.lang.Integer[] |
clientECCiphers |
static java.lang.String |
INTERNAL_TOKEN_FULL_NAME |
static java.lang.String |
INTERNAL_TOKEN_NAME |
static int |
KEY_ID_LENGTH |
static int |
LINE_COUNT |
static org.mozilla.jss.asn1.OBJECT_IDENTIFIER |
RSA_ENCRYPTION |
| Constructor and Description |
|---|
CryptoUtil() |
| Modifier and Type | Method and Description |
|---|---|
static boolean |
arraysEqual(byte[] bytes,
byte[] ints) |
static byte[] |
base64Decode(java.lang.String s) |
static java.lang.String |
base64Encode(byte[] bytes) |
static org.mozilla.jss.ssl.SSLVersionRange |
boundSSLDatagramVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max) |
static org.mozilla.jss.ssl.SSLVersionRange |
boundSSLStreamVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max) |
static java.lang.String |
byte2string(byte[] id)
Converts any length byte array into a signed, variable-length
hexadecimal number.
|
static char[] |
bytesToChars(byte[] bytes) |
static java.lang.String |
certFormat(java.lang.String content) |
static byte[] |
charsToBytes(char[] chars) |
static boolean |
compare(byte[] src,
byte[] dest)
Compares 2 byte arrays to see if they are the same.
|
static org.mozilla.jss.netscape.security.pkcs.PKCS10 |
createCertificationRequest(java.lang.String subjectName,
java.security.KeyPair keyPair)
Creates a PKCS#10 request.
|
static org.mozilla.jss.netscape.security.pkcs.PKCS10 |
createCertificationRequest(java.lang.String subjectName,
java.security.KeyPair keyPair,
org.mozilla.jss.netscape.security.x509.Extensions exts) |
static org.mozilla.jss.netscape.security.pkcs.PKCS10 |
createCertificationRequest(java.lang.String subjectName,
java.security.KeyPair keyPair,
java.lang.String alg) |
static org.mozilla.jss.netscape.security.pkcs.PKCS10 |
createCertificationRequest(java.lang.String subjectName,
org.mozilla.jss.netscape.security.x509.X509Key pubk,
org.mozilla.jss.crypto.PrivateKey prik)
Creates a PKCS#10 request.
|
static org.mozilla.jss.netscape.security.pkcs.PKCS10 |
createCertificationRequest(java.lang.String subjectName,
org.mozilla.jss.netscape.security.x509.X509Key pubk,
org.mozilla.jss.crypto.PrivateKey prik,
java.lang.String alg) |
static org.mozilla.jss.netscape.security.pkcs.PKCS10 |
createCertificationRequest(java.lang.String subjectName,
org.mozilla.jss.netscape.security.x509.X509Key pubk,
org.mozilla.jss.crypto.PrivateKey prik,
java.lang.String alg,
org.mozilla.jss.netscape.security.x509.Extensions exts) |
static org.mozilla.jss.crypto.SymmetricKey |
createDes3SessionKeyOnInternal() |
static byte[] |
createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
char[] data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) |
static byte[] |
createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.PrivateKey data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) |
static byte[] |
createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) |
static org.mozilla.jss.pkix.cms.EnvelopedData |
createEnvelopedData(byte[] encContent,
byte[] encSymKey)
for CMC encryptedPOP
|
static org.mozilla.jss.netscape.security.x509.KeyIdentifier |
createKeyIdentifier(java.security.KeyPair keypair) |
static org.mozilla.jss.util.Password |
createPasswordFromBytes(byte[] bytes)
Create a jss Password object from a provided byte array.
|
static org.mozilla.jss.pkix.crmf.PKIArchiveOptions |
createPKIArchiveOptions(byte[] session_data,
byte[] key_data,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) |
static org.mozilla.jss.pkix.crmf.PKIArchiveOptions |
createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
char[] data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) |
static org.mozilla.jss.pkix.crmf.PKIArchiveOptions |
createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.PrivateKey data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) |
static void |
createSharedSecret(java.lang.String nickname) |
static org.mozilla.jss.netscape.security.x509.X509CertInfo |
createX509CertInfo(java.security.KeyPair pair,
int serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter)
Creates a Certificate template.
|
static org.mozilla.jss.netscape.security.x509.X509CertInfo |
createX509CertInfo(java.security.PublicKey publickey,
int serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter) |
static org.mozilla.jss.netscape.security.x509.X509CertInfo |
createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key,
java.math.BigInteger serialno,
org.mozilla.jss.netscape.security.x509.CertificateIssuerName issuernameObj,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter,
java.lang.String alg) |
static org.mozilla.jss.netscape.security.x509.X509CertInfo |
createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key,
java.math.BigInteger serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter) |
static org.mozilla.jss.netscape.security.x509.X509CertInfo |
createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key,
java.math.BigInteger serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter,
java.lang.String alg) |
static org.mozilla.jss.netscape.security.x509.X509Key |
createX509Key(java.security.PublicKey publicKey) |
static byte[] |
decodeKeyID(java.lang.String id)
Converts NSS key ID from a signed, variable-length hexadecimal number
into a 20 byte array, which will be identical to the original byte array.
|
static byte[] |
decryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.IVParameterSpec ivspec,
byte[] encryptedData,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
org.mozilla.jss.crypto.EncryptionAlgorithm encryptionAlgorithm) |
static void |
deleteCertificates(java.lang.String nickname)
Deletes all certificates by a nickname.
|
static void |
deletePrivateKey(org.mozilla.jss.crypto.PrivateKey prikey)
Deletes a private key.
