Package opencard.opt.signature

Interface KeyGenerationCardService

  • All Superinterfaces:
    CardServiceInterface, SecureService, SignatureCardService
    All Known Subinterfaces:
    KeyGenerationCardServiceWithSpec
    All Known Implementing Classes:
    SmartCardHSMCardService
    public interface KeyGenerationCardService
extends SignatureCardService
    KeyGenerationCardService The SignatureCardService offers methods to generate and verify a signature as well as key import, verification and generation methods. Many smartcard applications will work with existing keys imported during initialization or personalization instead of importing/generating them at runtime. Thus the functionality for
    • signature generation and verification
    • key import and verification
    • key generation
    is split into three interfaces "SignatureCardService", "KeyImportCardService" and "KeyGenerationCardService". Card service realizations of these interfaces need only implement the functionality needed by the application or supported by the specific card. This solution also offers potential for downsizing opencard for use in embedded devises with small memory resources.
    Author:
    Peter Bendel (peter_bendel@de.ibm.com)
    See Also:
    SignatureCardService, KeyImportCardService

    • Method Detail

      • generateKeyPair

        void generateKeyPair​(PrivateKeyRef privateDest,
                     PublicKeyRef publicDest,
                     int strength,
                     java.lang.String keyAlgorithm)
              throws CardServiceException,
                     java.security.InvalidKeyException,
                     CardTerminalException
        Generate a pair of PKA keys on card.
        Parameters:
        privateDest - Location on card where the private key should be stored.
        publicDest - Location on card where the public key should be stored
        strength - number of bits in the generated key
        keyAlgorithm - Standard Algorithm names as defined in the Java Cryptography Architecture API Specification & Reference for example DSA: Digital Signature Algorithm, as defined in Digital Signature Standard, NIST FIPS 186. RSA: The Rivest, Shamir and Adleman AsymmetricCipher algorithm.
        Throws:
        java.security.InvalidKeyException - Thrown when the key files do not match the requested strength or algorithm.
        CardServiceException - Thrown when the card does not support the requested strength or algorithm.
        CardTerminalException - any subclass of CardTerminalException

      • readPublicKey

        java.security.PublicKey readPublicKey​(PublicKeyRef pulicKey,
                                      java.lang.String keyAlgorithm)
                               throws CardServiceException,
                                      java.security.InvalidKeyException,
                                      CardTerminalException
        Read a public key (that was generated on the card) from the card.
        Parameters:
        pulicKey - Reference to the key on card that should be read.
        keyAlgorithm - Standard Algorithm names as defined in the Java Cryptography Architecture API Specification & Reference for example DSA: Digital Signature Algorithm, as defined in Digital Signature Standard, NIST FIPS 186. RSA: The Rivest, Shamir and Adleman AsymmetricCipher algorithm.
        Returns:
        key The public key
        Throws:
        java.security.InvalidKeyException - Thrown when the key file does not match the requested algorithm.
        CardServiceException - access conditions do not allow reading the key, key is not found
        CardTerminalException - any subclass of CardTerminalException