Secret Key Engines
In
the JCE, there are new ways to generate keys. Since the existing key
engines only operate on public and private keys, the JCE introduces
two new engines that can operate on secret keys. Note also in Table 13.1 that the SunJCE security
provider implements a new algorithm to generate key pairs for
Diffie-Hellman key agreement; that algorithm uses the standard
KeyPairGenerator class we explored in Chapter 10.
The KeyGenerator Class
The first engine we’ll look at is the
KeyGenerator class
(javax.crypto.Key-Generator); this class is used
to generate secret keys. This class is very similar to the
KeyPairGenerator class except that it generates
instances of secret keys instead of pairs of public and private keys:
- public class KeyGenerator
Generate instances of secret keys for use by a symmetric encryption algorithm.
The KeyGenerator class is an engine within the
JCE. As such, it has all the hallmarks of a cryptographic engine. It
has a complementary SPI and a set of public methods that are used to
operate upon it, and its implementation must be registered with the
security provider.
Using the KeyGenerator class
Like other engine classes, the KeyGenerator
class does not have any public constructors. An instance of a
KeyGenerator is obtained by calling one of these
methods:
- public static final KeyGenerator getInstance(String algorithm) , public static final KeyGenerator getInstance(String algorithm, String provider)
Return an object capable of generating secret keys that ...
Get Java Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