|
static void |
deleteSharedSecret(java.lang.String nickname) |
static void |
deleteUserCertificates(java.lang.String nickname)
Deletes user certificates by a nickname.
|
static java.lang.String |
encodeKeyID(byte[] keyID)
Converts NSS key ID from a 20 byte array into a signed, variable-length
hexadecimal number (to maintain compatibility with byte2string()).
|
static byte[] |
encodePKIArchiveOptions(org.mozilla.jss.pkix.crmf.PKIArchiveOptions opts) |
static byte[] |
encryptSecret(org.mozilla.jss.crypto.CryptoToken token,
byte[] secret,
org.mozilla.jss.crypto.IVParameterSpec iv,
org.mozilla.jss.crypto.SymmetricKey key,
org.mozilla.jss.crypto.EncryptionAlgorithm algorithm) |
static byte[] |
encryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
byte[] data,
org.mozilla.jss.crypto.EncryptionAlgorithm alg,
org.mozilla.jss.crypto.IVParameterSpec ivspec) |
static java.util.List<byte[]> |
exportSharedSecret(java.lang.String nickname,
java.security.cert.X509Certificate wrappingCert,
org.mozilla.jss.crypto.SymmetricKey wrappingKey) |
static org.mozilla.jss.crypto.PrivateKey |
findPrivateKeyFromID(byte[] id)
Retrieves a private key from a unique key ID.
|
static java.security.KeyPair |
generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize)
Generates an ecc key pair.
|
static java.security.KeyPair |
generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) |
static java.security.KeyPair |
generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask,
boolean temporary,
int sensitive,
int extractable) |
static java.security.KeyPair |
generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String curveName)
Generates an ecc key pair by curve name
|
static java.security.KeyPair |
generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String curveName,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) |
static java.security.KeyPair |
generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String curveName,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask,
boolean temporary,
int sensitive,
int extractable) |
static org.mozilla.jss.crypto.SymmetricKey |
generateKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.KeyGenAlgorithm alg,
int keySize,
org.mozilla.jss.crypto.SymmetricKey.Usage[] usages,
boolean temporary) |
static byte[] |
generateKeyIdentifier(byte[] rawKey) |
static byte[] |
generateKeyIdentifier(byte[] rawKey,
java.lang.String alg) |
static java.security.KeyPair |
generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize)
Generates a RSA key pair.
|
static java.security.KeyPair |
generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize,
boolean temporary) |
static org.mozilla.jss.netscape.security.x509.X509CertImpl[] |
getAllUserCerts()
Retrieves all user certificates from all tokens.
|
static org.mozilla.jss.crypto.CryptoToken |
getCryptoToken(java.lang.String name)
Retrieves handle to a crypto token.
|
static org.mozilla.jss.pkix.primitive.AlgorithmIdentifier |
getDefaultHashAlg() |
static java.lang.String |
getDefaultHashAlgName()
The following are convenience routines for quick preliminary
feature development or test programs that would just take
the defaults
|
static java.lang.String[] |
getECcurves() |
static java.util.Vector<java.lang.String> |
getECKeyCurve(org.mozilla.jss.netscape.security.x509.X509Key key) |
static org.mozilla.jss.netscape.security.x509.Extension |
getExtensionFromCertTemplate(org.mozilla.jss.pkix.crmf.CertTemplate certTemplate,
org.mozilla.jss.netscape.security.util.ObjectIdentifier csOID) |
static org.mozilla.jss.netscape.security.x509.Extension |
getExtensionFromPKCS10(org.mozilla.jss.netscape.security.pkcs.PKCS10 pkcs10,
java.lang.String extnName) |
static org.mozilla.jss.asn1.OBJECT_IDENTIFIER |
getHashAlgorithmOID(java.lang.String name)
getHashAlgorithmOID returns OID of the hashing algorithm name
|
static java.lang.String |
getHMACAlgName(java.lang.String name)
Maps from HMACAlgorithm name to JSS Provider HMAC Alg name.
|
static org.mozilla.jss.asn1.OBJECT_IDENTIFIER |
getHMACAlgorithmOID(java.lang.String name)
getHMACAlgorithmOID returns OID of the HMAC algorithm name
|
static java.lang.String |
getHMACtoMessageDigestName(java.lang.String name)
maps from HMACAlgorithm name to FIPS 180-2 MessageDigest algorithm name
|
static org.mozilla.jss.crypto.CryptoToken |
getKeyStorageToken(java.lang.String name)
Retrieves handle to a key store token.
|
static byte[] |
getModulus(java.security.PublicKey pubk) |
static java.lang.String |
getNameFromHashAlgorithm(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier ai)
getNameFromHashAlgorithm returns the hashing algorithm name
from input Algorithm
|
static byte[] |
getNonceData(int size)
Generates a nonce_iv for padding.
|
static org.mozilla.jss.asn1.OBJECT_IDENTIFIER |
getOID(org.mozilla.jss.crypto.KeyWrapAlgorithm kwAlg) |
static java.lang.String |
getPKCS10FromKey(java.lang.String dn,
java.security.PublicKey publicKey,
byte[] prikdata) |
static java.lang.String |
getPKCS10FromKey(java.lang.String dn,
java.security.PublicKey publicKey,
byte[] prikdata,
java.lang.String alg) |
static org.mozilla.jss.crypto.PrivateKey |
getPrivateKey(java.lang.String nickname)
Retrieves a private key by nickname.
