KeyGenerator (Java SE 15 & JDK 15) (original) (raw)
public class KeyGenerator extends Object
This class provides the functionality of a secret (symmetric) key generator.
Key generators are constructed using one of the getInstance class methods of this class.
KeyGenerator objects are reusable, i.e., after a key has been generated, the same KeyGenerator object can be re-used to generate further keys.
There are two ways to generate a key: in an algorithm-independent manner, and in an algorithm-specific manner. The only difference between the two is the initialization of the object:
- Algorithm-Independent Initialization
All key generators share the concepts of a keysize and a_source of randomness_. There is aninit method in this KeyGenerator class that takes these two universally shared types of arguments. There is also one that takes just akeysizeargument, and uses the SecureRandom implementation of the highest-priority installed provider as the source of randomness (or a system-provided source of randomness if none of the installed providers supply a SecureRandom implementation), and one that takes just a source of randomness.
Since no other parameters are specified when you call the above algorithm-independentinitmethods, it is up to the provider what to do about the algorithm-specific parameters (if any) to be associated with each of the keys. - Algorithm-Specific Initialization
For situations where a set of algorithm-specific parameters already exists, there are twoinit methods that have anAlgorithmParameterSpecargument. One also has aSecureRandomargument, while the other uses the SecureRandom implementation of the highest-priority installed provider as the source of randomness (or a system-provided source of randomness if none of the installed providers supply a SecureRandom implementation).
In case the client does not explicitly initialize the KeyGenerator (via a call to an init method), each provider must supply (and document) a default initialization. See the Keysize Restriction sections of theJDK Providers document for information on the KeyGenerator defaults used by JDK providers. However, note that defaults may vary across different providers. Additionally, the default value for a provider may change in a future version. Therefore, it is recommended to explicitly initialize the KeyGenerator instead of relying on provider-specific defaults.
Every implementation of the Java platform is required to support the following standard KeyGenerator algorithms with the keysizes in parentheses:
AES(128)DESede(168)HmacSHA1HmacSHA256
These algorithms are described in the KeyGenerator section of the Java Security Standard Algorithm Names Specification. Consult the release documentation for your implementation to see if any other algorithms are supported.
Since:
1.4
See Also:
Constructor Summary
Constructors
| Modifier | Constructor | Description |
|---|---|---|
| protected | KeyGenerator(KeyGeneratorSpi keyGenSpi,Provider provider,String algorithm) | Creates a KeyGenerator object. |
Method Summary
| Modifier and Type | Method | Description |
|---|---|---|
| SecretKey | generateKey() | Generates a secret key. |
| String | getAlgorithm() | Returns the algorithm name of this KeyGenerator object. |
| static KeyGenerator | getInstance(String algorithm) | Returns a KeyGenerator object that generates secret keys for the specified algorithm. |
| static KeyGenerator | getInstance(String algorithm,String provider) | Returns a KeyGenerator object that generates secret keys for the specified algorithm. |
| static KeyGenerator | getInstance(String algorithm,Provider provider) | Returns a KeyGenerator object that generates secret keys for the specified algorithm. |
| Provider | getProvider() | Returns the provider of this KeyGenerator object. |
| void | init(int keysize) | Initializes this key generator for a certain keysize. |
| void | init(int keysize,SecureRandom random) | Initializes this key generator for a certain keysize, using a user-provided source of randomness. |
| void | init(SecureRandom random) | Initializes this key generator. |
| void | init(AlgorithmParameterSpec params) | Initializes this key generator with the specified parameter set. |
| void | init(AlgorithmParameterSpec params,SecureRandom random) | Initializes this key generator with the specified parameter set and a user-provided source of randomness. |
Methods declared in class java.lang.Object
[clone](../../java/lang/Object.html#clone%28%29), [equals](../../java/lang/Object.html#equals%28java.lang.Object%29), [finalize](../../java/lang/Object.html#finalize%28%29), [getClass](../../java/lang/Object.html#getClass%28%29), [hashCode](../../java/lang/Object.html#hashCode%28%29), [notify](../../java/lang/Object.html#notify%28%29), [notifyAll](../../java/lang/Object.html#notifyAll%28%29), [toString](../../java/lang/Object.html#toString%28%29), [wait](../../java/lang/Object.html#wait%28%29), [wait](../../java/lang/Object.html#wait%28long%29), [wait](../../java/lang/Object.html#wait%28long,int%29)
Constructor Details
KeyGenerator
Creates a KeyGenerator object.
Parameters:
keyGenSpi- the delegate
provider- the provider
algorithm- the algorithmMethod Details
getAlgorithm
public final String getAlgorithm()
Returns the algorithm name of thisKeyGeneratorobject.
This is the same name that was specified in one of thegetInstancecalls that created thisKeyGeneratorobject.
Returns:
the algorithm name of thisKeyGeneratorobject.getInstance
Returns a
KeyGeneratorobject that generates secret keys for the specified algorithm.
This method traverses the list of registered security Providers, starting with the most preferred Provider. A new KeyGenerator object encapsulating the KeyGeneratorSpi implementation from the first Provider that supports the specified algorithm is returned.
Note that the list of registered providers may be retrieved via the Security.getProviders() method.
Implementation Note:
The JDK Reference Implementation additionally uses thejdk.security.provider.preferredSecurity property to determine the preferred provider order for the specified algorithm. This may be different than the order of providers returned bySecurity.getProviders().
Parameters:
algorithm- the standard name of the requested key algorithm. See the KeyGenerator section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names.
Returns:
the newKeyGeneratorobject
Throws:
[NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security")- if noProvidersupports aKeyGeneratorSpiimplementation for the specified algorithm
[NullPointerException](../../java/lang/NullPointerException.html "class in java.lang")- ifalgorithmisnull
See Also:
ProvidergetInstance
Returns a
KeyGeneratorobject that generates secret keys for the specified algorithm.
A new KeyGenerator object encapsulating the KeyGeneratorSpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list.
Note that the list of registered providers may be retrieved via the Security.getProviders() method.
Parameters:
algorithm- the standard name of the requested key algorithm. See the KeyGenerator section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names.
provider- the name of the provider.
Returns:
the newKeyGeneratorobject
Throws:
[IllegalArgumentException](../../java/lang/IllegalArgumentException.html "class in java.lang")- if theproviderisnullor empty
[NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security")- if aKeyGeneratorSpiimplementation for the specified algorithm is not available from the specified provider
[NoSuchProviderException](../../java/security/NoSuchProviderException.html "class in java.security")- if the specified provider is not registered in the security provider list
[NullPointerException](../../java/lang/NullPointerException.html "class in java.lang")- ifalgorithmisnull
See Also:
ProvidergetInstance
Returns a
KeyGeneratorobject that generates secret keys for the specified algorithm.
A new KeyGenerator object encapsulating the KeyGeneratorSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.
Parameters:
algorithm- the standard name of the requested key algorithm. See the KeyGenerator section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names.
provider- the provider.
Returns:
the newKeyGeneratorobject
Throws:
[IllegalArgumentException](../../java/lang/IllegalArgumentException.html "class in java.lang")- if theproviderisnull
[NoSuchAlgorithmException](../../java/security/NoSuchAlgorithmException.html "class in java.security")- if aKeyGeneratorSpiimplementation for the specified algorithm is not available from the specifiedProviderobject
[NullPointerException](../../java/lang/NullPointerException.html "class in java.lang")- ifalgorithmisnull
See Also:
ProvidergetProvider
public final Provider getProvider()
Returns the provider of thisKeyGeneratorobject.
Returns:
the provider of thisKeyGeneratorobjectinit
Initializes this key generator.
Parameters:
random- the source of randomness for this generatorinit
Initializes this key generator with the specified parameter set.
If this key generator requires any random bytes, it will get them using theSecureRandom implementation of the highest-priority installed provider as the source of randomness. (If none of the installed providers supply an implementation of SecureRandom, a system-provided source of randomness will be used.)
Parameters:
params- the key generation parameters
Throws:
[InvalidAlgorithmParameterException](../../java/security/InvalidAlgorithmParameterException.html "class in java.security")- if the given parameters are inappropriate for this key generatorinit
Initializes this key generator with the specified parameter set and a user-provided source of randomness.
Parameters:
params- the key generation parameters
random- the source of randomness for this key generator
Throws:
[InvalidAlgorithmParameterException](../../java/security/InvalidAlgorithmParameterException.html "class in java.security")- ifparamsis inappropriate for this key generatorinit
public final void init(int keysize)
Initializes this key generator for a certain keysize.
If this key generator requires any random bytes, it will get them using theSecureRandom implementation of the highest-priority installed provider as the source of randomness. (If none of the installed providers supply an implementation of SecureRandom, a system-provided source of randomness will be used.)
Parameters:
keysize- the keysize. This is an algorithm-specific metric, specified in number of bits.
Throws:
[InvalidParameterException](../../java/security/InvalidParameterException.html "class in java.security")- if the keysize is wrong or not supported.init
public final void init(int keysize,SecureRandom random)
Initializes this key generator for a certain keysize, using a user-provided source of randomness.
Parameters:
keysize- the keysize. This is an algorithm-specific metric, specified in number of bits.
random- the source of randomness for this key generator
Throws:
[InvalidParameterException](../../java/security/InvalidParameterException.html "class in java.security")- if the keysize is wrong or not supported.generateKey
Generates a secret key.
Returns:
the new key