jdk/src/java.base/share/classes/javax/crypto/KeyAgreement.java
author vinnie
Thu, 25 Sep 2014 12:24:19 +0100
changeset 26736 5a93000b26cd
parent 25859 3317bb8137f4
child 32275 17eeb583a331
permissions -rw-r--r--
8056026: Debug security logging should print Provider used for each crypto operation Reviewed-by: mullan
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     1
/*
26736
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
     2
 * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load
duke
parents:
diff changeset
     4
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
     5
 * This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load
duke
parents:
diff changeset
     6
 * under the terms of the GNU General Public License version 2 only, as
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
     7
 * published by the Free Software Foundation.  Oracle designates this
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     8
 * particular file as subject to the "Classpath" exception as provided
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
     9
 * by Oracle in the LICENSE file that accompanied this code.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    10
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    11
 * This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load
duke
parents:
diff changeset
    12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load
duke
parents:
diff changeset
    13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
90ce3da70b43 Initial load
duke
parents:
diff changeset
    14
 * version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load
duke
parents:
diff changeset
    15
 * accompanied this code).
90ce3da70b43 Initial load
duke
parents:
diff changeset
    16
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    17
 * You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load
duke
parents:
diff changeset
    18
 * 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load
duke
parents:
diff changeset
    19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    20
 *
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
    21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
    22
 * or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
    23
 * questions.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    24
 */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    25
90ce3da70b43 Initial load
duke
parents:
diff changeset
    26
package javax.crypto;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    27
90ce3da70b43 Initial load
duke
parents:
diff changeset
    28
import java.util.*;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    29
90ce3da70b43 Initial load
duke
parents:
diff changeset
    30
import java.security.*;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    31
import java.security.Provider.Service;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    32
import java.security.spec.*;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    33
90ce3da70b43 Initial load
duke
parents:
diff changeset
    34
import sun.security.util.Debug;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    35
import sun.security.jca.*;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    36
import sun.security.jca.GetInstance.Instance;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    37
90ce3da70b43 Initial load
duke
parents:
diff changeset
    38
/**
90ce3da70b43 Initial load
duke
parents:
diff changeset
    39
 * This class provides the functionality of a key agreement (or key
90ce3da70b43 Initial load
duke
parents:
diff changeset
    40
 * exchange) protocol.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    41
 * <p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
    42
 * The keys involved in establishing a shared secret are created by one of the
90ce3da70b43 Initial load
duke
parents:
diff changeset
    43
 * key generators (<code>KeyPairGenerator</code> or
90ce3da70b43 Initial load
duke
parents:
diff changeset
    44
 * <code>KeyGenerator</code>), a <code>KeyFactory</code>, or as a result from
90ce3da70b43 Initial load
duke
parents:
diff changeset
    45
 * an intermediate phase of the key agreement protocol.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    46
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    47
 * <p> For each of the correspondents in the key exchange, <code>doPhase</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
    48
 * needs to be called. For example, if this key exchange is with one other
90ce3da70b43 Initial load
duke
parents:
diff changeset
    49
 * party, <code>doPhase</code> needs to be called once, with the
90ce3da70b43 Initial load
duke
parents:
diff changeset
    50
 * <code>lastPhase</code> flag set to <code>true</code>.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    51
 * If this key exchange is
90ce3da70b43 Initial load
duke
parents:
diff changeset
    52
 * with two other parties, <code>doPhase</code> needs to be called twice,
90ce3da70b43 Initial load
duke
parents:
diff changeset
    53
 * the first time setting the <code>lastPhase</code> flag to
90ce3da70b43 Initial load
duke
parents:
diff changeset
    54
 * <code>false</code>, and the second time setting it to <code>true</code>.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    55
 * There may be any number of parties involved in a key exchange.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    56
 *
8152
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    57
 * <p> Every implementation of the Java platform is required to support the
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    58
 * following standard <code>KeyAgreement</code> algorithm:
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    59
 * <ul>
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    60
 * <li><tt>DiffieHellman</tt></li>
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    61
 * </ul>
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    62
 * This algorithm is described in the <a href=
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    63
 * "{@docRoot}/../technotes/guides/security/StandardNames.html#KeyAgreement">
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    64
 * KeyAgreement section</a> of the
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    65
 * Java Cryptography Architecture Standard Algorithm Name Documentation.
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    66
 * Consult the release documentation for your implementation to see if any
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    67
 * other algorithms are supported.
