Collaboration diagram for Key Components:

Modules
	Find Modes

Functions
	KeyComponents ()
	Creates an empty key component list.

	KeyComponents (byte[] value)
	Creates a KeyComponents object from the given input data. More...

void	add (byte[] tag, byte[] value)
	Adds a key component to the component list. More...

void	add (byte[] tag, BigInteger value)
	Adds a key component to the component list. More...

byte[]	getList ()
	Returns the serialized key component list.

byte[]	getItem (byte[] tag) throws CryptoServerException
	Returns a specified key component. More...

void	setOAEP (int md_algo, int mgf_algo, byte[] label)
	Constructs a mechanism parameter for RSA encryption / decryption with PKCS#1_v2.1 RSAES-OAEP padding. More...

void	setPSS (int md_algo, int mgf_algo, int salt_len)
	Constructs a mechanism parameter for RSA signature creation / verification with PKCS#1_v2.1 RSASSA-PSS padding. More...

void	setECIES (int hash_algo, int crypt_algo, int crypt_mech, int crypt_len, int mac_algo, int mac_mech, int mac_len, byte[] secret1, byte[] secret2)
	Constructs a mechanism parameter for 'Elliptic Curve (Augmented) Encryption Scheme' (ECIES, see ANSI X9.63). More...

void	setGCM (byte[] iv_init, byte[] ad, int tag_bits)
	Constructs a mechanism parameter for AES encryption / decryption with 'Galois Counter Mode' chaining (GCM, see NIST SP-800-38D). More...

void	setCCM (byte[] nonce, byte[] ad, int dataLen, int macLen)
	Constructs a mechanism parameter for AES encryption / decryption in mode Counter with CBC-MAC (CCM, see NIST SP-800-38C). More...

void	setGMAC (byte[] iv_init)
	Constructs a mechanism parameter for AES MAC creation / verification with 'Galois Counter MAC' chaining (GMAC, see NIST SP-800-38D). More...

byte[]	getEncoded ()
	Returns the encoded mechanism parameter.

	MechParamOAEP (int md_algo, int mgf_algo, byte[] label)
	Constructs a mechanism parameter for PKCS#1_v2.1 RSAES-OAEP. More...

byte[]	getEncoded ()
	Returns the encoded mechanism parameter.

	MechParamPSS (int md_algo, int mgf_algo, int salt_len)
	Constructs a mechanism parameter for PKCS#1_v2.1 RSASSA-PSS. More...

byte[]	getEncoded ()
	Returns the encoded mechanism parameter.

	MechParamECIES (int hash_algo, int crypt_algo, int crypt_mech, int crypt_len, int mac_algo, int mac_mech, int mac_len, byte[] secret1, byte[] secret2)
	Constructs a mechanism parameter for 'Elliptic Curve (Augmented) Encryption Scheme' (ECIES, see ANSI X9.63). More...

byte[]	getEncoded ()
	Returns the encoded mechanism parameter.

	MechParamGCM (byte[] iv_init, byte[] ad, int tag_bits)
	Constructs a mechanism parameter for AES GCM (Galois Counter Mode, see NIST SP-800-38D). More...

byte[]	getEncoded ()
	Returns the encoded mechanism parameter.

	MechParamGMAC (byte[] iv_init)
	Constructs a mechanism parameter for AES GMAC (Galois Counter MAC, see NIST SP-800-38D). More...

byte[]	getEncoded ()
	Returns the encoded mechanism parameter.

	MechParamCCM (byte[] nonce, byte[] ad, int dataLen, int macLen)
	Constructs a mechanism parameter for AES CCM (Galois Counter Mode, see NIST SP-800-38D). More...

byte[]	getEncoded ()
	Returns the encoded mechanism parameter.

	ECPublicKey (java.security.spec.ECPublicKeySpec ecPublicKeySpec)
	Creates an ECPublicKey object from the given key specifier. More...

ECParameterSpec	getParams ()
	Returns the domain parameters of the EC key. More...

ECPoint	getW ()
	Returns public part of the EC key. More...

byte[]	getEncoded () throws CryptoServerException
	Returns the EC key in its encoded form (x and y coordinates). More...

	ECParameter (ECParameterSpec ecp) throws CryptoServerException
	Creates an ECParameter object from the given domain parameter specification. More...

	ECParameter (byte[] ecp) throws CryptoServerException
	Creates an ECParameter object from the given input data in ASN1 encoded form. More...

ECParameterSpec	getSpec ()
	Returns the domain parameter specification.

byte[]	getEncoded () throws CryptoServerException
	Returns the domain parameter in ASN1 encoded form. More...

static byte[]	getEncoded (Object obj, String name) throws IOException
	Returns a build in domain parameter in ASN1 encoded form. More...

