com.entrust.toolkit.security.provider

Class Entrust

java.lang.Object

java.util.Dictionary<K,V>

java.util.Hashtable<java.lang.Object,java.lang.Object>

java.util.Properties

java.security.Provider

com.entrust.toolkit.security.provider.Entrust

All Implemented Interfaces:

java.io.Serializable, java.lang.Cloneable, java.util.Map<java.lang.Object,java.lang.Object>

public final class Entrust
extends java.security.Provider

Entrust's security provider in the Java Cryptography Architecture.

The following table lists the standard algorithms implemented by the Entrust cryptographic service provider (CSP).

Note

Algorithm and alias names are case sensitive.

Entrust Provider — cryptographic engines and algorithms
Message digest
Standard algorithm name		Description	Alias
MD5		The MD5 algorithm as defined in RFC 1319.
SHA-1		The 160-bit secure hash algorithm, as defined in the Secure Hash Standard, FIPS 180-3.	SHA1 SHA
SHA-224		The 224-bit secure hash algorithm, as defined in the Secure Hash Standard, FIPS 180-3.	SHA224
SHA-256		The 256-bit secure hash algorithm, as defined in the Secure Hash Standard, FIPS 180-3.	SHA256
SHA-384		The 384-bit secure hash algorithm, as defined in the Secure Hash Standard, FIPS 180-3.	SHA384
SHA-512		The 512-bit secure hash algorithm, as defined in the Secure Hash Standard, FIPS 180-3.	SHA512
RIPEMD-160		160-bit hash value producing message digest algorithm; developed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation, 1988-1992) ; specified in ISO/IEC 10118-3.	RIPEMD160
SSL3-SHAMD5		The 288-bit hash algorithm defined for use with SSL3, that is simply a concatenation of a SHA-1 and MD5 hash.
Signature
Standard algorithm name		Description	Alias
SHA1withDSA		The DSA digital signature algorithm with SHA-1 as the underlying hash function; defined in FIPS 186-3.	SHAwithDSA SHA/DSA SHA1/DSA SHA-1/DSA DSA DSS dsa-with-sha1 1.2.840.10040.4.3 1.3.14.3.2.13 1.3.14.3.2.27 1.3.14.3.2.29
NONEwithDSA		The DSA digital signature algorithm implemented with external hashing (accepts message hash as input); defined in FIPS 186-3.	NONE/DSA RawDSA EntrustRawDSA
MD2withRSA		The RSA-PKCS1-v1_5 signature algorithm with MD2 as the underlying hash function; defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313).	MD2WithRSA MD2/RSA md2WithRSAEncryption 1.2.840.113549.1.1.2
MD5withRSA		The RSA-PKCS1-v1_5 signature algorithm with MD5 as the underlying hash function; defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313).	MD5WithRSA MD5/RSA md5WithRSAEncryption 1.2.840.113549.1.1.4
SHA1withRSA		The RSA-PKCS1-v1_5 signature algorithm with SHA-1 as the underlying hash function; defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313) and FIPS 186-3.	SHA1WithRSA SHAwithRSA SHAWithRSA SHA-1/RSA SHA1/RSA SHA/RSA sha1WithRSAEncryption 1.2.840.113549.1.1.5 1.3.14.3.2.29
SHA224withRSA		The RSA-PKCS1-v1_5 signature algorithm with SHA-224 as the underlying hash function; defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313) and FIPS 186-3.	SHA224WithRSA SHA-224/RSA SHA224/RSA sha224WithRSAEncryption 1.2.840.113549.1.1.14
SHA256withRSA		The RSA-PKCS1-v1_5 signature algorithm with SHA-256 as the underlying hash function; defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313) and FIPS 186-3.	SHA256WithRSA SHA-256/RSA SHA256/RSA sha256WithRSAEncryption 1.2.840.113549.1.1.11
SHA384withRSA		The RSA-PKCS1-v1_5 signature algorithm with SHA-384 as the underlying hash function; defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313) and FIPS 186-3.	SHA384WithRSA SHA-384/RSA SHA384/RSA sha384WithRSAEncryption 1.2.840.113549.1.1.12
SHA512withRSA		The RSA-PKCS1-v1_5 signature algorithm with SHA-512 as the underlying hash function; defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313) and FIPS 186-3.	SHA512WithRSA SHA-512/RSA SHA512/RSA sha512WithRSAEncryption 1.2.840.113549.1.1.13
NONEwithRSA		The RSA-PKCS1-v1_5 digital signature algorithm implemented with external hashing (accepts formatted message hash as input); defined in PKCS #1: RSA Encryption Version 1.5 (RFC 2313) and FIPS 186-3.	NONE/RSA RAWSSL/RSA
SSL/RSA		The RSA signature algorithm as defined for use in the SSL Protocol Version 3.0; implemented with internal hashing (accepts message as input).
RSAPSS		The RSA-PSS signature algorithm; defined in Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1 (RFC 3447) and FIPS 186-3.	RSA-PSS RSASSA-PSS 1.2.840.113549.1.1.10
NONEwithRSAPSS		The RSA-PSS raw signature algorithm (input is presumed to have been already hashed using the appropriate message digest algorithm). Defined in Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1 (RFC 3447) and FIPS 186-3.	RSA-PSS-NONE RSASSA-PSS-NONE RawRSAPSS RawRSA-PSS
SHA1withECDSA		The ECDSA digital signature algorithm with SHA-1 as the underlying hash function; defined in ASNI X9.62-2005 and FIPS 186-3.	SHAwithECDSA SHA/ECDSA SHA1/ECDSA SHA-1/ECDSA ECDSA ECDSS ecdsa-with-SHA1 1.2.840.10045.4.1
SHA224withECDSA		The ECDSA digital signature algorithm with SHA-224 as the underlying hash function; defined in ASNI X9.62-2005 and FIPS 186-3.	SHA224/ECDSA SHA-224/ECDSA ecdsa-with-Sha224 1.2.840.10045.4.3.1
SHA256withECDSA		The ECDSA digital signature algorithm with SHA-256 as the underlying hash function; defined in ASNI X9.62-2005 and FIPS 186-3.	SHA256/ECDSA SHA-256/ECDSA ecdsa-with-Sha256 1.2.840.10045.4.3.2
SHA384withECDSA		The ECDSA digital signature algorithm with SHA-384 as the underlying hash function; defined in ASNI X9.62-2005 and FIPS 186-3.	SHA384/ECDSA SHA-384/ECDSA ecdsa-with-Sha384 1.2.840.10045.4.3.3
SHA512withECDSA		The ECDSA digital signature algorithm with SHA-512 as the underlying hash function; defined in ASNI X9.62-2005 and FIPS 186-3.	SHA512/ECDSA SHA-512/ECDSA ecdsa-with-Sha512 1.2.840.10045.4.3.4
NONEwithECDSA		The ECDSA digital signature algorithm implemented with external hashing (accepts message hash as input); defined in ASNI X9.62-2005 and FIPS 186-3.	NONE/ECDSA RawECDSA EntrustRawECDSA
RECOMMENDEDwithECDSA		The ECDSA digital signature algorithm with the recommended underlying hash function; defined in ASNI X9.62-2005.	RECOMMENDED/ECDSA ecdsa-with-Recommended 1.2.840.10045.4.2
SPECIFIEDwithECDSA		The ECDSA digital signature algorithm with an underlying hash function that is specified through algorithm parameters; defined in ASNI X9.62-2005.	SPECIFIED/ECDSA ecdsa-with-Specified 1.2.840.10045.4.3
Cipher
Standard algorithm name		Description	Alias
AES		The Advanced Encryption Standard (AES) — a symmetric 128-bit block encryption algorithm as defined by NIST in FIPS 197.
AES/GCM/NoPadding		AES configured for operation with the GCM block mode and NoPadding padding type.	2.16.840.1.101.3.4.1.6 aes128-GCM 2.16.840.1.101.3.4.1.26 aes192-GCM 2.16.840.1.101.3.4.1.46 aes256-GCM
AESWrap		The AES key wrap algorithm; a 64-bit block key wrap algorithm defined by NIST in AES Key Wrap Specification.	AesWrap AESKeyWrap AesKeyWrap id_aes128_wrap 2.16.840.1.101.3.4.1.5 id_aes192_wrap 2.16.840.1.101.3.4.1.25 id_aes256_wrap 2.16.840.1.101.3.4.1.45
AESWrapPad		The AES key wrap Pad algorithm; a 64-bit block key wrap algorithm defined by NIST in AES Key Wrap Pad Specification.	AesWrapPad AESKeyWrapPad AesKeyWrapPad id_aes128_wrap_pad 2.16.840.1.101.3.4.1.8 id_aes192_wrap_pad 2.16.840.1.101.3.4.1.28 id_aes256_wrap_pad 2.16.840.1.101.3.4.1.48
