cryptix.provider.key

Class RawKeyGenerator

public class RawKeyGenerator extends KeyGenerator implements ExtendedKeyGenerator, Cloneable

RawKeyGenerator acts as a superclass for other Cryptix key generator classes.

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.3 $

Since: Cryptix 2.2.0a, 2.2.2

Author: David Hopwood Raif S. Naffah

Constructor Summary
protected RawKeyGenerator(String algorithm, int seedlength)
Constructor for use by subclasses that require a fixed-length key.
protected RawKeyGenerator(String algorithm, int minlength, int defaultlength, int maxlength)
Constructor for use by subclasses that allow variable-length keys.
Method Summary
protected byte[]engineGenerateKey(byte[] seed)
This method allows subclasses to modify the bytes that will be used to generate a key.
SecretKeygenerateKey()
Generates a key.
SecretKeygenerateKey(byte[] data)
Generates a key from an encoded byte array.
intgetDefaultKeyLength()
Returns the key length that will be used by generateKey() to create new random keys.
intgetMaximumKeyLength()
Returns the maximum useful key length for this algorithm.
intgetMinimumKeyLength()
Returns the minimum key length for this algorithm.
voidinitialize(SecureRandom random)
Initializes the key generator.
voidinitialize(SecureRandom random, int length)
Initializes the key generator, and sets a specific key length for use with algorithms that allow variable-length keys.
booleanisValidKeyLength(int length)
Returns true iff length is a valid key length (in bytes) for this algorithm.
protected booleanisWeak(byte[] key)
Returns true iff key represents a weak or semi-weak key for this algorithm.
booleanisWeakAllowed()
Returns true if this object is allowed to generate weak and semi-weak keys; false otherwise.
voidsetWeakAllowed(boolean allowWeak)
Sets whether this object is allowed to generate weak and semi-weak keys.

Constructor Detail

RawKeyGenerator

protected RawKeyGenerator(String algorithm, int seedlength)
Constructor for use by subclasses that require a fixed-length key. Each candidate key will be seedlength bytes long.

Note: seedlength does not correspond to a cryptographic strength. In particular, there is no implication that a brute-force attack against the algorithm would require 256^seedlength trials.

Parameters: algorithm the standard string name of the algorithm. seedlength the desired seed length in bytes.

Throws: IllegalArgumentException if seedlength <= 0

RawKeyGenerator

protected RawKeyGenerator(String algorithm, int minlength, int defaultlength, int maxlength)
Constructor for use by subclasses that allow variable-length keys. Each candidate key will be a minimum of minlength, and a maximum of maxlength bytes long. If the generateKey() method is used without any other parameters or initialization, the key will be defaultlength bytes long.

Note: none of these length parameters correspond to a cryptographic strength. In particular, there is no implication that a brute-force attack against the algorithm would require 256^(length of key) trials.

Parameters: algorithm the standard string name of the algorithm. minlength the minimum seed length in bytes. defaultlength the default seed length in bytes. maxlength the maximum useful seed length in bytes.

Throws: IllegalArgumentException if !(0 < minlength && minlength <= defaultlength && defaultlength <= maxlength)

Method Detail

engineGenerateKey

protected byte[] engineGenerateKey(byte[] seed)
This method allows subclasses to modify the bytes that will be used to generate a key. This might be necessary in order to set parity bits, for example.

The seed array contains either randomly generated bytes, or an encoded form of the key. Subclasses should throw a WeakKeyException if isWeakAllowed() is false, and a weak key would have been generated.

The default implementation is as follows: If weak keys are not allowed, and the seed array represents a weak key (i.e. !isWeakAllowed() && isWeak(seed)), throw a WeakKeyException. Otherwise, just return the seed array. This is sufficient if the key does not have any special form (for example, parity bits that should be set correctly).

The seed array can be modified if that is convenient.

Parameters: seed the seed bytes for this key.

Returns: the key encoding.

generateKey

public SecretKey generateKey()
Generates a key. This method generates a new random key every time it is called.

If a source of random bytes has not been set using one of the initialize methods, new SecureRandom() will be used.

Returns: the new key.

generateKey

public SecretKey generateKey(byte[] data)
Generates a key from an encoded byte array. The format of the secret key is "RAW". The contents of data will not be modified.

The encoded key bytes may differ from data in order to make sure that they represent a valid key. For example, if keys for this algorithm conventionally include parity bits, those bits will be set correctly. For most algorithms, data is used unchanged.

Parameters: data user supplied raw-encoded data from which a secret key will be generated.

Returns: the new key.

Throws: NullPointerException if data == null WeakKeyException if isWeakAllowed() is false, and data represents a weak key for this algorithm. InvalidKeyException if the length of data is not valid for this algorithm.

getDefaultKeyLength

public int getDefaultKeyLength()
Returns the key length that will be used by generateKey() to create new random keys. This is either the default key length determined by the KeyGenerator for this algorithm, or the length set using initialize(SecureRandom random, int length).

getMaximumKeyLength

public int getMaximumKeyLength()
Returns the maximum useful key length for this algorithm.

getMinimumKeyLength

public int getMinimumKeyLength()
Returns the minimum key length for this algorithm.

initialize

public void initialize(SecureRandom random)
Initializes the key generator.

Parameters: random the source of randomness for this generator.

initialize

public void initialize(SecureRandom random, int length)
Initializes the key generator, and sets a specific key length for use with algorithms that allow variable-length keys.

The length parameter only affects randomly generated keys (i.e. the generateKey() method without parameters).

Parameters: random the source of randomness for this generator. length the desired key length in bytes.

Throws: IllegalArgumentException if length is not valid for this algorithm.

isValidKeyLength

public boolean isValidKeyLength(int length)
Returns true iff length is a valid key length (in bytes) for this algorithm.

The default implementation returns true if length is between the minimum and maximum key lengths. Some algorithms will override this method to specify a more restricted set of values.

isWeak

protected boolean isWeak(byte[] key)
Returns true iff key represents a weak or semi-weak key for this algorithm. The length of the array is not checked, and an ArrayIndexOutOfBoundsException may be thrown if it is too short.

The default implementation returns false.

isWeakAllowed

public boolean isWeakAllowed()
Returns true if this object is allowed to generate weak and semi-weak keys; false otherwise.

setWeakAllowed

public void setWeakAllowed(boolean allowWeak)
Sets whether this object is allowed to generate weak and semi-weak keys.

Parameters: allowWeak true if weak/semi-weak keys are allowed.