cryptix.provider.key
Class RawKeyGenerator

java.lang.Object
  |
  +--xjava.security.KeyGenerator
        |
        +--cryptix.provider.key.RawKeyGenerator
All Implemented Interfaces:
java.lang.Cloneable, ExtendedKeyGenerator, Parameterized
Direct Known Subclasses:
BlowfishKeyGenerator, CAST5KeyGenerator, DESKeyGenerator, IDEAKeyGenerator, LOKI91KeyGenerator, RC2KeyGenerator, RC4KeyGenerator, RijndaelKeyGenerator, SAFERKeyGenerator, SPEEDKeyGenerator, SquareKeyGenerator

public class RawKeyGenerator
extends KeyGenerator
implements ExtendedKeyGenerator, java.lang.Cloneable

RawKeyGenerator acts as a superclass for other Cryptix key generator classes.

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.3 $

Since:
Cryptix 2.2.0a, 2.2.2
Author:
David Hopwood, Raif S. Naffah

Constructor Summary
protected RawKeyGenerator(java.lang.String algorithm, int seedlength)
          Constructor for use by subclasses that require a fixed-length key.
protected RawKeyGenerator(java.lang.String algorithm, int minlength, int defaultlength, int maxlength)
          Constructor for use by subclasses that allow variable-length keys.
 
Method Summary
protected  byte[] engineGenerateKey(byte[] seed)
          This method allows subclasses to modify the bytes that will be used to generate a key.
 SecretKey generateKey()
          Generates a key.
 SecretKey generateKey(byte[] data)
          Generates a key from an encoded byte array.
 int getDefaultKeyLength()
          Returns the key length that will be used by generateKey() to create new random keys.
 int getMaximumKeyLength()
          Returns the maximum useful key length for this algorithm.
 int getMinimumKeyLength()
          Returns the minimum key length for this algorithm.
 void initialize(java.security.SecureRandom random)
          Initializes the key generator.
 void initialize(java.security.SecureRandom random, int length)
          Initializes the key generator, and sets a specific key length for use with algorithms that allow variable-length keys.
 boolean isValidKeyLength(int length)
          Returns true iff length is a valid key length (in bytes) for this algorithm.
protected  boolean isWeak(byte[] key)
          Returns true iff key represents a weak or semi-weak key for this algorithm.
 boolean isWeakAllowed()
          Returns true if this object is allowed to generate weak and semi-weak keys; false otherwise.
 void setWeakAllowed(boolean allowWeak)
          Sets whether this object is allowed to generate weak and semi-weak keys.
 
Methods inherited from class xjava.security.KeyGenerator
clone, engineGetParameter, engineSetParameter, getAlgorithm, getAlgorithms, getAlgorithms, getInstance, getInstance, getParameter, setParameter, toString
 
Methods inherited from class java.lang.Object
, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

RawKeyGenerator

protected RawKeyGenerator(java.lang.String algorithm,
                          int seedlength)
                   throws java.lang.IllegalArgumentException
Constructor for use by subclasses that require a fixed-length key. Each candidate key will be seedlength bytes long.

Note: seedlength does not correspond to a cryptographic strength. In particular, there is no implication that a brute-force attack against the algorithm would require 256^seedlength trials.

Parameters:
algorithm - the standard string name of the algorithm.
seedlength - the desired seed length in bytes.
Throws:
java.lang.IllegalArgumentException - if seedlength <= 0

RawKeyGenerator

protected RawKeyGenerator(java.lang.String algorithm,
                          int minlength,
                          int defaultlength,
                          int maxlength)
                   throws java.lang.IllegalArgumentException
Constructor for use by subclasses that allow variable-length keys. Each candidate key will be a minimum of minlength, and a maximum of maxlength bytes long. If the generateKey() method is used without any other parameters or initialization, the key will be defaultlength bytes long.

Note: none of these length parameters correspond to a cryptographic strength. In particular, there is no implication that a brute-force attack against the algorithm would require 256^(length of key) trials.

Parameters:
algorithm - the standard string name of the algorithm.
minlength - the minimum seed length in bytes.
defaultlength - the default seed length in bytes.
maxlength - the maximum useful seed length in bytes.
Throws:
java.lang.IllegalArgumentException - if !(0 < minlength && minlength <= defaultlength && defaultlength <= maxlength)
Method Detail

generateKey

public SecretKey generateKey()
Generates a key. This method generates a new random key every time it is called.

