com.ibm.crypto.pkcs11impl.provider
Class IBMPKCS11Impl

java.lang.Object
  extended by java.util.Dictionary<K,V>
      extended by java.util.Hashtable<java.lang.Object,java.lang.Object>
          extended by java.util.Properties
              extended by java.security.Provider
                  extended by java.security.AuthProvider
                      extended by com.ibm.crypto.pkcs11impl.provider.IBMPKCS11Impl
All Implemented Interfaces:
java.io.Serializable, java.lang.Cloneable, java.util.Map<java.lang.Object,java.lang.Object>

public final class IBMPKCS11Impl
extends java.security.AuthProvider

Defines the "IBMPKCS11Impl" provider. Supports algorithms that the configured card supports with in the following limits: This provider only supports the following algorithms. It is possible that the configured card supports more than this: This provider only supports the following algorithms. It is possible that the configured card supports more than this: - MD2 - MD5 - SHA1 SHA256 SHA384 SHA512 - MD2withRSA - MD5withRSA - SHA1withRSA - SHA1withDSA - DES - 3DES - AES - Blowfish - RC4 - RSA - DH Key agreement - HmacMD5 - HmacSHA1 HmacSHA256 HmacSHA384 HmacSHA512

See Also:
Serialized Form

Nested Class Summary
 
Nested classes/interfaces inherited from class java.security.Provider
java.security.Provider.Service
 
Nested classes/interfaces inherited from interface java.util.Map
java.util.Map.Entry<K,V>
 
Constructor Summary
IBMPKCS11Impl()
          Creates the provider and expects that the current ACC contains a PKCS11Principal.
IBMPKCS11Impl(java.lang.String fullFileName)
          Creates the provider using the PKCS #11 library name and slot number or via a configuration file (for example cryptoki.dll:0 or /usr/foo/config.card).
 
Method Summary
 void Init(java.lang.String fullFileName, char[] passwd)
          Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.
 void login(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler handler)
          Log in to the hardware device for the associated session.
 void logout()
          Log out from the associated session
 void removeSession()
          Removes and closes the session that is currently associated with the provider.
 void setCallbackHandler(javax.security.auth.callback.CallbackHandler handler)
          Sets the CallbackHandler for this provider.
 
Methods inherited from class java.security.Provider
clear, entrySet, getInfo, getName, getService, getServices, getVersion, keySet, load, put, putAll, remove, toString, values
 
Methods inherited from class java.util.Properties
getProperty, getProperty, list, list, loadFromXML, propertyNames, save, setProperty, store, storeToXML, storeToXML
 
Methods inherited from class java.util.Hashtable
clone, contains, containsKey, containsValue, elements, equals, get, hashCode, isEmpty, keys, size
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

IBMPKCS11Impl

public IBMPKCS11Impl()
Creates the provider and expects that the current ACC contains a PKCS11Principal.


IBMPKCS11Impl

public IBMPKCS11Impl(java.lang.String fullFileName)
              throws java.lang.Exception
Creates the provider using the PKCS #11 library name and slot number or via a configuration file (for example cryptoki.dll:0 or /usr/foo/config.card).

Throws:
java.lang.Exception
Method Detail

removeSession

public void removeSession()
Removes and closes the session that is currently associated with the provider.


Init

public void Init(java.lang.String fullFileName,
                 char[] passwd)
          throws java.io.IOException
Creates or queries a PKCS11 session and than based on the session initializes what the provider can do.

Throws:
java.io.IOException

login

public void login(javax.security.auth.Subject subject,
                  javax.security.auth.callback.CallbackHandler handler)
           throws javax.security.auth.login.LoginException
Log in to the hardware device for the associated session.

Get the PIN using the handler supplied by the caller. This handler must support a PasswordCallback.

Specified by:
login in class java.security.AuthProvider
Parameters:
subject - this parameter is not used
handler - the CallbackHandler used by to get the PIN from the user.
Throws:
javax.security.auth.login.LoginException - if the login operation is unsuccessful
java.lang.SecurityException - if the does not pass a security check for SecurityPermission("authProvider.name"), where name is the name of the provider.

logout

public void logout()
            throws javax.security.auth.login.LoginException
Log out from the associated session

Specified by:
logout in class java.security.AuthProvider
Throws:
javax.security.auth.login.LoginException - if the logout operation is not successful
java.lang.SecurityException - if the does not pass a security check for SecurityPermission("authProvider.name"), where name is the value the providers name.

setCallbackHandler

public void setCallbackHandler(javax.security.auth.callback.CallbackHandler handler)
Sets the CallbackHandler for this provider.

The provider uses this handler if one is not passed in to the login method. The provider also uses this handler if it invokes login on behalf of callers.

Specified by:
setCallbackHandler in class java.security.AuthProvider
Parameters:
handler - a CallbackHandler for getting the authentication information. This may be null
Throws:
java.lang.SecurityException - if the caller does not have access to authProvider. name ", where name is the value the provider's name.