1 /* |
1 /* |
2 * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
580 } |
580 } |
581 |
581 |
582 /** |
582 /** |
583 * Generates the shared secret and returns it in a new buffer. |
583 * Generates the shared secret and returns it in a new buffer. |
584 * |
584 * |
585 * <p>This method resets this {@code KeyAgreement} object, so that it |
585 * <p>This method resets this {@code KeyAgreement} object to the state that |
586 * can be reused for further key agreements. Unless this key agreement is |
586 * it was in after the most recent call to one of the {@code init} methods. |
587 * reinitialized with one of the {@code init} methods, the same |
587 * After a call to {@code generateSecret}, the object can be reused for |
588 * private information and algorithm parameters will be used for |
588 * further key agreement operations by calling {@code doPhase} to supply |
589 * subsequent key agreements. |
589 * new keys, and then calling {@code generateSecret} to produce a new |
|
590 * secret. In this case, the private information and algorithm parameters |
|
591 * supplied to {@code init} will be used for multiple key agreement |
|
592 * operations. The {@code init} method can be called after |
|
593 * {@code generateSecret} to change the private information used in |
|
594 * subsequent operations. |
590 * |
595 * |
591 * @return the new buffer with the shared secret |
596 * @return the new buffer with the shared secret |
592 * |
597 * |
593 * @exception IllegalStateException if this key agreement has not been |
598 * @exception IllegalStateException if this key agreement has not been |
594 * completed yet |
599 * initialized or if {@code doPhase} has not been called to supply the |
|
600 * keys for all parties in the agreement |
595 */ |
601 */ |
596 public final byte[] generateSecret() throws IllegalStateException { |
602 public final byte[] generateSecret() throws IllegalStateException { |
597 chooseFirstProvider(); |
603 chooseFirstProvider(); |
598 return spi.engineGenerateSecret(); |
604 return spi.engineGenerateSecret(); |
599 } |
605 } |
604 * |
610 * |
605 * <p>If the {@code sharedSecret} buffer is too small to hold the |
611 * <p>If the {@code sharedSecret} buffer is too small to hold the |
606 * result, a {@code ShortBufferException} is thrown. |
612 * result, a {@code ShortBufferException} is thrown. |
607 * In this case, this call should be repeated with a larger output buffer. |
613 * In this case, this call should be repeated with a larger output buffer. |
608 * |
614 * |
609 * <p>This method resets this {@code KeyAgreement} object, so that it |
615 * <p>This method resets this {@code KeyAgreement} object to the state that |
610 * can be reused for further key agreements. Unless this key agreement is |
616 * it was in after the most recent call to one of the {@code init} methods. |
611 * reinitialized with one of the {@code init} methods, the same |
617 * After a call to {@code generateSecret}, the object can be reused for |
612 * private information and algorithm parameters will be used for |
618 * further key agreement operations by calling {@code doPhase} to supply |
613 * subsequent key agreements. |
619 * new keys, and then calling {@code generateSecret} to produce a new |
|
620 * secret. In this case, the private information and algorithm parameters |
|
621 * supplied to {@code init} will be used for multiple key agreement |
|
622 * operations. The {@code init} method can be called after |
|
623 * {@code generateSecret} to change the private information used in |
|
624 * subsequent operations. |
614 * |
625 * |
615 * @param sharedSecret the buffer for the shared secret |
626 * @param sharedSecret the buffer for the shared secret |
616 * @param offset the offset in {@code sharedSecret} where the |
627 * @param offset the offset in {@code sharedSecret} where the |
617 * shared secret will be stored |
628 * shared secret will be stored |
618 * |
629 * |
619 * @return the number of bytes placed into {@code sharedSecret} |
630 * @return the number of bytes placed into {@code sharedSecret} |
620 * |
631 * |
621 * @exception IllegalStateException if this key agreement has not been |
632 * @exception IllegalStateException if this key agreement has not been |
622 * completed yet |
633 * initialized or if {@code doPhase} has not been called to supply the |
|
634 * keys for all parties in the agreement |
623 * @exception ShortBufferException if the given output buffer is too small |
635 * @exception ShortBufferException if the given output buffer is too small |
624 * to hold the secret |
636 * to hold the secret |
625 */ |
637 */ |
626 public final int generateSecret(byte[] sharedSecret, int offset) |
638 public final int generateSecret(byte[] sharedSecret, int offset) |
627 throws IllegalStateException, ShortBufferException |
639 throws IllegalStateException, ShortBufferException |
632 |
644 |
633 /** |
645 /** |
634 * Creates the shared secret and returns it as a {@code SecretKey} |
646 * Creates the shared secret and returns it as a {@code SecretKey} |
635 * object of the specified algorithm. |
647 * object of the specified algorithm. |
636 * |
648 * |
637 * <p>This method resets this {@code KeyAgreement} object, so that it |
649 * <p>This method resets this {@code KeyAgreement} object to the state that |
638 * can be reused for further key agreements. Unless this key agreement is |
650 * it was in after the most recent call to one of the {@code init} methods. |
639 * reinitialized with one of the {@code init} methods, the same |
651 * After a call to {@code generateSecret}, the object can be reused for |
640 * private information and algorithm parameters will be used for |
652 * further key agreement operations by calling {@code doPhase} to supply |
641 * subsequent key agreements. |
653 * new keys, and then calling {@code generateSecret} to produce a new |
|
654 * secret. In this case, the private information and algorithm parameters |
|
655 * supplied to {@code init} will be used for multiple key agreement |
|
656 * operations. The {@code init} method can be called after |
|
657 * {@code generateSecret} to change the private information used in |
|
658 * subsequent operations. |
642 * |
659 * |
643 * @param algorithm the requested secret-key algorithm |
660 * @param algorithm the requested secret-key algorithm |
644 * |
661 * |
645 * @return the shared secret key |
662 * @return the shared secret key |
646 * |
663 * |
647 * @exception IllegalStateException if this key agreement has not been |
664 * @exception IllegalStateException if this key agreement has not been |
648 * completed yet |
665 * initialized or if {@code doPhase} has not been called to supply the |
|
666 * keys for all parties in the agreement |
649 * @exception NoSuchAlgorithmException if the specified secret-key |
667 * @exception NoSuchAlgorithmException if the specified secret-key |
650 * algorithm is not available |
668 * algorithm is not available |
651 * @exception InvalidKeyException if the shared secret-key material cannot |
669 * @exception InvalidKeyException if the shared secret-key material cannot |
652 * be used to generate a secret key of the specified algorithm (e.g., |
670 * be used to generate a secret key of the specified algorithm (e.g., |
653 * the key material is too short) |
671 * the key material is too short) |