Class CryptoUtil

java.lang.Object
com.netscape.cmsutil.crypto.CryptoUtil
public class CryptoUtil extends Object

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static List<Integer>
    clientECCipherList
     
    static final Integer[]
    clientECCiphers
     
    static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[]
    ECDH_USAGES_MASK
     
    static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[]
    ECDHE_USAGES_MASK
     
    static final Map<String, Vector<String>>
    ecOIDs
     
    static final String
    INTERNAL_TOKEN_FULL_NAME
     
    static final String
    INTERNAL_TOKEN_NAME
     
    static final int
    KEY_ID_LENGTH
     
    static final int
    LINE_COUNT
     
    static org.mozilla.jss.asn1.OBJECT_IDENTIFIER
    RSA_ENCRYPTION
     
    static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[]
    RSA_KEYPAIR_USAGES
     
    static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[]
    RSA_KEYPAIR_USAGES_MASK
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static boolean
    arraysEqual(byte[] bytes, byte[] ints)
     
    static byte[]
    base64Decode(String s)
     
    static String
    base64Encode(byte[] bytes)
     
    static String
    byte2string(byte[] id)
    Converts any length byte array into a signed, variable-length hexadecimal number.
    static char[]
    bytesToChars(byte[] bytes)
     
    static String
    certFormat(String content)
     
    static byte[]
    charsToBytes(char[] chars)
     
    static boolean
    compare(byte[] src, byte[] dest)
    Compares 2 byte arrays to see if they are the same.
    static org.mozilla.jss.crypto.SymmetricKey
    createAESSessionKeyOnInternal(int keySize)
     
    static org.mozilla.jss.pkix.primitive.AVA
    createAVA(org.mozilla.jss.asn1.OBJECT_IDENTIFIER oid, int n, String elementValue)
     
    static org.mozilla.jss.crypto.SymmetricKey
    createDes3SessionKeyOnInternal()
     
    static byte[]
    createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, char[] data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
     
    static byte[]
    createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.PrivateKey data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
     
    static byte[]
    createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
     
    static org.mozilla.jss.pkix.cms.EnvelopedData
    createEnvelopedData(byte[] encContent, byte[] encSymKey)
    for CMC encryptedPOP
    static org.mozilla.jss.netscape.security.x509.KeyIdentifier
    createKeyIdentifier(KeyPair keypair)
     
    static org.mozilla.jss.pkix.primitive.Name
    createName(String dn, boolean encodingEnabled)
     
    static org.mozilla.jss.util.Password
    createPasswordFromBytes(byte[] bytes)
    Create a jss Password object from a provided byte array.
    static org.mozilla.jss.netscape.security.pkcs.PKCS10
    createPKCS10Request(String subjectName, boolean encodeSubj, KeyPair keyPair, String alg, org.mozilla.jss.netscape.security.x509.Extensions exts)
    Creates a PKCS #10 request.
    static org.mozilla.jss.pkix.crmf.PKIArchiveOptions
    createPKIArchiveOptions(byte[] session_data, byte[] key_data, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
     
    static org.mozilla.jss.pkix.crmf.PKIArchiveOptions
    createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, char[] data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
     
    static org.mozilla.jss.pkix.crmf.PKIArchiveOptions
    createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.PrivateKey data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)
     
    static void
    createSharedSecret(String nickname)
     
    static void
    createSharedSecret(String nickname, org.mozilla.jss.crypto.KeyGenAlgorithm alg, int keySize)
     
    static org.mozilla.jss.crypto.Signature
    createSigner(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SignatureAlgorithm signatureAlgorithm, KeyPair keyPair)
     
    static org.mozilla.jss.netscape.security.x509.X509CertInfo
    createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key, BigInteger serialno, org.mozilla.jss.netscape.security.x509.CertificateIssuerName issuerName, org.mozilla.jss.netscape.security.x509.X500Name subjectName, Date notBefore, Date notAfter, String alg, org.mozilla.jss.netscape.security.x509.CertificateExtensions extensions)
    Creates a Certificate template.
    static org.mozilla.jss.netscape.security.x509.X509Key
    createX509Key(PublicKey publicKey)
     
    static byte[]
    decodeKeyID(String id)
    Converts NSS key ID from a signed, variable-length hexadecimal number into a 20 byte array, which will be identical to the original byte array.
    static byte[]
    decryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.IVParameterSpec ivspec, byte[] encryptedData, org.mozilla.jss.crypto.SymmetricKey wrappingKey, org.mozilla.jss.crypto.EncryptionAlgorithm encryptionAlgorithm)
    ///////////////////////////////////////////////////////////////////////////////////////////
    static void
    deleteCertificates(String nickname)
    Deletes all certificates by a nickname.
    static void
    deleteCertificates(String nickname, boolean removeKey)
     
    static void
    deletePrivateKey(org.mozilla.jss.crypto.PrivateKey prikey)
    Deletes a private key.
    static void
    deleteSharedSecret(String nickname)
     
    static void
    deleteUserCertificates(String nickname)
    Deletes user certificates by a nickname.
    static String
    encodeKeyID(byte[] keyID)
    Converts NSS key ID from a 20 byte array into a signed, variable-length hexadecimal number (to maintain compatibility with byte2string()).
    static byte[]
    encodePKIArchiveOptions(org.mozilla.jss.pkix.crmf.PKIArchiveOptions opts)
     
    static byte[]
    encryptSecret(org.mozilla.jss.crypto.CryptoToken token, byte[] secret, org.mozilla.jss.crypto.IVParameterSpec iv, org.mozilla.jss.crypto.SymmetricKey key, org.mozilla.jss.crypto.EncryptionAlgorithm algorithm)
     
    static byte[]
    encryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey wrappingKey, byte[] data, org.mozilla.jss.crypto.EncryptionAlgorithm alg, org.mozilla.jss.crypto.IVParameterSpec ivspec)
     
