net.rim.device.api.crypto
Class ECCryptoToken

java.lang.Object
  net.rim.device.api.crypto.ECCryptoToken

All Implemented Interfaces:

AsymmetricCryptoToken, CryptoToken, Persistable

public abstract class ECCryptoToken
extends Object
implements AsymmetricCryptoToken, Persistable

An interface for EC cryptographic tokens to implement.

Note: This class must be extended in order to override the default implementation.

Note: It is considered good practice to implement the equals and hashCode methods when extending this class. Otherwise, odd behaviour can occur.

Details on implementing for smart cards.

See Also:

ECCryptoSystem

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

Field Summary

Fields inherited from interface net.rim.device.api.crypto.AsymmetricCryptoToken

KEY_GENERATION, PRIVATE_KEY_OPERATION, PUBLIC_KEY_OPERATION

Constructor Summary
	protected	ECCryptoToken() Creates a new ECCryptoToken object.

Method Summary
	ECKeyPair	createECKeyPair(CryptoTokenCryptoSystemData cryptoTokenData) Returns the EC key pair associated with the crypto token.
	void	deleteECPrivateKey(CryptoTokenPrivateKeyData data) Delete the specified key on the crypto token.
	void	deleteECPublicKey(CryptoTokenPublicKeyData data) Delete the specified key on the crypto token.
	byte[]	extractECPrivateKeyData(CryptoTokenPrivateKeyData cryptoTokenData) Returns the private key data.
	byte[]	extractECPublicKeyData(CryptoTokenPrivateKeyData cryptoTokenData) Returns the public key data which is encoded as an ANSI X9.62 ECPoint object and preferably compressed.
	byte[]	extractECPublicKeyData(CryptoTokenPrivateKeyData cryptoTokenData, boolean compress) Returns the public key data which is encoded as an ANSI X9.62 ECPoint object.
	byte[]	extractECPublicKeyData(CryptoTokenPublicKeyData cryptoTokenData) Returns the EC public key data which is encoded as an ANSI X9.62 ECPoint object.
	byte[]	extractECPublicKeyData(CryptoTokenPublicKeyData cryptoTokenData, boolean compress) Returns the public key data which is encoded as an ANSI X9.62 ECPoint object.
	byte[]	generateECDHSharedSecret(CryptoTokenCryptoSystemData cryptoSystemData, CryptoTokenPrivateKeyData localPrivateKeyData, byte[] remotePublicKeyData, boolean useCofactor) Generates the shared secret for elliptic curve Diffie-Hellman key agreement using a given public key (from another party) and a private key.
	byte[]	generateECMQVSharedSecret(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData, CryptoTokenPrivateKeyData cryptoTokenLocalStaticPrivateKeyData, CryptoTokenPrivateKeyData cryptoTokenLocalEphemeralPrivateKeyData, CryptoTokenPublicKeyData cryptoTokenLocalEphemeralPublicKeyData, byte[] remoteStaticPublicKeyData, byte[] remoteEphemeralPublicKeyData, boolean useCofactor) Generates the shared secret using the elliptic curve key agreement developed by Menezes, Qu, and Vanstone.
	String	getAlgorithm() Returns the algorithm supported by this token, ie "EC".
	byte[]	getECCryptoSystemA(CryptoTokenCryptoSystemData cryptoTokenData) This functions returns the "a" coefficient of this elliptic curve, defined by the equation y^2 = x^3 + ax + b ( in the F_p case ) or y^2 + xy = x^3 + ax^2 + b ( in the F_2^m case ).
	byte[]	getECCryptoSystemB(CryptoTokenCryptoSystemData cryptoTokenData) This functions returns the "b" coefficient of this elliptic curve, defined by the equation y^2 = x^3 + ax + b ( in the F_p case ) or y^2 + xy = x^3 + ax^2 + b ( in the F_2^m case ).
	byte[]	getECCryptoSystemBasePoint(CryptoTokenCryptoSystemData cryptoTokenData) This function returns the base point of this elliptic curve.
	int	getECCryptoSystemBitLength(CryptoTokenCryptoSystemData cryptoTokenData) Returns the length (in bits) of the field for this system's curve.
	byte[]	getECCryptoSystemCofactor(CryptoTokenCryptoSystemData cryptoTokenData) This functions returns the cofactor of this elliptic curve.
