public class KeyAgreement
extends Object
| java.lang.Object | |
| ↳ | javax.crypto.KeyAgreement |
该类提供密钥协议(或密钥交换)协议的功能。
建立共享密钥涉及的密钥由密钥生成器之一( KeyPairGenerator或 KeyGenerator ), KeyFactory或密钥协议协议中间阶段的结果创建。
对于密钥交换中的每个记者,需要调用doPhase 。 例如,如果此密钥交换是与另一方进行的, doPhase需要调用lastPhase一次,并将lastPhase标志设置为true 。 如果此密钥交换与另外两方进行, doPhase需要调用doPhase两次,第一次将lastPhase标志设置为false ,第二次将其设置为true 。 密钥交换中可能有多个参与方。
Android提供了以下 KeyAgreement算法:
| Name | Supported (API Levels) |
|---|---|
| DH | 1+ |
| ECDH | 11+ |
也可以看看:
Protected constructors |
|
|---|---|
KeyAgreement(KeyAgreementSpi keyAgreeSpi, Provider provider, String algorithm) 创建一个KeyAgreement对象。 |
|
Public methods |
|
|---|---|
final Key |
doPhase(Key key, boolean lastPhase) 使用从此密钥协议中涉及的其他参与方之一收到的给定密钥执行此密钥协议的下一阶段。 |
final byte[] |
generateSecret() 生成共享密钥并将其返回到新缓冲区中。 |
final int |
generateSecret(byte[] sharedSecret, int offset) 生成共享密钥,并将其放入缓冲区 |
final SecretKey |
generateSecret(String algorithm) 创建共享密钥并将其作为指定算法的 |
final String |
getAlgorithm() 返回此 |
static final KeyAgreement |
getInstance(String algorithm) 返回实现指定密钥协议算法的 |
static final KeyAgreement |
getInstance(String algorithm, String provider) 返回实现指定密钥协议算法的 |
static final KeyAgreement |
getInstance(String algorithm, Provider provider) 返回实现指定密钥协议算法的 |
final Provider |
getProvider() 返回此 |
final void |
init(Key key, AlgorithmParameterSpec params) 使用给定的密钥和算法参数集初始化此密钥协议。 |
final void |
init(Key key, AlgorithmParameterSpec params, SecureRandom random) 使用给定密钥,算法参数集和随机源初始化此密钥协议。 |
final void |
init(Key key, SecureRandom random) 使用给定的密钥和随机源初始化此密钥协议。 |
final void |
init(Key key) 使用给定密钥初始化此密钥协议,该密钥需要包含此密钥协议所需的所有算法参数。 |
Inherited methods |
|
|---|---|
 From class java.lang.Object
|
|
KeyAgreement (KeyAgreementSpi keyAgreeSpi, Provider provider, String algorithm)
创建一个KeyAgreement对象。
| Parameters | |
|---|---|
keyAgreeSpi |
KeyAgreementSpi: the delegate |
provider |
Provider: the provider |
algorithm |
String: the algorithm |
Key doPhase (Key key, boolean lastPhase)
使用从此密钥协议中涉及的其他参与方之一收到的给定密钥执行此密钥协议的下一阶段。
| Parameters | |
|---|---|
key |
Key: the key for this phase. For example, in the case of Diffie-Hellman between 2 parties, this would be the other party's Diffie-Hellman public key. |
lastPhase |
boolean: flag which indicates whether or not this is the last phase of this key agreement. |
| Returns | |
|---|---|
Key |
the (intermediate) key resulting from this phase, or null if this phase does not yield a key |
| Throws | |
|---|---|
InvalidKeyException |
if the given key is inappropriate for this phase. |
IllegalStateException |
if this key agreement has not been initialized. |
byte[] generateSecret ()
生成共享密钥并将其返回到新缓冲区中。
此方法重置此KeyAgreement对象,以便它可以重新用于其他密钥协议。 除非使用init方法之一重新初始化此密钥协议,否则相同的私有信息和算法参数将用于随后的密钥协议。
| Returns | |
|---|---|
byte[] |
the new buffer with the shared secret |
| Throws | |
|---|---|
IllegalStateException |
if this key agreement has not been completed yet |
Android开发手册
int generateSecret (byte[] sharedSecret,
int offset)
生成共享密钥,并将其放入缓冲区 sharedSecret ,从 offset含)开始。
如果sharedSecret缓冲区太小而无法保存结果, ShortBufferException抛出ShortBufferException 。 在这种情况下,应该使用更大的输出缓冲区重复此调用。
