Java Reference
In-Depth Information
init(AlgorithmParameterSpec
params,
SecureRandom
random)
. Note that the
latter
init()
method uses the user-speciied source of randomness.
Likewise, for algorithm-independent initialization, JCE provides three diferent types of
init()
methods that share the concepts of a
keysize
and a source of randomness. One ver-
sion of the init method in this
KeyGenerator
class uses
keysize
as well as a source of ran-
domness as the types of arguments. Another variety of init method takes just a keysize argument,
and the third variety of init method just uses the
SecureRandom
implementation of the high-
est-priority installed provider as the source of randomness. Since no other parameters are speciied
when you call this algorithm-independent init methods, it is up to the provider what choice to
make about the algorithm-speciic parameters (if any) to be associated with each of the keys.
8.3.5.3 Key Interfaces and Classes
he
java.security.Key
interface is the top-level interface for all “opaque” keys. his inter-
face allows deining the functionality shared by all opaque key objects. An opaque key representa-
tion means that one has no direct access to the “key materials” that constitutes a key. his way, an
“opaque” provides three methods deined by the key interface—
get A lg orit h m(),
getFor-
m at(),
and
getEncoded()
—to access the key materials. All opaque keys have three character-
istics—algorithm, encoded form, and format. We will delve a bit into these characteristics:
Algorithm—
he algorithm refers to the encryption algorithm for a particular key. he key
algorithm is usually a symmetric (AES, 3DES, DES) or an asymmetric operation algorithm
(such as DSA or RSA) that will work with those algorithms and with related algorithms
(such as MD5withRSA or SHA1withRSA).
Encoded form—
he external encoded form for the key is used when a standard representation
of the key is needed outside the Java Virtual Machine, as when transmitting the key. he
key is encoded according to a standard format (such as X.509 or PKCS#8) and is returned
using
getEncoded()
method.
Format—
he name of the format of the encoded key. It is returned by the method
get-
Format()
. Keys are generally obtained through key generators such as
KeyGenerator
and
KeyPairGenerator
, certiicates, key speciications (using a
KeyFactory
), or a
KeyStore
implementation accessing a
keystore
database used to manage keys. It is
possible to parse encoded keys, in an algorithm-dependent manner, using a
KeyFactory
.
It is also possible to parse certiicates, using a
CertificateFactory
.
In the transparent key representation, on the other hand, one can access each key material value
individually, through one of the
get()
methods deined in the corresponding key speciication
class. For example, the
DSAPrivateKeySpec
class, which implements the
KeySpec
interface,
speciies a DSA private key with its associated parameters. DSAPrivateKeySpec has the following
methods—
get X(), getP(), getQ(),
and
getG()
. he
getX()
method returns the private
key
x
, and to retrieve the DSA algorithm parameters used to calculate. We use
getP()
for get-
ting the prime
p
,
getQ()
method for getting the subprime
q
, and
getG()
method for retrieving
the base
g
. Similarly, RSAPrivateCrtKeySpec class, which extends the
RSAPrivateKeySpec
class, has the following methods:
getPublicExponent(),
getP rim eP(),
getP rim e Q(),
getPrimeExponentP(),
getPrimeExponentQ(),
and
getCrtCoefficient()
.
hese methods return the public exponent
e
and the related Chinese remainder theorem (CRT)
Search WWH ::
Custom Search