1. /*

  2.  * @(#)KeyPairGenerator.java	1.42 01/11/29

  3.  *

  4.  * Copyright 2002 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7.  

  8. package java.security;

  9. 

  10. import java.security.spec.AlgorithmParameterSpec;

  11. 

  12. /**

  13.  * The KeyPairGenerator class is used to generate pairs of

  14.  * public and private keys. Key pair generators are constructed using the

  15.  * <code>getInstance</code> factory methods (static methods that

  16.  * return instances of a given class).

  17.  *

  18.  * <p>A Key pair generator for a particular algorithm creates a public/private

  19.  * key pair that can be used with this algorithm. It also associates

  20.  * algorithm-specific parameters with each of the generated keys.

  21.  * 

  22.  * <p>There are two ways to generate a key pair: in an algorithm-independent

  23.  * manner, and in an algorithm-specific manner.

  24.  * The only difference between the two is the initialization of the object:

  25.  * 

  26.  * <ul>

  27.  * <li><b>Algorithm-Independent Initialization</b>

  28.  * <p>All key pair generators share the concepts of a keysize and a

  29.  * source of randomness. The keysize is interpreted differently for different

  30.  * algorithms (e.g., in the case of the <i>DSA</i> algorithm, the keysize 

  31.  * corresponds to the length of the modulus).

  32.  * There is an 

  33.  * <a href = "#initialize(int, java.security.SecureRandom)">initialize</a> 

  34.  * method in this KeyPairGenerator class that takes these two universally

  35.  * shared types of arguments. There is also one that takes just a

  36.  * <code>keysize</code> argument, and uses the <code>SecureRandom</code>

  37.  * implementation of the highest-priority installed provider as the source

  38.  * of randomness. (If none of the installed providers supply an implementation

  39.  * of <code>SecureRandom</code>, a system-provided source of randomness is

  40.  * used.)

  41.  * 

  42.  * <p>Since no other parameters are specified when you call the above

  43.  * algorithm-independent <code>initialize</code> methods, it is up to the

  44.  * provider what to do about the algorithm-specific parameters (if any) to be

  45.  * associated with each of the keys.

  46.  * 

  47.  * <p>If the algorithm is the <i>DSA</i> algorithm, and the keysize (modulus

  48.  * size) is 512, 768, or 1024, then the <i>Sun</i> provider uses a set of

  49.  * precomputed values for the <code>p</code>, <code>q</code>, and

  50.  * <code>g</code> parameters. If the modulus size is not one of the above

  51.  * values, the <i>Sun</i> provider creates a new set of parameters. Other

  52.  * providers might have precomputed parameter sets for more than just the

  53.  * three modulus sizes mentioned above. Still others might not have a list of

  54.  * precomputed parameters at all and instead always create new parameter sets.

  55.  * <p>

  56.  *

  57.  * <li><b>Algorithm-Specific Initialization</b>

  58.  * <p>For situations where a set of algorithm-specific parameters already

  59.  * exists (e.g., so-called <i>community parameters</i> in DSA), there are two

  60.  * <a href = "#initialize(java.security.spec.AlgorithmParameterSpec)">

  61.  * initialize</a> methods that have an <code>AlgorithmParameterSpec</code>

  62.  * argument. One also has a <code>SecureRandom</code> argument, while the

  63.  * the other uses the <code>SecureRandom</code>

  64.  * implementation of the highest-priority installed provider as the source

  65.  * of randomness. (If none of the installed providers supply an implementation

  66.  * of <code>SecureRandom</code>, a system-provided source of randomness is

  67.  * used.)

  68.  * </ul>

  69.  *

  70.  * <p>In case the client does not explicitly initialize the KeyPairGenerator

  71.  * (via a call to an <code>initialize</code> method), each provider must

  72.  * supply (and document) a default initialization.

  73.  * For example, the <i>Sun</i> provider uses a default modulus size (keysize)

  74.  * of 1024 bits.

  75.  *

  76.  * <p>Note that this class is abstract and extends from

  77.  * <code>KeyPairGeneratorSpi</code> for historical reasons.

  78.  * Application developers should only take notice of the methods defined in

  79.  * this <code>KeyPairGenerator</code> class; all the methods in

  80.  * the superclass are intended for cryptographic service providers who wish to

  81.  * supply their own implementations of key pair generators.

  82.  *

  83.  * @author Benjamin Renaud

  84.  *

  85.  * @version 1.42, 01/11/29

  86.  *

  87.  * @see java.security.spec.AlgorithmParameterSpec

  88.  */

  89. 

  90. public abstract class KeyPairGenerator extends KeyPairGeneratorSpi {

  91. 

  92.     private String algorithm;

  93. 

  94.     // The provider

  95.     private Provider provider;

  96. 

  97.     /**

  98.      * Creates a KeyPairGenerator object for the specified algorithm.

