com.entrust.toolkit.security.crypto.mac

Class HMacKeyGenerator

java.lang.Object

javax.crypto.KeyGeneratorSpi

com.entrust.toolkit.security.crypto.mac.HMacKeyGenerator

Direct Known Subclasses:

Md5HMacKeyGenerator, Sha1HMacKeyGenerator, Sha224HMacKeyGenerator, Sha256HMacKeyGenerator, Sha384HMacKeyGenerator, Sha512HMacKeyGenerator

public abstract class HMacKeyGenerator
extends javax.crypto.KeyGeneratorSpi

Defines Entrust's keyed-hashing for message authentication (HMAC) key generation architecture; it contains all the common functionality used by Entrust's HMAC key generation algorithm implementations.

An HMAC key generation algorithm can be obtained using the Java Cryptography Architecture (JCA), by requesting the '<algorithm>' key generator from the Entrust cryptographic service provider. This can be done using the following call:

KeyGenerator.getInstance("<algorithm>", "Entrust");

FIPS 140-2:

This class is part of the Toolkit's FIPS 140-2 cryptographic module and contains APIs that are considered part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; refer to the API documentation for further details

Since:

7.2

See Also:

HMac

Method Summary

Methods

Modifier and Type	Method and Description
protected javax.crypto.SecretKey	engineGenerateKey() Generates a secret key.
protected void	engineInit(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) Initializes the key generator with the specified parameter set and a user-provided source of randomness.
protected void	engineInit(int keysize, java.security.SecureRandom random) Initializes this key generator for a certain keysize, using the given source of randomness.
protected void	engineInit(java.security.SecureRandom random) Initializes the key generator.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

engineInit

protected final void engineInit(java.security.SecureRandom random)

Initializes the key generator.

FIPS 140-2:

FIPS Service: Initialization

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call, parameters)
• status output interface (exceptions)

Specified by:

engineInit in class javax.crypto.KeyGeneratorSpi

Parameters:

random - [FIPS 140-2 control input] the source of randomness for this generator

Throws:

Fips140ErrorStateException - [FIPS 140-2 status output] thrown if the Toolkit is not allowed to perform cryptographic operations

engineInit

protected final void engineInit(int keysize,
              java.security.SecureRandom random)

Initializes this key generator for a certain keysize, using the given source of randomness.

FIPS 140-2:

FIPS Service: Initialization

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call, parameters)
• data input interface (parameters)
• status output interface (exceptions)

Specified by:

engineInit in class javax.crypto.KeyGeneratorSpi

Parameters:

keysize - [FIPS 140-2 data input] the keysize. This is an algorithm-specific metric, specified in number of bits.

random - [FIPS 140-2 control input] the source of randomness for this key generator

Throws:

java.security.InvalidParameterException - [FIPS 140-2 status output] if the keysize is wrong or not supported.

Fips140ErrorStateException - [FIPS 140-2 status output] thrown if the Toolkit is not allowed to perform cryptographic operations

engineInit

protected final void engineInit(java.security.spec.AlgorithmParameterSpec params,
              java.security.SecureRandom random)

Initializes the key generator with the specified parameter set and a user-provided source of randomness.

FIPS 140-2:

FIPS Service: Initialization

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call, parameters)
• data input interface (parameters)
• status output interface (exceptions)

Specified by:

engineInit in class javax.crypto.KeyGeneratorSpi

Parameters:

params - [FIPS 140-2 data input] the key generation parameters

random - [FIPS 140-2 control input] the source of randomness for this key generator

Throws:

java.security.InvalidAlgorithmParameterException - [FIPS 140-2 status output] if params is inappropriate for this key generator

Fips140ErrorStateException - [FIPS 140-2 status output] thrown if the Toolkit is not allowed to perform cryptographic operations

engineGenerateKey

protected final javax.crypto.SecretKey engineGenerateKey()

Generates a secret key.

FIPS 140-2:

FIPS Service: Key Generation

This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 crypto officer role and accesses the following FIPS 140-2 logical interfaces:

• control input interface (API call)
• data output interface (return value)
• status output interface (exceptions)

Specified by:

engineGenerateKey in class javax.crypto.KeyGeneratorSpi

Returns:

[FIPS 140-2 data output] [FIPS 140-2 CSP] the new key

Throws:

Fips140ErrorStateException - [FIPS 140-2 status output] thrown if the Toolkit is not allowed to perform cryptographic operations