|
static byte[] |
getPublicExponent(java.security.PublicKey pubk) |
static java.security.SecureRandom |
getRandomNumberGenerator() |
static java.lang.String |
getSKIString(org.mozilla.jss.netscape.security.x509.X509CertImpl cert) |
static java.lang.String |
getSubjectName(org.mozilla.jss.asn1.SEQUENCE crmfMsgs) |
static org.mozilla.jss.crypto.SymmetricKey |
getSymKeyByName(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String name) |
static java.security.cert.X509Certificate[] |
getX509CertificateFromPKCS7(byte[] b) |
static org.mozilla.jss.netscape.security.x509.X509Key |
getX509KeyFromCRMFMsg(org.mozilla.jss.pkix.crmf.CertReqMsg crmfMsg) |
static org.mozilla.jss.netscape.security.x509.X509Key |
getX509KeyFromCRMFMsgs(org.mozilla.jss.asn1.SEQUENCE crmfMsgs) |
static byte[] |
hexString2Bytes(java.lang.String string)
Converts string containing pairs of characters in the range of '0'
to '9', 'a' to 'f' to an array of bytes such that each pair of
characters in the string represents an individual byte
|
static void |
importCertificateChain(byte[] bytes) |
static java.security.Key |
importHmacSha1Key(byte[] key)
importHmacSha1Key returns a key based on a byte array,
which is originally a password.
|
static org.mozilla.jss.crypto.PrivateKey |
importPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.PrivateKey unwrappingKey,
java.security.PublicKey pubkey,
byte[] data) |
static void |
importSharedSecret(byte[] wrappedSessionKey,
byte[] wrappedSharedSecret,
java.lang.String subsystemCertNickname,
java.lang.String sharedSecretNickname) |
static org.mozilla.jss.crypto.X509Certificate |
importUserCertificate(byte[] bytes,
java.lang.String nickname)
Imports a user certificate.
|
static org.mozilla.jss.crypto.X509Certificate |
importUserCertificateChain(java.lang.String c,
java.lang.String nickname)
Imports a PKCS#7 certificate chain that includes the user
certificate, and trusts the certificate.
|
static boolean |
isCertTrusted(org.mozilla.jss.crypto.InternalCertificate cert)
To certificate server point of view, SSL trust is
what we referring.
|
static boolean |
isECCKey(org.mozilla.jss.netscape.security.x509.X509Key key) |
static boolean |
isInternalToken(java.lang.String name) |
static boolean |
isTrust(int flag) |
static java.lang.String |
normalizeCertAndReq(java.lang.String s) |
static java.lang.String |
normalizeCertStr(java.lang.String s) |
static void |
obscureBytes(byte[] memory,
java.lang.String method) |
static void |
obscureChars(char[] memory) |
static org.mozilla.jss.asn1.SEQUENCE |
parseCRMFMsgs(byte[] cert_request) |
static java.lang.String |
reqFormat(java.lang.String content) |
static void |
setClientCiphers(java.lang.String list) |
static void |
setDefaultSSLCiphers() |
static void |
setSSLCipher(java.lang.String name,
boolean enabled) |
static void |
setSSLCiphers(java.lang.String ciphers) |
static void |
setSSLDatagramVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max) |
static void |
setSSLStreamVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max) |
static boolean |
sharedSecretExists(java.lang.String nickname) |
static org.mozilla.jss.netscape.security.x509.X509CertImpl |
signCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo,
org.mozilla.jss.crypto.SignatureAlgorithm sigAlg) |
static org.mozilla.jss.netscape.security.x509.X509CertImpl |
signCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo,
java.lang.String alg)
Signs certificate.
|
static org.mozilla.jss.netscape.security.x509.X509CertImpl |
signECCCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) |
static org.mozilla.jss.netscape.security.x509.X509CertImpl |
signECCCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo,
java.lang.String alg) |
static java.security.cert.X509Certificate[] |
sortCertificateChain(java.security.cert.X509Certificate[] certs)
Sorts certificate chain from root to leaf.
|
static java.security.cert.X509Certificate[] |
sortCertificateChain(java.security.cert.X509Certificate[] certs,
boolean reverse) |
static byte[] |
string2byte(java.lang.String id)
Converts a signed, variable-length hexadecimal number into a byte
array, which may not be identical to the original byte array.
|
static java.lang.String |
stripCertBrackets(java.lang.String s)
strips out the begin and end certificate brackets
|
static void |
trustAuditSigningCert(org.mozilla.jss.crypto.X509Certificate cert) |
static void |
trustCACert(org.mozilla.jss.crypto.X509Certificate cert) |
static void |
trustCert(org.mozilla.jss.crypto.InternalCertificate cert)
Trusts a certificate.
|
static void |
trustCertByNickname(java.lang.String nickname)
Trusts a certificate by nickname.
|
static void |
unsetSSLCiphers() |
static void |
unTrustCert(org.mozilla.jss.crypto.InternalCertificate cert) |
static org.mozilla.jss.crypto.PrivateKey |
unwrap(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey pubKey,
boolean temporary,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
byte[] wrappedData,
org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm,
org.mozilla.jss.crypto.IVParameterSpec wrapIV) |
static org.mozilla.jss.crypto.SymmetricKey |
unwrap(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey.Type keyType,
int strength,
org.mozilla.jss.crypto.SymmetricKey.Usage usage,
org.mozilla.jss.crypto.PrivateKey wrappingKey,
byte[] wrappedData,
org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm) |
static org.mozilla.jss.crypto.SymmetricKey |
unwrap(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey.Type keyType,
int strength,
org.mozilla.jss.crypto.SymmetricKey.Usage usage,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
byte[] wrappedData,
org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm,
org.mozilla.jss.crypto.IVParameterSpec wrappingIV) |
static byte[] |
unwrapUsingPassphrase(byte[] wrappedRecoveredKey,
java.lang.String recoveryPassphrase) |
static byte[] |
wrapSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey sk) |
static byte[] |
wrapUsingPublicKey(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey data,
org.mozilla.jss.crypto.KeyWrapAlgorithm alg) |
static byte[] |
wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
org.mozilla.jss.crypto.PrivateKey data,
org.mozilla.jss.crypto.IVParameterSpec ivspec,
org.mozilla.jss.crypto.KeyWrapAlgorithm alg) |
static byte[] |
wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey data,
org.mozilla.jss.crypto.IVParameterSpec ivspec,
org.mozilla.jss.crypto.KeyWrapAlgorithm alg) |
public static final int KEY_ID_LENGTH
public static final java.lang.String INTERNAL_TOKEN_NAME
public static final java.lang.String INTERNAL_TOKEN_FULL_NAME
public static final int LINE_COUNT
public static final java.lang.Integer[] clientECCiphers
public static java.util.List<java.lang.Integer> clientECCipherList
public static org.mozilla.jss.asn1.OBJECT_IDENTIFIER RSA_ENCRYPTION
public static boolean arraysEqual(byte[] bytes,
byte[] ints)
public static boolean isInternalToken(java.lang.String name)
public static org.mozilla.jss.crypto.CryptoToken getCryptoToken(java.lang.String name)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionpublic static org.mozilla.jss.crypto.CryptoToken getKeyStorageToken(java.lang.String name)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionpublic static java.security.KeyPair generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize)
throws java.lang.Exception
java.lang.Exceptionpublic static java.security.KeyPair generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize,
boolean temporary)
throws java.lang.Exception
java.lang.Exceptionpublic static boolean isECCKey(org.mozilla.jss.netscape.security.x509.X509Key key)
public static java.security.KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static java.security.KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static java.security.KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask,
boolean temporary,
int sensitive,
int extractable)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static java.security.KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String curveName)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static java.security.KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String curveName,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static java.security.KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String curveName,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops,
org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask,
boolean temporary,
int sensitive,
int extractable)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NoSuchTokenException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NoSuchTokenExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static org.mozilla.jss.ssl.SSLVersionRange boundSSLStreamVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max)
throws java.net.SocketException
java.net.SocketExceptionpublic static org.mozilla.jss.ssl.SSLVersionRange boundSSLDatagramVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max)
throws java.net.SocketException
java.net.SocketExceptionpublic static void setSSLStreamVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max)
throws java.net.SocketException
java.net.SocketExceptionpublic static void setSSLDatagramVersionRange(org.mozilla.jss.ssl.SSLVersion min,
org.mozilla.jss.ssl.SSLVersion max)
throws java.net.SocketException
java.net.SocketExceptionpublic static void setClientCiphers(java.lang.String list)
throws java.net.SocketException
java.net.SocketExceptionpublic static void setSSLCiphers(java.lang.String ciphers)
throws java.net.SocketException
java.net.SocketExceptionpublic static void setSSLCipher(java.lang.String name,
boolean enabled)
throws java.net.SocketException
java.net.SocketExceptionpublic static void setDefaultSSLCiphers()
throws java.net.SocketException
java.net.SocketExceptionpublic static void unsetSSLCiphers()
throws java.net.SocketException
java.net.SocketExceptionpublic static byte[] getModulus(java.security.PublicKey pubk)
public static byte[] getPublicExponent(java.security.PublicKey pubk)
public static java.lang.String base64Encode(byte[] bytes)
throws java.io.IOException
java.io.IOExceptionpublic static byte[] base64Decode(java.lang.String s)
throws java.io.IOException
java.io.IOExceptionpublic static java.lang.String reqFormat(java.lang.String content)
public static java.lang.String getPKCS10FromKey(java.lang.String dn,
java.security.PublicKey publicKey,
byte[] prikdata)
throws java.io.IOException,
java.security.InvalidKeyException,
org.mozilla.jss.crypto.TokenException,
java.security.NoSuchProviderException,
java.security.cert.CertificateException,
java.security.SignatureException,
org.mozilla.jss.NotInitializedException,
java.security.NoSuchAlgorithmException