If a source of random bytes has not been set using one of the initialize methods, new SecureRandom() will be used.

Specified by:
generateKey in interface ExtendedKeyGenerator
Overrides:
generateKey in class KeyGenerator
Returns:
the new key.

initialize

public void initialize(java.security.SecureRandom random)
Initializes the key generator.
Specified by:
initialize in interface ExtendedKeyGenerator
Overrides:
initialize in class KeyGenerator
Parameters:
random - the source of randomness for this generator.

initialize

public void initialize(java.security.SecureRandom random,
                       int length)
Initializes the key generator, and sets a specific key length for use with algorithms that allow variable-length keys.

The length parameter only affects randomly generated keys (i.e. the generateKey() method without parameters).

Specified by:
initialize in interface ExtendedKeyGenerator
Parameters:
random - the source of randomness for this generator.
length - the desired key length in bytes.
Throws:
java.lang.IllegalArgumentException - if length is not valid for this algorithm.

isWeakAllowed

public boolean isWeakAllowed()
Returns true if this object is allowed to generate weak and semi-weak keys; false otherwise.
Specified by:
isWeakAllowed in interface ExtendedKeyGenerator

setWeakAllowed

public void setWeakAllowed(boolean allowWeak)
Sets whether this object is allowed to generate weak and semi-weak keys.
Specified by:
setWeakAllowed in interface ExtendedKeyGenerator
Parameters:
allowWeak - true if weak/semi-weak keys are allowed.

getMinimumKeyLength

public int getMinimumKeyLength()
Returns the minimum key length for this algorithm.
Specified by:
getMinimumKeyLength in interface ExtendedKeyGenerator

getDefaultKeyLength

public int getDefaultKeyLength()
Returns the key length that will be used by generateKey() to create new random keys. This is either the default key length determined by the KeyGenerator for this algorithm, or the length set using initialize(SecureRandom random, int length).
Specified by:
getDefaultKeyLength in interface ExtendedKeyGenerator

getMaximumKeyLength

public int getMaximumKeyLength()
Returns the maximum useful key length for this algorithm.
Specified by:
getMaximumKeyLength in interface ExtendedKeyGenerator

isValidKeyLength

public boolean isValidKeyLength(int length)
Returns true iff length is a valid key length (in bytes) for this algorithm.

The default implementation returns true if length is between the minimum and maximum key lengths. Some algorithms will override this method to specify a more restricted set of values.

Specified by:
isValidKeyLength in interface ExtendedKeyGenerator

generateKey

public SecretKey generateKey(byte[] data)
                      throws WeakKeyException,
                             java.security.InvalidKeyException
Generates a key from an encoded byte array. The format of the secret key is "RAW". The contents of data will not be modified.

The encoded key bytes may differ from data in order to make sure that they represent a valid key. For example, if keys for this algorithm conventionally include parity bits, those bits will be set correctly. For most algorithms, data is used unchanged.

Specified by:
generateKey in interface ExtendedKeyGenerator
Parameters:
data - user supplied raw-encoded data from which a secret key will be generated.
Returns:
the new key.
Throws:
NullPointerException - if data == null
WeakKeyException - if isWeakAllowed() is false, and data represents a weak key for this algorithm.
java.security.InvalidKeyException - if the length of data is not valid for this algorithm.

engineGenerateKey

protected byte[] engineGenerateKey(byte[] seed)
                            throws WeakKeyException,
                                   java.security.InvalidKeyException
This method allows subclasses to modify the bytes that will be used to generate a key. This might be necessary in order to set parity bits, for example.

The seed array contains either randomly generated bytes, or an encoded form of the key. Subclasses should throw a WeakKeyException if isWeakAllowed() is false, and a weak key would have been generated.

The default implementation is as follows: If weak keys are not allowed, and the seed array represents a weak key (i.e. !isWeakAllowed() && isWeak(seed)), throw a WeakKeyException. Otherwise, just return the seed array. This is sufficient if the key does not have any special form (for example, parity bits that should be set correctly).

The seed array can be modified if that is convenient.

Parameters:
seed - the seed bytes for this key.
Returns:
the key encoding.

isWeak

protected boolean isWeak(byte[] key)
Returns true iff key represents a weak or semi-weak key for this algorithm. The length of the array is not checked, and an ArrayIndexOutOfBoundsException may be thrown if it is too short.

The default implementation returns false.