    static List<byte[]>
    exportSharedSecret(String nickname, X509Certificate wrappingCert, org.mozilla.jss.crypto.SymmetricKey wrappingKey)
     
    static List<byte[]>
    exportSharedSecret(String nickname, X509Certificate wrappingCert, org.mozilla.jss.crypto.SymmetricKey wrappingKey, boolean useOAEPKeyWrap)
     
    static List<byte[]>
    exportSharedSecretWithAES(String nickname, X509Certificate wrappingCert, org.mozilla.jss.crypto.SymmetricKey wrappingKey, boolean useOAEPKeyWrap)
     
    static org.mozilla.jss.crypto.PrivateKey
    findPrivateKey(byte[] id)
    Finds private key by key ID in all tokens.
    static org.mozilla.jss.crypto.PrivateKey
    findPrivateKey(String nickname)
    Finds private key by cert nickname.
    static org.mozilla.jss.crypto.PrivateKey
    findPrivateKey(org.mozilla.jss.crypto.CryptoToken token, byte[] id)
    Finds private key by key ID in specified token.
    static KeyPair
    generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName)
     
    static KeyPair
    generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask)
    Generate an ECC key pair.
    static KeyPair
    generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask)
     
    static org.mozilla.jss.crypto.SymmetricKey
    generateKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.KeyGenAlgorithm alg, int keySize, org.mozilla.jss.crypto.SymmetricKey.Usage[] usages, boolean temporary)
     
    static org.mozilla.jss.crypto.SymmetricKey
    generateKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.KeyGenAlgorithm alg, int keySize, org.mozilla.jss.crypto.SymmetricKey.Usage[] usages, boolean temporary, Boolean sensitive)
     
    static byte[]
    generateKeyIdentifier(byte[] rawKey)
     
    static byte[]
    generateKeyIdentifier(byte[] rawKey, String alg)
     
    static KeyPair
    generateMLDSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask)
    Generates an MLDSA key pair.
    static KeyPair
    generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize)
     
    static KeyPair
    generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask)
    Generates an RSA key pair.
    static KeyPair
    generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask)
     
    static org.mozilla.jss.crypto.SymmetricKey.Usage[]
    generateSymmetricKeyUsage(String usage)
     
    static org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[]
    generateUsage(String usage)
     
    static org.mozilla.jss.netscape.security.x509.X509CertImpl[]
    getAllUserCerts()
    Retrieves all user certificates from all tokens.
    static org.mozilla.jss.crypto.CryptoToken
    getCryptoToken(String name)
    Retrieves handle to a crypto token.
    static org.mozilla.jss.pkix.primitive.AlgorithmIdentifier
    getDefaultHashAlg()
     
    static String
    getDefaultHashAlgName()
    The following are convenience routines for quick preliminary feature development or test programs that would just take the defaults
    static byte[]
    getDesParity(byte[] key)
     
    static String[]
    getECcurves()
     
    static Vector<String>
    getECKeyCurve(org.mozilla.jss.netscape.security.x509.X509Key key)
     
    static org.mozilla.jss.netscape.security.x509.Extension
    getExtensionFromPKCS10(org.mozilla.jss.netscape.security.pkcs.PKCS10 pkcs10, String extnName)
     
    static Enumeration<org.mozilla.jss.crypto.CryptoToken>
    getExternalTokens()
    Retrieves handle to a key store token.
    static org.mozilla.jss.asn1.OBJECT_IDENTIFIER
    getHashAlgorithmOID(String name)
    getHashAlgorithmOID returns OID of the hashing algorithm name
    static String
    getHMACAlgName(String name)
    Maps from HMACAlgorithm name to JSS Provider HMAC Alg name.
    static org.mozilla.jss.asn1.OBJECT_IDENTIFIER
    getHMACAlgorithmOID(String name)
    getHMACAlgorithmOID returns OID of the HMAC algorithm name
    static String
    getHMACtoMessageDigestName(String name)
    maps from HMACAlgorithm name to FIPS 180-2 MessageDigest algorithm name
    static org.mozilla.jss.crypto.CryptoToken
    getKeyStorageToken(String name)
    Retrieves handle to a key store token.
    static byte[]
    getModulus(PublicKey pubk)
     
    static String
    getNameFromHashAlgorithm(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier ai)
    getNameFromHashAlgorithm returns the hashing algorithm name from input Algorithm
    static byte[]
    getNonceData(int size)
    Generates a nonce_iv for padding.
    static org.mozilla.jss.asn1.OBJECT_IDENTIFIER
    getOID(org.mozilla.jss.crypto.KeyWrapAlgorithm kwAlg)
     
    static byte[]
    getPublicExponent(PublicKey pubk)
     
    static SecureRandom
    getRandomNumberGenerator()
     
    static String
    getSKIString(org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
     
    static org.mozilla.jss.crypto.SymmetricKey
    getSymKeyByName(org.mozilla.jss.crypto.CryptoToken token, String name)
     
    static org.mozilla.jss.netscape.security.util.WrappingParams
    getWrappingParams(org.mozilla.jss.crypto.KeyWrapAlgorithm kwAlg, byte[] iv, boolean useOAEP)
     
    static X509Certificate[]
    getX509CertificateFromPKCS7(byte[] b)
     
    static byte[]
    hexString2Bytes(String string)
    Converts string containing pairs of characters in the range of '0' to '9', 'a' to 'f' to an array of bytes such that each pair of characters in the string represents an individual byte
    static void
    importCertificateChain(byte[] bytes)
     
    static Key
    importHmacSha1Key(byte[] key)
    Deprecated, for removal: This API element is subject to removal in a future version.
    static org.mozilla.jss.crypto.X509Certificate[]
    importPKCS7(org.mozilla.jss.netscape.security.pkcs.PKCS7 pkcs7)
     
    static org.mozilla.jss.crypto.X509Certificate[]
    importPKCS7(org.mozilla.jss.netscape.security.pkcs.PKCS7 pkcs7, String nickname, String trustFlags)
     