	CryptoTokenCryptoSystemData	getECCryptoSystemData(String name) Creates a crypto system associated with this token.
	int	getECCryptoSystemFieldLength(CryptoTokenCryptoSystemData cryptoTokenData) Returns the length (in bytes) of the field for this system's curve.
	byte[]	getECCryptoSystemFieldReductor(CryptoTokenCryptoSystemData cryptoTokenData) This functions returns the field reductor of this elliptic curve.
	byte[]	getECCryptoSystemGroupOrder(CryptoTokenCryptoSystemData cryptoTokenData) This functions returns the number of points in the group generated by the base point of this elliptic curve.
	String	getECCryptoSystemName(CryptoTokenCryptoSystemData cryptoTokenData) Returns a String that indicates the name of the elliptic curve, eg "EC163K1".
	int	getECPrivateKeyLength(CryptoTokenCryptoSystemData cryptoTokenData) Returns the length (in bytes) of the private key for this system's curve.
	int	getECPublicKeyLength(CryptoTokenCryptoSystemData cryptoTokenData, boolean compressed) Returns the length (in bytes) of the public key for this system's curve when the public key is encoded as an ANSI X9.62 ECPoint object.
	ECCryptoSystem[]	getSuggestedECCryptoSystems() Returns a list of supported or suggested crypto systems.
	CryptoTokenPrivateKeyData	injectECPrivateKey(CryptoTokenCryptoSystemData cryptoSystemData, byte[] data) Inserts the specified private key data onto the crypto token.
	CryptoTokenPublicKeyData	injectECPublicKey(CryptoTokenCryptoSystemData cryptoSystemData, byte[] data) Inserts the specified public key data onto the crypto token.
	boolean	isECCCryptoSystemTypePrime(CryptoTokenCryptoSystemData cryptoTokenData) Returns true if this system's curve is a prime curve.
	boolean	isSupported(CryptoSystem cryptoSystem, int operation) Indicates whether the chosen operation is supported by this CryptoToken using the provided CryptoSytem.
	boolean	providesUserAuthentication() Returns true if the token provides its own user authentication checks, eg a smartcard will prompt for a password before allowing access to the keys.
	void	signECDSA(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData, CryptoTokenPrivateKeyData cryptoTokenPrivateKeyData, byte[] digest, int digestOffset, int digestLength, byte[] r, int rOffset, byte[] s, int sOffset) Generates an ECDSA signature.
	void	signECDSA(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData, CryptoTokenPrivateKeyData cryptoTokenPrivateKeyData, byte[] digest, int digestOffset, int digestLength, byte[] r, int rOffset, byte[] s, int sOffset, Object context) Generates an ECDSA signature.
	void	signECNR(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData, CryptoTokenPrivateKeyData cryptoTokenPrivateKeyData, byte[] digest, int digestOffset, int digestLength, byte[] r, int rOffset, byte[] s, int sOffset) Generates an ECNR signature.
	void	verifyECCryptoSystemData(CryptoTokenCryptoSystemData cryptoSystemData) Checks the validity of the crypto system parameters represented by this token.
	boolean	verifyECDSA(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData, CryptoTokenPublicKeyData cryptoTokenPublicKeyData, byte[] digest, int digestOffset, int digestLength, byte[] r, int rOffset, byte[] s, int sOffset) Verifies an ECDSA signature.
	boolean	verifyECNR(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData, CryptoTokenPublicKeyData cryptoTokenPublicKeyData, byte[] digest, int digestOffset, int digestLength, byte[] r, int rOffset, byte[] s, int sOffset) Verifies an ECNR signature.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ECCryptoToken

protected ECCryptoToken()

Creates a new ECCryptoToken object.

This constructor is not used.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

Method Detail

getAlgorithm

public final String getAlgorithm()

Returns the algorithm supported by this token, ie "EC".

This method will always return the String "EC".

