SunSPOT host API V3.0


com.sun.squawk.security.signing
Class SigningService

java.lang.Object
  extended by com.sun.squawk.security.signing.SigningService

public final class SigningService
extends Object

The SigningService class is used to sign suites and other data on the desktop using the SDK private key.
It also allows retrieving the public key from the keyfile.

Author:
Vipul Gupta, Christian Pühringer

Field Summary
static String FORMAT_VERSION
           
 
Method Summary
 void generateKeyPair()
          Generates a new SDK key pair and saves it into the keyfile specified in the constructor.
 byte[] getCertBytes()
          The SDK public key is encoded as a self-signed X.509 certificate and the bytes corresponding to the certificate's DER encoding are returned.
static SigningService getInstance()
          Get the singleton instance of this class.
 byte[] getPublicKeyBytes()
          Returns encoded SDK public key.
 boolean hasNoSDKKey()
          To determine whether a private key was loaded.
 byte[] mkECCertBytes(String subjectCN, ECPublicKey pub)
          Creates an X.509 certificate for the given subject and key that is signed by the SDK's private key.
static void setKeyDirectoryName(String keyDirectoryName)
          Sets the directory where the key file (sdk.key) resides.
 byte[] sign(byte[] data)
          Signs the input byte array (which might contain a suite or a command) with the SDK's private key and returns the DER-encoded ECDSA signature.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

FORMAT_VERSION

public static final String FORMAT_VERSION
See Also:
Constant Field Values
Method Detail

setKeyDirectoryName

public static void setKeyDirectoryName(String keyDirectoryName)
Sets the directory where the key file (sdk.key) resides. Must be called before using any of the other SigningService methods.

Parameters:
keyDirectoryName - the directory where the keyfile is located

getInstance

public static SigningService getInstance()
                                  throws SigningServiceException
Get the singleton instance of this class. First access triggers loading of the keys from the key file set by setKeydDirectoryName. If the keyfile does not exist a new keyfile is created.

Returns:
The singleton instance
Throws:
SigningServiceException

sign

public byte[] sign(byte[] data)
            throws SigningServiceException
Signs the input byte array (which might contain a suite or a command) with the SDK's private key and returns the DER-encoded ECDSA signature.

Parameters:
data - to be signed
Returns:
signature
Throws:
SigningServiceException

getPublicKeyBytes

public byte[] getPublicKeyBytes()
                         throws SigningServiceException
Returns encoded SDK public key. For elliptic curve keys, the encoding consists of the byte 0x04 (for uncompressed point) followed by the X9.62 octet encodings of the x and y coordinates.

Returns:
The SDKs public key
Throws:
SigningServiceException

getCertBytes

public byte[] getCertBytes()
                    throws SigningServiceException
The SDK public key is encoded as a self-signed X.509 certificate and the bytes corresponding to the certificate's DER encoding are returned.

Returns:
bytes in the DER encoding of the SDK's self-signed X.509 certificate
Throws:
SigningServiceException

generateKeyPair

public void generateKeyPair()
                     throws SigningServiceException
Generates a new SDK key pair and saves it into the keyfile specified in the constructor.

Throws:
SigningServiceException

hasNoSDKKey

public boolean hasNoSDKKey()
To determine whether a private key was loaded.

Returns:
false if keyfile does not exist or private key is not initialized

mkECCertBytes

public byte[] mkECCertBytes(String subjectCN,
                            ECPublicKey pub)
                     throws Exception
Creates an X.509 certificate for the given subject and key that is signed by the SDK's private key.

Parameters:
subjectCN - String to be placed in the common name part of the subject's distinguished name
pub - Public key associated with the subject
Returns:
a byte array containing the DER encoding of the X.509 certificate
Throws:
an - Exception if there is a problem creating in the certificate
Exception

SunSPOT host API V3.0


Copyright © 2006, 2007 Sun Microsystems, Inc. All Rights Reserved.