java.io.IOExceptionjava.security.InvalidKeyExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.NoSuchProviderExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionorg.mozilla.jss.NotInitializedExceptionjava.security.NoSuchAlgorithmExceptionpublic static java.lang.String getPKCS10FromKey(java.lang.String dn,
java.security.PublicKey publicKey,
byte[] prikdata,
java.lang.String alg)
throws java.io.IOException,
java.security.InvalidKeyException,
org.mozilla.jss.crypto.TokenException,
java.security.NoSuchProviderException,
java.security.cert.CertificateException,
java.security.SignatureException,
org.mozilla.jss.NotInitializedException,
java.security.NoSuchAlgorithmException
java.io.IOExceptionjava.security.InvalidKeyExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.NoSuchProviderExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionorg.mozilla.jss.NotInitializedExceptionjava.security.NoSuchAlgorithmExceptionpublic static java.lang.String certFormat(java.lang.String content)
public static java.lang.String stripCertBrackets(java.lang.String s)
s - the string potentially bracketed with
"-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"public static java.lang.String normalizeCertAndReq(java.lang.String s)
public static java.lang.String normalizeCertStr(java.lang.String s)
public static java.security.cert.X509Certificate[] sortCertificateChain(java.security.cert.X509Certificate[] certs)
throws java.lang.Exception
certs - input array of certificatesjava.lang.Exceptionpublic static java.security.cert.X509Certificate[] sortCertificateChain(java.security.cert.X509Certificate[] certs,
boolean reverse)
throws java.lang.Exception
java.lang.Exceptionpublic static void importCertificateChain(byte[] bytes)
throws java.io.IOException,
org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException,
java.security.cert.CertificateEncodingException,
java.security.cert.CertificateException
java.io.IOExceptionorg.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.cert.CertificateEncodingExceptionjava.security.cert.CertificateExceptionpublic static org.mozilla.jss.asn1.SEQUENCE parseCRMFMsgs(byte[] cert_request)
throws java.io.IOException,
org.mozilla.jss.asn1.InvalidBERException
java.io.IOExceptionorg.mozilla.jss.asn1.InvalidBERExceptionpublic static org.mozilla.jss.netscape.security.x509.X509Key getX509KeyFromCRMFMsgs(org.mozilla.jss.asn1.SEQUENCE crmfMsgs)
throws java.io.IOException,
java.security.NoSuchAlgorithmException,
java.security.InvalidKeyException,
org.mozilla.jss.crypto.InvalidKeyFormatException
java.io.IOExceptionjava.security.NoSuchAlgorithmExceptionjava.security.InvalidKeyExceptionorg.mozilla.jss.crypto.InvalidKeyFormatExceptionpublic static org.mozilla.jss.netscape.security.x509.X509Key getX509KeyFromCRMFMsg(org.mozilla.jss.pkix.crmf.CertReqMsg crmfMsg)
throws java.io.IOException,
java.security.NoSuchAlgorithmException,
java.security.InvalidKeyException,
org.mozilla.jss.crypto.InvalidKeyFormatException
java.io.IOExceptionjava.security.NoSuchAlgorithmExceptionjava.security.InvalidKeyExceptionorg.mozilla.jss.crypto.InvalidKeyFormatExceptionpublic static org.mozilla.jss.netscape.security.x509.X509Key createX509Key(java.security.PublicKey publicKey)
throws java.security.InvalidKeyException
java.security.InvalidKeyExceptionpublic static java.lang.String getSubjectName(org.mozilla.jss.asn1.SEQUENCE crmfMsgs)
throws java.io.IOException
java.io.IOExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertInfo createX509CertInfo(java.security.KeyPair pair,
int serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter)
throws java.io.IOException,
java.security.cert.CertificateException,
java.security.InvalidKeyException
java.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.InvalidKeyExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertInfo createX509CertInfo(java.security.PublicKey publickey,
int serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter)
throws java.io.IOException,
java.security.cert.CertificateException,
java.security.InvalidKeyException
java.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.InvalidKeyExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertInfo createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key,
java.math.BigInteger serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter)
throws java.io.IOException,
java.security.cert.CertificateException,
java.security.InvalidKeyException
java.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.InvalidKeyExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertInfo createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key,
java.math.BigInteger serialno,
java.lang.String issuername,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter,
java.lang.String alg)
throws java.io.IOException,
java.security.cert.CertificateException,
java.security.InvalidKeyException,
java.security.NoSuchAlgorithmException
java.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.InvalidKeyExceptionjava.security.NoSuchAlgorithmExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertInfo createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key,
java.math.BigInteger serialno,
org.mozilla.jss.netscape.security.x509.CertificateIssuerName issuernameObj,
java.lang.String subjname,
java.util.Date notBefore,
java.util.Date notAfter,
java.lang.String alg)
throws java.io.IOException,
java.security.cert.CertificateException,
java.security.InvalidKeyException,
java.security.NoSuchAlgorithmException
java.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.InvalidKeyExceptionjava.security.NoSuchAlgorithmExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertImpl signECCCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
throws org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.NotInitializedException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.crypto.TokenException,
java.security.InvalidKeyException,
java.security.SignatureException,
java.io.IOException,
java.security.cert.CertificateException
org.mozilla.jss.NoSuchTokenExceptionorg.mozilla.jss.NotInitializedExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.InvalidKeyExceptionjava.security.SignatureExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertImpl signECCCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo,
java.lang.String alg)