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
    68
 *
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    69
 * @author Jan Luehe
90ce3da70b43 Initial load
duke
parents:
diff changeset
    70
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    71
 * @see KeyGenerator
90ce3da70b43 Initial load
duke
parents:
diff changeset
    72
 * @see SecretKey
90ce3da70b43 Initial load
duke
parents:
diff changeset
    73
 * @since 1.4
90ce3da70b43 Initial load
duke
parents:
diff changeset
    74
 */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    75
90ce3da70b43 Initial load
duke
parents:
diff changeset
    76
public class KeyAgreement {
90ce3da70b43 Initial load
duke
parents:
diff changeset
    77
90ce3da70b43 Initial load
duke
parents:
diff changeset
    78
    private static final Debug debug =
90ce3da70b43 Initial load
duke
parents:
diff changeset
    79
                        Debug.getInstance("jca", "KeyAgreement");
90ce3da70b43 Initial load
duke
parents:
diff changeset
    80
26736
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
    81
    private static final Debug pdebug =
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
    82
                        Debug.getInstance("provider", "Provider");
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
    83
    private static final boolean skipDebug =
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
    84
        Debug.isOn("engine=") && !Debug.isOn("keyagreement");
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
    85
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    86
    // The provider
90ce3da70b43 Initial load
duke
parents:
diff changeset
    87
    private Provider provider;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    88
90ce3da70b43 Initial load
duke
parents:
diff changeset
    89
    // The provider implementation (delegate)
90ce3da70b43 Initial load
duke
parents:
diff changeset
    90
    private KeyAgreementSpi spi;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    91
90ce3da70b43 Initial load
duke
parents:
diff changeset
    92
    // The name of the key agreement algorithm.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    93
    private final String algorithm;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    94
90ce3da70b43 Initial load
duke
parents:
diff changeset
    95
    // next service to try in provider selection
90ce3da70b43 Initial load
duke
parents:
diff changeset
    96
    // null once provider is selected
90ce3da70b43 Initial load
duke
parents:
diff changeset
    97
    private Service firstService;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    98
90ce3da70b43 Initial load
duke
parents:
diff changeset
    99
    // remaining services to try in provider selection
90ce3da70b43 Initial load
duke
parents:
diff changeset
   100
    // null once provider is selected
10336
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   101
    private Iterator<Service> serviceIterator;
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   102
90ce3da70b43 Initial load
duke
parents:
diff changeset
   103
    private final Object lock;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   104
90ce3da70b43 Initial load
duke
parents:
diff changeset
   105
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   106
     * Creates a KeyAgreement object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   107
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   108
     * @param keyAgreeSpi the delegate
90ce3da70b43 Initial load
duke
parents:
diff changeset
   109
     * @param provider the provider
90ce3da70b43 Initial load
duke
parents:
diff changeset
   110
     * @param algorithm the algorithm
90ce3da70b43 Initial load
duke
parents:
diff changeset
   111
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   112
    protected KeyAgreement(KeyAgreementSpi keyAgreeSpi, Provider provider,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   113
                           String algorithm) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   114
        this.spi = keyAgreeSpi;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   115
        this.provider = provider;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   116
        this.algorithm = algorithm;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   117
        lock = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   118
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   119
10336
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   120
    private KeyAgreement(Service s, Iterator<Service> t, String algorithm) {
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   121
        firstService = s;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   122
        serviceIterator = t;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   123
        this.algorithm = algorithm;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   124
        lock = new Object();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   125
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   126
90ce3da70b43 Initial load
duke
parents:
diff changeset
   127
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   128
     * Returns the algorithm name of this <code>KeyAgreement</code> object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   129
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   130
     * <p>This is the same name that was specified in one of the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   131
     * <code>getInstance</code> calls that created this
90ce3da70b43 Initial load
duke
parents:
diff changeset
   132
     * <code>KeyAgreement</code> object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   133
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   134
     * @return the algorithm name of this <code>KeyAgreement</code> object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   135
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   136
    public final String getAlgorithm() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   137
        return this.algorithm;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   138
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   139
90ce3da70b43 Initial load
duke
parents:
diff changeset
   140
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   141
     * Returns a <code>KeyAgreement</code> object that implements the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   142
     * specified key agreement algorithm.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   143
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   144
     * <p> This method traverses the list of registered security Providers,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   145
     * starting with the most preferred Provider.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   146
     * A new KeyAgreement object encapsulating the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   147
     * KeyAgreementSpi implementation from the first
90ce3da70b43 Initial load
duke
parents:
diff changeset
   148
     * Provider that supports the specified algorithm is returned.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   149
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   150
     * <p> Note that the list of registered providers may be retrieved via
90ce3da70b43 Initial load
duke
parents:
diff changeset
   151
     * the {@link Security#getProviders() Security.getProviders()} method.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   152
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   153
     * @param algorithm the standard name of the requested key agreement
90ce3da70b43 Initial load
duke
parents:
diff changeset
   154
     * algorithm.