Specified by:

getAlgorithm in interface CryptoToken

Returns:

A String that represents the name of the algorithm.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

providesUserAuthentication

public boolean providesUserAuthentication()

Returns true if the token provides its own user authentication checks, eg a smartcard will prompt for a password before allowing access to the keys. This default implementation returns false.

Specified by:

providesUserAuthentication in interface CryptoToken

Returns:

true if the user will be authenticated by the token itself.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

getECCryptoSystemName

public String getECCryptoSystemName(CryptoTokenCryptoSystemData cryptoTokenData)
                             throws CryptoTokenException,
                                    CryptoUnsupportedOperationException

Returns a String that indicates the name of the elliptic curve, eg "EC163K1".

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

A String representing the name of the crypto system.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

getECCryptoSystemBitLength

public int getECCryptoSystemBitLength(CryptoTokenCryptoSystemData cryptoTokenData)
                               throws CryptoTokenException,
                                      CryptoUnsupportedOperationException

Returns the length (in bits) of the field for this system's curve. Notice that the "field" refers to the finite field that the elliptic curve is defined over and the length refers to either the size of the prime or the degree of the irreducible polynomial that helps define the field.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

An integer representing the bit length of the system.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

getECCryptoSystemFieldLength

public int getECCryptoSystemFieldLength(CryptoTokenCryptoSystemData cryptoTokenData)
                                 throws CryptoTokenException,
                                        CryptoUnsupportedOperationException

Returns the length (in bytes) of the field for this system's curve. Notice that the "field" refers to the finite field that the elliptic curve is defined over and the length refers to either the size of the prime or the degree of the irreducible polynomial that helps define the field.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

An integer that represents the field length.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

getECCryptoSystemBasePoint

public byte[] getECCryptoSystemBasePoint(CryptoTokenCryptoSystemData cryptoTokenData)
                                  throws CryptoTokenException,
                                         CryptoUnsupportedOperationException

This function returns the base point of this elliptic curve.

Returns:

a byte[] of the base point for the elliptic curve.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 4.1.0

getECCryptoSystemGroupOrder

public byte[] getECCryptoSystemGroupOrder(CryptoTokenCryptoSystemData cryptoTokenData)
                                   throws CryptoTokenException,
                                          CryptoUnsupportedOperationException

This functions returns the number of points in the group generated by the base point of this elliptic curve.

Returns:

a byte[] containing the group order

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 4.1.0

getECCryptoSystemA

public byte[] getECCryptoSystemA(CryptoTokenCryptoSystemData cryptoTokenData)
                          throws CryptoTokenException,
                                 CryptoUnsupportedOperationException

This functions returns the "a" coefficient of this elliptic curve, defined by the equation y^2 = x^3 + ax + b ( in the F_p case ) or y^2 + xy = x^3 + ax^2 + b ( in the F_2^m case ). For more information see FIPS 186-2 or P1363.

Returns:

a byte[] containing the a coefficient

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 4.1.0

getECCryptoSystemB

public byte[] getECCryptoSystemB(CryptoTokenCryptoSystemData cryptoTokenData)
                          throws CryptoTokenException,
                                 CryptoUnsupportedOperationException

This functions returns the "b" coefficient of this elliptic curve, defined by the equation y^2 = x^3 + ax + b ( in the F_p case ) or y^2 + xy = x^3 + ax^2 + b ( in the F_2^m case ). For more information see FIPS 186-2 or P1363.

Returns:

a byte[] containing the b coefficient

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 4.1.0

getECCryptoSystemCofactor

public byte[] getECCryptoSystemCofactor(CryptoTokenCryptoSystemData cryptoTokenData)
                                 throws CryptoTokenException,
                                        CryptoUnsupportedOperationException

This functions returns the cofactor of this elliptic curve.

Returns:

a byte[] containing the cofactor

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 4.1.0

getECCryptoSystemFieldReductor

public byte[] getECCryptoSystemFieldReductor(CryptoTokenCryptoSystemData cryptoTokenData)
                                      throws CryptoTokenException,
                                             CryptoUnsupportedOperationException

This functions returns the field reductor of this elliptic curve. If the elliptic curve is defined by the equation y^2 = x^3 + ax + b ( in the F_p case ) then this function returns "p" otherwise, if it is defined by the equation y^2 + xy = x^3 + ax^2 + b ( in the F_2^m case ) then it returns the irreducible polynomial that defines the field. For more information see FIPS 186-2 or P1363.