throws org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.NotInitializedException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.crypto.TokenException,
java.security.InvalidKeyException,
java.security.SignatureException,
java.io.IOException,
java.security.cert.CertificateException
org.mozilla.jss.NoSuchTokenExceptionorg.mozilla.jss.NotInitializedExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.InvalidKeyExceptionjava.security.SignatureExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertImpl signCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo,
java.lang.String alg)
throws org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.NotInitializedException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.crypto.TokenException,
java.security.InvalidKeyException,
java.security.SignatureException,
java.io.IOException,
java.security.cert.CertificateException
org.mozilla.jss.NoSuchTokenExceptionorg.mozilla.jss.NotInitializedExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.InvalidKeyExceptionjava.security.SignatureExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertImpl signCert(org.mozilla.jss.crypto.PrivateKey privateKey,
org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo,
org.mozilla.jss.crypto.SignatureAlgorithm sigAlg)
throws org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.NotInitializedException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.NoSuchTokenException,
org.mozilla.jss.crypto.TokenException,
java.security.InvalidKeyException,
java.security.SignatureException,
java.io.IOException,
java.security.cert.CertificateException
org.mozilla.jss.NoSuchTokenExceptionorg.mozilla.jss.NotInitializedExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.InvalidKeyExceptionjava.security.SignatureExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionpublic static org.mozilla.jss.netscape.security.pkcs.PKCS10 createCertificationRequest(java.lang.String subjectName,
org.mozilla.jss.netscape.security.x509.X509Key pubk,
org.mozilla.jss.crypto.PrivateKey prik)
throws java.security.NoSuchAlgorithmException,
java.security.NoSuchProviderException,
java.security.InvalidKeyException,
java.io.IOException,
java.security.cert.CertificateException,
java.security.SignatureException
java.security.NoSuchAlgorithmExceptionjava.security.NoSuchProviderExceptionjava.security.InvalidKeyExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionpublic static org.mozilla.jss.netscape.security.pkcs.PKCS10 createCertificationRequest(java.lang.String subjectName,
org.mozilla.jss.netscape.security.x509.X509Key pubk,
org.mozilla.jss.crypto.PrivateKey prik,
java.lang.String alg)
throws java.security.NoSuchAlgorithmException,
java.security.NoSuchProviderException,
java.security.InvalidKeyException,
java.io.IOException,
java.security.cert.CertificateException,
java.security.SignatureException
java.security.NoSuchAlgorithmExceptionjava.security.NoSuchProviderExceptionjava.security.InvalidKeyExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionpublic static org.mozilla.jss.netscape.security.pkcs.PKCS10 createCertificationRequest(java.lang.String subjectName,
java.security.KeyPair keyPair,
org.mozilla.jss.netscape.security.x509.Extensions exts)
throws java.security.NoSuchAlgorithmException,
java.security.NoSuchProviderException,
java.security.InvalidKeyException,
java.io.IOException,
java.security.cert.CertificateException,
java.security.SignatureException
java.security.NoSuchAlgorithmExceptionjava.security.NoSuchProviderExceptionjava.security.InvalidKeyExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionpublic static org.mozilla.jss.netscape.security.pkcs.PKCS10 createCertificationRequest(java.lang.String subjectName,
org.mozilla.jss.netscape.security.x509.X509Key pubk,
org.mozilla.jss.crypto.PrivateKey prik,
java.lang.String alg,
org.mozilla.jss.netscape.security.x509.Extensions exts)
throws java.security.NoSuchAlgorithmException,
java.security.NoSuchProviderException,
java.security.InvalidKeyException,
java.io.IOException,
java.security.cert.CertificateException,
java.security.SignatureException
java.security.NoSuchAlgorithmExceptionjava.security.NoSuchProviderExceptionjava.security.InvalidKeyExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionpublic static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier(java.security.KeyPair keypair)
throws java.security.NoSuchAlgorithmException,
java.security.InvalidKeyException
java.security.NoSuchAlgorithmExceptionjava.security.InvalidKeyExceptionpublic static byte[] generateKeyIdentifier(byte[] rawKey)
public static byte[] generateKeyIdentifier(byte[] rawKey,
java.lang.String alg)
public static java.lang.String getSKIString(org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
throws java.io.IOException
java.io.IOExceptionpublic static org.mozilla.jss.netscape.security.pkcs.PKCS10 createCertificationRequest(java.lang.String subjectName,
java.security.KeyPair keyPair)
throws java.security.NoSuchAlgorithmException,
java.security.NoSuchProviderException,
java.security.InvalidKeyException,
java.io.IOException,
java.security.cert.CertificateException,
java.security.SignatureException
java.security.NoSuchAlgorithmExceptionjava.security.NoSuchProviderExceptionjava.security.InvalidKeyExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionpublic static org.mozilla.jss.netscape.security.pkcs.PKCS10 createCertificationRequest(java.lang.String subjectName,
java.security.KeyPair keyPair,
java.lang.String alg)
throws java.security.NoSuchAlgorithmException,
java.security.NoSuchProviderException,
java.security.InvalidKeyException,
java.io.IOException,
java.security.cert.CertificateException,
java.security.SignatureException
java.security.NoSuchAlgorithmExceptionjava.security.NoSuchProviderExceptionjava.security.InvalidKeyExceptionjava.io.IOExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionpublic static org.mozilla.jss.netscape.security.x509.Extension getExtensionFromPKCS10(org.mozilla.jss.netscape.security.pkcs.PKCS10 pkcs10,
java.lang.String extnName)
throws java.io.IOException,
java.security.cert.CertificateException
java.io.IOExceptionjava.security.cert.CertificateExceptionpublic static org.mozilla.jss.netscape.security.x509.Extension getExtensionFromCertTemplate(org.mozilla.jss.pkix.crmf.CertTemplate certTemplate,