8152
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
   155
     * See the KeyAgreement section in the <a href=
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
   156
     * "{@docRoot}/../technotes/guides/security/StandardNames.html#KeyAgreement">
18771
9dadb0719cea 8019772: Fix doclint issues in javax.crypto and javax.security subpackages
juh
parents: 10336
diff changeset
   157
     * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   158
     * for information about standard algorithm names.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   159
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   160
     * @return the new <code>KeyAgreement</code> object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   161
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   162
     * @exception NullPointerException if the specified algorithm
90ce3da70b43 Initial load
duke
parents:
diff changeset
   163
     *          is null.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   164
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   165
     * @exception NoSuchAlgorithmException if no Provider supports a
90ce3da70b43 Initial load
duke
parents:
diff changeset
   166
     *          KeyAgreementSpi implementation for the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   167
     *          specified algorithm.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   168
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   169
     * @see java.security.Provider
90ce3da70b43 Initial load
duke
parents:
diff changeset
   170
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   171
    public static final KeyAgreement getInstance(String algorithm)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   172
            throws NoSuchAlgorithmException {
10336
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   173
        List<Service> services =
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   174
                GetInstance.getServices("KeyAgreement", algorithm);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   175
        // make sure there is at least one service from a signed provider
10336
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   176
        Iterator<Service> t = services.iterator();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   177
        while (t.hasNext()) {
10336
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   178
            Service s = t.next();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   179
            if (JceSecurity.canUseProvider(s.getProvider()) == false) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   180
                continue;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   181
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   182
            return new KeyAgreement(s, t, algorithm);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   183
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   184
        throw new NoSuchAlgorithmException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   185
                                ("Algorithm " + algorithm + " not available");
90ce3da70b43 Initial load
duke
parents:
diff changeset
   186
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   187
90ce3da70b43 Initial load
duke
parents:
diff changeset
   188
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   189
     * Returns a <code>KeyAgreement</code> object that implements the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   190
     * specified key agreement algorithm.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   191
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   192
     * <p> A new KeyAgreement object encapsulating the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   193
     * KeyAgreementSpi implementation from the specified provider
90ce3da70b43 Initial load
duke
parents:
diff changeset
   194
     * is returned.  The specified provider must be registered
90ce3da70b43 Initial load
duke
parents:
diff changeset
   195
     * in the security provider list.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   196
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   197
     * <p> Note that the list of registered providers may be retrieved via
90ce3da70b43 Initial load
duke
parents:
diff changeset
   198
     * the {@link Security#getProviders() Security.getProviders()} method.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   199
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   200
     * @param algorithm the standard name of the requested key agreement
90ce3da70b43 Initial load
duke
parents:
diff changeset
   201
     * algorithm.
8152
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
   202
     * See the KeyAgreement section in the <a href=
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
   203
     * "{@docRoot}/../technotes/guides/security/StandardNames.html#KeyAgreement">
18771
9dadb0719cea 8019772: Fix doclint issues in javax.crypto and javax.security subpackages
juh
parents: 10336
diff changeset
   204
     * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   205
     * for information about standard algorithm names.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   206
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   207
     * @param provider the name of the provider.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   208
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   209
     * @return the new <code>KeyAgreement</code> object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   210
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   211
     * @exception NullPointerException if the specified algorithm
90ce3da70b43 Initial load
duke
parents:
diff changeset
   212
     *          is null.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   213
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   214
     * @exception NoSuchAlgorithmException if a KeyAgreementSpi
90ce3da70b43 Initial load
duke
parents:
diff changeset
   215
     *          implementation for the specified algorithm is not
90ce3da70b43 Initial load
duke
parents:
diff changeset
   216
     *          available from the specified provider.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   217
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   218
     * @exception NoSuchProviderException if the specified provider is not
90ce3da70b43 Initial load
duke
parents:
diff changeset
   219
     *          registered in the security provider list.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   220
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   221
     * @exception IllegalArgumentException if the <code>provider</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   222
     *          is null or empty.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   223
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   224
     * @see java.security.Provider
90ce3da70b43 Initial load
duke
parents:
diff changeset
   225
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   226
    public static final KeyAgreement getInstance(String algorithm,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   227
            String provider) throws NoSuchAlgorithmException,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   228
            NoSuchProviderException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   229
        Instance instance = JceSecurity.getInstance
90ce3da70b43 Initial load
duke
parents:
diff changeset
   230
                ("KeyAgreement", KeyAgreementSpi.class, algorithm, provider);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   231
        return new KeyAgreement((KeyAgreementSpi)instance.impl,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   232
                instance.provider, algorithm);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   233
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   234
90ce3da70b43 Initial load
duke
parents:
diff changeset
   235
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   236
     * Returns a <code>KeyAgreement</code> object that implements the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   237
     * specified key agreement algorithm.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   238
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   239
     * <p> A new KeyAgreement object encapsulating the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   240
     * KeyAgreementSpi implementation from the specified Provider
90ce3da70b43 Initial load
duke
parents:
diff changeset
   241
     * object is returned.  Note that the specified Provider object
90ce3da70b43 Initial load
duke
parents:
diff changeset
   242
     * does not have to be registered in the provider list.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   243
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   244
     * @param algorithm the standard name of the requested key agreement
90ce3da70b43 Initial load
duke
parents:
diff changeset
   245
     * algorithm.