Returns:

a byte[] containing the field reductor

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 4.1.0

getECPublicKeyLength

public int getECPublicKeyLength(CryptoTokenCryptoSystemData cryptoTokenData,
                                boolean compressed)
                         throws CryptoTokenException,
                                CryptoUnsupportedOperationException

Returns the length (in bytes) of the public key for this system's curve when the public key is encoded as an ANSI X9.62 ECPoint object.

Parameters:

cryptoTokenData - The data associated with the crypto token.

compressed - Specifies if the length returned is referring to the public key in its compressed form, or in its uncompressed form. This compression is outlined in ANSI X9.62

Returns:

An integer that represents the field length.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

getECPrivateKeyLength

public int getECPrivateKeyLength(CryptoTokenCryptoSystemData cryptoTokenData)
                          throws CryptoTokenException,
                                 CryptoUnsupportedOperationException

Returns the length (in bytes) of the private key for this system's curve. Note that the private key is an element of the finite field that the elliptic curve is defined over.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

An integer representing the length of the key.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

isECCCryptoSystemTypePrime

public boolean isECCCryptoSystemTypePrime(CryptoTokenCryptoSystemData cryptoTokenData)
                                   throws CryptoTokenException,
                                          CryptoUnsupportedOperationException

Returns true if this system's curve is a prime curve. Returns false if this system's curve is a binary curve.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

true for prime curve, false for binary curve

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 5.0.0

extractECPublicKeyData

public byte[] extractECPublicKeyData(CryptoTokenPublicKeyData cryptoTokenData)
                              throws CryptoTokenException,
                                     CryptoUnsupportedOperationException

Returns the EC public key data which is encoded as an ANSI X9.62 ECPoint object.

The public key should be compressed if possible.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

A byte array containing the public key data.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

extractECPublicKeyData

public byte[] extractECPublicKeyData(CryptoTokenPublicKeyData cryptoTokenData,
                                     boolean compress)
                              throws CryptoTokenException,
                                     CryptoUnsupportedOperationException

Returns the public key data which is encoded as an ANSI X9.62 ECPoint object.

Parameters:

cryptoTokenData - The data associated with the crypto token.

compress - Specifies whether or no the returned data is in compressed form or not. If this boolean is set to true, the data will be compressed, otherwise it won't be. This compression is outlined in ANSI X9.62

Returns:

A byte array containing the EC public key data.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

extractECPublicKeyData

public byte[] extractECPublicKeyData(CryptoTokenPrivateKeyData cryptoTokenData)
                              throws CryptoTokenException,
                                     CryptoUnsupportedOperationException

Returns the public key data which is encoded as an ANSI X9.62 ECPoint object and preferably compressed. If the data is compressed, it is compressed as per the ANSI X9.62 method.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

A byte array containing the public key data.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

extractECPublicKeyData

public byte[] extractECPublicKeyData(CryptoTokenPrivateKeyData cryptoTokenData,
                                     boolean compress)
                              throws CryptoTokenException,
                                     CryptoUnsupportedOperationException

Returns the public key data which is encoded as an ANSI X9.62 ECPoint object.

Parameters:

cryptoTokenData - The data associated with the crypto token.

compress - Specifies if the data returned is compressed using the ANSI X9.62 format. If the boolean is set to true, compression takes place, otherwise it is returned in uncompressed form.

Returns:

A byte array containing the public key data.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

extractECPrivateKeyData

public byte[] extractECPrivateKeyData(CryptoTokenPrivateKeyData cryptoTokenData)
                               throws CryptoTokenException,
                                      CryptoUnsupportedOperationException

Returns the private key data. Note that the private key data is an element of the finite field that the elliptic curve is defined over.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

A byte array containing the private key data.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

getSuggestedECCryptoSystems

public ECCryptoSystem[] getSuggestedECCryptoSystems()
                                             throws CryptoTokenException,
                                                    CryptoUnsupportedOperationException

Returns a list of supported or suggested crypto systems.

This list does not have to be exhaustive.

