|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--xjava.security.KeyGenerator | +--cryptix.provider.key.RawKeyGenerator
RawKeyGenerator acts as a superclass for other Cryptix key generator classes.
Copyright © 1997
Systemics Ltd on behalf of the
Cryptix Development Team.
All rights reserved.
$Revision: 1.3 $
Constructor Summary | |
protected |
RawKeyGenerator(java.lang.String algorithm,
int seedlength)
Constructor for use by subclasses that require a fixed-length key. |
protected |
RawKeyGenerator(java.lang.String algorithm,
int minlength,
int defaultlength,
int maxlength)
Constructor for use by subclasses that allow variable-length keys. |
Method Summary | |
protected byte[] |
engineGenerateKey(byte[] seed)
This method allows subclasses to modify the bytes that will be used to generate a key. |
SecretKey |
generateKey()
Generates a key. |
SecretKey |
generateKey(byte[] data)
Generates a key from an encoded byte array. |
int |
getDefaultKeyLength()
Returns the key length that will be used by generateKey() to create new random keys. |
int |
getMaximumKeyLength()
Returns the maximum useful key length for this algorithm. |
int |
getMinimumKeyLength()
Returns the minimum key length for this algorithm. |
void |
initialize(java.security.SecureRandom random)
Initializes the key generator. |
void |
initialize(java.security.SecureRandom random,
int length)
Initializes the key generator, and sets a specific key length for use with algorithms that allow variable-length keys. |
boolean |
isValidKeyLength(int length)
Returns true iff length is a valid key length (in bytes) for this algorithm. |
protected boolean |
isWeak(byte[] key)
Returns true iff key represents a weak or semi-weak key for this algorithm. |
boolean |
isWeakAllowed()
Returns true if this object is allowed to generate weak and semi-weak keys; false otherwise. |
void |
setWeakAllowed(boolean allowWeak)
Sets whether this object is allowed to generate weak and semi-weak keys. |
Methods inherited from class xjava.security.KeyGenerator |
clone, engineGetParameter, engineSetParameter, getAlgorithm, getAlgorithms, getAlgorithms, getInstance, getInstance, getParameter, setParameter, toString |
Methods inherited from class java.lang.Object |
|
Constructor Detail |
protected RawKeyGenerator(java.lang.String algorithm, int seedlength) throws java.lang.IllegalArgumentException
Note: seedlength does not correspond to a cryptographic strength. In particular, there is no implication that a brute-force attack against the algorithm would require 256^seedlength trials.
algorithm
- the standard string name of the algorithm.seedlength
- the desired seed length in bytes.java.lang.IllegalArgumentException
- if seedlength <= 0protected RawKeyGenerator(java.lang.String algorithm, int minlength, int defaultlength, int maxlength) throws java.lang.IllegalArgumentException
generateKey()
method is used without any other parameters or initialization, the
key will be defaultlength bytes long.
Note: none of these length parameters correspond to a cryptographic strength. In particular, there is no implication that a brute-force attack against the algorithm would require 256^(length of key) trials.
algorithm
- the standard string name of the algorithm.minlength
- the minimum seed length in bytes.defaultlength
- the default seed length in bytes.maxlength
- the maximum useful seed length in bytes.java.lang.IllegalArgumentException
- if !(0 < minlength &&
minlength <= defaultlength &&
defaultlength <= maxlength)Method Detail |
public SecretKey generateKey()
If a source of random bytes has not been set using one of the
initialize
methods, new SecureRandom()
will be used.
generateKey
in interface ExtendedKeyGenerator
generateKey
in class KeyGenerator
public void initialize(java.security.SecureRandom random)
initialize
in interface ExtendedKeyGenerator
initialize
in class KeyGenerator
random
- the source of randomness for this generator.public void initialize(java.security.SecureRandom random, int length)
The length parameter only affects randomly generated
keys (i.e. the generateKey()
method without
parameters).
initialize
in interface ExtendedKeyGenerator
random
- the source of randomness for this generator.length
- the desired key length in bytes.java.lang.IllegalArgumentException
- if length is not valid for
this algorithm.public boolean isWeakAllowed()
isWeakAllowed
in interface ExtendedKeyGenerator
public void setWeakAllowed(boolean allowWeak)
setWeakAllowed
in interface ExtendedKeyGenerator
allowWeak
- true if weak/semi-weak keys are allowed.public int getMinimumKeyLength()
getMinimumKeyLength
in interface ExtendedKeyGenerator
public int getDefaultKeyLength()
generateKey()
to create new random keys. This is
either the default key length determined by the KeyGenerator
for this algorithm, or the length set using
initialize(SecureRandom random, int length)
.getDefaultKeyLength
in interface ExtendedKeyGenerator
public int getMaximumKeyLength()
getMaximumKeyLength
in interface ExtendedKeyGenerator
public boolean isValidKeyLength(int length)
The default implementation returns true if length is between the minimum and maximum key lengths. Some algorithms will override this method to specify a more restricted set of values.
isValidKeyLength
in interface ExtendedKeyGenerator
public SecretKey generateKey(byte[] data) throws WeakKeyException, java.security.InvalidKeyException
The encoded key bytes may differ from data in order to make sure that they represent a valid key. For example, if keys for this algorithm conventionally include parity bits, those bits will be set correctly. For most algorithms, data is used unchanged.
generateKey
in interface ExtendedKeyGenerator
data
- user supplied raw-encoded data from which a secret
key will be generated.NullPointerException
- if data == nullWeakKeyException
- if isWeakAllowed() is false, and
data represents a weak key for this algorithm.java.security.InvalidKeyException
- if the length of data is not
valid for this algorithm.protected byte[] engineGenerateKey(byte[] seed) throws WeakKeyException, java.security.InvalidKeyException
The seed array contains either randomly generated bytes, or an encoded form of the key. Subclasses should throw a WeakKeyException if isWeakAllowed() is false, and a weak key would have been generated.
The default implementation is as follows: If weak keys are not
allowed, and the seed array represents a weak key (i.e.
!isWeakAllowed() && isWeak(seed)
), throw a
WeakKeyException. Otherwise, just return the seed array. This
is sufficient if the key does not have any special form (for
example, parity bits that should be set correctly).
The seed array can be modified if that is convenient.
seed
- the seed bytes for this key.protected boolean isWeak(byte[] key)
The default implementation returns false.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |