SecretKeyFactory (Java SE 11 & JDK 11 ) (original) (raw)
- javax.crypto.SecretKeyFactory
public class SecretKeyFactory
extends Object
This class represents a factory for secret keys.
Key factories are used to convert keys (opaque cryptographic keys of type Key) into key specifications (transparent representations of the underlying key material), and vice versa. Secret key factories operate only on secret (symmetric) keys.
Key factories are bi-directional, i.e., they allow to build an opaque key object from a given key specification (key material), or to retrieve the underlying key material of a key object in a suitable format.
Application developers should refer to their provider's documentation to find out which key specifications are supported by thegenerateSecret andgetKeySpec methods. For example, the DES secret-key factory supplied by the "SunJCE" provider supports DESKeySpec as a transparent representation of DES keys, and that provider's secret-key factory for Triple DES keys supportsDESedeKeySpec as a transparent representation of Triple DES keys.
Every implementation of the Java platform is required to support the following standard SecretKeyFactory algorithms:
DESDESede
These algorithms are described in the SecretKeyFactory section of the Java Security Standard Algorithm Names Specification. Consult the release documentation for your implementation to see if any other algorithms are supported.
Since:
1.4
See Also:
SecretKey, DESKeySpec, DESedeKeySpec, PBEKeySpecConstructor Summary
Constructors
Modifier Constructor Description protected SecretKeyFactory(SecretKeyFactorySpi keyFacSpi,Provider provider,String algorithm) Creates a SecretKeyFactory object. Method Summary
All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type Method Description SecretKey generateSecret(KeySpec keySpec) Generates a SecretKey object from the provided key specification (key material). String getAlgorithm() Returns the algorithm name of this SecretKeyFactory object. static SecretKeyFactory getInstance(String algorithm) Returns a SecretKeyFactory object that converts secret keys of the specified algorithm. static SecretKeyFactory getInstance(String algorithm,String provider) Returns a SecretKeyFactory object that converts secret keys of the specified algorithm. static SecretKeyFactory getInstance(String algorithm,Provider provider) Returns a SecretKeyFactory object that converts secret keys of the specified algorithm. KeySpec getKeySpec(SecretKey key,Class<?> keySpec) Returns a specification (key material) of the given key object in the requested format. Provider getProvider() Returns the provider of this SecretKeyFactory object. SecretKey translateKey(SecretKey key) Translates a key object, whose provider may be unknown or potentially untrusted, into a corresponding key object of this secret-key factory. * ### Methods declared in class java.lang.[Object](../../java/lang/Object.html "class in java.lang") `[clone](../../java/lang/Object.html#clone%28%29), [equals](../../java/lang/Object.html#equals%28java.lang.Object%29), [finalize](../../java/lang/Object.html#finalize%28%29), [getClass](../../java/lang/Object.html#getClass%28%29), [hashCode](../../java/lang/Object.html#hashCode%28%29), [notify](../../java/lang/Object.html#notify%28%29), [notifyAll](../../java/lang/Object.html#notifyAll%28%29), [toString](../../java/lang/Object.html#toString%28%29), [wait](../../java/lang/Object.html#wait%28%29), [wait](../../java/lang/Object.html#wait%28long%29), [wait](../../java/lang/Object.html#wait%28long,int%29)`Constructor Detail
* #### SecretKeyFactory protected SecretKeyFactory([SecretKeyFactorySpi](SecretKeyFactorySpi.html "class in javax.crypto") keyFacSpi, [Provider](../../java/security/Provider.html "class in java.security") provider, [String](../../java/lang/String.html "class in java.lang") algorithm) Creates a SecretKeyFactory object. Parameters: `keyFacSpi` \- the delegate `provider` \- the provider `algorithm` \- the secret-key algorithmMethod Detail
* #### getInstance public static final [SecretKeyFactory](SecretKeyFactory.html "class in javax.crypto") getInstance([String](../../java/lang/String.html "class in java.lang") algorithm) throws [NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security") Returns a `SecretKeyFactory` object that converts secret keys of the specified algorithm. This method traverses the list of registered security Providers, starting with the most preferred Provider. A new SecretKeyFactory object encapsulating the SecretKeyFactorySpi implementation from the first Provider that supports the specified algorithm is returned. Note that the list of registered providers may be retrieved via the [Security.getProviders()](../../java/security/Security.html#getProviders%28%29) method. Implementation Note: The JDK Reference Implementation additionally uses the`jdk.security.provider.preferred` [Security](../../java/security/Security.html#getProperty%28java.lang.String%29) property to determine the preferred provider order for the specified algorithm. This may be different than the order of providers returned by[Security.getProviders()](../../java/security/Security.html#getProviders%28%29). Parameters: `algorithm` \- the standard name of the requested secret-key algorithm. See the SecretKeyFactory section in the [ Java Security Standard Algorithm Names Specification](../../../../specs/security/standard-names.html#secretkeyfactory-algorithms) for information about standard algorithm names. Returns: the new `SecretKeyFactory` object Throws: `[NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security")` \- if no `Provider` supports a`SecretKeyFactorySpi` implementation for the specified algorithm `[NullPointerException](../../java/lang/NullPointerException.html "class in java.lang")` \- if `algorithm` is `null` See Also: [Provider](../../java/security/Provider.html "class in java.security") * #### getInstance public static final [SecretKeyFactory](SecretKeyFactory.html "class in javax.crypto") getInstance([String](../../java/lang/String.html "class in java.lang") algorithm, [String](../../java/lang/String.html "class in java.lang") provider) throws [NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security"), [NoSuchProviderException](../../java/security/NoSuchProviderException.html "class in java.security") Returns a `SecretKeyFactory` object that converts secret keys of the specified algorithm. A new SecretKeyFactory object encapsulating the SecretKeyFactorySpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list. Note that the list of registered providers may be retrieved via the [Security.getProviders()](../../java/security/Security.html#getProviders%28%29) method. Parameters: `algorithm` \- the standard name of the requested secret-key algorithm. See the SecretKeyFactory section in the [ Java Security Standard Algorithm Names Specification](../../../../specs/security/standard-names.html#secretkeyfactory-algorithms) for information about standard algorithm names. `provider` \- the name of the provider. Returns: the new `SecretKeyFactory` object Throws: `[IllegalArgumentException](../../java/lang/IllegalArgumentException.html "class in java.lang")` \- if the `provider` is `null` or empty `[NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security")` \- if a `SecretKeyFactorySpi` implementation for the specified algorithm is not available from the specified provider `[NoSuchProviderException](../../java/security/NoSuchProviderException.html "class in java.security")` \- if the specified provider is not registered in the security provider list `[NullPointerException](../../java/lang/NullPointerException.html "class in java.lang")` \- if `algorithm` is `null` See Also: [Provider](../../java/security/Provider.html "class in java.security") * #### getInstance public static final [SecretKeyFactory](SecretKeyFactory.html "class in javax.crypto") getInstance([String](../../java/lang/String.html "class in java.lang") algorithm, [Provider](../../java/security/Provider.html "class in java.security") provider) throws [NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security") Returns a `SecretKeyFactory` object that converts secret keys of the specified algorithm. A new SecretKeyFactory object encapsulating the SecretKeyFactorySpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list. Parameters: `algorithm` \- the standard name of the requested secret-key algorithm. See the SecretKeyFactory section in the [ Java Security Standard Algorithm Names Specification](../../../../specs/security/standard-names.html#secretkeyfactory-algorithms) for information about standard algorithm names. `provider` \- the provider. Returns: the new `SecretKeyFactory` object Throws: `[IllegalArgumentException](../../java/lang/IllegalArgumentException.html "class in java.lang")` \- if the `provider` is `null` `[NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security")` \- if a `SecretKeyFactorySpi` implementation for the specified algorithm is not available from the specified `Provider` object `[NullPointerException](../../java/lang/NullPointerException.html "class in java.lang")` \- if `algorithm` is `null` See Also: [Provider](../../java/security/Provider.html "class in java.security") * #### getProvider public final [Provider](../../java/security/Provider.html "class in java.security") getProvider() Returns the provider of this `SecretKeyFactory` object. Returns: the provider of this `SecretKeyFactory` object * #### getAlgorithm public final [String](../../java/lang/String.html "class in java.lang") getAlgorithm() Returns the algorithm name of this `SecretKeyFactory` object. This is the same name that was specified in one of the`getInstance` calls that created this`SecretKeyFactory` object. Returns: the algorithm name of this `SecretKeyFactory` object. * #### generateSecret public final [SecretKey](SecretKey.html "interface in javax.crypto") generateSecret([KeySpec](../../java/security/spec/KeySpec.html "interface in java.security.spec") keySpec) throws [InvalidKeySpecException](../../java/security/spec/InvalidKeySpecException.html "class in java.security.spec") Generates a `SecretKey` object from the provided key specification (key material). Parameters: `keySpec` \- the specification (key material) of the secret key Returns: the secret key Throws: `[InvalidKeySpecException](../../java/security/spec/InvalidKeySpecException.html "class in java.security.spec")` \- if the given key specification is inappropriate for this secret-key factory to produce a secret key. * #### getKeySpec public final [KeySpec](../../java/security/spec/KeySpec.html "interface in java.security.spec") getKeySpec([SecretKey](SecretKey.html "interface in javax.crypto") key, [Class](../../java/lang/Class.html "class in java.lang")<?> keySpec) throws [InvalidKeySpecException](../../java/security/spec/InvalidKeySpecException.html "class in java.security.spec") Returns a specification (key material) of the given key object in the requested format. Parameters: `key` \- the key `keySpec` \- the requested format in which the key material shall be returned Returns: the underlying key specification (key material) in the requested format Throws: `[InvalidKeySpecException](../../java/security/spec/InvalidKeySpecException.html "class in java.security.spec")` \- if the requested key specification is inappropriate for the given key (e.g., the algorithms associated with`key` and `keySpec` do not match, or`key` references a key on a cryptographic hardware device whereas `keySpec` is the specification of a software-based key), or the given key cannot be dealt with (e.g., the given key has an algorithm or format not supported by this secret-key factory). * #### translateKey public final [SecretKey](SecretKey.html "interface in javax.crypto") translateKey([SecretKey](SecretKey.html "interface in javax.crypto") key) throws [InvalidKeyException](../../java/security/InvalidKeyException.html "class in java.security") Translates a key object, whose provider may be unknown or potentially untrusted, into a corresponding key object of this secret-key factory. Parameters: `key` \- the key whose provider is unknown or untrusted Returns: the translated key Throws: `[InvalidKeyException](../../java/security/InvalidKeyException.html "class in java.security")` \- if the given key cannot be processed by this secret-key factory.
Report a bug or suggest an enhancement
For further API reference and developer documentation see the Java SE Documentation, which contains more detailed, developer-targeted descriptions with conceptual overviews, definitions of terms, workarounds, and working code examples.
Java is a trademark or registered trademark of Oracle and/or its affiliates in the US and other countries.
Copyright © 1993, 2025, Oracle and/or its affiliates, 500 Oracle Parkway, Redwood Shores, CA 94065 USA.
All rights reserved. Use is subject to license terms and the documentation redistribution policy.