    static org.mozilla.jss.crypto.PrivateKey
    importPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.PrivateKey unwrappingKey, PublicKey pubkey, byte[] data, boolean useOAEPKeyWrap)
     
    static void
    importSharedSecret(byte[] wrappedSessionKey, byte[] wrappedSharedSecret, String subsystemCertNickname, String sharedSecretNickname)
     
    static org.mozilla.jss.crypto.X509Certificate
    importUserCertificate(byte[] bytes, String nickname)
    Imports a user certificate.
    static org.mozilla.jss.crypto.X509Certificate
    importUserCertificateChain(String c, String nickname)
    Imports a PKCS#7 certificate chain that includes the user certificate, and trusts the certificate.
    static boolean
    isCertTrusted(org.mozilla.jss.pkcs11.PK11Cert cert)
    To certificate server point of view, SSL trust is what we referring.
    static boolean
    isECCKey(org.mozilla.jss.netscape.security.x509.X509Key key)
     
    static boolean
    isEncoded(String elementValue)
     
    static boolean
    isInternalToken(String name)
     
    static boolean
    isTrust(int flag)
     
    static String
    mapSignatureAlgorithmToInternalName(org.mozilla.jss.crypto.SignatureAlgorithm alg)
     
    static String
    normalizeCertAndReq(String s)
     
    static String
    normalizeCertStr(String s)
     
    static void
    obscureBytes(byte[] memory, String method)
     
    static void
    obscureChars(char[] memory)
     
    static String
    reqFormat(String content)
     
    static void
    setClientCiphers(String list)
     
    static void
    setClientCiphers(org.mozilla.jss.ssl.SSLSocket soc, String list)
     
    static void
    setDefaultSSLCiphers()
     
    static void
    setSSLCipher(String name, boolean enabled)
     
    static void
    setSSLCipher(org.mozilla.jss.ssl.SSLSocket soc, String name, boolean enabled)
     
    static void
    setSSLCiphers(String ciphers)
     
    static void
    setTrustFlags(org.mozilla.jss.crypto.X509Certificate cert, String trustFlags)
     
    static boolean
    sharedSecretExists(String nickname)
     
    static org.mozilla.jss.netscape.security.x509.X509CertImpl
    signCert(PrivateKey privateKey, org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo, String alg)
    Signs certificate.
    static org.mozilla.jss.netscape.security.x509.X509CertImpl
    signCert(PrivateKey privateKey, org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo, org.mozilla.jss.crypto.SignatureAlgorithm signingAlgorithm)
     
    static org.mozilla.jss.netscape.security.x509.X509CertImpl
    signECCCert(PrivateKey privateKey, org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
     
    static byte[]
    string2byte(String id)
    Converts a signed, variable-length hexadecimal number into a byte array, which may not be identical to the original byte array.
    static String
    stripCertBrackets(String s)
    strips out the begin and end certificate brackets
    static void
    trustAuditSigningCert(org.mozilla.jss.crypto.X509Certificate cert)
     
    static void
    trustCACert(org.mozilla.jss.crypto.X509Certificate cert)
     
    static void
    trustCert(org.mozilla.jss.pkcs11.PK11Cert cert)
    Trusts a certificate.
    static void
    trustCertByNickname(String nickname)
    Trusts a certificate by nickname.
    static void
    unsetSSLCiphers()
     
    static void
    unsetSSLCiphers(org.mozilla.jss.ssl.SSLSocket soc)
     
    static void
    unTrustCert(org.mozilla.jss.pkcs11.PK11Cert cert)
     
    static org.mozilla.jss.crypto.PrivateKey
    unwrap(org.mozilla.jss.crypto.CryptoToken token, PublicKey pubKey, boolean temporary, org.mozilla.jss.crypto.SymmetricKey wrappingKey, byte[] wrappedData, org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm, org.mozilla.jss.crypto.IVParameterSpec wrapIV)
     
    static org.mozilla.jss.crypto.SymmetricKey
    unwrap(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey.Type keyType, int strength, org.mozilla.jss.crypto.SymmetricKey.Usage usage, org.mozilla.jss.crypto.PrivateKey wrappingKey, byte[] wrappedData, org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm)
     
    static org.mozilla.jss.crypto.SymmetricKey
    unwrap(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey.Type keyType, int strength, org.mozilla.jss.crypto.SymmetricKey.Usage usage, org.mozilla.jss.crypto.SymmetricKey wrappingKey, byte[] wrappedData, org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm, org.mozilla.jss.crypto.IVParameterSpec wrappingIV)
     
    static org.mozilla.jss.crypto.SymmetricKey
    unwrapAESSKeyFromBytes(org.mozilla.jss.crypto.CryptoToken token, byte[] inputKeyArray, boolean isPerm)
     
    static org.mozilla.jss.crypto.SymmetricKey
    unwrapDESKeyFromBytes(org.mozilla.jss.crypto.CryptoToken token, byte[] inputKeyArray, boolean isPerm)
     
    static byte[]
    unwrapUsingPassphrase(byte[] wrappedRecoveredKey, String recoveryPassphrase)
     
    static byte[]
    wrapSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey sk)
     
    static byte[]
    wrapUsingPublicKey(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey data, org.mozilla.jss.crypto.KeyWrapAlgorithm alg)
     
    static byte[]
    wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey wrappingKey, org.mozilla.jss.crypto.PrivateKey data, org.mozilla.jss.crypto.IVParameterSpec ivspec, org.mozilla.jss.crypto.KeyWrapAlgorithm alg)
     
    static byte[]
    wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey data, org.mozilla.jss.crypto.IVParameterSpec ivspec, org.mozilla.jss.crypto.KeyWrapAlgorithm alg)
     

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • KEY_ID_LENGTH

      public static final int KEY_ID_LENGTH
      See Also:

