- java.lang.Object
-
- javax.crypto.KeyGeneratorSpi
-
- com.ibm.crypto.hdwrCCA.provider.AESKeyGenerator
-
public final class AESKeyGenerator extends javax.crypto.KeyGeneratorSpi
This class generates a secret key for use with the AES algorithm.This documentation describes a Service Provider Interface. It is provided for implementation insight only. This class is not intended to be called directly by application developers. Please consult the 'Java Cryptography Architecture Standard' for details on how to use this interface through a public standard class.
- NOTE:
- Certain operations may require specific hardware or software, or specific key types. See the rest of this document and the z/OS Unique Considerations Hardware Crypto Reference Guide for more details. Unsupported operations and/or combinations may result in a RuntimeException Hardware Error.
javax.crypto.KeyGenerator
.
-
-
Constructor Summary
Constructors Constructor Description AESKeyGenerator()
Verify the JCE framework in the constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected javax.crypto.SecretKey
engineGenerateKey()
Generates and returns an AES key.protected void
engineInit(int keysize, java.security.SecureRandom random)
Initializes this key generator for generating clear keys of a certain key size in bits, using the given source of randomness.protected void
engineInit(java.security.SecureRandom random)
Initializes this key generator for clear key generation using the supplied source of randomness.protected void
engineInit(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random)
Initializes this key generator with the specified parameter set and a user-provided source of randomness.
-
-
-
Method Detail
-
engineInit
protected void engineInit(java.security.SecureRandom random)
Initializes this key generator for clear key generation using the supplied source of randomness.- Specified by:
engineInit
in classjavax.crypto.KeyGeneratorSpi
- Parameters:
random
- the source of randomness for this generator
-
engineInit
protected void engineInit(java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) throws java.security.InvalidAlgorithmParameterException
Initializes this key generator with the specified parameter set and a user-provided source of randomness. If aCCAAlgorithmParameterSpec
is specified, and the requested key type is eitherCCAAlgorithmParameterSpec.SECURE_INTERNAL_TOKEN
orCCAAlgorithmParameterSpec.CKDS
, then the AES key will be generated as a secret hardware key. Key generation parameters are validated, these validations include- Key size must be one of valid AES key sizes.
- Hardware keys must only use the default wrapping mode.
- Hardware keys must have key usage of
SymmetricKeyConstants.KeyUsage.OP_DATA
,SymmetricKeyConstants.KeyUsage.OPEX_EXPORTER_IMPORTER
,SymmetricKeyConstants.KeyUsage.OPEX_IMPORTER_EXPORTER
, or null (default). - A key encrypting key must be provided if generating a new key encrypting key pair.
- Specified by:
engineInit
in classjavax.crypto.KeyGeneratorSpi
- Parameters:
params
- the key generation parameters, clear key will be generated if the parameter is nullrandom
- the source of randomness for this key generator- Throws:
java.security.InvalidAlgorithmParameterException
- ifparams
is inappropriate for this key generator.java.security.InvalidParameterException
- if any of the key generation parameters fail validation.java.lang.RuntimeException
- if the key wrapping mode specified by the key generation parameters is anything other than the default wrapping mode.
-
engineInit
protected void engineInit(int keysize, java.security.SecureRandom random)
Initializes this key generator for generating clear keys of a certain key size in bits, using the given source of randomness.- Specified by:
engineInit
in classjavax.crypto.KeyGeneratorSpi
- Parameters:
keysize
- the key size. This is an algorithm-specific metric specified in number of bitsrandom
- the source of randomness for this key generator- Throws:
java.security.InvalidParameterException
- if the specified key size is not valid.
-
engineGenerateKey
protected javax.crypto.SecretKey engineGenerateKey()
Generates and returns an AES key. If generating an AES IMPORTER or EXPORTER CKDS hardware key, the generated key will need to be stored in a variable cryptographic key data set.- Specified by:
engineGenerateKey
in classjavax.crypto.KeyGeneratorSpi
- Returns:
- the generated AES secret key.
-
-