Returns:

An array containing the list of crypto systems.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

getECCryptoSystemData

public CryptoTokenCryptoSystemData getECCryptoSystemData(String name)
                                                  throws CryptoTokenException,
                                                         CryptoUnsupportedOperationException,
                                                         UnsupportedCryptoSystemException

Creates a crypto system associated with this token.

Parameters:

name - A String that represents the name of the crypto system.

Returns:

The crypto system data.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

UnsupportedCryptoSystemException - Thrown if the specified crypto system is invalid.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

verifyECCryptoSystemData

public void verifyECCryptoSystemData(CryptoTokenCryptoSystemData cryptoSystemData)
                              throws CryptoTokenException,
                                     CryptoUnsupportedOperationException,
                                     InvalidCryptoSystemException

Checks the validity of the crypto system parameters represented by this token.

This method is called by ECCryptoSystem.verify() after it has gone through the integrity tests for the ECCryptoSystem object.

Parameters:

cryptoSystemData - The crypto system data to be verified.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

InvalidCryptoSystemException - Thrown if the specified crypto system is improperly formatted or invalid.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

createECKeyPair

public ECKeyPair createECKeyPair(CryptoTokenCryptoSystemData cryptoTokenData)
                          throws CryptoTokenException,
                                 CryptoUnsupportedOperationException

Returns the EC key pair associated with the crypto token.

Parameters:

cryptoTokenData - The data associated with the crypto token.

Returns:

The EC key pair.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

injectECPublicKey

public CryptoTokenPublicKeyData injectECPublicKey(CryptoTokenCryptoSystemData cryptoSystemData,
                                                  byte[] data)
                                           throws InvalidKeyException,
                                                  CryptoTokenException,
                                                  CryptoUnsupportedOperationException

Inserts the specified public key data onto the crypto token.

Parameters:

cryptoSystemData - The crypto system data.

data - A byte array containing the key data which is encoded as an ANSI X9.62 ECPoint object.

Returns:

The public key data.

Throws:

InvalidKeyException - Thrown if the specified key data is improperly formatted or invalid.

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

injectECPrivateKey

public CryptoTokenPrivateKeyData injectECPrivateKey(CryptoTokenCryptoSystemData cryptoSystemData,
                                                    byte[] data)
                                             throws InvalidKeyException,
                                                    CryptoTokenException,
                                                    CryptoUnsupportedOperationException

Inserts the specified private key data onto the crypto token.

Parameters:

cryptoSystemData - The crypto system data.

data - A byte array containing the key data. Note that the private key is an element of the finite field that the elliptic curve is defined over.

Returns:

The private key data.

Throws:

InvalidKeyException - Thrown if the specified key data is improperly formatted or invalid.

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

deleteECPublicKey

public void deleteECPublicKey(CryptoTokenPublicKeyData data)
                       throws CryptoTokenException,
                              CryptoUnsupportedOperationException

Delete the specified key on the crypto token.

Parameters:

data - The key data contained within the token.

Throws:

CryptoTokenException - Thrown if an error occurs with a crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

deleteECPrivateKey

public void deleteECPrivateKey(CryptoTokenPrivateKeyData data)
                        throws CryptoTokenException,
                               CryptoUnsupportedOperationException

Delete the specified key on the crypto token.

Parameters:

data - The key data contained within the token.

Throws:

CryptoTokenException - Thrown if an error occurs with a crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

generateECDHSharedSecret

public byte[] generateECDHSharedSecret(CryptoTokenCryptoSystemData cryptoSystemData,
                                       CryptoTokenPrivateKeyData localPrivateKeyData,
                                       byte[] remotePublicKeyData,
                                       boolean useCofactor)
                                throws InvalidCryptoSystemException,
                                       CryptoTokenException,
                                       CryptoUnsupportedOperationException

Generates the shared secret for elliptic curve Diffie-Hellman key agreement using a given public key (from another party) and a private key.

Parameters:

cryptoSystemData - The data associated with the crypto token.

localPrivateKeyData - The local private key data to use.

remotePublicKeyData - The public key data to use which is encoded as an ANSI X9.62 ECPoint object.

useCofactor - Determines if the cofactor will be used or not in the calculations. True if the cofactor is used, false otherwise.

