| Package | Description |
|---|---|
| org.unitedid.yhsm | |
| org.unitedid.yhsm.internal | |
| org.unitedid.yhsm.utility |
| Modifier and Type | Method and Description |
|---|---|
boolean |
YubiHSM.compareAES_ECB(int keyHandle,
String cipherText,
String plaintext)
AES ECB decrypt a cipher text using a specific key handle, and then compare it with the supplied plaintext.
|
Map<String,Integer> |
YubiHSM.decodeYubikeyOtp(String publicId,
int keyHandle,
String aead,
String otp)
Decrypt a YubiKey OTP using an AEAD.
|
String |
YubiHSM.decryptAES_ECB(String cipherText,
int keyHandle)
AES ECB decrypt a cipher text using a specific key handle.
|
String |
YubiHSM.encryptAES_ECB(String plaintext,
int keyHandle)
AES ECB encrypt a plaintext string using a specific key handle.
|
Map<String,String> |
YubiHSM.generateAEAD(String nonce,
int keyHandle,
byte[] data)
Generate AEAD block from the data for a specific key handle and nonce.
|
Map<String,String> |
YubiHSM.generateAEAD(String nonce,
int keyHandle,
String data)
Generate AEAD block from the data for a specific key handle and nonce.
|
Map<String,String> |
YubiHSM.generateBufferAEAD(String nonce,
int keyHandle)
Generate AEAD block of data buffer for a specific key.
|
byte[] |
YubiHSM.generateHMACSHA1(byte[] bytes,
int keyHandle,
boolean toBuffer)
Generate HMAC SHA1 using a key handle in the YubiHSM.
|
Map<String,String> |
YubiHSM.generateHMACSHA1(byte[] data,
int keyHandle,
boolean last,
boolean toBuffer)
Generate HMAC SHA1 using a key handle in the YubiHSM.
|
Map<String,String> |
YubiHSM.generateHMACSHA1(byte[] data,
int keyHandle,
byte flags,
boolean last,
boolean toBuffer)
Generate HMAC SHA1 using a key handle in the YubiHSM.
|
Map<String,String> |
YubiHSM.generateHMACSHA1(String data,
int keyHandle,
boolean last,
boolean toBuffer)
Generate HMAC SHA1 using a key handle in the YubiHSM.
|
Map<String,String> |
YubiHSM.generateHMACSHA1(String data,
int keyHandle,
byte flags,
boolean last,
boolean toBuffer)
Generate HMAC SHA1 using a key handle in the YubiHSM.
|
Map<String,String> |
YubiHSM.generateHMACSHA1Next(byte[] data,
int keyHandle,
boolean last,
boolean toBuffer)
Add more input to the HMAC SHA1, used after calling
YubiHSM.generateHMACSHA1(byte[], int, boolean) with last set to false. |
Map<String,String> |
YubiHSM.generateHMACSHA1Next(String data,
int keyHandle,
boolean last,
boolean toBuffer)
Add more input to the HMAC SHA1, used after calling
YubiHSM.generateHMACSHA1(byte[], int, boolean) with last set to false. |
String |
YubiHSM.generateOathAEAD(String nonce,
int keyHandle,
String tokenSeed)
Generate AEAD block which can be used for OATH OTP validation, see
validateOathHOTP and
validateOathTOTP. |
Map<String,String> |
YubiHSM.generateRandomAEAD(String nonce,
int keyHandle,
int length)
Generate a random AEAD block using the YubiHSM internal TRNG.
|
byte[] |
YubiHSM.getRandom(int bytes)
Tell the YubiHSM to generate a number of random bytes.
|
boolean |
YubiHSM.keyStorageUnlock(String password)
Unlock the YubiHSM key storage using the HSM password.
|
boolean |
YubiHSM.keyStoreDecrypt(String key)
Decrypt the YubiHSM key storage using the Master key.
|
boolean |
YubiHSM.loadTemporaryKey(String nonce,
int keyHandle,
String aead)
Load the content of an AEAD into the phantom key handle 0xffffffff.
|
boolean |
YubiHSM.randomReseed(String seed)
Provide YubiHSM DRBG_CTR with a new seed.
|
boolean |
YubiHSM.unlock(String password)
Generic key store unlock method that calls the appropriate unlock function for this YubiHSM.
|
boolean |
YubiHSM.unlockOtp(String publicId,
String otp)
Have the YubiHSM unlock the HSM operations (those involving the keystore) with a YubiKey OTP.
|
boolean |
YubiHSM.validateAEAD(String nonce,
int keyHandle,
String aead,
byte[] plaintext)
Validate an AEAD using the YubiHSM, matching it against some known plain text.
|
boolean |
YubiHSM.validateAEAD(String nonce,
int keyHandle,
String aead,
String plaintext)
Validate an AEAD using the YubiHSM, matching it against some known plain text.
|
int |
YubiHSM.validateOathHOTP(int keyHandle,
String nonce,
String aead,
int counter,
String otp,
int lookAhead)
Validate OATH-HOTP by a token whose seed is available to the YubiHSM through an AEAD.