8152
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
   246
     * See the KeyAgreement section in the <a href=
94e5966bdf22 5001004: Required Security Algorithms need to be defined
mullan
parents: 5506
diff changeset
   247
     * "{@docRoot}/../technotes/guides/security/StandardNames.html#KeyAgreement">
18771
9dadb0719cea 8019772: Fix doclint issues in javax.crypto and javax.security subpackages
juh
parents: 10336
diff changeset
   248
     * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   249
     * for information about standard algorithm names.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   250
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   251
     * @param provider the provider.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   252
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   253
     * @return the new <code>KeyAgreement</code> object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   254
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   255
     * @exception NullPointerException if the specified algorithm
90ce3da70b43 Initial load
duke
parents:
diff changeset
   256
     *          is null.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   257
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   258
     * @exception NoSuchAlgorithmException if a KeyAgreementSpi
90ce3da70b43 Initial load
duke
parents:
diff changeset
   259
     *          implementation for the specified algorithm is not available
90ce3da70b43 Initial load
duke
parents:
diff changeset
   260
     *          from the specified Provider object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   261
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   262
     * @exception IllegalArgumentException if the <code>provider</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   263
     *          is null.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   264
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   265
     * @see java.security.Provider
90ce3da70b43 Initial load
duke
parents:
diff changeset
   266
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   267
    public static final KeyAgreement getInstance(String algorithm,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   268
            Provider provider) throws NoSuchAlgorithmException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   269
        Instance instance = JceSecurity.getInstance
90ce3da70b43 Initial load
duke
parents:
diff changeset
   270
                ("KeyAgreement", KeyAgreementSpi.class, algorithm, provider);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   271
        return new KeyAgreement((KeyAgreementSpi)instance.impl,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   272
                instance.provider, algorithm);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   273
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   274
90ce3da70b43 Initial load
duke
parents:
diff changeset
   275
    // max number of debug warnings to print from chooseFirstProvider()
90ce3da70b43 Initial load
duke
parents:
diff changeset
   276
    private static int warnCount = 10;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   277
90ce3da70b43 Initial load
duke
parents:
diff changeset
   278
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   279
     * Choose the Spi from the first provider available. Used if
90ce3da70b43 Initial load
duke
parents:
diff changeset
   280
     * delayed provider selection is not possible because init()
90ce3da70b43 Initial load
duke
parents:
diff changeset
   281
     * is not the first method called.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   282
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   283
    void chooseFirstProvider() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   284
        if (spi != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   285
            return;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   286
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   287
        synchronized (lock) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   288
            if (spi != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   289
                return;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   290
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   291
            if (debug != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   292
                int w = --warnCount;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   293
                if (w >= 0) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   294
                    debug.println("KeyAgreement.init() not first method "
90ce3da70b43 Initial load
duke
parents:
diff changeset
   295
                        + "called, disabling delayed provider selection");
90ce3da70b43 Initial load
duke
parents:
diff changeset
   296
                    if (w == 0) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   297
                        debug.println("Further warnings of this type will "
90ce3da70b43 Initial load
duke
parents:
diff changeset
   298
                            + "be suppressed");
90ce3da70b43 Initial load
duke
parents:
diff changeset
   299
                    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   300
                    new Exception("Call trace").printStackTrace();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   301
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   302
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   303
            Exception lastException = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   304
            while ((firstService != null) || serviceIterator.hasNext()) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   305
                Service s;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   306
                if (firstService != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   307
                    s = firstService;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   308
                    firstService = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   309
                } else {
10336
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   310
                    s = serviceIterator.next();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   311
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   312
                if (JceSecurity.canUseProvider(s.getProvider()) == false) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   313
                    continue;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   314
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   315
                try {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   316
                    Object obj = s.newInstance(null);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   317
                    if (obj instanceof KeyAgreementSpi == false) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   318
                        continue;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   319
                    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   320
                    spi = (KeyAgreementSpi)obj;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   321
                    provider = s.getProvider();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   322
                    // not needed any more
90ce3da70b43 Initial load
duke
parents:
diff changeset
   323
                    firstService = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   324
                    serviceIterator = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   325
                    return;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   326
                } catch (Exception e) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   327
                    lastException = e;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   328
