Site Tools


Sidebar

Smart Card Solution

User Manual

JavaCard API Samples

Java Card Specification

Knowledge Sharing

javacard:java-card-api:keyagreement

javacard.security

Class KeyAgreement


public abstract class KeyAgreementextends Object

The KeyAgreement class is the base class for key agreement algorithms such as Diffie-Hellman and EC Diffie-Hellman [IEEE P1363]. Implementations of KeyAgreement algorithms must extend this class and implement all the abstract methods.

A tear or card reset event resets an initialized KeyAgreement object to the state it was in when previously initialized via a call to init().

Version:

1.0 

Field Summary
static byte ALG_EC_SVDP_DH           Elliptic curve secret value derivation primitive, Diffie-Hellman version, as per [IEEE P1363].
static byte ALG_EC_SVDP_DHC           Elliptic curve secret value derivation primitive, Diffie-Hellman version, with cofactor multiplication, as per [IEEE P1363].

 

Constructor Summary
protected KeyAgreement ()          Protected constructor.

 

Method Summary
abstract  short generateSecret (byte[] publicData,short publicOffset,short publicLength,byte[] secret,short secretOffset)          Generates the secret data as per the requested algorithm using the PrivateKey specified during initialization and the public key data provided.
abstract  byte getAlgorithm ()          Gets the KeyAgreement algorithm.
static KeyAgreement getInstance (byte algorithm,boolean externalAccess)          Creates a KeyAgreement object instance of the selected algorithm.
abstract  void init (PrivateKey  privKey)          Initializes the object with the given private key.

 

Methods inherited from class java.lang.Object
equals

 

Field Detail

ALG_EC_SVDP_DH

public static final byte ALG_EC_SVDP_DH

Elliptic curve secret value derivation primitive, Diffie-Hellman version, as per [IEEE P1363].

See Also:Constant Field Values


ALG_EC_SVDP_DHC

public static final byte ALG_EC_SVDP_DHC

Elliptic curve secret value derivation primitive, Diffie-Hellman version, with cofactor multiplication, as per [IEEE P1363]. (output value is to be equal to that from ALG_EC_SVDP_DH)

See Also:Constant Field Values

Constructor Detail

KeyAgreement

protected KeyAgreement()

Protected constructor.

Method Detail

getInstance

public static final KeyAgreement getInstance(byte algorithm, boolean externalAccess) throws CryptoException

Creates a KeyAgreement object instance of the selected algorithm.

Parameters:algorithm - the desired key agreement algorithm Valid codes listed in ALG_* constants above, for example, ALG_EC_SVDP_DH .

externalAccess - if true indicates that the instance will be shared among multiple applet instances and that the KeyAgreement instance will also be accessed (via a Shareable interface) when the owner of the KeyAgreement instance is not the currently selected applet. If true the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.

Returns:the KeyAgreement object instance of the requested algorithm

Throws: CryptoException - with the following reason codes:

  • CryptoException.NO_SUCH_ALGORITHM if the requested algorithm or shared access mode is not supported.



init

public abstract void init(PrivateKey  privKey) throws CryptoException

Initializes the object with the given private key.

Parameters:privKey - the private key

Throws: CryptoException - with the following reason codes:

  • CryptoException.ILLEGAL_VALUE if the input key type is inconsistent with the KeyAgreement algorithm,for example, if the KeyAgreement algorithm is ALG_EC_SVDP_DH and the key type isTYPE_RSA_PRIVATE, or if privKey is inconsistent with the implementation.


  • CryptoException.UNINITIALIZED_KEY if privKey is uninitialized, or if the KeyAgreement algorithm is set to ALG_EC_SVDP_DHC and the cofactor, K,has not been successfully initialized since the time the initialized state of the key was set to false.



getAlgorithm

public abstract byte getAlgorithm()

Gets the KeyAgreement algorithm.

Returns:the algorithm code defined above


generateSecret

public abstract short generateSecret(byte[] publicData, short publicOffset, short publicLength, byte[] secret, short secretOffset) throws CryptoException

Generates the secret data as per the requested algorithm using the PrivateKey specified during initialization and the public key data provided.

Note that in the case of the algorithms ALG_EC_SVDP_DH and ALG_EC_SVDP_DHC the public key data provided should be the public elliptic curve point of the second party in the protocol, specified as per ANSI X9.62. A specific implementation need not support the compressed form, but must support the uncompressed form of the point.

Parameters:publicData - buffer holding the public data of the second party

publicOffset - offset into the publicData buffer at which the data begins

publicLength - byte length of the public data

secret - buffer to hold the secret output

secretOffset - offset into the secret array at which to start writing the secret

Returns:byte length of the secret

Throws: CryptoException - with the following reason codes:

  • CryptoException.ILLEGAL_VALUE if the publicData data format is incorrect, or if the publicData data is inconsistent with the PrivateKey specified during initialization.


  • CryptoException.INVALID_INIT if this KeyAgreement object is not initialized.


javacard/java-card-api/keyagreement.txt · Last modified: 2017/05/13 04:05 (external edit)