Digital Authentication Framework
6.0.1.37
|
An implementation of this interface represents a cryptographic key or non-cryptographic stored value. More...
Public Member Functions | |
DAMetaData | getInfo () |
Get information about this instance. More... | |
DAMechanism[] | getMechanisms () |
Get the list of supported mechanisms. More... | |
void | encrypt (DAMessage msg) throws DAError |
Encrypt the message returned by msg.getPlaintext(), and place the result in msg. More... | |
void | decrypt (DAMessage msg) throws DAError |
Decrypt the ciphertext returned by msg.getCiphertext(), and place the plaintext in msg using msg.setPlaintext(). More... | |
void | sign (DAMessage msg) throws DAError |
Sign the message returned by msg.getPlaintext(), and place the signature in msg. More... | |
void | verify (DAMessage msg) throws DAError |
Verify the message returned by msg.getPlaintext() against the signature returned by msg.getCiphertext(). More... | |
byte[] | getData () throws DAError |
Returns the contents of a storage-only key. More... | |
void | setData (byte[] data) throws DAError |
Sets the contents of a storage-only key. More... | |
void | generateMaterial () throws DAError |
Regenerate underlying key material. More... | |
An implementation of this interface represents a cryptographic key or non-cryptographic stored value.
Operations exist to read and optionally write stored values, and perform cryptographic operations (such as sign/verify and encrypt/decrypt) with cryptographic keys. These cryptographic operations are performed on a DAMessage instance which encapsulates the plaintext and ciphertext as well as describing the mechanism used.
Decrypt the ciphertext returned by msg.getCiphertext(), and place the plaintext in msg using msg.setPlaintext().
msg.getMechanism() will always return non-null here, specifying what decryption mechanism to use.
msg | the object containing the message ciphertext (on entry) and plaintext (on exit) |
DAError | on failure |
Implemented in com.good.daf.class3.Class3Key, and com.good.daf.basic.BasicKey.
Encrypt the message returned by msg.getPlaintext(), and place the result in msg.
If msg.getMechanism() returns non-null, you should try to use that mechanism. If it is not supported, throw DAError.MechNotSupported.
If msg.getMechanism() returns null, choose an appropriate mechanism and call msg.setMechanism() to note your choice.
Place the ciphertext in msg using msg.setCiphertext(), and any IV likewise using msg.setIV().
msg | the object containing the message plaintext (on entry) and ciphertext (on exit) |
DAError | on failure |
Implemented in com.good.daf.class3.Class3Key, and com.good.daf.basic.BasicKey.
void com.good.daf.DAKey.generateMaterial | ( | ) | throws DAError |
Regenerate underlying key material.
DAF calls this to roll over the key material. The type and capabilities of the key should remain the same. Class 1 implementations may throw DAError.NotImplemented in which case DAF will use setData() instead.
DAError | on failure |
Implemented in com.good.daf.basic.BasicKey.
byte [] com.good.daf.DAKey.getData | ( | ) | throws DAError |
Returns the contents of a storage-only key.
DAError | on failure |
Implemented in com.good.daf.basic.BasicKey.
DAMetaData com.good.daf.DAKey.getInfo | ( | ) |
Get information about this instance.
This method will be called once shortly after construction and the result wrapped by the native translation layer.
This method is not allowed to fail except fatally (OutOfMemoryError, etc.)
Implemented in com.good.daf.class3.Class3Key, and com.good.daf.class2.Class2Key.
DAMechanism [] com.good.daf.DAKey.getMechanisms | ( | ) |
Get the list of supported mechanisms.
This method is not allowed to fail except fatally (OutOfMemoryError, etc.).
Implemented in com.good.daf.class3.Class3Key, com.good.daf.class2.Class2Key, and com.good.daf.basic.BasicKey.
void com.good.daf.DAKey.setData | ( | byte[] | data | ) | throws DAError |
Sets the contents of a storage-only key.
data | the new data to write to the storage. Never null. |
DAError | on failure |
Implemented in com.good.daf.basic.BasicKey.
Sign the message returned by msg.getPlaintext(), and place the signature in msg.
If msg.getMechanism() returns non-null, you should try to use that mechanism. If it is not supported, throw DAError.MechNotSupported.
If msg.getMechanism() returns null, choose an appropriate mechanism and call msg.setMechanism() to note your choice.
Place the signature in msg using msg.setCiphertext(), and any IV or nonce likewise using msg.setIV().
msg | the object containing the message plaintext (on entry) and signature (on exit) |
DAError | on failure |
Implemented in com.good.daf.class3.Class3Key, com.good.daf.class2.Class2Key, and com.good.daf.basic.BasicKey.
Verify the message returned by msg.getPlaintext() against the signature returned by msg.getCiphertext().
msg.getMechanism() will always return non-null here, specifying what signature verification mechanism to use.
If the signature is invalid, throw DAError.VerifyFailed.
msg | the object containing the message plaintext and signature |
DAError | on failure |
Implemented in com.good.daf.class2.Class2Key, and com.good.daf.basic.BasicKey.