    • INTERNAL_TOKEN_NAME

      public static final String INTERNAL_TOKEN_NAME
      See Also:

    • INTERNAL_TOKEN_FULL_NAME

      public static final String INTERNAL_TOKEN_FULL_NAME
      See Also:

    • LINE_COUNT

      public static final int LINE_COUNT
      See Also:

    • ECDHE_USAGES_MASK

      public static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] ECDHE_USAGES_MASK

    • ECDH_USAGES_MASK

      public static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] ECDH_USAGES_MASK

    • RSA_KEYPAIR_USAGES

      public static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] RSA_KEYPAIR_USAGES

    • RSA_KEYPAIR_USAGES_MASK

      public static final org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] RSA_KEYPAIR_USAGES_MASK

    • clientECCiphers

      public static final Integer[] clientECCiphers

    • clientECCipherList

      public static List<Integer> clientECCipherList

    • ecOIDs

      public static final Map<String, Vector<String>> ecOIDs

    • RSA_ENCRYPTION

      public static org.mozilla.jss.asn1.OBJECT_IDENTIFIER RSA_ENCRYPTION

  • Method Details

    • arraysEqual

      public static boolean arraysEqual(byte[] bytes, byte[] ints)

    • isInternalToken

      public static boolean isInternalToken(String name)

    • getCryptoToken

      public static org.mozilla.jss.crypto.CryptoToken getCryptoToken(String name) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.NoSuchTokenException
      Retrieves handle to a crypto token.
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.NoSuchTokenException

    • getKeyStorageToken

      public static org.mozilla.jss.crypto.CryptoToken getKeyStorageToken(String name) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.NoSuchTokenException
      Retrieves handle to a key store token.
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.NoSuchTokenException

    • getExternalTokens

      public static Enumeration<org.mozilla.jss.crypto.CryptoToken> getExternalTokens() throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.NoSuchTokenException
      Retrieves handle to a key store token.
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.NoSuchTokenException

    • generateRSAKeyPair

      public static KeyPair generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize) throws Exception
      Throws:
      Exception

    • generateRSAKeyPair

      public static KeyPair generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) throws Exception
      Throws:
      Exception

    • generateRSAKeyPair

      public static KeyPair generateRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) throws Exception
      Generates an RSA key pair.
      Throws:
      Exception

    • generateMLDSAKeyPair

      public static KeyPair generateMLDSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) throws Exception
      Generates an MLDSA key pair.
      Throws:
      Exception

    • isECCKey

      public static boolean isECCKey(org.mozilla.jss.netscape.security.x509.X509Key key)

    • generateECCKeyPair

      public static KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName) throws Exception
      Throws:
      Exception

    • generateECCKeyPair

      public static KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) throws Exception
      Throws:
      Exception

    • generateECCKeyPair

      public static KeyPair generateECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) throws Exception
      Generate an ECC key pair. temporary, sensitive, extractable, and usages are per defined in JSS pkcs11/PK11KeyPairGenerator.java
      Throws:
      Exception

    • setClientCiphers

      public static void setClientCiphers(String list) throws SocketException
      Throws:
      SocketException

    • setClientCiphers

      public static void setClientCiphers(org.mozilla.jss.ssl.SSLSocket soc, String list) throws SocketException
      Throws:
      SocketException

    • setSSLCiphers

      public static void setSSLCiphers(String ciphers) throws SocketException
      Throws:
      SocketException

    • setSSLCipher

      public static void setSSLCipher(org.mozilla.jss.ssl.SSLSocket soc, String name, boolean enabled) throws SocketException
      Throws:
      SocketException

    • setSSLCipher

      public static void setSSLCipher(String name, boolean enabled) throws SocketException
      Throws:
      SocketException

    • setDefaultSSLCiphers

      public static void setDefaultSSLCiphers() throws SocketException
      Throws:
      SocketException

    • unsetSSLCiphers

      public static void unsetSSLCiphers() throws SocketException
      Throws:
      SocketException

    • unsetSSLCiphers

      public static void unsetSSLCiphers(org.mozilla.jss.ssl.SSLSocket soc) throws SocketException
      Throws:
      SocketException

    • getModulus

      public static byte[] getModulus(PublicKey pubk)

    • getPublicExponent

      public static byte[] getPublicExponent(PublicKey pubk)

    • base64Encode

      public static String base64Encode(byte[] bytes) throws IOException
      Throws:
      IOException

    • base64Decode

      public static byte[] base64Decode(String s)

    • reqFormat

      public static String reqFormat(String content)

    • certFormat

      public static String certFormat(String content)

    • stripCertBrackets

      public static String stripCertBrackets(String s)
      strips out the begin and end certificate brackets
      Parameters:
      s - the string potentially bracketed with "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
      Returns:
      string without the brackets

    • normalizeCertAndReq

      public static String normalizeCertAndReq(String s)

    • normalizeCertStr

      public static String normalizeCertStr(String s)

    • importPKCS7

      public static org.mozilla.jss.crypto.X509Certificate[] importPKCS7(org.mozilla.jss.netscape.security.pkcs.PKCS7 pkcs7, String nickname, String trustFlags) throws Exception
      Throws:
      Exception

    • importPKCS7

      public static org.mozilla.jss.crypto.X509Certificate[] importPKCS7(org.mozilla.jss.netscape.security.pkcs.PKCS7 pkcs7) throws Exception
      Throws:
      Exception

    • importCertificateChain

      public static void importCertificateChain(byte[] bytes) throws Exception
      Throws:
      Exception

    • createX509Key

      public static org.mozilla.jss.netscape.security.x509.X509Key createX509Key(PublicKey publicKey) throws InvalidKeyException
      Throws:
      InvalidKeyException