CAST128		The CAST128 encryption algrithm; a symmetric 64-bit block encryption algorithm designed by Carlisle Adams and Stafford Tavares and described in RFC 2144.	CAST5 CAST
CAST3		The CAST3 symmetric cipher algorithm; a 64-bit block cipher designed by Carlisle Adams and Stafford Tavares. Included for compatibility purposes only, use is not recommended.	Cast3
DES		The Data Encryption Standard — a symmetric 64-bit block encryption algorithm as defined by NIST in FIPS 46-3.	DEA DES-CBC
DESede		A variant of the Data Encryption Standard (DES) using an encrypt-decrypt-encrypt (EDE) mechanism based on three DES keys as defined by NIST in SP 800-67.	TripleDES 3DES TDEA DESEDE DES-EDE3 DES-EDE3-CBC
ElGamal		The ElGamal public-key cryptosystem; an asymmetric cipher that was developed by Taher Elgamal and is based on the discrete log problem and the Diffie-Hellman problem.	ELGAMAL
IDEA		The International Data Encryption Algorithm (IDEA); a 64-bit block encryption algorithm that was developed by Xuejia Lai.
PbeWithMD5AndDES_CBC		Password-based key-encryption algorithm for encrypting a given message with the DES algorithm in CBC mode using a secret key derived from a password with the MD5 message digest algorithm as described in PKCS #5: Password-Based Cryptography Specification Version 2.0 (RFC 2898).	PBEWithMD5AndDES
PbeWithSHAAnd3_KeyTripleDES_CBC		Password-based key-encryption algorithm for encrypting a given message with the TripleDES algorithm in CBC mode using a secret key derived from a password with the SHA message digest algorithm as described in PKCS 12 v1.0: Personal Information Exchange Syntax.
PbeWithSHAAnd40BitRC2_CBC		Password-based key-encryption algorithm for encrypting a given message with the RC2 algorithm in CBC mode using a 40-bit secret key derived from a password with the SHA message digest algorithm as described in PKCS 12 v1.0: Personal Information Exchange Syntax.
RC2		A variable key size 64-bit block cipher developed by Ron Rivest and described in RFC 2268.	RC2-CBC
RC4		A variable key size 64-bit stream cipher developed by Ron Rivest.
Rijndael		An implementation of the Rijndael block cipher with a 128 bit block size.
Rijndael-256		An implementation of the Rijndael block cipher with a 256 bit block size.
RSA		Public key encryption algorithm, developed by Ron Rivest, Adi Shamir, and Leonard Adleman — described in PKCS #1: RSA Encryption Version 1.5 (RFC 2313).	RSA/ECB/PKCS1Padding RSA//PKCS1Padding
		Cipher transformations for the RSA algorithm
		RSA algorithm with PKCS #1 padding with block type 1.	RSA/1 RSA/1/PKCS1Padding
		RSA algorithm with PKCS #1 padding with block type 2.	RSA/2 RSA/2/PKCS1Padding
		RSA algorithm with the Optimal Asymmetric Encryption Padding (OAEP) method.	RSA/OAEP RSA/OAEP/PKCS1Padding RSA/ECB/OAEPWithSHA-1AndMGF1Padding RSA/ECB/OAEPWithSHA-256AndMGF1Padding
Mac
Standard algorithm name		Description	Alias
CAST128Mac		MAC generated using the CAST128 cipher; based on the algorithm defined in FIPS 113.	CAST128-MAC CAST128 CAST5Mac CAST5-MAC CAST5 CASTMac CAST-MAC CAST
DESMac		MAC generated using the DES cipher; based on the algorithm defined in FIPS 113.	DES-MAC DES
DESedeMac		MAC generated using the DESede cipher; based on the algorithm defined in FIPS 113.	DESede-MAC DESede 3DESMac 3DES-MAC 3DES TripleDESMac TripleDES-MAC TripleDES
IDEAMac		MAC generated using the IDEA cipher; based on the algorithm defined in FIPS 113.	IDEA-MAC IDEA
HmacMD5		Keyed-hash message authentication code algorithm that uses MD5 as the message digest algorithm, as described in RFC 2104	HMAC/MD5 HMACMD5 HMAC-MD5 Md5HMac 1.2.840.113549.2.6