|
boolean |
YubiHSM.validateOathTOTP(int keyHandle,
String nonce,
String aead,
String otp)
Validate OATH-TOTP by a token whose seed is available to the YubiHSM through an AEAD.
|
boolean |
YubiHSM.validateOathTOTP(int keyHandle,
String nonce,
String aead,
String otp,
int period,
int drift,
int backwardDrift,
int forwardDrift)
Validate OATH-TOTP by a token whose seed is available to the YubiHSM through an AEAD.
|
| Modifier and Type | Method and Description |
|---|---|
static boolean |
AESECBCmd.compare(DeviceHandler deviceHandler,
int keyHandle,
String cipherText,
String plaintext)
AES ECB decrypt a cipher text using a specific key handle, and then compare it with the supplied plaintext.
|
static String |
AESECBCmd.decrypt(DeviceHandler deviceHandler,
int keyHandle,
String cipherText)
AES ECB decrypt a cipher text using a specific key handle.
|
static String |
AESECBCmd.encrypt(DeviceHandler deviceHandler,
int keyHandle,
String plaintext)
AES ECB encrypt a plaintext string using a specific key handle.
|
static byte[] |
HMACCmd.execHMACSHA1_Raw(DeviceHandler deviceHandler,
byte[] data,
int keyHandle,
byte flags)
Generate HMAC SHA1 using a key handle in the YubiHSM.
|
static byte[] |
RandomCmd.execute(DeviceHandler device,
int bytes)
Tell the YubiHSM to generate a number of random bytes.
|
static boolean |
RandomReseedCmd.execute(DeviceHandler device,
String seed)
Provide YubiHSM DRBG_CTR with a new seed.
|
static boolean |
KeyStoreDecryptCmd.execute(DeviceHandler device,
String key) |
static boolean |
KeyStorageUnlockCmd.execute(DeviceHandler device,
String password)
Unlock the YubiHSM key storage using the HSM password.
|
static boolean |
LoadTemporaryKeyCmd.execute(DeviceHandler device,
String nonce,
int keyHandle,
String aead)
Load the content of an AEAD into the phantom key handle 0xffffffff.
|
static Map<String,Integer> |
YubikeyOtpDecodeCmd.execute(DeviceHandler device,
String publicId,
int keyHandle,
String aead,
String otp)
Load the content of an AEAD into the phantom key handle 0xffffffff.
|
static Map<String,String> |
AEADCmd.generateAEAD(DeviceHandler device,
String nonce,
int keyHandle,
byte[] data)
Generate AEADCmd block from data for a specific key and nonce.
|
static Map<String,String> |
AEADCmd.generateBufferAEAD(DeviceHandler device,
String nonce,
int keyHandle)
Generate AEAD block of data buffer for a specific key.
|
static Map<String,String> |
HMACCmd.generateHMACSHA1(DeviceHandler deviceHandler,
byte[] data,
int keyHandle,
byte flags,
boolean last,
boolean toBuffer)
Generate HMAC SHA1 using a key handle in the YubiHSM.
|
static Map<String,String> |
AEADCmd.generateRandomAEAD(DeviceHandler device,
String nonce,
int keyHandle,
int size)
Generate a random AEAD block using the YubiHSM internal TRNG.
|
static String |
OATH.HOTP(YubiHSM hsm,
int keyHandle,
String nonce,
String aead,
int counter,
String otp)
Validate OTP by a token whose seed is available to the YubiHSM through an AEAD.
|
static Map<String,String> |
HMACCmd.next(DeviceHandler deviceHandler,
byte[] data,
int keyHandle,
boolean last,
boolean toBuffer)
Add more input to the HMAC SHA1.
|
static String |
OATH.truncate(String hmac,
int otpLength)
Truncate HMAC to an OTP code
|
static boolean |
HsmUnlockCmd.unlockOtp(DeviceHandler device,
String publicId,
String otp)
Have the YubiHSM unlock the HSM operations (those involving the keystore) with a YubiKey OTP.
|
static boolean |
AEADCmd.validateAEAD(DeviceHandler device,
String nonce,
int keyHandle,
String aead,
byte[] plaintext)
Validate an AEAD using the YubiHSM, matching it against some known plain text.
|
static int |
OATH.validateHOTP(YubiHSM hsm,
int keyHandle,
String nonce,
String aead,
int counter,
String otp,
int lookAhead)
Validate OATH-HOTP OTP by a token whose seed is available to the YubiHSM through an AEAD.
|
static boolean |
OATH.validateTOTP(YubiHSM hsm,
int keyHandle,
String nonce,
String aead,
String otp,
int period,
int drift,
int backwardDrift,
int forwardDrift)
Validate OATH-TOTP OTP by a token whose seed is available to the YubiHSM through an AEAD.
|
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
Utils.hexToByteArray(String hex) |
static byte[] |
Utils.validateByteArray(String name,
byte[] data,
int maxLength,
int exactLength,
int paddingLength) |
static byte[] |
Utils.validateNonce(byte[] nonce,
boolean padding) |
static String |
Utils.validateString(String name,
String data,
int maxLength,
int exactLength) |
Copyright © 2011-2016 United ID. All Rights Reserved.