Returns:

A byte array containing the shared secret. This is the raw shared secret which the user can then put into any suitable PseudoRandomSource to generate a symmetric key, etc. Note that the raw shared secret is a field element of the finite field the elliptic curve is defined over.

Throws:

InvalidCryptoSystemException - Thrown if the specified crypto system is invalid.

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

signECDSA

public void signECDSA(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData,
                      CryptoTokenPrivateKeyData cryptoTokenPrivateKeyData,
                      byte[] digest,
                      int digestOffset,
                      int digestLength,
                      byte[] r,
                      int rOffset,
                      byte[] s,
                      int sOffset)
               throws CryptoTokenException,
                      CryptoUnsupportedOperationException

Generates an ECDSA signature.

Parameters:

cryptoTokenCryptoSystemData - The data associated with the crypto token.

cryptoTokenPrivateKeyData - The private key data associated with the crypto token.

digest - The digest data to be signed.

digestOffset - The offset, or start position, of the digest data within the buffer.

digestLength - The length of the digest to be signed, in bytes.

r - A buffer to hold return result of r. Note that r is an element of the finite field that the elliptic curve is defined over.

rOffset - The offset, or start position, of the data within the buffer r.

s - A buffer to hold return result of s. Note that s is an element of the finite field that the elliptic curve is defined over.

sOffset - The offset, or start position, to begin the writing the result s within the buffer s.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

signECDSA

public void signECDSA(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData,
                      CryptoTokenPrivateKeyData cryptoTokenPrivateKeyData,
                      byte[] digest,
                      int digestOffset,
                      int digestLength,
                      byte[] r,
                      int rOffset,
                      byte[] s,
                      int sOffset,
                      Object context)
               throws CryptoTokenException,
                      CryptoUnsupportedOperationException

Generates an ECDSA signature. This function is intended to be used by the user authenticator framework.

Parameters:

cryptoTokenCryptoSystemData - The data associated with the crypto token.

cryptoTokenPrivateKeyData - The private key data associated with the crypto token.

digest - The digest data to be signed.

digestOffset - The offset, or start position, of the digest data within the buffer.

digestLength - The length of the digest to be signed, in bytes.

r - A buffer to hold return result of r. Note that r is an element of the finite field that the elliptic curve is defined over.

rOffset - The offset, or start position, of the data within the buffer r.

s - A buffer to hold return result of s. Note that s is an element of the finite field that the elliptic curve is defined over.

sOffset - The offset, or start position, to begin the writing the result s within the buffer s.

context - The context object.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 4.2.0

verifyECDSA

public boolean verifyECDSA(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData,
                           CryptoTokenPublicKeyData cryptoTokenPublicKeyData,
                           byte[] digest,
                           int digestOffset,
                           int digestLength,
                           byte[] r,
                           int rOffset,
                           byte[] s,
                           int sOffset)
                    throws CryptoTokenException,
                           CryptoUnsupportedOperationException

Verifies an ECDSA signature.

Parameters:

cryptoTokenCryptoSystemData - The data associated with the crypto token.

cryptoTokenPublicKeyData - The private key data associated with the crypto token.

digest - The digest data to be verified.

digestOffset - The offset, or start position, of the digest data within the buffer.

digestLength - The length of the digest to be signed, in bytes.

r - A buffer to hold return result of r. Note that r is an element of the finite field that the elliptic curve is defined over.

rOffset - The offset, or start position, of the data within the buffer r.

s - A buffer to hold return result of s. Note that s is an element of the finite field that the elliptic curve is defined over.

sOffset - The offset, or start position, to begin the writing the result s within the buffer s.

Returns:

A boolean that determines the validity of the signature.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

generateECMQVSharedSecret

public byte[] generateECMQVSharedSecret(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData,
                                        CryptoTokenPrivateKeyData cryptoTokenLocalStaticPrivateKeyData,
                                        CryptoTokenPrivateKeyData cryptoTokenLocalEphemeralPrivateKeyData,
                                        CryptoTokenPublicKeyData cryptoTokenLocalEphemeralPublicKeyData,
                                        byte[] remoteStaticPublicKeyData,
                                        byte[] remoteEphemeralPublicKeyData,
                                        boolean useCofactor)
                                 throws InvalidCryptoSystemException,
                                        CryptoTokenException,
                                        CryptoUnsupportedOperationException

Generates the shared secret using the elliptic curve key agreement developed by Menezes, Qu, and Vanstone.