    • createX509CertInfo

      public static org.mozilla.jss.netscape.security.x509.X509CertInfo createX509CertInfo(org.mozilla.jss.netscape.security.x509.X509Key x509key, BigInteger serialno, org.mozilla.jss.netscape.security.x509.CertificateIssuerName issuerName, org.mozilla.jss.netscape.security.x509.X500Name subjectName, Date notBefore, Date notAfter, String alg, org.mozilla.jss.netscape.security.x509.CertificateExtensions extensions) throws IOException, CertificateException, NoSuchAlgorithmException
      Creates a Certificate template.
      Throws:
      IOException
      CertificateException
      NoSuchAlgorithmException

    • signECCCert

      public static org.mozilla.jss.netscape.security.x509.X509CertImpl signECCCert(PrivateKey privateKey, org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws Exception
      Throws:
      Exception

    • signCert

      public static org.mozilla.jss.netscape.security.x509.X509CertImpl signCert(PrivateKey privateKey, org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo, String alg) throws Exception
      Signs certificate.
      Throws:
      Exception

    • signCert

      public static org.mozilla.jss.netscape.security.x509.X509CertImpl signCert(PrivateKey privateKey, org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo, org.mozilla.jss.crypto.SignatureAlgorithm signingAlgorithm) throws Exception
      Throws:
      Exception

    • createPKCS10Request

      public static org.mozilla.jss.netscape.security.pkcs.PKCS10 createPKCS10Request(String subjectName, boolean encodeSubj, KeyPair keyPair, String alg, org.mozilla.jss.netscape.security.x509.Extensions exts) throws Exception
      Creates a PKCS #10 request.
      Throws:
      Exception

    • createSigner

      public static org.mozilla.jss.crypto.Signature createSigner(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SignatureAlgorithm signatureAlgorithm, KeyPair keyPair) throws Exception
      Throws:
      Exception

    • isEncoded

      public static boolean isEncoded(String elementValue)

    • createAVA

      public static org.mozilla.jss.pkix.primitive.AVA createAVA(org.mozilla.jss.asn1.OBJECT_IDENTIFIER oid, int n, String elementValue) throws Exception
      Throws:
      Exception

    • createName

      public static org.mozilla.jss.pkix.primitive.Name createName(String dn, boolean encodingEnabled) throws Exception
      Throws:
      Exception

    • createKeyIdentifier

      public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier(KeyPair keypair) throws InvalidKeyException
      Throws:
      InvalidKeyException

    • generateKeyIdentifier

      public static byte[] generateKeyIdentifier(byte[] rawKey)

    • generateKeyIdentifier

      public static byte[] generateKeyIdentifier(byte[] rawKey, String alg)

    • getSKIString

      public static String getSKIString(org.mozilla.jss.netscape.security.x509.X509CertImpl cert) throws IOException
      Throws:
      IOException

    • getExtensionFromPKCS10

      public static org.mozilla.jss.netscape.security.x509.Extension getExtensionFromPKCS10(org.mozilla.jss.netscape.security.pkcs.PKCS10 pkcs10, String extnName) throws IOException, CertificateException
      Throws:
      IOException
      CertificateException

    • unTrustCert

      public static void unTrustCert(org.mozilla.jss.pkcs11.PK11Cert cert)

    • trustCertByNickname

      public static void trustCertByNickname(String nickname) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException
      Trusts a certificate by nickname.
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException

    • trustCert

      public static void trustCert(org.mozilla.jss.pkcs11.PK11Cert cert)
      Trusts a certificate.

    • setTrustFlags

      public static void setTrustFlags(org.mozilla.jss.crypto.X509Certificate cert, String trustFlags) throws Exception
      Throws:
      Exception

    • trustCACert

      public static void trustCACert(org.mozilla.jss.crypto.X509Certificate cert)

    • trustAuditSigningCert

      public static void trustAuditSigningCert(org.mozilla.jss.crypto.X509Certificate cert)

    • isCertTrusted

      public static boolean isCertTrusted(org.mozilla.jss.pkcs11.PK11Cert cert)
      To certificate server point of view, SSL trust is what we referring.

    • isTrust

      public static boolean isTrust(int flag)

    • generateKey

      public static org.mozilla.jss.crypto.SymmetricKey generateKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.KeyGenAlgorithm alg, int keySize, org.mozilla.jss.crypto.SymmetricKey.Usage[] usages, boolean temporary) throws Exception
      Throws:
      Exception

    • generateKey

      public static org.mozilla.jss.crypto.SymmetricKey generateKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.KeyGenAlgorithm alg, int keySize, org.mozilla.jss.crypto.SymmetricKey.Usage[] usages, boolean temporary, Boolean sensitive) throws Exception
      Throws:
      Exception

    • compare

      public static boolean compare(byte[] src, byte[] dest)
      Compares 2 byte arrays to see if they are the same.

    • byte2string

      public static String byte2string(byte[] id)
      Converts any length byte array into a signed, variable-length hexadecimal number.

    • string2byte

      public static byte[] string2byte(String id)
      Converts a signed, variable-length hexadecimal number into a byte array, which may not be identical to the original byte array.

    • encodeKeyID

      public static String encodeKeyID(byte[] keyID)
      Converts NSS key ID from a 20 byte array into a signed, variable-length hexadecimal number (to maintain compatibility with byte2string()).

    • decodeKeyID

      public static byte[] decodeKeyID(String id) throws org.apache.commons.codec.DecoderException
      Converts NSS key ID from a signed, variable-length hexadecimal number into a 20 byte array, which will be identical to the original byte array.
      Throws:
      org.apache.commons.codec.DecoderException

    • hexString2Bytes

      public static byte[] hexString2Bytes(String string)
      Converts string containing pairs of characters in the range of '0' to '9', 'a' to 'f' to an array of bytes such that each pair of characters in the string represents an individual byte

    • bytesToChars

      public static char[] bytesToChars(byte[] bytes)

    • charsToBytes

      public static byte[] charsToBytes(char[] chars)

    • createPasswordFromBytes

      public static org.mozilla.jss.util.Password createPasswordFromBytes(byte[] bytes)
      Create a jss Password object from a provided byte array.