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   329
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   330
            ProviderException e = new ProviderException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   331
                    ("Could not construct KeyAgreementSpi instance");
90ce3da70b43 Initial load
duke
parents:
diff changeset
   332
            if (lastException != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   333
                e.initCause(lastException);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   334
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   335
            throw e;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   336
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   337
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   338
90ce3da70b43 Initial load
duke
parents:
diff changeset
   339
    private final static int I_NO_PARAMS = 1;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   340
    private final static int I_PARAMS    = 2;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   341
90ce3da70b43 Initial load
duke
parents:
diff changeset
   342
    private void implInit(KeyAgreementSpi spi, int type, Key key,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   343
            AlgorithmParameterSpec params, SecureRandom random)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   344
            throws InvalidKeyException, InvalidAlgorithmParameterException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   345
        if (type == I_NO_PARAMS) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   346
            spi.engineInit(key, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   347
        } else { // I_PARAMS
90ce3da70b43 Initial load
duke
parents:
diff changeset
   348
            spi.engineInit(key, params, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   349
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   350
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   351
90ce3da70b43 Initial load
duke
parents:
diff changeset
   352
    private void chooseProvider(int initType, Key key,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   353
            AlgorithmParameterSpec params, SecureRandom random)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   354
            throws InvalidKeyException, InvalidAlgorithmParameterException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   355
        synchronized (lock) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   356
            if (spi != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   357
                implInit(spi, initType, key, params, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   358
                return;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   359
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   360
            Exception lastException = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   361
            while ((firstService != null) || serviceIterator.hasNext()) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   362
                Service s;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   363
                if (firstService != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   364
                    s = firstService;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   365
                    firstService = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   366
                } else {
10336
0bb1999251f8 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents: 9035
diff changeset
   367
                    s = serviceIterator.next();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   368
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   369
                // if provider says it does not support this key, ignore it
90ce3da70b43 Initial load
duke
parents:
diff changeset
   370
                if (s.supportsParameter(key) == false) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   371
                    continue;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   372
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   373
                if (JceSecurity.canUseProvider(s.getProvider()) == false) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   374
                    continue;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   375
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   376
                try {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   377
                    KeyAgreementSpi spi = (KeyAgreementSpi)s.newInstance(null);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   378
                    implInit(spi, initType, key, params, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   379
                    provider = s.getProvider();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   380
                    this.spi = spi;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   381
                    firstService = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   382
                    serviceIterator = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   383
                    return;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   384
                } catch (Exception e) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   385
                    // NoSuchAlgorithmException from newInstance()
90ce3da70b43 Initial load
duke
parents:
diff changeset
   386
                    // InvalidKeyException from init()
90ce3da70b43 Initial load
duke
parents:
diff changeset
   387
                    // RuntimeException (ProviderException) from init()
90ce3da70b43 Initial load
duke
parents:
diff changeset
   388
                    if (lastException == null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   389
                        lastException = e;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   390
                    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   391
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   392
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   393
            // no working provider found, fail
90ce3da70b43 Initial load
duke
parents:
diff changeset
   394
            if (lastException instanceof InvalidKeyException) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   395
                throw (InvalidKeyException)lastException;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   396
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   397
            if (lastException instanceof InvalidAlgorithmParameterException) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   398
                throw (InvalidAlgorithmParameterException)lastException;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   399
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   400
            if (lastException instanceof RuntimeException) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   401
                throw (RuntimeException)lastException;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   402
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   403
            String kName = (key != null) ? key.getClass().getName() : "(null)";
90ce3da70b43 Initial load
duke
parents:
diff changeset
   404
            throw new InvalidKeyException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   405
                ("No installed provider supports this key: "
90ce3da70b43 Initial load
duke
parents:
diff changeset
   406
                + kName, lastException);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   407
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   408
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   409
90ce3da70b43 Initial load
duke
parents:
diff changeset
   410
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   411