org.mozilla.jss.netscape.security.util.ObjectIdentifier csOID)
public static void unTrustCert(org.mozilla.jss.crypto.InternalCertificate cert)
public static void trustCertByNickname(java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static void trustCert(org.mozilla.jss.crypto.InternalCertificate cert)
public static void trustCACert(org.mozilla.jss.crypto.X509Certificate cert)
public static void trustAuditSigningCert(org.mozilla.jss.crypto.X509Certificate cert)
public static boolean isCertTrusted(org.mozilla.jss.crypto.InternalCertificate cert)
public static boolean isTrust(int flag)
public static org.mozilla.jss.crypto.SymmetricKey generateKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.KeyGenAlgorithm alg,
int keySize,
org.mozilla.jss.crypto.SymmetricKey.Usage[] usages,
boolean temporary)
throws java.lang.Exception
java.lang.Exceptionpublic static boolean compare(byte[] src,
byte[] dest)
public static java.lang.String byte2string(byte[] id)
public static byte[] string2byte(java.lang.String id)
public static java.lang.String encodeKeyID(byte[] keyID)
public static byte[] decodeKeyID(java.lang.String id)
public static byte[] hexString2Bytes(java.lang.String string)
public static char[] bytesToChars(byte[] bytes)
public static byte[] charsToBytes(char[] chars)
public static org.mozilla.jss.util.Password createPasswordFromBytes(byte[] bytes)
public static org.mozilla.jss.crypto.PrivateKey findPrivateKeyFromID(byte[] id)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static org.mozilla.jss.netscape.security.x509.X509CertImpl[] getAllUserCerts()
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static void deletePrivateKey(org.mozilla.jss.crypto.PrivateKey prikey)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static org.mozilla.jss.crypto.PrivateKey getPrivateKey(java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static void deleteCertificates(java.lang.String nickname)
throws org.mozilla.jss.crypto.TokenException,
org.mozilla.jss.crypto.ObjectNotFoundException,
org.mozilla.jss.crypto.NoSuchItemOnTokenException,
org.mozilla.jss.NotInitializedException
org.mozilla.jss.crypto.TokenExceptionorg.mozilla.jss.crypto.ObjectNotFoundExceptionorg.mozilla.jss.crypto.NoSuchItemOnTokenExceptionorg.mozilla.jss.NotInitializedExceptionpublic static void deleteUserCertificates(java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static org.mozilla.jss.crypto.X509Certificate importUserCertificateChain(java.lang.String c,
java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.NicknameConflictException,
org.mozilla.jss.UserCertConflictException,
org.mozilla.jss.crypto.NoSuchItemOnTokenException,
org.mozilla.jss.crypto.TokenException,
java.security.cert.CertificateEncodingException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.NicknameConflictExceptionorg.mozilla.jss.UserCertConflictExceptionorg.mozilla.jss.crypto.NoSuchItemOnTokenExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.cert.CertificateEncodingExceptionpublic static org.mozilla.jss.crypto.X509Certificate importUserCertificate(byte[] bytes,
java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
java.security.cert.CertificateEncodingException,
org.mozilla.jss.crypto.NoSuchItemOnTokenException,
org.mozilla.jss.crypto.TokenException,
org.mozilla.jss.NicknameConflictException,
org.mozilla.jss.UserCertConflictException
org.mozilla.jss.NotInitializedExceptionjava.security.cert.CertificateEncodingExceptionorg.mozilla.jss.crypto.NoSuchItemOnTokenExceptionorg.mozilla.jss.crypto.TokenExceptionorg.mozilla.jss.NicknameConflictExceptionorg.mozilla.jss.UserCertConflictExceptionpublic static java.security.cert.X509Certificate[] getX509CertificateFromPKCS7(byte[] b)
throws java.io.IOException
java.io.IOExceptionpublic static byte[] getNonceData(int size)
throws java.security.GeneralSecurityException
java.security.GeneralSecurityExceptionpublic static java.security.SecureRandom getRandomNumberGenerator()
throws java.security.GeneralSecurityException
java.security.GeneralSecurityExceptionpublic static void obscureChars(char[] memory)
public static void obscureBytes(byte[] memory,
java.lang.String method)
public static byte[] unwrapUsingPassphrase(byte[] wrappedRecoveredKey,
java.lang.String recoveryPassphrase)
throws java.io.IOException,
org.mozilla.jss.asn1.InvalidBERException,
java.security.InvalidKeyException,
java.lang.IllegalStateException,
java.security.NoSuchAlgorithmException,
java.security.InvalidAlgorithmParameterException,
org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException,
org.mozilla.jss.crypto.IllegalBlockSizeException,
javax.crypto.BadPaddingException
java.io.IOExceptionorg.mozilla.jss.asn1.InvalidBERExceptionjava.security.InvalidKeyExceptionjava.lang.IllegalStateExceptionjava.security.NoSuchAlgorithmExceptionjava.security.InvalidAlgorithmParameterExceptionorg.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionorg.mozilla.jss.crypto.IllegalBlockSizeExceptionjavax.crypto.BadPaddingExceptionpublic static byte[] encryptSecret(org.mozilla.jss.crypto.CryptoToken token,
byte[] secret,
org.mozilla.jss.crypto.IVParameterSpec iv,
org.mozilla.jss.crypto.SymmetricKey key,
org.mozilla.jss.crypto.EncryptionAlgorithm algorithm)
throws java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.TokenException,
java.security.InvalidKeyException,
java.security.InvalidAlgorithmParameterException,
org.mozilla.jss.crypto.IllegalBlockSizeException,
javax.crypto.BadPaddingException
java.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.InvalidKeyExceptionjava.security.InvalidAlgorithmParameterExceptionorg.mozilla.jss.crypto.IllegalBlockSizeExceptionjavax.crypto.BadPaddingExceptionpublic static byte[] wrapSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey sk)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.pkix.crmf.PKIArchiveOptions createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.PrivateKey data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.PrivateKey data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.pkix.crmf.PKIArchiveOptions createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
char[] data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
char[] data,
