1 /*
2  * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 package javax.crypto;
27 
28 import java.security.*;
29 import java.security.spec.*;
30 
31 /**
32  * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
33  * for the <code>KeyAgreement</code> class.
34  * All the abstract methods in this class must be implemented by each
35  * cryptographic service provider who wishes to supply the implementation
36  * of a particular key agreement algorithm.
37  *
38  * <p> The keys involved in establishing a shared secret are created by one
39  * of the
40  * key generators (<code>KeyPairGenerator</code> or
41  * <code>KeyGenerator</code>), a <code>KeyFactory</code>, or as a result from
42  * an intermediate phase of the key agreement protocol
43  * ({@link #engineDoPhase(java.security.Key, boolean) engineDoPhase}).
44  *
45  * <p> For each of the correspondents in the key exchange,
46  * <code>engineDoPhase</code>
47  * needs to be called. For example, if the key exchange is with one other
48  * party, <code>engineDoPhase</code> needs to be called once, with the
49  * <code>lastPhase</code> flag set to <code>true</code>.
50  * If the key exchange is
51  * with two other parties, <code>engineDoPhase</code> needs to be called twice,
52  * the first time setting the <code>lastPhase</code> flag to
53  * <code>false</code>, and the second time setting it to <code>true</code>.
54  * There may be any number of parties involved in a key exchange.
55  *
56  * @author Jan Luehe
57  *
58  * @see KeyGenerator
59  * @see SecretKey
60  * @since 1.4
61  */
62 
63 public abstract class KeyAgreementSpi {
64 
65     /**
66      * Initializes this key agreement with the given key and source of
67      * randomness. The given key is required to contain all the algorithm
68      * parameters required for this key agreement.
69      *
70      * <p> If the key agreement algorithm requires random bytes, it gets them
71      * from the given source of randomness, <code>random</code>.
72      * However, if the underlying
73      * algorithm implementation does not require any random bytes,
74      * <code>random</code> is ignored.
75      *
76      * @param key the party's private information. For example, in the case
77      * of the Diffie-Hellman key agreement, this would be the party's own
78      * Diffie-Hellman private key.
79      * @param random the source of randomness
80      *
81      * @exception InvalidKeyException if the given key is
82      * inappropriate for this key agreement, e.g., is of the wrong type or
83      * has an incompatible algorithm type.
84      */
engineInit(Key key, SecureRandom random)85     protected abstract void engineInit(Key key, SecureRandom random)
86         throws InvalidKeyException;
87 
88     /**
89      * Initializes this key agreement with the given key, set of
90      * algorithm parameters, and source of randomness.
91      *
92      * @param key the party's private information. For example, in the case
93      * of the Diffie-Hellman key agreement, this would be the party's own
94      * Diffie-Hellman private key.
95      * @param params the key agreement parameters
96      * @param random the source of randomness
97      *
98      * @exception InvalidKeyException if the given key is
99      * inappropriate for this key agreement, e.g., is of the wrong type or
100      * has an incompatible algorithm type.
101      * @exception InvalidAlgorithmParameterException if the given parameters
102      * are inappropriate for this key agreement.
103      */
engineInit(Key key, AlgorithmParameterSpec params, SecureRandom random)104     protected abstract void engineInit(Key key, AlgorithmParameterSpec params,
105                                        SecureRandom random)
106         throws InvalidKeyException, InvalidAlgorithmParameterException;
107 
108     /**
109      * Executes the next phase of this key agreement with the given
110      * key that was received from one of the other parties involved in this key
111      * agreement.
112      *
113      * @param key the key for this phase. For example, in the case of
114      * Diffie-Hellman between 2 parties, this would be the other party's
115      * Diffie-Hellman public key.
116      * @param lastPhase flag which indicates whether or not this is the last
117      * phase of this key agreement.
118      *
119      * @return the (intermediate) key resulting from this phase, or null if
120      * this phase does not yield a key
121      *
122      * @exception InvalidKeyException if the given key is inappropriate for
123      * this phase.
124      * @exception IllegalStateException if this key agreement has not been
125      * initialized.
126      */
engineDoPhase(Key key, boolean lastPhase)127     protected abstract Key engineDoPhase(Key key, boolean lastPhase)
128         throws InvalidKeyException, IllegalStateException;
129 
130     /**
131      * Generates the shared secret and returns it in a new buffer.
132      *
133      * <p>This method resets this <code>KeyAgreementSpi</code> object,
134      * so that it
135      * can be reused for further key agreements. Unless this key agreement is
136      * reinitialized with one of the <code>engineInit</code> methods, the same
137      * private information and algorithm parameters will be used for
138      * subsequent key agreements.
139      *
140      * @return the new buffer with the shared secret
141      *
142      * @exception IllegalStateException if this key agreement has not been
143      * completed yet
144      */
engineGenerateSecret()145     protected abstract byte[] engineGenerateSecret()
146         throws IllegalStateException;
147 
148     /**
149      * Generates the shared secret, and places it into the buffer
150      * <code>sharedSecret</code>, beginning at <code>offset</code> inclusive.
151      *
152      * <p>If the <code>sharedSecret</code> buffer is too small to hold the
153      * result, a <code>ShortBufferException</code> is thrown.
154      * In this case, this call should be repeated with a larger output buffer.
155      *
156      * <p>This method resets this <code>KeyAgreementSpi</code> object,
157      * so that it
158      * can be reused for further key agreements. Unless this key agreement is
159      * reinitialized with one of the <code>engineInit</code> methods, the same
160      * private information and algorithm parameters will be used for
161      * subsequent key agreements.
162      *
163      * @param sharedSecret the buffer for the shared secret
164      * @param offset the offset in <code>sharedSecret</code> where the
165      * shared secret will be stored
166      *
167      * @return the number of bytes placed into <code>sharedSecret</code>
168      *
169      * @exception IllegalStateException if this key agreement has not been
170      * completed yet
171      * @exception ShortBufferException if the given output buffer is too small
172      * to hold the secret
173      */
engineGenerateSecret(byte[] sharedSecret, int offset)174     protected abstract int engineGenerateSecret(byte[] sharedSecret,
175                                                 int offset)
176         throws IllegalStateException, ShortBufferException;
177 
178     /**
179      * Creates the shared secret and returns it as a secret key object
180      * of the requested algorithm type.
181      *
182      * <p>This method resets this <code>KeyAgreementSpi</code> object,
183      * so that it
184      * can be reused for further key agreements. Unless this key agreement is
185      * reinitialized with one of the <code>engineInit</code> methods, the same
186      * private information and algorithm parameters will be used for
187      * subsequent key agreements.
188      *
189      * @param algorithm the requested secret key algorithm
190      *
191      * @return the shared secret key
192      *
193      * @exception IllegalStateException if this key agreement has not been
194      * completed yet
195      * @exception NoSuchAlgorithmException if the requested secret key
196      * algorithm is not available
197      * @exception InvalidKeyException if the shared secret key material cannot
198      * be used to generate a secret key of the requested algorithm type (e.g.,
199      * the key material is too short)
200      */
engineGenerateSecret(String algorithm)201     protected abstract SecretKey engineGenerateSecret(String algorithm)
202         throws IllegalStateException, NoSuchAlgorithmException,
203             InvalidKeyException;
204 }
205