此方法重置此KeyAgreement对象,以便它可以重新用于其他密钥协议。 除非使用init方法之一重新初始化此密钥协议,否则相同的私有信息和算法参数将用于随后的密钥协议。
| Parameters | |
|---|---|
sharedSecret |
byte: the buffer for the shared secret |
offset |
int: the offset in sharedSecret where the shared secret will be stored |
| Returns | |
|---|---|
int |
the number of bytes placed into sharedSecret |
| Throws | |
|---|---|
IllegalStateException |
if this key agreement has not been completed yet |
ShortBufferException |
if the given output buffer is too small to hold the secret |
SecretKey generateSecret (String algorithm)
创建共享密钥并将其作为指定算法的 SecretKey对象返回。
此方法重置此KeyAgreement对象,以便它可以重新用于其他密钥协议。 除非使用init方法之一重新初始化此密钥协议,否则相同的私有信息和算法参数将用于随后的密钥协议。
| Parameters | |
|---|---|
algorithm |
String: the requested secret-key algorithm |
| Returns | |
|---|---|
SecretKey |
the shared secret key |
| Throws | |
|---|---|
IllegalStateException |
if this key agreement has not been completed yet |
NoSuchAlgorithmException |
if the specified secret-key algorithm is not available |
InvalidKeyException |
if the shared secret-key material cannot be used to generate a secret key of the specified algorithm (e.g., the key material is too short) |
String getAlgorithm ()
返回此 KeyAgreement对象的算法名称。
这与在创建此 KeyAgreement对象的 getInstance调用之一中指定的名称相同。
| Returns | |
|---|---|
String |
the algorithm name of this KeyAgreement object. |
KeyAgreement getInstance (String algorithm)
返回实现指定密钥协议算法的 KeyAgreement对象。
该方法遍历注册安全提供程序的列表,从最优先的提供程序开始。 将返回一个新的KeyAgreement对象,该对象将封装来自支持指定算法的第一个Provider的KeyAgreementSpi实现。
请注意,可以通过 Security.getProviders()方法检索已注册供应商的列表。
| Parameters | |
|---|---|
algorithm |
String: the standard name of the requested key agreement algorithm. See the KeyAgreement section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard algorithm names. |
| Returns | |
|---|---|
KeyAgreement |
the new KeyAgreement object. |
| Throws | |
|---|---|
NullPointerException |
if the specified algorithm is null. |
NoSuchAlgorithmException |
if no Provider supports a KeyAgreementSpi implementation for the specified algorithm. |
也可以看看:
KeyAgreement getInstance (String algorithm, String provider)
返回实现指定密钥协议算法的 KeyAgreement对象。
返回封装指定提供者的KeyAgreementSpi实现的新KeyAgreement对象。 指定的提供者必须在安全提供者列表中注册。
请注意,可以通过 Security.getProviders()方法检索已注册供应商的列表。
| Parameters | |
|---|---|
algorithm |
String: the standard name of the requested key agreement algorithm. See the KeyAgreement section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard algorithm names. |
provider |
String: the name of the provider. |
| Returns | |
|---|---|
KeyAgreement |
the new KeyAgreement object. |
| Throws | |
|---|---|
NullPointerException |
if the specified algorithm is null. |
NoSuchAlgorithmException |
if a KeyAgreementSpi implementation for the specified algorithm is not available from the specified provider. |
NoSuchProviderException |
if the specified provider is not registered in the security provider list. |
IllegalArgumentException |
if the provider is null or empty. |
也可以看看:
KeyAgreement getInstance (String algorithm, Provider provider)
返回实现指定密钥协议算法的 KeyAgreement对象。
返回一个新KeyAgreement对象,它封装指定Provider对象的KeyAgreementSpi实现。 请注意,指定的Provider对象不必在提供程序列表中注册。