HmacSHA1		Keyed-hash message authentication code algorithm that uses SHA-1 as the message digest algorithm, as described in FIPS 198	HMAC/SHA1 HMACSHA1 HMAC-SHA1 HmacSHA HMAC/SHA HMACSHA HMAC-SHA Sha1HMac 1.2.840.113549.2.7
HmacSHA224		Keyed-hash message authentication code algorithm that uses SHA-224 as the message digest algorithm, as described in FIPS 198	HMAC/SHA224 HMACSHA224 HMAC-SHA224 Sha224HMac 1.2.840.113549.2.8
HmacSHA256		Keyed-hash message authentication code algorithm that uses SHA-256 as the message digest algorithm, as described in FIPS 198	HMAC/SHA256 HMACSHA256 HMAC-SHA256 Sha256HMac 1.2.840.113549.2.9
HmacSHA384		Keyed-hash message authentication code algorithm that uses SHA-384 as the message digest algorithm, as described in FIPS 198	HMAC/SHA384 HMACSHA384 HMAC-SHA384 Sha384HMac 1.2.840.113549.2.10
HmacSHA512		Keyed-hash message authentication code algorithm that uses SHA-512 as the message digest algorithm, as described in FIPS 198	HMAC/SHA512 HMACSHA512 HMAC-SHA512 Sha512HMac 1.2.840.113549.2.11
AESCMac		Message authentication code algorithm that is based on the AES symmetric block cipher, as described in NIST SP 800-38B	AES-CMAC
DESedeCMac		Message authentication code algorithm that is based on the DESede symmetric block cipher, as described in NIST SP 800-38B	DESede-CMAC TripleDESCMac TripleDES-CMAC 3DESCMac 3DES-CMAC
SecureRandom
Standard algorithm name		Description	Alias
DRBGusingSHA512		DRBG implementation based of the algorithm defined in the NIST Special Publication 800-90, Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised), NIST SP800-90.	NIST SP800-90
FIPS186_2usingSHA1		PRNG implementation based of the algorithm defined in the Digital Signature Standard Appendix 3 Section 3.1 and 3.3, FIPS 186-2.	FIPS186_2
X9_31usingDESede		PRNG implementation based of the algorithm defined in ANSI X9.31 Appendix A.2.4 (or ANSI X9.17 Appendix C) using a Triple DES cipher	X9_31using3DES X9_31 X917
X9_31usingAES256		PRNG implementation based of the algorithm defined in ANSI X9.31 Appendix A.2.4 (or ANSI X9.17 Appendix C) using an AES cipher and a 256-bit key	X9_31usingAES ANSI
KeyAgreement
Standard algorithm name		Description	Alias
ECDH		The standard Elliptic Curve Diffie-Hellman key agreement primitive, as defined in ANSI X9.63-2001 Section 5.4.1 (ECDH is the elliptic curve analogue of the Diffie-Hellman algorithm).	stdECDH
cofactorECDH		The modified (aka: cofactor) Elliptic Curve Diffie-Hellman key agreement primitive, as defined in ANSI X9.63-2001 Section 5.4.2 (ECDH is the elliptic curve analogue of the Diffie-Hellman algorithm).
SPEKE		Strong Password-Only Authenticated Key Exchange. It is similar to the Diffie-Hellman exchange.
KeyGenerator
Standard algorithm name		Description	Alias
AES		Key generation mechanism for the AES cipher, as defined by NIST in FIPS 197
CAST3		Key generation method for the CAST3 block cipher.	Cast3
CAST128		Key generation method for the CAST128 64-bit Feistel block cipher.	CAST5 CAST
DES		Key generation mechanism for the DES cipher, as defined by NIST in FIPS 46-3.	DEA
DESede		Key generation mechanism for the DESede cipher, as defined by NIST in SP 800-67.	TripleDES 3DES TDEA DESEDE
HmacMD5		Key generation mechanism for the HmacMD5 MAC algorithm, as defined in RFC 2104	HMAC/MD5 HMACMD5 HMAC-MD5 Md5HMac 1.2.840.113549.2.6
HmacSHA1		Key generation mechanism for the HmacSHA1 MAC algorithm, as defined in FIPS 198	HMAC/SHA1 HMACSHA1 HMAC-SHA1 HmacSHA HMAC/SHA HMACSHA HMAC-SHA Sha1HMac 1.2.840.113549.2.7
HmacSHA224		Key generation mechanism for the HmacSHA224 MAC algorithm, as defined in FIPS 198	HMAC/SHA224 HMACSHA224 HMAC-SHA224 Sha224HMac 1.2.840.113549.2.8
