Class AESKeySpec

  • All Implemented Interfaces:
    java.security.spec.KeySpec

    public class AESKeySpec
    extends java.lang.Object
    implements java.security.spec.KeySpec
    This class specifies an AES key specification.
    Implementation Note:
    This class allows for the specification of key "types" ("RAW" or "CLEAR", "CKDSLabel" or "CKDS", "ICSFToken" or "PROTECTED"). Some JCECCA operations are restricted to specific key types. Provider support, ICSF support, and hardware support all determine which key and algorithm types will function on a given system. For details on the supported operations for each key type, please consult the z/OS Unique Considerations Hardware Crypto Reference Guide. More information can also be found in the Javadoc reference for the specific SPI class in use (KeyFactory, KeyGenerator, etc.)
    See Also:
    AESKeyFactory, AESKeyGenerator, AESCipher
    • Constructor Summary

      Constructors 
      Constructor Description
      AESKeySpec​(byte[] key)
      Uses the bytes in key as the key material for the AES key specification.
      AESKeySpec​(byte[] key, int offset, int len)
      Uses the bytes in key, beginning at offset, inclusive, for len bytes, as the key material for the AES key specification.
      AESKeySpec​(byte[] key, int offset, int len, java.lang.String type)
      Uses the bytes in key, beginning at offset, inclusive, for len bytes, as the key material for the AES key specification, along with using key type type.
      AESKeySpec​(byte[] key, java.lang.String type)
      Uses the bytes in key as the key material for the AES key specification, along with using key type type.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      byte[] getKey()
      Returns a clone of the AES key material.
      java.lang.String getType()
      Returns the AES key type.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • AESKeySpec

        public AESKeySpec​(byte[] key)
                   throws java.security.InvalidKeyException
        Uses the bytes in key as the key material for the AES key specification. A specification for a RAW (also known as CLEAR) key is created with this constructor.

        The bytes that constitute the AES key are those between key[0] and key[key.length - 1], inclusive.

        Parameters:
        key - the buffer with the AES key material. The buffer is copied to protect against subsequent modification.
        Throws:
        java.security.InvalidKeyException - if the given key material is null or empty, or is not 16, 24, or 32 bytes in length.
      • AESKeySpec

        public AESKeySpec​(byte[] key,
                          java.lang.String type)
                   throws java.security.InvalidKeyException
        Uses the bytes in key as the key material for the AES key specification, along with using key type type.

        The bytes that constitute the AES key are those between key[0] and key[key.length - 1], inclusive.

        Parameters:
        key - the buffer with the AES key material, CCA token, or CKDS label. If a CKDS label is specified it must be encoded in the IBM-1047 codepage. The buffer is copied to protect against subsequent modification.
        type - the type of key, one of "RAW", "CKDSLabel", or "ICSFToken". Please note that we recommend the use of the KeyLabelKeySpec class to create a key specification using a "CKDSLabel".
        Throws:
        java.security.InvalidKeyException - if the given key material is null or empty, is not 16, 24, or 32 bytes in length, or if the key type is not valid.
      • AESKeySpec

        public AESKeySpec​(byte[] key,
                          int offset,
                          int len)
                   throws java.security.InvalidKeyException
        Uses the bytes in key, beginning at offset, inclusive, for len bytes, as the key material for the AES key specification. A specification for a RAW (also known as CLEAR) key is created with this constructor.

        The bytes that constitute the AES key are those between key[offset] and key[offset+len-1], inclusive.

        Parameters:
        key - the buffer with the AES key material. The buffer is copied to protect against subsequent modification.
        offset - the offset in key, where the AES key material starts
        len - the length of the AES key material
        Throws:
        java.security.InvalidKeyException - if the given buffer is null or empty, or if the offset and len combination is not valid, or if the key material is not 16, 24, or 32 bytes in length.
      • AESKeySpec

        public AESKeySpec​(byte[] key,
                          int offset,
                          int len,
                          java.lang.String type)
                   throws java.security.InvalidKeyException
        Uses the bytes in key, beginning at offset, inclusive, for len bytes, as the key material for the AES key specification, along with using key type type.

        The bytes that constitute the AES key are those between key[offset] and key[offset+len-1], inclusive.

        Parameters:
        key - the buffer with the AES key material, CCA token, or CKDS label. If a CKDS label is specified it must be encoded in the IBM-1047 codepage. The buffer is copied to protect against subsequent modification.
        offset - the offset in key, where the DES key material starts
        len - the length of the AES key material
        type - the type of key, one of "RAW", "CKDSLabel", or "ICSFToken". Please note that we recommend the use of the KeyLabelKeySpec class to create a key specification using a "CKDSLabel".
        Throws:
        java.security.InvalidKeyException - if the given buffer is null or empty, or if the offset and len combination is not valid, or if the key material is not 16, 24, or 32 bytes in length, or if the key type is not valid.
    • Method Detail

      • getKey

        public byte[] getKey()
        Returns a clone of the AES key material.

        Note that this method returns a clone of sensitive information. It is the caller's responsibility to zero out the information after it is no longer needed.

        Returns:
        A clone of the AES key material.
      • getType

        public java.lang.String getType()
        Returns the AES key type.
        Returns:
        the AES key type.