| Parameters | |
|---|---|
algorithm |
String: the standard name of the requested key agreement algorithm. See the KeyAgreement section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard algorithm names. |
provider |
Provider: the provider. |
| Returns | |
|---|---|
KeyAgreement |
the new KeyAgreement object. |
| Throws | |
|---|---|
NullPointerException |
if the specified algorithm is null. |
NoSuchAlgorithmException |
if a KeyAgreementSpi implementation for the specified algorithm is not available from the specified Provider object. |
IllegalArgumentException |
if the provider is null. |
也可以看看:
Provider getProvider ()
返回此 KeyAgreement对象的提供者。
| Returns | |
|---|---|
Provider |
the provider of this KeyAgreement object |
void init (Key key, AlgorithmParameterSpec params)
使用给定的密钥和算法参数集初始化此密钥协议。
如果此密钥协议要求任何随机字节,它将使用最高优先级的安装提供程序的SecureRandom
| Parameters | |
|---|---|
key |
Key: the party's private information. For example, in the case of the Diffie-Hellman key agreement, this would be the party's own Diffie-Hellman private key. |
params |
AlgorithmParameterSpec: the key agreement parameters |
| Throws | |
|---|---|
InvalidKeyException |
if the given key is inappropriate for this key agreement, e.g., is of the wrong type or has an incompatible algorithm type. |
InvalidAlgorithmParameterException |
if the given parameters are inappropriate for this key agreement. |
void init (Key key, AlgorithmParameterSpec params, SecureRandom random)
使用给定密钥,算法参数集和随机源初始化此密钥协议。
| Parameters | |
|---|---|
key |
Key: the party's private information. For example, in the case of the Diffie-Hellman key agreement, this would be the party's own Diffie-Hellman private key. |
params |
AlgorithmParameterSpec: the key agreement parameters |
random |
SecureRandom: the source of randomness |
| Throws | |
|---|---|
InvalidKeyException |
if the given key is inappropriate for this key agreement, e.g., is of the wrong type or has an incompatible algorithm type. |
InvalidAlgorithmParameterException |
if the given parameters are inappropriate for this key agreement. |
void init (Key key, SecureRandom random)
使用给定的密钥和随机源初始化此密钥协议。 给定密钥需要包含此密钥协议所需的所有算法参数。
如果密钥协商算法需要随机字节,它将从给定的随机源random获取它们。 但是,如果底层算法实现不需要任何随机字节,则忽略random 。
| Parameters | |
|---|---|
key |
Key: the party's private information. For example, in the case of the Diffie-Hellman key agreement, this would be the party's own Diffie-Hellman private key. |
random |
SecureRandom: the source of randomness |
| Throws | |
|---|---|
InvalidKeyException |
if the given key is inappropriate for this key agreement, e.g., is of the wrong type or has an incompatible algorithm type. |
void init (Key key)
使用给定密钥初始化此密钥协议,该密钥需要包含此密钥协议所需的所有算法参数。
如果此密钥协议需要任何随机字节,则它将使用最高优先级安装提供程序的SecureRandom
| Parameters | |
|---|---|
key |
Key: the party's private information. For example, in the case of the Diffie-Hellman key agreement, this would be the party's own Diffie-Hellman private key. |
| Throws | |
|---|---|
InvalidKeyException |
if the given key is inappropriate for this key agreement, e.g., is of the wrong type or has an incompatible algorithm type. |