com.ibm.crypto.pkcs11impl.provider

Class IBMPKCS11Impl

  1. java.lang.Object
  2. extended byjava.util.Dictionary<K,V>
  3. extended byjava.util.Hashtable<java.lang.Object,java.lang.Object>
  4. extended byjava.util.Properties
  5. extended byjava.security.Provider
  6. extended byjava.security.AuthProvider
  7. extended bycom.ibm.crypto.pkcs11impl.provider.IBMPKCS11Impl
All implemented interfaces:
java.io.Serializable, java.lang.Cloneable, java.util.Map<java.lang.Object,java.lang.Object>

  1. public final class IBMPKCS11Impl
  2. extends java.security.AuthProvider
Defines the "IBMPKCS11Impl" provider. Supports algorithms that the configured card supports with in the following limits: This provider only supports the following algorithms. It is possible that the configured card supports more than this: This provider only supports the following algorithms. It is possible that the configured card supports more than this: - MD2 - MD5 - SHA1 SHA256 SHA384 SHA512 - MD2withRSA - MD5withRSA - SHA1withRSA - SHA1withDSA - DES - 3DES - AES - Blowfish - RC4 - RSA - DH Key agreement - HmacMD5 - HmacSHA1 HmacSHA256 HmacSHA384 HmacSHA512
See Also:
Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class java.security.Provider
java.security.Provider.Service

Constructor Summary

Constructor and Description
IBMPKCS11Impl()
Creates the provider and expects that the current ACC contains a PKCS11Principal.
IBMPKCS11Impl(java.io.BufferedReader in)
Creates the provider using the PKCS #11 library name and slot number.
IBMPKCS11Impl(java.lang.String fullFileName)
Creates the provider using the PKCS #11 library name and slot number or via a configuration file (for example cryptoki.dll:0 or /usr/foo/config.card).

Method Summary

Modifier and Type Method and Description
  1. void
close()
Closes all open session and cleans up crypto card resources.
  1. com.ibm.crypto.pkcs11impl.provider.SessionManager
getSessionManager()
  1. void
Init(java.io.BufferedReader in)
Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
  1. void
Init(java.lang.String fullFileName,char[] passwd)
Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
  1. void
login(javax.security.auth.Subject subject,javax.security.auth.callback.CallbackHandler handler)
Log in to the hardware device for the associated session.
  1. void
logout()
Log out from the associated session
  1. void
removeSession()
Removes and closes the session that is currently associated with the provider.
  1. void
setCallbackHandler(javax.security.auth.callback.CallbackHandler handler)
Sets the CallbackHandler for this provider.
Methods inherited from class java.security.Provider
clear, entrySet, getInfo, getName, getService, getServices, getVersion, keySet, load, put, putAll, remove, toString, values
Methods inherited from class java.util.Properties
getProperty, getProperty, list, list, load, loadFromXML, propertyNames, save, setProperty, store, store, storeToXML, storeToXML, stringPropertyNames
Methods inherited from class java.util.Hashtable
clone, contains, containsKey, containsValue, elements, equals, get, hashCode, isEmpty, keys, size
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

IBMPKCS11Impl

  1. public IBMPKCS11Impl()
Creates the provider and expects that the current ACC contains a PKCS11Principal.

IBMPKCS11Impl

  1. public IBMPKCS11Impl(java.lang.String fullFileName)
  2. throws java.lang.Exception
Creates the provider using the PKCS #11 library name and slot number or via a configuration file (for example cryptoki.dll:0 or /usr/foo/config.card).
Throws:
java.lang.Exception

IBMPKCS11Impl

  1. public IBMPKCS11Impl(java.io.BufferedReader in)
  2. throws java.lang.Exception
Creates the provider using the PKCS #11 library name and slot number. for example cryptoki.dll:0
Throws:
java.lang.Exception

Method Detail

getSessionManager

  1. public com.ibm.crypto.pkcs11impl.provider.SessionManager getSessionManager( )

removeSession

  1. public void removeSession()
Removes and closes the session that is currently associated with the provider.

Init

  1. public void Init(java.io.BufferedReader in)
  2. throws java.io.IOException
Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
Throws:
java.io.IOException

Init

  1. public void Init(java.lang.String fullFileName,
  2. char[] passwd)
  3. throws java.io.IOException
Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
Throws:
java.io.IOException

close

  1. public void close()
Closes all open session and cleans up crypto card resources.

Once this API is called, the provider has to be reinitialized to be useful.


login

  1. public void login(javax.security.auth.Subject subject,
  2. javax.security.auth.callback.CallbackHandler handler)
  3. throws javax.security.auth.login.LoginException
Log in to the hardware device for the associated session.

Get the PIN using the handler supplied by the caller. This handler must support a PasswordCallback.

Specified by:
login in class java.security.AuthProvider
Parameters:
subject - this parameter is not used
handler - the CallbackHandler used by to get the PIN from the user.
Throws:
javax.security.auth.login.LoginException - if the login operation is unsuccessful
java.lang.SecurityException - if the does not pass a security check for SecurityPermission("authProvider.name"), where name is the name of the provider.

logout

  1. public void logout()
  2. throws javax.security.auth.login.LoginException
Log out from the associated session
Specified by:
logout in class java.security.AuthProvider
Throws:
javax.security.auth.login.LoginException - if the logout operation is not successful
java.lang.SecurityException - if the does not pass a security check for SecurityPermission("authProvider.name"), where name is the value the providers name.

setCallbackHandler

  1. public void setCallbackHandler( javax.security.auth.callback.CallbackHandler handler)
Sets the CallbackHandler for this provider.

The provider uses this handler if one is not passed in to the login method. The provider also uses this handler if it invokes login on behalf of callers.

Specified by:
setCallbackHandler in class java.security.AuthProvider
Parameters:
handler - a CallbackHandler for getting the authentication information. This may be null
Throws:
java.lang.SecurityException - if the caller does not have access to authProvider. name ", where name is the value the provider's name.