     * Returns the provider of this <code>KeyAgreement</code> object.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   412
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   413
     * @return the provider of this <code>KeyAgreement</code> object
90ce3da70b43 Initial load
duke
parents:
diff changeset
   414
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   415
    public final Provider getProvider() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   416
        chooseFirstProvider();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   417
        return this.provider;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   418
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   419
90ce3da70b43 Initial load
duke
parents:
diff changeset
   420
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   421
     * Initializes this key agreement with the given key, which is required to
90ce3da70b43 Initial load
duke
parents:
diff changeset
   422
     * contain all the algorithm parameters required for this key agreement.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   423
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   424
     * <p> If this key agreement requires any random bytes, it will get
90ce3da70b43 Initial load
duke
parents:
diff changeset
   425
     * them using the
18771
9dadb0719cea 8019772: Fix doclint issues in javax.crypto and javax.security subpackages
juh
parents: 10336
diff changeset
   426
     * {@link java.security.SecureRandom}
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   427
     * implementation of the highest-priority
90ce3da70b43 Initial load
duke
parents:
diff changeset
   428
     * installed provider as the source of randomness.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   429
     * (If none of the installed providers supply an implementation of
90ce3da70b43 Initial load
duke
parents:
diff changeset
   430
     * SecureRandom, a system-provided source of randomness will be used.)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   431
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   432
     * @param key the party's private information. For example, in the case
90ce3da70b43 Initial load
duke
parents:
diff changeset
   433
     * of the Diffie-Hellman key agreement, this would be the party's own
90ce3da70b43 Initial load
duke
parents:
diff changeset
   434
     * Diffie-Hellman private key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   435
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   436
     * @exception InvalidKeyException if the given key is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   437
     * inappropriate for this key agreement, e.g., is of the wrong type or
90ce3da70b43 Initial load
duke
parents:
diff changeset
   438
     * has an incompatible algorithm type.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   439
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   440
    public final void init(Key key) throws InvalidKeyException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   441
        init(key, JceSecurity.RANDOM);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   442
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   443
90ce3da70b43 Initial load
duke
parents:
diff changeset
   444
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   445
     * Initializes this key agreement with the given key and source of
90ce3da70b43 Initial load
duke
parents:
diff changeset
   446
     * randomness. The given key is required to contain all the algorithm
90ce3da70b43 Initial load
duke
parents:
diff changeset
   447
     * parameters required for this key agreement.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   448
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   449
     * <p> If the key agreement algorithm requires random bytes, it gets them
90ce3da70b43 Initial load
duke
parents:
diff changeset
   450
     * from the given source of randomness, <code>random</code>.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   451
     * However, if the underlying
90ce3da70b43 Initial load
duke
parents:
diff changeset
   452
     * algorithm implementation does not require any random bytes,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   453
     * <code>random</code> is ignored.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   454
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   455
     * @param key the party's private information. For example, in the case
90ce3da70b43 Initial load
duke
parents:
diff changeset
   456
     * of the Diffie-Hellman key agreement, this would be the party's own
90ce3da70b43 Initial load
duke
parents:
diff changeset
   457
     * Diffie-Hellman private key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   458
     * @param random the source of randomness
90ce3da70b43 Initial load
duke
parents:
diff changeset
   459
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   460
     * @exception InvalidKeyException if the given key is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   461
     * inappropriate for this key agreement, e.g., is of the wrong type or
90ce3da70b43 Initial load
duke
parents:
diff changeset
   462
     * has an incompatible algorithm type.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   463
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   464
    public final void init(Key key, SecureRandom random)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   465
            throws InvalidKeyException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   466
        if (spi != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   467
            spi.engineInit(key, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   468
        } else {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   469
            try {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   470
                chooseProvider(I_NO_PARAMS, key, null, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   471
            } catch (InvalidAlgorithmParameterException e) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   472
                // should never occur
90ce3da70b43 Initial load
duke
parents:
diff changeset
   473
                throw new InvalidKeyException(e);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   474
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   475
        }
26736
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   476
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   477
        if (!skipDebug && pdebug != null) {
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   478
            pdebug.println("KeyAgreement." + algorithm + " algorithm from: " +
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   479
                this.provider.getName());
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   480
        }
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   481
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   482
90ce3da70b43 Initial load
duke
parents:
diff changeset
   483
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   484
     * Initializes this key agreement with the given key and set of
90ce3da70b43 Initial load
duke
parents:
diff changeset
   485
     * algorithm parameters.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   486
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   487
     * <p> If this key agreement requires any random bytes, it will get
90ce3da70b43 Initial load
duke
parents:
diff changeset
   488
     * them using the
18771
9dadb0719cea 8019772: Fix doclint issues in javax.crypto and javax.security subpackages
juh
parents: 10336
diff changeset
   489
     * {@link java.security.SecureRandom}
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   490
     * implementation of the highest-priority
90ce3da70b43 Initial load
duke
parents:
diff changeset
   491
     * installed provider as the source of randomness.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   492