HmacSHA256		Key generation mechanism for the HmacSHA256 MAC algorithm, as defined in FIPS 198	HMAC/SHA256 HMACSHA256 HMAC-SHA256 Sha256HMac 1.2.840.113549.2.9
HmacSHA384		Key generation mechanism for the HmacSHA384 MAC algorithm, as defined in FIPS 198	HMAC/SHA384 HMACSHA384 HMAC-SHA384 Sha384HMac 1.2.840.113549.2.10
HmacSHA512		Key generation mechanism for the HmacSHA512 MAC algorithm, as defined in FIPS 198	HMAC/SHA512 HMACSHA512 HMAC-SHA512 Sha512HMac 1.2.840.113549.2.11
IDEA		Key generation mechanism for the IDEA cipher.
RC2		Key generation mechanism for the RC2 cipher, developed by Ron Rivest.
RC4		Key generation mechanism for the RC4 stream cipher, developed by Ron Rivest.
Rijndael		Key generation mechanism for the Rijndael cipher.	Rijndael-256
KeyPairGenerator
Standard algorithm name		Description	Alias
RSA		Key pair generation mechanism for the RSA public key cryptosystem as described in PKCS #1: RSA Encryption Version 1.5 (RFC 2313).
DSA		Key pair generation mechanism for the DSA signature algorithm as described in FIPS 186-2.	1.2.840.10040.4.1 1.3.14.3.2.12
EC		Key pair generation mechanism for the Ellipitc Curve EC public key cryptosystem; defined in ASNI X9.62-2005, X9.63-2001, and FIPS 186-2.	ECDSA 1.2.840.10045.2.1
DH		Key pair generation mechanism for generating Diffie-Hellman keys as defined in RFC 2631. (Diffie-Hellman keys can also be used with the ElGamal public-key cryptosystem).	DiffieHellman ElGamal ELGAMAL
SPEKE		Key pair generation mechanism for the SPEKE key agreement algorithm.
KeyFactory
Standard algorithm name		Description	Alias
RSA		Key factory for importing and exporting keys using the RSA algorithm specification.
DSA		Key factory for importing and exporting keys using the DSA algorithm specification.	1.2.840.10040.4.1 1.3.14.3.2.12
EC		Key factory for keys that are used with the Ellipitc Curve EC public key cryptosystem.	ECDSA 1.2.840.10045.2.1
DH		Key factory for Diffie-Hellman keys. (Diffie-Hellman keys can also be used with the ElGamal public-key cryptosystem).	DiffieHellman ElGamal ELGAMAL
AlgorithmParameters
Standard algorithm name		Description	Alias
AesKeyWrap		Parameters used to initialize the AesKeyWrap key wrap algorithm (initial value).	AESKeyWrap
AesKeyWrapPad		Parameters used to initialize the AesKeyWrapPad key wrap algorithm (initial value).	AESKeyWrapPad
AES-IV		Parameters used to initialize the AES symmetric cipher in a block mode that requires an initialization vector.	AES aes128-CBC 2.16.840.1.101.3.4.1.2 aes192-CBC 2.16.840.1.101.3.4.1.22 aes256-CBC 2.16.840.1.101.3.4.1.42 Rijndael Rijndael-256
CAST3		Parameters used to initialize the CAST3 cipher (initialization vector and key length).	Cast3 cast3CBC 1.2.840.113533.7.66.3
CAST128		Parameters used to initialize the CAST128 cipher (initialization vector and key length).	CAST5 Cast5 CAST cast5CBC 1.2.840.113533.7.66.10
GCM		Parameters used to initialize a symmetric cipher in the GCM block mode of operation.	GCM 2.16.840.1.101.3.4.1.6 2.16.840.1.101.3.4.1.26 2.16.840.1.101.3.4.1.46
IDEA		Parameters used to initialize the IDEA cipher (initialization vector).
IV		Parameters used to initialize the DES and/or DESede symmetric cipher in a block mode that requires an initialization vector.	DES DEA DESede TripleDES 3DES TDEA DESEDE des-ede3-cbc 1.2.840.113549.3.7
RC2		Parameters used to initialize the RC2 cipher (version and initialization vector).
RSAPSS		Parameters for the RSA-PSS digital signature algorithm.	RSA-PSS RSASSA-PSS id-RSASSA-PSS 1.2.840.113549.1.1.10
SPECIFIEDwithECDSA		Parameters for the SPECIFIEDwithECDSA digital signature algorithm.	SPECIFIED/ECDSA ecdsa-with-Specified 1.2.840.10045.4.3
EC		Parameters associated with EC keys.	ECDSA 1.2.840.10045.2.1