    • findPrivateKey

      public static org.mozilla.jss.crypto.PrivateKey findPrivateKey(byte[] id) throws Exception
      Finds private key by key ID in all tokens.
      Throws:
      Exception

    • findPrivateKey

      public static org.mozilla.jss.crypto.PrivateKey findPrivateKey(org.mozilla.jss.crypto.CryptoToken token, byte[] id) throws Exception
      Finds private key by key ID in specified token.
      Throws:
      Exception

    • findPrivateKey

      public static org.mozilla.jss.crypto.PrivateKey findPrivateKey(String nickname) throws Exception
      Finds private key by cert nickname.
      Throws:
      Exception

    • getAllUserCerts

      public static org.mozilla.jss.netscape.security.x509.X509CertImpl[] getAllUserCerts() throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException
      Retrieves all user certificates from all tokens.
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException

    • deletePrivateKey

      public static void deletePrivateKey(org.mozilla.jss.crypto.PrivateKey prikey) throws org.mozilla.jss.crypto.TokenException
      Deletes a private key.
      Throws:
      org.mozilla.jss.crypto.TokenException

    • deleteCertificates

      public static void deleteCertificates(String nickname) throws org.mozilla.jss.crypto.TokenException, org.mozilla.jss.crypto.ObjectNotFoundException, org.mozilla.jss.crypto.NoSuchItemOnTokenException, org.mozilla.jss.NotInitializedException
      Deletes all certificates by a nickname.
      Throws:
      org.mozilla.jss.crypto.TokenException
      org.mozilla.jss.crypto.ObjectNotFoundException
      org.mozilla.jss.crypto.NoSuchItemOnTokenException
      org.mozilla.jss.NotInitializedException

    • deleteCertificates

      public static void deleteCertificates(String nickname, boolean removeKey) throws org.mozilla.jss.crypto.TokenException, org.mozilla.jss.crypto.ObjectNotFoundException, org.mozilla.jss.crypto.NoSuchItemOnTokenException, org.mozilla.jss.NotInitializedException
      Throws:
      org.mozilla.jss.crypto.TokenException
      org.mozilla.jss.crypto.ObjectNotFoundException
      org.mozilla.jss.crypto.NoSuchItemOnTokenException
      org.mozilla.jss.NotInitializedException

    • deleteUserCertificates

      public static void deleteUserCertificates(String nickname) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException
      Deletes user certificates by a nickname.
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException

    • importUserCertificateChain

      public static org.mozilla.jss.crypto.X509Certificate importUserCertificateChain(String c, String nickname) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.NicknameConflictException, org.mozilla.jss.UserCertConflictException, org.mozilla.jss.crypto.NoSuchItemOnTokenException, org.mozilla.jss.crypto.TokenException, CertificateEncodingException
      Imports a PKCS#7 certificate chain that includes the user certificate, and trusts the certificate.
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.NicknameConflictException
      org.mozilla.jss.UserCertConflictException
      org.mozilla.jss.crypto.NoSuchItemOnTokenException
      org.mozilla.jss.crypto.TokenException
      CertificateEncodingException

    • importUserCertificate

      public static org.mozilla.jss.crypto.X509Certificate importUserCertificate(byte[] bytes, String nickname) throws org.mozilla.jss.NotInitializedException, CertificateEncodingException, org.mozilla.jss.crypto.NoSuchItemOnTokenException, org.mozilla.jss.crypto.TokenException, org.mozilla.jss.NicknameConflictException, org.mozilla.jss.UserCertConflictException
      Imports a user certificate.
      Throws:
      org.mozilla.jss.NotInitializedException
      CertificateEncodingException
      org.mozilla.jss.crypto.NoSuchItemOnTokenException
      org.mozilla.jss.crypto.TokenException
      org.mozilla.jss.NicknameConflictException
      org.mozilla.jss.UserCertConflictException

    • getX509CertificateFromPKCS7

      public static X509Certificate[] getX509CertificateFromPKCS7(byte[] b) throws IOException
      Throws:
      IOException

    • getNonceData

      public static byte[] getNonceData(int size) throws GeneralSecurityException
      Generates a nonce_iv for padding.
      Throws:
      GeneralSecurityException

    • getRandomNumberGenerator

      public static SecureRandom getRandomNumberGenerator() throws GeneralSecurityException
      Throws:
      GeneralSecurityException

    • obscureChars

      public static void obscureChars(char[] memory)

    • obscureBytes

      public static void obscureBytes(byte[] memory, String method)

    • unwrapUsingPassphrase

      public static byte[] unwrapUsingPassphrase(byte[] wrappedRecoveredKey, String recoveryPassphrase) throws IOException, org.mozilla.jss.asn1.InvalidBERException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException, org.mozilla.jss.crypto.IllegalBlockSizeException, BadPaddingException
      Throws:
      IOException
      org.mozilla.jss.asn1.InvalidBERException
      InvalidKeyException
      IllegalStateException
      NoSuchAlgorithmException
      InvalidAlgorithmParameterException
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException
      org.mozilla.jss.crypto.IllegalBlockSizeException
      BadPaddingException

    • encryptSecret

      public static byte[] encryptSecret(org.mozilla.jss.crypto.CryptoToken token, byte[] secret, org.mozilla.jss.crypto.IVParameterSpec iv, org.mozilla.jss.crypto.SymmetricKey key, org.mozilla.jss.crypto.EncryptionAlgorithm algorithm) throws NoSuchAlgorithmException, org.mozilla.jss.crypto.TokenException, InvalidKeyException, InvalidAlgorithmParameterException, org.mozilla.jss.crypto.IllegalBlockSizeException, BadPaddingException
      Throws:
      NoSuchAlgorithmException
      org.mozilla.jss.crypto.TokenException
      InvalidKeyException
      InvalidAlgorithmParameterException
      org.mozilla.jss.crypto.IllegalBlockSizeException
      BadPaddingException