     * (If none of the installed providers supply an implementation of
90ce3da70b43 Initial load
duke
parents:
diff changeset
   493
     * SecureRandom, a system-provided source of randomness will be used.)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   494
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   495
     * @param key the party's private information. For example, in the case
90ce3da70b43 Initial load
duke
parents:
diff changeset
   496
     * of the Diffie-Hellman key agreement, this would be the party's own
90ce3da70b43 Initial load
duke
parents:
diff changeset
   497
     * Diffie-Hellman private key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   498
     * @param params the key agreement parameters
90ce3da70b43 Initial load
duke
parents:
diff changeset
   499
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   500
     * @exception InvalidKeyException if the given key is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   501
     * inappropriate for this key agreement, e.g., is of the wrong type or
90ce3da70b43 Initial load
duke
parents:
diff changeset
   502
     * has an incompatible algorithm type.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   503
     * @exception InvalidAlgorithmParameterException if the given parameters
90ce3da70b43 Initial load
duke
parents:
diff changeset
   504
     * are inappropriate for this key agreement.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   505
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   506
    public final void init(Key key, AlgorithmParameterSpec params)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   507
        throws InvalidKeyException, InvalidAlgorithmParameterException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   508
    {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   509
        init(key, params, JceSecurity.RANDOM);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   510
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   511
90ce3da70b43 Initial load
duke
parents:
diff changeset
   512
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   513
     * Initializes this key agreement with the given key, set of
90ce3da70b43 Initial load
duke
parents:
diff changeset
   514
     * algorithm parameters, and source of randomness.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   515
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   516
     * @param key the party's private information. For example, in the case
90ce3da70b43 Initial load
duke
parents:
diff changeset
   517
     * of the Diffie-Hellman key agreement, this would be the party's own
90ce3da70b43 Initial load
duke
parents:
diff changeset
   518
     * Diffie-Hellman private key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   519
     * @param params the key agreement parameters
90ce3da70b43 Initial load
duke
parents:
diff changeset
   520
     * @param random the source of randomness
90ce3da70b43 Initial load
duke
parents:
diff changeset
   521
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   522
     * @exception InvalidKeyException if the given key is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   523
     * inappropriate for this key agreement, e.g., is of the wrong type or
90ce3da70b43 Initial load
duke
parents:
diff changeset
   524
     * has an incompatible algorithm type.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   525
     * @exception InvalidAlgorithmParameterException if the given parameters
90ce3da70b43 Initial load
duke
parents:
diff changeset
   526
     * are inappropriate for this key agreement.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   527
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   528
    public final void init(Key key, AlgorithmParameterSpec params,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   529
                           SecureRandom random)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   530
        throws InvalidKeyException, InvalidAlgorithmParameterException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   531
    {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   532
        if (spi != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   533
            spi.engineInit(key, params, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   534
        } else {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   535
            chooseProvider(I_PARAMS, key, params, random);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   536
        }
26736
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   537
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   538
        if (!skipDebug && pdebug != null) {
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   539
            pdebug.println("KeyAgreement." + algorithm + " algorithm from: " +
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   540
                this.provider.getName());
5a93000b26cd 8056026: Debug security logging should print Provider used for each crypto operation
vinnie
parents: 25859
diff changeset
   541
        }
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   542
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   543
90ce3da70b43 Initial load
duke
parents:
diff changeset
   544
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   545
     * Executes the next phase of this key agreement with the given
90ce3da70b43 Initial load
duke
parents:
diff changeset
   546
     * key that was received from one of the other parties involved in this key
90ce3da70b43 Initial load
duke
parents:
diff changeset
   547
     * agreement.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   548
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   549
     * @param key the key for this phase. For example, in the case of
90ce3da70b43 Initial load
duke
parents:
diff changeset
   550
     * Diffie-Hellman between 2 parties, this would be the other party's
90ce3da70b43 Initial load
duke
parents:
diff changeset
   551
     * Diffie-Hellman public key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   552
     * @param lastPhase flag which indicates whether or not this is the last
90ce3da70b43 Initial load
duke
parents:
diff changeset
   553
     * phase of this key agreement.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   554
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   555
     * @return the (intermediate) key resulting from this phase, or null
90ce3da70b43 Initial load
duke
parents:
diff changeset
   556
     * if this phase does not yield a key
90ce3da70b43 Initial load
duke
parents:
diff changeset
   557
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   558
     * @exception InvalidKeyException if the given key is inappropriate for
90ce3da70b43 Initial load
duke
parents:
diff changeset
   559
     * this phase.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   560
     * @exception IllegalStateException if this key agreement has not been
90ce3da70b43 Initial load
duke
parents:
diff changeset
   561
     * initialized.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   562
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   563
    public final Key doPhase(Key key, boolean lastPhase)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   564
        throws InvalidKeyException, IllegalStateException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   565
    {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   566
        chooseFirstProvider();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   567
        return spi.engineDoPhase(key, lastPhase);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   568
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   569
90ce3da70b43 Initial load
duke
parents:
diff changeset
   570
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   571
