com.ibm.crypto.fips.provider

Interface IHashDrbg

  • All Known Implementing Classes:
    HASHDRBG, SHA2DRBG, SHA5DRBG

    public interface IHashDrbg
    Expose programming interfaces to accomplish full API flexibility discussed in NIST 800-90 for hash-based deterministic random bit generators.

    • Method Summary

      Methods 
      Modifier and Type Method and Description
      byte[] generate(int requested_no_of_bytes, boolean prediction_resistant, byte[] additionalInput)
      Generate the requested number of bytes from the DRBG From section 10.1.1.4 of NIST SP 800-90
      int init(java.lang.String algorithm, int bitStrengthRequested, java.nio.ByteBuffer entropySource, boolean predictionResistant)
      Not really discussed in NIST document, but seems to be necessary to implement.
      void instantiate(byte[] nonce, byte[] personalization)
      Initialize the DRBG
      void reseed(byte[] addlInput)
      Add additional entropy to the DRBG.

    • Method Detail

      • instantiate

        void instantiate(byte[] nonce,
               byte[] personalization)
        Initialize the DRBG
        Parameters:
        nonce - caller-supplied nonce (optional, may be NULL)
        personalization - caller-supplied personalization data (optional, may be NULL) From NIST SP 800-90, Section 10.1.1.2

      • reseed

        void reseed(byte[] addlInput)
        Add additional entropy to the DRBG. From NIST SP 800-90, Section 10.1.1.3
        Parameters:
        additionalInput - caller-supplied additional input (optional, may be NULL)

      • generate

        byte[] generate(int requested_no_of_bytes,
              boolean prediction_resistant,
              byte[] additionalInput)
                throws java.lang.IllegalStateException
        Generate the requested number of bytes from the DRBG From section 10.1.1.4 of NIST SP 800-90
        Parameters:
        requested_no_of_bytes - how many bytes to produce
        prediction_resistant - whether additional entropy has been supplied through the entropySource for the generate operation
        additionalInput - caller-supplied additional input (optional, may be NULL)
        Returns:
        the requested number of bytes of data
        Throws:
        java.lang.IllegalStateException

      • init

        int init(java.lang.String algorithm,
       int bitStrengthRequested,
       java.nio.ByteBuffer entropySource,
       boolean predictionResistant)
         throws java.lang.IllegalArgumentException
        Not really discussed in NIST document, but seems to be necessary to implement.
        Parameters:
        algorithm - the name of the hash algorithm to employ
        bitStrengthRequested - the strength of the expected output (depends on strength of the algorithm above, typical values 112, 128, 192, 256)
        entropySource - a ByteBuffer the caller will use to supply entropy, or NULL if caller chooses not to
        predictionResistant - whether additional entropy will be supplied through the entropySource before generate operations
        Returns:
        the number of bits of security strength the DRBG will provide (and the entropy the caller must supply through entropySource (if supplied by caller))
        Throws:
        java.lang.IllegalArgumentException
© Portions Copyright 2003, 2014, 2015, 2016 IBM Corporation. All rights reserved.
© Portions Copyright 2003, 2014 Oracle and/or its affiliates. All rights reserved.
  • Summary: 
  • Nested | 
  • Field | 
  • Constr | 
  • Method
  • Detail: 
  • Field | 
  • Constr | 
  • Method