1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
|
package javax.crypto;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
/**
* This class provides the functionality of a (symmetric) key generator.
* <p>
* Key generators are constructed using one of the <code>getInstance</code>
* class methods of this class.
* <p>
* KeyGenerator objects are reusable, i.e., after a key has been
* generated, the same KeyGenerator object can be re-used to generate further
* keys.
* <p>
* There are two ways to generate a key: in an algorithm-independent manner,
* and in an algorithm-specific manner. The only difference between the two is
* the initialization of the object:
*
* <ul>
* <li><b>Algorithm-Independent Initialization</b>
* <p>All key generators share the concepts of a <i>keysize</i> and a
* <i>source of randomness</i>.
* There is an
* <a href = "#init(int, java.security.SecureRandom)">init</a>
* method in this KeyGenerator class that takes these two universally
* shared types of arguments. There is also one that takes just a
* <code>keysize</code> argument, and uses the SecureRandom implementation
* of the highest-priority installed provider as the source of randomness
* (or a system-provided source of randomness if none of the installed
* providers supply a SecureRandom implementation), and one that takes just a
* source of randomness.
* <p>
* Since no other parameters are specified when you call the above
* algorithm-independent <code>init</code> methods, it is up to the
* provider what to do about the algorithm-specific parameters (if any) to be
* associated with each of the keys.
* <p>
* <li><b>Algorithm-Specific Initialization</b>
* <p>For situations where a set of algorithm-specific parameters already
* exists, there are two
* <a href = "#init(java.security.spec.AlgorithmParameterSpec)">init</a>
* methods that have an <code>AlgorithmParameterSpec</code>
* argument. One also has a <code>SecureRandom</code> argument, while the
* other uses the SecureRandom implementation
* of the highest-priority installed provider as the source of randomness
* (or a system-provided source of randomness if none of the installed
* providers supply a SecureRandom implementation).
* </ul>
*
* <p>In case the client does not explicitly initialize the KeyGenerator
* (via a call to an <code>init</code> method), each provider must
* supply (and document) a default initialization.
*
* @see SecretKey
*/
public class KeyGenerator
{
private KeyGeneratorSpi keyGenerator;
private Provider provider;
private String algorithm;
/**
* Creates a KeyGenerator object.
*
* @param keyGenSpi the delegate
* @param provider the provider
* @param algorithm the algorithm
*/
protected KeyGenerator(
KeyGeneratorSpi keyGenSpi,
Provider provider,
String algorithm)
{
this.keyGenerator = keyGenSpi;
this.provider = provider;
this.algorithm = algorithm;
}
/**
* Returns the algorithm name of this <code>KeyGenerator</code> object.
* <p>
* This is the same name that was specified in one of the
* <code>getInstance</code> calls that created this
* <code>KeyGenerator</code> object.
*
* @return the algorithm name of this <code>KeyGenerator</code> object.
*/
public final String getAlgorithm()
{
return algorithm;
}
/**
* Generates a <code>KeyGenerator</code> object for the specified algorithm.
* If the default provider package provides an implementation of the
* requested key generator, an instance of <code>KeyGenerator</code> containing
* that implementation is returned. If the requested key generator is not available
* in the default provider package, other provider packages are searched.
*
* @param algorithm the standard name of the requested key algorithm. See Appendix A in the
* Java Cryptography Extension API Specification & Reference for information about standard
* algorithm names.
* @return the new <code>KeyGenerator</code> object
* @exception NoSuchAlgorithmException if a key generator for the specified algorithm is not
* available in the default provider package or any of the other provider packages that were searched.
*/
public static final KeyGenerator getInstance(
String algorithm)
throws NoSuchAlgorithmException
{
try
{
JCEUtil.Implementation imp = JCEUtil.getImplementation("KeyGenerator", algorithm, (String) null);
if (imp == null)
{
throw new NoSuchAlgorithmException(algorithm + " not found");
}
KeyGenerator keyGen = new KeyGenerator((KeyGeneratorSpi)imp.getEngine(), imp.getProvider(), algorithm);
return keyGen;
}
catch (NoSuchProviderException e)
{
throw new NoSuchAlgorithmException(algorithm + " not found");
}
}
/**
* Generates a <code>KeyGenerator</code> object for the specified key
* algorithm from the specified provider.
*
* @param algorithm the standard name of the requested key algorithm. See Appendix A in the
* Java Cryptography Extension API Specification & Reference for information about standard
* algorithm names.
* @param provider the provider
* @return the new <code>KeyGenerator</code> object
* @exception NoSuchAlgorithmException if a key generator for the specified algorithm is not
* available from the specified provider.