FIPS 140-2:

This class is part of the Toolkit's FIPS 140-2 cryptographic module and contains APIs that are considered part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; refer to the API documentation for further details

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class java.security.Provider

java.security.Provider.Service

Field Summary

Fields inherited from class java.util.Properties

defaults

Constructor Summary

Constructors

Constructor and Description
Entrust() The constructor; creates a new instance of the Entrust JCA/JCE cryptographic service provider.

Method Summary

Modifier and Type	Method and Description
static java.security.SecureRandom	getDefaultSecureRandomInstance() Returns a new instance of Entrust's default random number generator (RNG).

Methods inherited from class java.security.Provider

clear, compute, computeIfAbsent, computeIfPresent, elements, entrySet, forEach, get, getInfo, getName, getOrDefault, getProperty, getService, getServices, getVersion, keys, keySet, load, merge, put, putAll, putIfAbsent, putService, remove, remove, removeService, replace, replace, replaceAll, toString, values

Methods inherited from class java.util.Properties

getProperty, list, list, load, loadFromXML, propertyNames, save, setProperty, store, store, storeToXML, storeToXML, stringPropertyNames

Methods inherited from class java.util.Hashtable

clone, contains, containsKey, containsValue, equals, hashCode, isEmpty, rehash, size

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

Entrust

public Entrust()

The constructor; creates a new instance of the Entrust JCA/JCE cryptographic service provider.

FIPS 140-2:

FIPS Service: Modify Object

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call)
• status output interface (exceptions)

Method Detail

getDefaultSecureRandomInstance

public static java.security.SecureRandom getDefaultSecureRandomInstance()
                                                                 throws java.lang.SecurityException

Returns a new instance of Entrust's default random number generator (RNG).

Currently, Entrust's default RNG is DRBGusingSHA512, which is a FIPS 140-2 complaint implementation of the algorithm defined in NIST SP 800-90.

This API has the same effect as calling SecureRandom.getInstance("DBRGusingSHA512", "Entrust"). However, in the future Entrust's default RBG algorithm may change, so using this API is recommended.

FIPS 140-2:

FIPS Service: Query Object

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call)
• status output interface (exceptions, return value)

Returns:

[FIPS 140-2 status output] a new instance of Entrust's default random number generator

Throws:

java.lang.SecurityException

Since:

7.0

See Also:

DRBGusingSHA512