PBKDF2 ("Entrust Authority Security Toolkit for the Java Platform")

java.lang.Object
- javax.crypto.KeyGeneratorSpi
- - iaik.pkcs.pkcs5.PBKDF2

public class PBKDF2
extends javax.crypto.KeyGeneratorSpi

This class implements the KeyGenerator Service Provider Interface (SPI) for the password-based-key-derivation-function-2 from the PKCS #5: Password-Based Cryptography Specification Version 2.0 (RFC 2898).

Use this class as you can read here:

 KeyGenerator pKCS5_PBKDF2 = null;
 try {
   pKCS5_PBKDF2 = KeyGenerator.getInstance("PBKDF2", "IAIK");
 } catch (Exception e) {
    ....
 }
 iaik.security.spec.PBEKeyAndParameterSpec parameterSpec;
 parameterSpec = new PBEKeyAndParameterSpec(password,
                                            salt,
                                            iterationCount,
                                            derivedKeyLength);
 try {
   pKCS5_PBKDF2.init(parameterSpec, null);
 } catch (InvalidAlgorithmParameterException e) {
    ...
 }
 SecretKey derivedKey;
 derivedKey = pKCS5_PBKDF2.generateKey();

This class SHOULD NOT be used directly; it should only be used through the JCA/JCE.

FIPS 140-2:: This class is part of the Toolkit's FIPS 140-2 cryptographic module and contains APIs that are considered part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; refer to the API documentation for further details

Since:: JDK1.2
Version:: 1.0, 18 Dec 1998
See Also:: KeyGenerator

Constructor Summary

Constructors
Constructor and Description

PBKDF2()
The constructor; creates a new instance of the PBKDF2 key generation algorithm.

Constructors
Constructor and Description
`PBKDF2()` The constructor; creates a new instance of the PBKDF2 key generation algorithm.

Method Summary

Methods
Modifier and Type	Method and Description
`javax.crypto.SecretKey`	`engineGenerateKey()` Generates a secret key.
`void`	`engineInit(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random)` Initializes the key generator with the specified parameter set and a user-provided source of randomness.
`void`	`engineInit(int int1, java.security.SecureRandom secureRandom)` Not supported.
`void`	`engineInit(java.security.SecureRandom secureRandom)` Not supported.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - PBKDF2
```
public PBKDF2()
```
    The constructor; creates a new instance of the PBKDF2 key generation algorithm.
    Applications should not use this constructor, instead the key generation algorithm should be requested from the appropriate JCA/JCE cryptographic service provider as follows: KeyGenerator.getInstance("PBKDF2", "IAIK").
    FIPS 140-2:
    
    FIPS Service: Initialization
    
    This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:
    
    control input interface (API call)
    
    status output interface (exceptions)
- Method Detail
  - engineGenerateKey
```
public javax.crypto.SecretKey engineGenerateKey()
```
    Generates a secret key.
    FIPS 140-2:
    
    FIPS Service: Key Generation
    
    This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 crypto officer role and accesses the following FIPS 140-2 logical interfaces:
    
    control input interface (API call)
    
    data output interface (return value)
    
    status output interface (exceptions)
    Specified by:
    
    engineGenerateKey in class javax.crypto.KeyGeneratorSpi
    
    Returns:
    [FIPS 140-2 data output] [FIPS 140-2 CSP] the new key
    
    Throws:
    
    Fips140ErrorStateException - [FIPS 140-2 status output] thrown if the Toolkit is not allowed to perform cryptographic operations
  - engineInit
```
public void engineInit(int int1,
              java.security.SecureRandom secureRandom)
```
    Not supported.
    FIPS 140-2:
    
    FIPS Service: Initialization
    
    This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:
    
    control input interface (API call, parameters)
    
    data input interface (parameters)
    
    status output interface (exceptions)
    Specified by:
    
    engineInit in class javax.crypto.KeyGeneratorSpi
    
    Parameters:
    keysize - [FIPS 140-2 data input] the keysize. This is an algorithm-specific metric, specified in number of bits.
    random - [FIPS 140-2 control input] the source of randomness for this key generator
    
    Throws:
    
    java.security.InvalidParameterException - [FIPS 140-2 status output] if the keysize is wrong or not supported.
    
    InternalErrorException - [FIPS 140-2 status output] always thrown
  - engineInit
```
public void engineInit(java.security.SecureRandom secureRandom)
```
    Not supported.
    FIPS 140-2:
    
    FIPS Service: Initialization
    
    This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:
    
    control input interface (API call, parameters)
    
    data input interface (parameters)
    
    status output interface (exceptions)
    Specified by:
    
    engineInit in class javax.crypto.KeyGeneratorSpi
    
    Parameters:
    keysize - [FIPS 140-2 data input] the keysize. This is an algorithm-specific metric, specified in number of bits.
    
    Throws:
    
    java.security.InvalidParameterException - [FIPS 140-2 status output] if the keysize is wrong or not supported.
    
    InternalErrorException - [FIPS 140-2 status output] always thrown
  - engineInit
```
public void engineInit(java.security.spec.AlgorithmParameterSpec params,
              java.security.SecureRandom random)
                throws java.security.InvalidAlgorithmParameterException
```
    Initializes the key generator with the specified parameter set and a user-provided source of randomness.
    FIPS 140-2:
    
    FIPS Service: Initialization
    
    This API is part of the logical interface to the Toolkit's FIPS 140-2 cryptographic module; use of this API causes the caller to assume the FIPS 140-2 user role and accesses the following FIPS 140-2 logical interfaces:
    
    control input interface (API call, parameters)
    
    data input interface (parameters)
    
    status output interface (exceptions)
    Specified by:
    
    engineInit in class javax.crypto.KeyGeneratorSpi
    
    Parameters:
    params - [FIPS 140-2 data input] the key generation parameters
    random - [FIPS 140-2 control input] the source of randomness for this key generator
    
    Throws:
    
    java.security.InvalidAlgorithmParameterException - [FIPS 140-2 status output] if params is inappropriate for this key generator
    
    Fips140ErrorStateException - [FIPS 140-2 status output] thrown if the Toolkit is not allowed to perform cryptographic operations

Class PBKDF2

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

PBKDF2

Method Detail

engineGenerateKey

engineInit

engineInit

engineInit