*/
public static final KeyGenerator getInstance(
String algorithm,
Provider provider)
throws NoSuchAlgorithmException
{
if (provider == null)
{
throw new IllegalArgumentException("No provider specified to KeyGenerator.getInstance()");
}
JCEUtil.Implementation imp = JCEUtil.getImplementation("KeyGenerator", algorithm, provider);
if (imp == null)
{
throw new NoSuchAlgorithmException(algorithm + " not found");
}
KeyGenerator keyGen = new KeyGenerator((KeyGeneratorSpi)imp.getEngine(), imp.getProvider(), algorithm);
return keyGen;
}
/**
* Generates a <code>KeyGenerator</code> object for the specified key
* algorithm from the specified provider.
*
* @param algorithm the standard name of the requested key algorithm. See Appendix A in the
* Java Cryptography Extension API Specification & Reference for information about standard
* algorithm names.
* @param provider the name of the provider
* @return the new <code>KeyGenerator</code> object
* @exception NoSuchAlgorithmException if a key generator for the specified algorithm is not
* available from the specified provider.
* @exception NoSuchProviderException if the specified provider has not been configured.
*/
public static final KeyGenerator getInstance(
String algorithm,
String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null)
{
throw new IllegalArgumentException("No provider specified to KeyGenerator.getInstance()");
}
JCEUtil.Implementation imp = JCEUtil.getImplementation("KeyGenerator", algorithm, provider);
if (imp == null)
{
throw new NoSuchAlgorithmException(algorithm + " not found");
}
KeyGenerator keyGen = new KeyGenerator((KeyGeneratorSpi)imp.getEngine(), imp.getProvider(), algorithm);
return keyGen;
}
/**
* Returns the provider of this <code>KeyGenerator</code> object.
*
* @return the provider of this <code>KeyGenerator</code> object
*/
public final Provider getProvider()
{
return provider;
}
/**
* Initializes this key generator.
*
* @param random the source of randomness for this generator
*/
public final void init(
SecureRandom random)
{
keyGenerator.engineInit(random);
}
/**
* Initializes this key generator with the specified parameter set.
* <p>
* If this key generator requires any random bytes, it will get them
* using the * <a href="http://java.sun.com/products/jdk/1.2/docs/api/java.security.SecureRandom.html">
* <code>SecureRandom</code></a> implementation of the highest-priority installed
* provider as the source of randomness.
* (If none of the installed providers supply an implementation of
* SecureRandom, a system-provided source of randomness will be used.)
*
* @param params the key generation parameters
* @exception InvalidAlgorithmParameterException if the given parameters are inappropriate
* for this key generator
*/
public final void init(
AlgorithmParameterSpec params)
throws InvalidAlgorithmParameterException
{
keyGenerator.engineInit(params, new SecureRandom());
}
/**
* Initializes this key generator with the specified parameter set and a user-provided source of randomness.
*
* @param params the key generation parameters
* @param random the source of randomness for this key generator
* @exception InvalidAlgorithmParameterException if <code>params</code> is inappropriate for this key generator
*/
public final void init(
AlgorithmParameterSpec params,
SecureRandom random)
throws InvalidAlgorithmParameterException
{
keyGenerator.engineInit(params, random);
}
/**
* Initializes this key generator for a certain keysize.
* <p>
* If this key generator requires any random bytes, it will get them using the
* <a href="http://java.sun.com/products/jdk/1.2/docs/api/java.security.SecureRandom.html">
* <code>SecureRandom</code></a> implementation of the highest-priority installed provider as
* the source of randomness. (If none of the installed providers supply an implementation of
* SecureRandom, a system-provided source of randomness will be used.)
*
* @param keysize the keysize. This is an algorithm-specific metric, specified in number of bits.
* @exception InvalidParameterException if the keysize is wrong or not supported.
*/
public final void init(
int keysize)
{
keyGenerator.engineInit(keysize, new SecureRandom());
}
/**
* Initializes this key generator for a certain keysize, using a user-provided source of randomness.
*
* @param keysize the keysize. This is an algorithm-specific metric, specified in number of bits.
* @param random the source of randomness for this key generator
* @exception InvalidParameterException if the keysize is wrong or not supported.
*/
public final void init(
int keysize,
SecureRandom random)
{
keyGenerator.engineInit(keysize, random);
}
/**
* Generates a secret key.
*
* @return the new key
*/
public final SecretKey generateKey()
{
return keyGenerator.engineGenerateKey();
}
}
|