Variables
static final byte[]	TYPE_P = { (byte)'P', (byte)' ' }
	RSA: Prime P.

static final byte[]	TYPE_Q = { (byte)'Q', (byte)' ' }
	RSA: Prime Q.

static final byte[]	TYPE_DP = { (byte)'D', (byte)'P' }
	RSA: dP := D mod P-1.

static final byte[]	TYPE_DQ = { (byte)'D', (byte)'Q' }
	RSA: dQ := D mod Q-1.

static final byte[]	TYPE_U = { (byte)'U', (byte)' ' }
	RSA: Coefficient U := Q^-1 mod P-1.

static final byte[]	TYPE_SEXP = { (byte)'S', (byte)'E' }
	RSA: Private (Secret) Exponent.

static final byte[]	TYPE_PEXP = { (byte)'P', (byte)'E' }
	RSA: Public Exponent.

static final byte[]	TYPE_MOD = { (byte)'M', (byte)'O' }
	RSA: Modulus.

static final byte[]	TYPE_SK = { (byte)'S', (byte)'K' }
	DSA,ECDSA: Private (Secret) Key.

static final byte[]	TYPE_PK = { (byte)'P', (byte)'K' }
	DSA,ECDSA: Public Key.

KeyAttributes	keyAttributes
	key attributes

KeyComponents	keyComponents
	key components

Detailed Description

Function Documentation

◆ KeyComponents()

KeyComponents ( byte[] value )

Creates a KeyComponents object from the given input data.

Parameters

value Serialized key components.

◆ add() [1/2]

void add	(	byte[]	tag,
		byte[]	value
	)

Adds a key component to the component list.

Parameters

tag	Component type (see Key Components).
value	Component value.

◆ add() [2/2]

void add	(	byte[]	tag,
		BigInteger	value
	)

Adds a key component to the component list.

Parameters

tag	Component type (see Key Components).
value	Component value.

◆ getItem()

byte[] getItem ( byte[] tag ) throws CryptoServerException

Returns a specified key component.

Parameters

tag	Component type (see Key Components).

Exceptions

CryptoServerException if the component list doesn't contain the desired component.

◆ setOAEP()

void setOAEP	(	int	md_algo,
		int	mgf_algo,
		byte[]	label
	)

Constructs a mechanism parameter for RSA encryption / decryption with PKCS#1_v2.1 RSAES-OAEP padding.

Parameters

md_algo	Hash algorithm used to hash the label parameter (see Hash Algorithms).
mgf_algo	Hash algorithm to be used for the underlying mask generation function (MGF) (see Hash Algorithms).
label	Label string to be used.

◆ setPSS()

void setPSS	(	int	md_algo,
		int	mgf_algo,
		int	salt_len
	)

Constructs a mechanism parameter for RSA signature creation / verification with PKCS#1_v2.1 RSASSA-PSS padding.

Parameters

md_algo	Hash algorithm used to hash interim results (see Hash Algorithms).
mgf_algo	Hash algorithm to be used for the underlying mask generation function (MGF) (see Hash Algorithms).
salt_len	Length of the random salt value to be generated.

◆ setECIES()

void setECIES	(	int	hash_algo,
		int	crypt_algo,
		int	crypt_mech,
		int	crypt_len,
		int	mac_algo,
		int	mac_mech,
		int	mac_len,
		byte[]	secret1,
		byte[]	secret2
	)

Constructs a mechanism parameter for 'Elliptic Curve (Augmented) Encryption Scheme' (ECIES, see ANSI X9.63).

Parameters

hash_algo	hash_algo hash algorithm,see Hash Algorithms
crypt_algo	algorithm: CryptoServerCXI.KEY_ALGO_AES CryptoServerCXI.KEY_ALGO_RAW (crypt_mech := MECH_KDF_XOR_DATA)
crypt_mech	mechanism: chaining mode (AES only), see Chaining Modes key derivation mode (raw mode only): CryptoServerCXI.MECH_KDF_XOR_DATA
crypt_len	AES key size (128,192 or 256) or zero on raw mode
mac_algo	algorithm: CryptoServerCXI.KEY_ALGO_AES CryptoServerCXI.KEY_ALGO_RAW (mac_mech := CryptoServerCXI.MECH_MODE_HMAC)
mac_mech	mechanism: hash mode: CryptoServerCXI.MECH_MODE_HMAC or CryptoServerCXI.MECH_MODE_MAC1 underlying hash algorithm on HMAC, see Hash Algorithms
mac_len	AES key size (128,192 or 256) or zero on HMAC optional: mac size in byte for truncated macs when using CryptoServerCXI.MECH_MODE_MAC1.
secret1	secret value #1 or null
secret2	secret value #2 or null

◆ setGCM()

void setGCM	(	byte[]	iv_init,
		byte[]	ad,
		int	tag_bits
	)

Constructs a mechanism parameter for AES encryption / decryption with 'Galois Counter Mode' chaining (GCM, see NIST SP-800-38D).