     * Generates the shared secret and returns it in a new buffer.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   572
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   573
     * <p>This method resets this <code>KeyAgreement</code> object, so that it
90ce3da70b43 Initial load
duke
parents:
diff changeset
   574
     * can be reused for further key agreements. Unless this key agreement is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   575
     * reinitialized with one of the <code>init</code> methods, the same
90ce3da70b43 Initial load
duke
parents:
diff changeset
   576
     * private information and algorithm parameters will be used for
90ce3da70b43 Initial load
duke
parents:
diff changeset
   577
     * subsequent key agreements.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   578
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   579
     * @return the new buffer with the shared secret
90ce3da70b43 Initial load
duke
parents:
diff changeset
   580
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   581
     * @exception IllegalStateException if this key agreement has not been
90ce3da70b43 Initial load
duke
parents:
diff changeset
   582
     * completed yet
90ce3da70b43 Initial load
duke
parents:
diff changeset
   583
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   584
    public final byte[] generateSecret() throws IllegalStateException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   585
        chooseFirstProvider();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   586
        return spi.engineGenerateSecret();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   587
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   588
90ce3da70b43 Initial load
duke
parents:
diff changeset
   589
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   590
     * Generates the shared secret, and places it into the buffer
90ce3da70b43 Initial load
duke
parents:
diff changeset
   591
     * <code>sharedSecret</code>, beginning at <code>offset</code> inclusive.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   592
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   593
     * <p>If the <code>sharedSecret</code> buffer is too small to hold the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   594
     * result, a <code>ShortBufferException</code> is thrown.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   595
     * In this case, this call should be repeated with a larger output buffer.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   596
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   597
     * <p>This method resets this <code>KeyAgreement</code> object, so that it
90ce3da70b43 Initial load
duke
parents:
diff changeset
   598
     * can be reused for further key agreements. Unless this key agreement is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   599
     * reinitialized with one of the <code>init</code> methods, the same
90ce3da70b43 Initial load
duke
parents:
diff changeset
   600
     * private information and algorithm parameters will be used for
90ce3da70b43 Initial load
duke
parents:
diff changeset
   601
     * subsequent key agreements.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   602
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   603
     * @param sharedSecret the buffer for the shared secret
90ce3da70b43 Initial load
duke
parents:
diff changeset
   604
     * @param offset the offset in <code>sharedSecret</code> where the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   605
     * shared secret will be stored
90ce3da70b43 Initial load
duke
parents:
diff changeset
   606
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   607
     * @return the number of bytes placed into <code>sharedSecret</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   608
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   609
     * @exception IllegalStateException if this key agreement has not been
90ce3da70b43 Initial load
duke
parents:
diff changeset
   610
     * completed yet
90ce3da70b43 Initial load
duke
parents:
diff changeset
   611
     * @exception ShortBufferException if the given output buffer is too small
90ce3da70b43 Initial load
duke
parents:
diff changeset
   612
     * to hold the secret
90ce3da70b43 Initial load
duke
parents:
diff changeset
   613
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   614
    public final int generateSecret(byte[] sharedSecret, int offset)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   615
        throws IllegalStateException, ShortBufferException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   616
    {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   617
        chooseFirstProvider();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   618
        return spi.engineGenerateSecret(sharedSecret, offset);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   619
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   620
90ce3da70b43 Initial load
duke
parents:
diff changeset
   621
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   622
     * Creates the shared secret and returns it as a <code>SecretKey</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   623
     * object of the specified algorithm.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   624
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   625
     * <p>This method resets this <code>KeyAgreement</code> object, so that it
90ce3da70b43 Initial load
duke
parents:
diff changeset
   626
     * can be reused for further key agreements. Unless this key agreement is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   627
     * reinitialized with one of the <code>init</code> methods, the same
90ce3da70b43 Initial load
duke
parents:
diff changeset
   628
     * private information and algorithm parameters will be used for
90ce3da70b43 Initial load
duke
parents:
diff changeset
   629
     * subsequent key agreements.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   630
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   631
     * @param algorithm the requested secret-key algorithm
90ce3da70b43 Initial load
duke
parents:
diff changeset
   632
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   633
     * @return the shared secret key
90ce3da70b43 Initial load
duke
parents:
diff changeset
   634
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   635
     * @exception IllegalStateException if this key agreement has not been
90ce3da70b43 Initial load
duke
parents:
diff changeset
   636
     * completed yet
90ce3da70b43 Initial load
duke
parents:
diff changeset
   637
     * @exception NoSuchAlgorithmException if the specified secret-key
90ce3da70b43 Initial load
duke
parents:
diff changeset
   638
     * algorithm is not available
90ce3da70b43 Initial load
duke
parents:
diff changeset
   639
     * @exception InvalidKeyException if the shared secret-key material cannot
90ce3da70b43 Initial load
duke
parents:
diff changeset
   640
     * be used to generate a secret key of the specified algorithm (e.g.,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   641
     * the key material is too short)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   642
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   643
    public final SecretKey generateSecret(String algorithm)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   644
        throws IllegalStateException, NoSuchAlgorithmException,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   645
            InvalidKeyException
90ce3da70b43 Initial load
duke
parents:
diff changeset
   646
    {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   647
        chooseFirstProvider();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   648
        return spi.engineGenerateSecret(algorithm);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   649
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   650
}