Parameters:

cryptoTokenCryptoSystemData - The crypto system data associated with the crypto token.

cryptoTokenLocalStaticPrivateKeyData - The local private key data.

cryptoTokenLocalEphemeralPrivateKeyData - The local ephemeral private key data.

cryptoTokenLocalEphemeralPublicKeyData - The local ephemeral public key data.

remoteStaticPublicKeyData - The remote public key data which is encoded as an ANSI X9.62 ECPoint object.

remoteEphemeralPublicKeyData - The remote ephemeral public key data which is encoded as an ANSI X9.62 ECPoint object.

useCofactor - The boolean that determines if the cofactor will be used in the calculations

Returns:

A byte array containing the shared secret. Note that this is the raw shared secret. The user can then pass this byte array into any PseudoRandomSource that they desire. Note also that the raw shared secret is an element of the finite field that the elliptic curve is defined over.

Throws:

InvalidCryptoSystemException - Thrown if the specified crypto system is invalid.

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

signECNR

public void signECNR(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData,
                     CryptoTokenPrivateKeyData cryptoTokenPrivateKeyData,
                     byte[] digest,
                     int digestOffset,
                     int digestLength,
                     byte[] r,
                     int rOffset,
                     byte[] s,
                     int sOffset)
              throws CryptoTokenException,
                     CryptoUnsupportedOperationException

Generates an ECNR signature.

Parameters:

cryptoTokenCryptoSystemData - The crypto system data associated with the crypto token.

cryptoTokenPrivateKeyData - The private key data.

digest - The digest data to be signed.

digestOffset - The offset in the digest buffer where digest data begins.

digestLength - The length of the digest to be signed.

r - A buffer to hold return result of r. Note that r is an element of the finite field that the elliptic curve is defined over.

rOffset - The offset to begin the writing the result r in the buffer r.

s - A buffer to hold return result of s. Note that s is an element of the finite field that the elliptic curve is defined over.

sOffset - The offset to begin the writing the result s in the buffer s.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if the specified crypto system data is invalid.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

verifyECNR

public boolean verifyECNR(CryptoTokenCryptoSystemData cryptoTokenCryptoSystemData,
                          CryptoTokenPublicKeyData cryptoTokenPublicKeyData,
                          byte[] digest,
                          int digestOffset,
                          int digestLength,
                          byte[] r,
                          int rOffset,
                          byte[] s,
                          int sOffset)
                   throws CryptoTokenException,
                          CryptoUnsupportedOperationException

Verifies an ECNR signature.

Parameters:

cryptoTokenCryptoSystemData - The crypto system data associated with the crypto token.

cryptoTokenPublicKeyData - An EC public key.

digest - The digest data to be signed.

digestOffset - The offset in the digest buffer where digest data begins.

digestLength - The length of the digest to be signed.

r - A buffer to hold return result of r. Note that r is an element of the finite field that the elliptic curve is defined over.

rOffset - The offset to begin the writing the result r in the buffer r.

s - A buffer to return the result of s. Note that s is an element of the finite field that the elliptic curve is defined over.

sOffset - The offset to begin the writing the result s in the buffer s.

Returns:

A boolean that determines the validity of the signature.

Throws:

CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.

CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0

isSupported

public boolean isSupported(CryptoSystem cryptoSystem,
                           int operation)

Indicates whether the chosen operation is supported by this CryptoToken using the provided CryptoSytem.

Specified by:

isSupported in interface AsymmetricCryptoToken

Parameters:

cryptoSystem - The CryptoSystem to check against.

operation - An integer, either KEY_GENERATION, PUBLIC_KEY_OPERATION, PRIVATE_KEY_OPERATION, or some other value specific to the cryptosystem that indicates the operation to be checked.

Category:

Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.

Since:

BlackBerry API 3.6.0