Parameters

iv_init	Initialization Vector: The length of the Initialization Vector has to be less than 2^16 - 1. 96 bit (12 bytes) length is recommended by the NIST, but other values are allowed as well. On chunked operation the IV has to be given (at least) on the first call of the AES GCM algorithm.
ad	Additional Authentication Data: On chunked operation additional authentication data must only be given once on the first call and has to be absent on subsequent calls.
tag_bits	Desired length of authentication tag in bits. May only be 128, 120, 112, 104, 96, 64 or 32. It is recommended to use tags of 128 bits.

◆ setCCM()

void setCCM	(	byte[]	nonce,
		byte[]	ad,
		int	dataLen,
		int	macLen
	)

Constructs a mechanism parameter for AES encryption / decryption in mode Counter with CBC-MAC (CCM, see NIST SP-800-38C).

Parameters

nonce	Nonce: The length of the nonce must be between 7 and 13. On chunked operation the nonce only needs to be passed in the initial call.
ad	Additional Authentication Data: On chunked operation additional authentication data must only be given once on the first call and has to be absent on subsequent calls.
dataLen	Total data length: Length of the total data that will be passed to all crypt() calls.
macLen	Desired length of MAC in bytes May only be 4, 6, 8, 10, 12, 14, 16

◆ setGMAC()

void setGMAC ( byte[] iv_init )

Constructs a mechanism parameter for AES MAC creation / verification with 'Galois Counter MAC' chaining (GMAC, see NIST SP-800-38D).

Parameters

iv_init

Initialization Vector:

The length of the Initialization Vector has to be less than 2^16 - 1.
96 bit (12 bytes) length is recommended by the NIST, but other values are allowed as well.
For signing, the IV may be a zero length byte [] or even null. In this case, the CryptoServer generates a 12 byte IV internally and returns it in the final signing call in the iv parameter.
For verification, the IV must be given at least for the final call of the AES GMAC algorithm.

◆ MechParamOAEP()

MechParamOAEP	(	int	md_algo,
		int	mgf_algo,
		byte[]	label
	)

Constructs a mechanism parameter for PKCS#1_v2.1 RSAES-OAEP.

Parameters

md_algo	Hash algorithm used to hash the label parameter (see Hash Algorithms).
mgf_algo	Hash algorithm to be used for the underlying mask generation function (MGF) (see Hash Algorithms).
label	Label string to be used.

◆ MechParamPSS()

MechParamPSS	(	int	md_algo,
		int	mgf_algo,
		int	salt_len
	)

Constructs a mechanism parameter for PKCS#1_v2.1 RSASSA-PSS.

Parameters

md_algo	Hash algorithm used to hash interim results (see Hash Algorithms).
mgf_algo	Hash algorithm to be used for the underlying mask generation function (MGF) (see Hash Algorithms).
salt_len	Length of the random salt value to be generated.

◆ MechParamECIES()

MechParamECIES	(	int	hash_algo,
		int	crypt_algo,
		int	crypt_mech,
		int	crypt_len,
		int	mac_algo,
		int	mac_mech,
		int	mac_len,
		byte[]	secret1,
		byte[]	secret2
	)

Constructs a mechanism parameter for 'Elliptic Curve (Augmented) Encryption Scheme' (ECIES, see ANSI X9.63).

Parameters

hash_algo	hash_algo hash algorithm,see Hash Algorithms
crypt_algo	algorithm: CryptoServerCXI.KEY_ALGO_AES CryptoServerCXI.KEY_ALGO_RAW (crypt_mech := MECH_KDF_XOR_DATA)
crypt_mech	mechanism: chaining mode (AES only), see Chaining Modes key derivation mode (raw mode only): CryptoServerCXI.MECH_KDF_XOR_DATA
crypt_len	AES key size (128,192 or 256) or zero on raw mode
mac_algo	algorithm: CryptoServerCXI.KEY_ALGO_AES CryptoServerCXI.KEY_ALGO_RAW (mac_mech := CryptoServerCXI.MECH_MODE_HMAC)
mac_mech	mechanism: hash mode: CryptoServerCXI.MECH_MODE_HMAC or CryptoServerCXI.MECH_MODE_MAC1 underlying hash algorithm on HMAC, see Hash Algorithms
mac_len	AES key size (128,192 or 256) or zero on HMAC optional: mac size in byte for truncated macs when using CryptoServerCXI.MECH_MODE_MAC1.
secret1	secret value #1 or null
secret2	secret value #2 or null

◆ MechParamGCM()

MechParamGCM	(	byte[]	iv_init,
		byte[]	ad,
		int	tag_bits
	)

Constructs a mechanism parameter for AES GCM (Galois Counter Mode, see NIST SP-800-38D).