    • wrapSymmetricKey

      public static byte[] wrapSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey sk) throws Exception
      Throws:
      Exception

    • createPKIArchiveOptions

      public static org.mozilla.jss.pkix.crmf.PKIArchiveOptions createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.PrivateKey data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) throws Exception
      Throws:
      Exception

    • createEncodedPKIArchiveOptions

      public static byte[] createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.PrivateKey data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) throws Exception
      Throws:
      Exception

    • createEncodedPKIArchiveOptions

      public static byte[] createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) throws Exception
      Throws:
      Exception

    • createPKIArchiveOptions

      public static org.mozilla.jss.pkix.crmf.PKIArchiveOptions createPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, char[] data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) throws Exception
      Throws:
      Exception

    • createEncodedPKIArchiveOptions

      public static byte[] createEncodedPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, char[] data, org.mozilla.jss.netscape.security.util.WrappingParams params, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid) throws Exception
      Throws:
      Exception

    • createPKIArchiveOptions

      public static org.mozilla.jss.pkix.crmf.PKIArchiveOptions createPKIArchiveOptions(byte[] session_data, byte[] key_data, org.mozilla.jss.pkix.primitive.AlgorithmIdentifier aid)

    • encodePKIArchiveOptions

      public static byte[] encodePKIArchiveOptions(org.mozilla.jss.pkix.crmf.PKIArchiveOptions opts) throws Exception
      Throws:
      Exception

    • importPKIArchiveOptions

      public static org.mozilla.jss.crypto.PrivateKey importPKIArchiveOptions(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.PrivateKey unwrappingKey, PublicKey pubkey, byte[] data, boolean useOAEPKeyWrap) throws org.mozilla.jss.asn1.InvalidBERException, Exception
      Throws:
      org.mozilla.jss.asn1.InvalidBERException
      Exception

    • sharedSecretExists

      public static boolean sharedSecretExists(String nickname) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException

    • createSharedSecret

      public static void createSharedSecret(String nickname) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException

    • createSharedSecret

      public static void createSharedSecret(String nickname, org.mozilla.jss.crypto.KeyGenAlgorithm alg, int keySize) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException, Exception
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException
      Exception

    • deleteSharedSecret

      public static void deleteSharedSecret(String nickname) throws org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException, InvalidKeyException
      Throws:
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException
      InvalidKeyException

    • createDes3SessionKeyOnInternal

      public static org.mozilla.jss.crypto.SymmetricKey createDes3SessionKeyOnInternal() throws Exception
      Throws:
      Exception

    • createAESSessionKeyOnInternal

      public static org.mozilla.jss.crypto.SymmetricKey createAESSessionKeyOnInternal(int keySize) throws Exception
      Throws:
      Exception

    • exportSharedSecret

      public static List<byte[]> exportSharedSecret(String nickname, X509Certificate wrappingCert, org.mozilla.jss.crypto.SymmetricKey wrappingKey) throws Exception
      Throws:
      Exception

    • exportSharedSecret

      public static List<byte[]> exportSharedSecret(String nickname, X509Certificate wrappingCert, org.mozilla.jss.crypto.SymmetricKey wrappingKey, boolean useOAEPKeyWrap) throws Exception
      Throws:
      Exception

    • exportSharedSecretWithAES

      public static List<byte[]> exportSharedSecretWithAES(String nickname, X509Certificate wrappingCert, org.mozilla.jss.crypto.SymmetricKey wrappingKey, boolean useOAEPKeyWrap) throws Exception
      Throws:
      Exception

    • importSharedSecret

      public static void importSharedSecret(byte[] wrappedSessionKey, byte[] wrappedSharedSecret, String subsystemCertNickname, String sharedSecretNickname) throws Exception, org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.TokenException, NoSuchAlgorithmException, org.mozilla.jss.crypto.ObjectNotFoundException, InvalidKeyException, InvalidAlgorithmParameterException, IOException
      Throws:
      Exception
      org.mozilla.jss.NotInitializedException
      org.mozilla.jss.crypto.TokenException
      NoSuchAlgorithmException
      org.mozilla.jss.crypto.ObjectNotFoundException
      InvalidKeyException
      InvalidAlgorithmParameterException
      IOException

    • getSymKeyByName

      public static org.mozilla.jss.crypto.SymmetricKey getSymKeyByName(org.mozilla.jss.crypto.CryptoToken token, String name) throws Exception
      Throws:
      Exception

    • getECcurves

      public static String[] getECcurves()

    • getECKeyCurve

      public static Vector<String> getECKeyCurve(org.mozilla.jss.netscape.security.x509.X509Key key) throws Exception
      Throws:
      Exception

    • decryptUsingSymmetricKey

      public static byte[] decryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.IVParameterSpec ivspec, byte[] encryptedData, org.mozilla.jss.crypto.SymmetricKey wrappingKey, org.mozilla.jss.crypto.EncryptionAlgorithm encryptionAlgorithm) throws Exception
      ///////////////////////////////////////////////////////////////////////////////////////////
      Throws:
      Exception

    • encryptUsingSymmetricKey

      public static byte[] encryptUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey wrappingKey, byte[] data, org.mozilla.jss.crypto.EncryptionAlgorithm alg, org.mozilla.jss.crypto.IVParameterSpec ivspec) throws Exception
      Throws:
      Exception

    • getWrappingParams

      public static org.mozilla.jss.netscape.security.util.WrappingParams getWrappingParams(org.mozilla.jss.crypto.KeyWrapAlgorithm kwAlg, byte[] iv, boolean useOAEP) throws Exception
      Throws:
      Exception

    • wrapUsingSymmetricKey

      public static byte[] wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey data, org.mozilla.jss.crypto.IVParameterSpec ivspec, org.mozilla.jss.crypto.KeyWrapAlgorithm alg) throws Exception
      Throws:
      Exception