org.mozilla.jss.netscape.security.util.WrappingParams params,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.pkix.crmf.PKIArchiveOptions createPKIArchiveOptions(byte[] session_data,
byte[] key_data,
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
public static byte[] encodePKIArchiveOptions(org.mozilla.jss.pkix.crmf.PKIArchiveOptions opts)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.crypto.PrivateKey importPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.PrivateKey unwrappingKey,
java.security.PublicKey pubkey,
byte[] data)
throws org.mozilla.jss.asn1.InvalidBERException,
java.lang.Exception
org.mozilla.jss.asn1.InvalidBERExceptionjava.lang.Exceptionpublic static boolean sharedSecretExists(java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static void createSharedSecret(java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionpublic static void deleteSharedSecret(java.lang.String nickname)
throws org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException,
java.security.InvalidKeyException
org.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.InvalidKeyExceptionpublic static org.mozilla.jss.crypto.SymmetricKey createDes3SessionKeyOnInternal()
throws java.lang.Exception
java.lang.Exceptionpublic static java.util.List<byte[]> exportSharedSecret(java.lang.String nickname,
java.security.cert.X509Certificate wrappingCert,
org.mozilla.jss.crypto.SymmetricKey wrappingKey)
throws java.lang.Exception
java.lang.Exceptionpublic static void importSharedSecret(byte[] wrappedSessionKey,
byte[] wrappedSharedSecret,
java.lang.String subsystemCertNickname,
java.lang.String sharedSecretNickname)
throws java.lang.Exception,
org.mozilla.jss.NotInitializedException,
org.mozilla.jss.crypto.TokenException,
java.security.NoSuchAlgorithmException,
org.mozilla.jss.crypto.ObjectNotFoundException,
java.security.InvalidKeyException,
java.security.InvalidAlgorithmParameterException,
java.io.IOException
java.lang.Exceptionorg.mozilla.jss.NotInitializedExceptionorg.mozilla.jss.crypto.TokenExceptionjava.security.NoSuchAlgorithmExceptionorg.mozilla.jss.crypto.ObjectNotFoundExceptionjava.security.InvalidKeyExceptionjava.security.InvalidAlgorithmParameterExceptionjava.io.IOExceptionpublic static org.mozilla.jss.crypto.SymmetricKey getSymKeyByName(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String name)
throws java.lang.Exception
java.lang.Exceptionpublic static java.lang.String[] getECcurves()
public static java.util.Vector<java.lang.String> getECKeyCurve(org.mozilla.jss.netscape.security.x509.X509Key key)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] decryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.IVParameterSpec ivspec,
byte[] encryptedData,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
org.mozilla.jss.crypto.EncryptionAlgorithm encryptionAlgorithm)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] encryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
byte[] data,
org.mozilla.jss.crypto.EncryptionAlgorithm alg,
org.mozilla.jss.crypto.IVParameterSpec ivspec)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey data,
org.mozilla.jss.crypto.IVParameterSpec ivspec,
org.mozilla.jss.crypto.KeyWrapAlgorithm alg)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
org.mozilla.jss.crypto.PrivateKey data,
org.mozilla.jss.crypto.IVParameterSpec ivspec,
org.mozilla.jss.crypto.KeyWrapAlgorithm alg)
throws java.lang.Exception
java.lang.Exceptionpublic static byte[] wrapUsingPublicKey(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey wrappingKey,
org.mozilla.jss.crypto.SymmetricKey data,
org.mozilla.jss.crypto.KeyWrapAlgorithm alg)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.crypto.SymmetricKey unwrap(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey.Type keyType,
int strength,
org.mozilla.jss.crypto.SymmetricKey.Usage usage,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
byte[] wrappedData,
org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm,
org.mozilla.jss.crypto.IVParameterSpec wrappingIV)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.crypto.SymmetricKey unwrap(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey.Type keyType,
int strength,
org.mozilla.jss.crypto.SymmetricKey.Usage usage,
org.mozilla.jss.crypto.PrivateKey wrappingKey,
byte[] wrappedData,
org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.crypto.PrivateKey unwrap(org.mozilla.jss.crypto.CryptoToken token,
java.security.PublicKey pubKey,
boolean temporary,
org.mozilla.jss.crypto.SymmetricKey wrappingKey,
byte[] wrappedData,
org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm,
org.mozilla.jss.crypto.IVParameterSpec wrapIV)
throws java.lang.Exception
java.lang.Exceptionpublic static org.mozilla.jss.pkix.cms.EnvelopedData createEnvelopedData(byte[] encContent,
byte[] encSymKey)
throws java.lang.Exception
java.lang.Exceptionpublic static java.lang.String getDefaultHashAlgName()
public static org.mozilla.jss.pkix.primitive.AlgorithmIdentifier getDefaultHashAlg()
throws java.lang.Exception
java.lang.Exceptionpublic static java.security.Key importHmacSha1Key(byte[] key)
throws java.lang.Exception
key - the byte array representing the original password or secret.java.lang.Exceptionpublic static java.lang.String getHMACtoMessageDigestName(java.lang.String name)
public static org.mozilla.jss.asn1.OBJECT_IDENTIFIER getHMACAlgorithmOID(java.lang.String name)
throws java.security.NoSuchAlgorithmException
name - name of the HMAC algorithmjava.security.NoSuchAlgorithmExceptionpublic static org.mozilla.jss.asn1.OBJECT_IDENTIFIER getHashAlgorithmOID(java.lang.String name)
throws java.security.NoSuchAlgorithmException
name - name of the hashing algorithmjava.security.NoSuchAlgorithmExceptionpublic static java.lang.String getNameFromHashAlgorithm(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier ai)
throws java.security.NoSuchAlgorithmException
ai - the hashing algorithm AlgorithmIdentifierjava.security.NoSuchAlgorithmExceptionpublic static java.lang.String getHMACAlgName(java.lang.String name)
public static org.mozilla.jss.asn1.OBJECT_IDENTIFIER getOID(org.mozilla.jss.crypto.KeyWrapAlgorithm kwAlg)
throws java.security.NoSuchAlgorithmException
java.security.NoSuchAlgorithmException