.. java:import:: org.json JSONObject .. java:import:: java.math BigInteger .. java:import:: java.nio.charset Charset .. java:import:: java.security ProviderException PrivateKey ========== .. java:package:: com.idopte.scmapi :noindex: .. java:type:: public class PrivateKey extends Key implements java.security.interfaces.RSAPrivateCrtKey Class describes a private key object. Inherits from \ :java:ref:`Key`\ and implements from \ :java:ref:`java.security.interfaces.RSAPrivateCrtKey`\ . Note that the constructor is not intended to be called by user code. Such objects are constructed internally by the API. Methods ------- decrypt ^^^^^^^ .. java:method:: public byte[] decrypt(byte[] data) throws SCMException :outertype: PrivateKey Decrypts the provided data using a private key. The operation will use PKCS#1 padding. :param data: bytearray containing the ciphertext data to decrypt. :return: a bytearray containing the plaintext data. getActualModulus ^^^^^^^^^^^^^^^^ .. java:method:: public BigInteger getActualModulus() :outertype: PrivateKey Gets the modulus. :return: the modulus. getActualPublicExponent ^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public BigInteger getActualPublicExponent() :outertype: PrivateKey Gets the public exponent. :return: the public exponent. getAlgorithm ^^^^^^^^^^^^ .. java:method:: @Override public String getAlgorithm() :outertype: PrivateKey Not implemented. :return: ``null``. getCrtCoefficient ^^^^^^^^^^^^^^^^^ .. java:method:: @Override public BigInteger getCrtCoefficient() :outertype: PrivateKey The private key is not extractable from the card, thus this method is not available. :throws ProviderException: always. getEncoded ^^^^^^^^^^ .. java:method:: @Override public byte[] getEncoded() :outertype: PrivateKey The private key is not extractable from the card, thus this method is not available. :throws ProviderException: always. getFormat ^^^^^^^^^ .. java:method:: @Override public String getFormat() :outertype: PrivateKey Returns the name of the primary encoding format of this key (null for a private key). getModulus ^^^^^^^^^^ .. java:method:: @Override public BigInteger getModulus() :outertype: PrivateKey Because of the constraints imposed by Java Cryptography Architecture (JCA) and its provider, this method is not available. However, to get the modulus, you can use \ :java:ref:`PrivateKey.getActualModulus()`\ method. :return: ``null``. getPrimeExponentP ^^^^^^^^^^^^^^^^^ .. java:method:: @Override public BigInteger getPrimeExponentP() :outertype: PrivateKey The private key is not extractable from the card, thus this method is not available. :throws ProviderException: always. getPrimeExponentQ ^^^^^^^^^^^^^^^^^ .. java:method:: @Override public BigInteger getPrimeExponentQ() :outertype: PrivateKey The private key is not extractable from the card, thus this method is not available. :throws ProviderException: always. getPrimeP ^^^^^^^^^ .. java:method:: @Override public BigInteger getPrimeP() :outertype: PrivateKey The private key is not extractable from the card, thus this method is not available. :throws ProviderException: always. getPrimeQ ^^^^^^^^^ .. java:method:: @Override public BigInteger getPrimeQ() :outertype: PrivateKey The private key is not extractable from the card, thus this method is not available. :throws ProviderException: always. getPrivateExponent ^^^^^^^^^^^^^^^^^^ .. java:method:: @Override public BigInteger getPrivateExponent() :outertype: PrivateKey The private key is not extractable from the card, thus this method is not available. :throws ProviderException: always. getPublicExponent ^^^^^^^^^^^^^^^^^ .. java:method:: @Override public BigInteger getPublicExponent() :outertype: PrivateKey Because of the constraints imposed by Java Cryptography Architecture (JCA) and its provider, this method is not available. However, to get the modulus, you can use \ :java:ref:`PrivateKey.getActualPublicExponent()`\ method. :return: ``null``. hashAndSign ^^^^^^^^^^^ .. java:method:: public byte[] hashAndSign(byte[] data, String hashAlg) throws SCMException :outertype: PrivateKey Hashes the provided data and signs the hash using a private key. The operation will use PKCS#1 padding. The *hashAlg* parameter indicates the hash algorithm to use and can take the following values: .. * ``"sha1"`` or ``"sha256"``: Available for all keys (SHA-1 may be forbidden with qualified signature keys depending on the card profile). The API will automatically take care of the partial hashing requirement when used with a qualified signature key. * ``"sha384"`` or ``"sha512"``: Not available for qualified signature keys. :param data: Data to hash, provided as a bytearray. :param hashAlg: Algorithm of the hash. :return: the bytearray containing the signature. isPartialHash ^^^^^^^^^^^^^ .. java:method:: public boolean isPartialHash() :outertype: PrivateKey Returns \ ``true``\ if the key must use partial hashing (qualified signature key). Available only for private Keys :return: \ ``true``\ if the key must use partial hashing; \ ``false``\ otherwise sign ^^^^ .. java:method:: public byte[] sign(byte[] hash, String hashAlg) throws SCMException :outertype: PrivateKey Signs the provided hash using a private key. The operation will use PKCS#1 padding. The algorithm of the hash needs to be indicated if the OID needs to be added within the signature block. The *hashAlg* parameter can take the following values: .. * ``null``: The hash data will be signed as provided. Not available for qualified signature keys. * ``"sha1"``, ``"sha256"``, ``"sha384"`` or ``"sha512"``: The corresponding OID will be prepended. Not available for qualified signature keys. * ``"sha1-partial"`` or ``"sha256-partial"``: The hash must be provided as a partial hash block (containing intermediate hash values) as defined by the IAS specifications. The hash will be finalized by the card and the corresponding OID will be prepended. Available only for qualified signature keys. The \ :java:ref:`PrivateKey.isPartialHash()`\ property can be used to check whether the key is a qualified signature key that requires partial hashing. :param hash: ``bytearray`` containing the hash value. :param hashAlg: (optional) Algorithm of the hash. :return: a ``bytearray`` containing the signature.