    • wrapUsingSymmetricKey

      public static byte[] wrapUsingSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey wrappingKey, org.mozilla.jss.crypto.PrivateKey data, org.mozilla.jss.crypto.IVParameterSpec ivspec, org.mozilla.jss.crypto.KeyWrapAlgorithm alg) throws Exception
      Throws:
      Exception

    • wrapUsingPublicKey

      public static byte[] wrapUsingPublicKey(org.mozilla.jss.crypto.CryptoToken token, PublicKey wrappingKey, org.mozilla.jss.crypto.SymmetricKey data, org.mozilla.jss.crypto.KeyWrapAlgorithm alg) throws Exception
      Throws:
      Exception

    • unwrap

      public static org.mozilla.jss.crypto.SymmetricKey unwrap(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey.Type keyType, int strength, org.mozilla.jss.crypto.SymmetricKey.Usage usage, org.mozilla.jss.crypto.SymmetricKey wrappingKey, byte[] wrappedData, org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm, org.mozilla.jss.crypto.IVParameterSpec wrappingIV) throws Exception
      Throws:
      Exception

    • unwrap

      public static org.mozilla.jss.crypto.SymmetricKey unwrap(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.SymmetricKey.Type keyType, int strength, org.mozilla.jss.crypto.SymmetricKey.Usage usage, org.mozilla.jss.crypto.PrivateKey wrappingKey, byte[] wrappedData, org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm) throws Exception
      Throws:
      Exception

    • unwrap

      public static org.mozilla.jss.crypto.PrivateKey unwrap(org.mozilla.jss.crypto.CryptoToken token, PublicKey pubKey, boolean temporary, org.mozilla.jss.crypto.SymmetricKey wrappingKey, byte[] wrappedData, org.mozilla.jss.crypto.KeyWrapAlgorithm wrapAlgorithm, org.mozilla.jss.crypto.IVParameterSpec wrapIV) throws Exception
      Throws:
      Exception

    • unwrapAESSKeyFromBytes

      public static org.mozilla.jss.crypto.SymmetricKey unwrapAESSKeyFromBytes(org.mozilla.jss.crypto.CryptoToken token, byte[] inputKeyArray, boolean isPerm) throws Exception
      Throws:
      Exception

    • unwrapDESKeyFromBytes

      public static org.mozilla.jss.crypto.SymmetricKey unwrapDESKeyFromBytes(org.mozilla.jss.crypto.CryptoToken token, byte[] inputKeyArray, boolean isPerm) throws Exception
      Throws:
      Exception

    • createEnvelopedData

      public static org.mozilla.jss.pkix.cms.EnvelopedData createEnvelopedData(byte[] encContent, byte[] encSymKey) throws Exception
      for CMC encryptedPOP
      Throws:
      Exception

    • getDefaultHashAlgName

      public static String getDefaultHashAlgName()
      The following are convenience routines for quick preliminary feature development or test programs that would just take the defaults

    • getDefaultHashAlg

      public static org.mozilla.jss.pkix.primitive.AlgorithmIdentifier getDefaultHashAlg() throws Exception
      Throws:
      Exception

    • importHmacSha1Key

      @Deprecated(since="11.0.1", forRemoval=true) public static Key importHmacSha1Key(byte[] key) throws Exception
      Deprecated, for removal: This API element is subject to removal in a future version.
      importHmacSha1Key returns a key based on a byte array, which is originally a password. Used for the HMAC Digest algorithms.
      Parameters:
      key - the byte array representing the original password or secret.
      Returns:
      The JSS SymKey
      Throws:
      Exception

    • getHMACtoMessageDigestName

      public static String getHMACtoMessageDigestName(String name)
      maps from HMACAlgorithm name to FIPS 180-2 MessageDigest algorithm name

    • getHMACAlgorithmOID

      public static org.mozilla.jss.asn1.OBJECT_IDENTIFIER getHMACAlgorithmOID(String name) throws NoSuchAlgorithmException
      getHMACAlgorithmOID returns OID of the HMAC algorithm name
      Parameters:
      name - name of the HMAC algorithm
      Returns:
      OID of the HMAC algorithm
      Throws:
      NoSuchAlgorithmException

    • getHashAlgorithmOID

      public static org.mozilla.jss.asn1.OBJECT_IDENTIFIER getHashAlgorithmOID(String name) throws NoSuchAlgorithmException
      getHashAlgorithmOID returns OID of the hashing algorithm name
      Parameters:
      name - name of the hashing algorithm
      Returns:
      OID of the hashing algorithm
      Throws:
      NoSuchAlgorithmException

    • getNameFromHashAlgorithm

      public static String getNameFromHashAlgorithm(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier ai) throws NoSuchAlgorithmException
      getNameFromHashAlgorithm returns the hashing algorithm name from input Algorithm
      Parameters:
      ai - the hashing algorithm AlgorithmIdentifier
      Returns:
      name of the hashing algorithm
      Throws:
      NoSuchAlgorithmException

    • getHMACAlgName

      public static String getHMACAlgName(String name)
      Maps from HMACAlgorithm name to JSS Provider HMAC Alg name.

    • getOID

      public static org.mozilla.jss.asn1.OBJECT_IDENTIFIER getOID(org.mozilla.jss.crypto.KeyWrapAlgorithm kwAlg) throws NoSuchAlgorithmException
      Throws:
      NoSuchAlgorithmException

    • mapSignatureAlgorithmToInternalName

      public static String mapSignatureAlgorithmToInternalName(org.mozilla.jss.crypto.SignatureAlgorithm alg) throws NoSuchAlgorithmException
      Throws:
      NoSuchAlgorithmException

    • getDesParity

      public static byte[] getDesParity(byte[] key) throws Exception
      Throws:
      Exception

    • generateUsage

      public static org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] generateUsage(String usage)

    • generateSymmetricKeyUsage

      public static org.mozilla.jss.crypto.SymmetricKey.Usage[] generateSymmetricKeyUsage(String usage)