Parameters

iv_init	Initialization Vector: The length of the Initialization Vector has to be less than 2^16 - 1. 96 bit (12 bytes) length is recommended by the NIST, but other values are allowed as well. On chunked operation the IV has to be given (at least) on the first and the last call of the AES GCM algorithm.
ad	Additional authentication data: On chunked operation additional authentication data should only be given once on the first call and has to be absent on subsequent calls.
tag_bits	Desired length of authentication tag in bits. May only be 128, 120, 112, 104, 96, 64 or 32. It is recommended to use tags of 128 bits.

◆ MechParamGMAC()

MechParamGMAC ( byte[] iv_init )

Constructs a mechanism parameter for AES GMAC (Galois Counter MAC, see NIST SP-800-38D).

Parameters

iv_init

Initialization Vector:

The length of the Initialization Vector has to be less than 2^16 - 1.
96 bit (12 bytes) length is recommended by the NIST, but other values are allowed as well.
For signing, the IV may be a zero length byte [] or even null. In this case, the CryptoServer generates a 12 byte IV internally and returns it in the final signing call in the iv parameter.
For verification, the IV must be given at least for the final call of the AES GMAC algorithm.

◆ MechParamCCM()

MechParamCCM	(	byte[]	nonce,
		byte[]	ad,
		int	dataLen,
		int	macLen
	)

Constructs a mechanism parameter for AES CCM (Galois Counter Mode, see NIST SP-800-38D).

Parameters

nonce	Nonce: The length of the nonce must be between 7 and 13. On chunked operation the nonce only needs to be passed in the initial call.
ad	Additional Authentication Data: On chunked operation additional authentication data must only be given once on the first call and has to be absent on subsequent calls.
dataLen	Total data length: Length of the total data that will be passed to all crypt() calls.
macLen	Desired length of MAC in bytes May only be 4, 6, 8, 10, 12, 14, 16

◆ ECPublicKey()

ECPublicKey ( java.security.spec.ECPublicKeySpec ecPublicKeySpec )

Creates an ECPublicKey object from the given key specifier.

Parameters

ecPublicKeySpec Key material

◆ getParams()

ECParameterSpec getParams ( )

Returns the domain parameters of the EC key.

Returns: EC domain parameters

◆ getW()

ECPoint getW ( )

Returns public part of the EC key.

Returns: Public part of EC key

◆ getEncoded() [1/3]

byte[] getEncoded ( ) throws CryptoServerException

Returns the EC key in its encoded form (x and y coordinates).

Returns: ASN.1 encoded EC key (see ANSI X9.62)

◆ ECParameter() [1/2]

ECParameter ( ECParameterSpec ecp ) throws CryptoServerException

Creates an ECParameter object from the given domain parameter specification.

Parameters

ecp	Domain parameter specification

◆ ECParameter() [2/2]

ECParameter ( byte[] ecp ) throws CryptoServerException

Creates an ECParameter object from the given input data in ASN1 encoded form.

Parameters

ecp	ASN1 encoded domain parameter structure.

◆ getEncoded() [2/3]

byte[] getEncoded ( ) throws CryptoServerException

Returns the domain parameter in ASN1 encoded form.

Returns: ASN1 encoded domain parameter (see ANSI X9.62)

◆ getEncoded() [3/3]

static byte[] getEncoded	(	Object	obj,
		String	name
	)		throws IOException

static

Returns a build in domain parameter in ASN1 encoded form.

Parameters

obj	Reference to class object that contains the EC curve resources.
name	Name of the build in curve to be returned (e.g. "NIST-P256").

Returns: ASN1 encoded domain parameter (see ANSI X9.62)

Modules

Functions

Variables

Detailed Description

Function Documentation

◆ KeyComponents()

◆ add() [1/2]

◆ add() [2/2]

◆ getItem()

◆ setOAEP()

◆ setPSS()

◆ setECIES()

◆ setGCM()

◆ setCCM()

◆ setGMAC()

◆ MechParamOAEP()

◆ MechParamPSS()

◆ MechParamECIES()

◆ MechParamGCM()

◆ MechParamGMAC()

◆ MechParamCCM()

◆ ECPublicKey()

◆ getParams()

◆ getW()

◆ getEncoded() [1/3]

◆ ECParameter() [1/2]

◆ ECParameter() [2/2]

◆ getEncoded() [2/3]

◆ getEncoded() [3/3]