  99.      *

  100.      * @param algorithm the standard string name of the algorithm. 

  101.      * See Appendix A in the <a href=

  102.      * "../../../guide/security/CryptoSpec.html#AppA">

  103.      * Java Cryptography Architecture API Specification & Reference </a> 

  104.      * for information about standard algorithm names.

  105.      */

  106.     protected KeyPairGenerator(String algorithm) {

  107. 	this.algorithm = algorithm;

  108.     }

  109.     

  110.     /**

  111.      * Returns the standard name of the algorithm for this key pair generator.

  112.      * See Appendix A in the <a href=

  113.      * "../../../guide/security/CryptoSpec.html#AppA">

  114.      * Java Cryptography Architecture API Specification & Reference </a> 

  115.      * for information about standard algorithm names.

  116.      * 

  117.      * @return the standard string name of the algorithm. 

  118.      */

  119.     public String getAlgorithm() {

  120. 	return this.algorithm;

  121.     }

  122. 

  123.     /**

  124.      * Generates a KeyPairGenerator object that implements the specified digest

  125.      * algorithm. If the default provider package

  126.      * provides an implementation of the requested digest algorithm,

  127.      * an instance of KeyPairGenerator containing that implementation is

  128.      * returned.

  129.      * If the algorithm is not available in the default 

  130.      * package, other packages are searched.

  131.      *

  132.      * @param algorithm the standard string name of the algorithm. 

  133.      * See Appendix A in the <a href=

  134.      * "../../../guide/security/CryptoSpec.html#AppA">

  135.      * Java Cryptography Architecture API Specification & Reference </a> 

  136.      * for information about standard algorithm names.

  137.      *

  138.      * @return the new KeyPairGenerator object.

  139.      *

  140.      * @exception NoSuchAlgorithmException if the algorithm is

  141.      * not available in the environment.  

  142.      */

  143.     public static KeyPairGenerator getInstance(String algorithm)

  144.     throws NoSuchAlgorithmException {

  145. 	try {

  146. 	    Object[] objs = Security.getImpl(algorithm, "KeyPairGenerator",

  147. 					     null);

  148. 	    if (objs[0] instanceof KeyPairGenerator) {

  149. 		KeyPairGenerator keyPairGen = (KeyPairGenerator)objs[0];

  150. 		keyPairGen.provider = (Provider)objs[1];

  151. 		return keyPairGen;

  152. 	    } else {

  153. 		KeyPairGenerator delegate =

  154. 		    new Delegate((KeyPairGeneratorSpi)objs[0], algorithm);

  155. 		delegate.provider = (Provider)objs[1];

  156. 		return delegate;

  157. 	    }

  158. 	} catch(NoSuchProviderException e) {

  159. 	    throw new NoSuchAlgorithmException(algorithm + " not found");

  160. 	}

  161.     }

  162. 

  163.     /** 

  164.      * Generates a KeyPairGenerator object implementing the specified

  165.      * algorithm, as supplied from the specified provider, 

  166.      * if such an algorithm is available from the provider.

  167.      *

  168.      * @param algorithm the standard string name of the algorithm.

  169.      * See Appendix A in the <a href=

  170.      * "../../../guide/security/CryptoSpec.html#AppA">

  171.      * Java Cryptography Architecture API Specification & Reference </a> 

  172.      * for information about standard algorithm names.

  173.      *

  174.      * @param provider the string name of the provider.

  175.      *

  176.      * @return the new KeyPairGenerator object.

  177.      *

  178.      * @exception NoSuchAlgorithmException if the algorithm is

  179.      * not available from the provider.

  180.      *

  181.      * @exception NoSuchProviderException if the provider is not

  182.      * available in the environment. 

  183.      * 

  184.      * @see Provider 

  185.      */

  186.     public static KeyPairGenerator getInstance(String algorithm,

  187. 					       String provider) 

  188. 	throws NoSuchAlgorithmException, NoSuchProviderException

  189.     {

  190. 	if (provider == null || provider.length() == 0)

  191. 	    throw new IllegalArgumentException("missing provider");

  192. 	Object[] objs = Security.getImpl(algorithm, "KeyPairGenerator",

  193. 					 provider);

  194. 	if (objs[0] instanceof KeyPairGenerator) {

  195. 	    KeyPairGenerator keyPairGen = (KeyPairGenerator)objs[0];

  196. 	    keyPairGen.provider = (Provider)objs[1];

  197. 	    return keyPairGen;

  198. 	} else {

  199. 	    KeyPairGenerator delegate =

  200. 		new Delegate((KeyPairGeneratorSpi)objs[0], algorithm);

  201. 	    delegate.provider = (Provider)objs[1];

  202. 	    return delegate;

  203. 	}

  204.     }

  205. 

  206.     /** 

  207.      * Returns the provider of this key pair generator object.

  208.      * 

  209.      * @return the provider of this key pair generator object

  210.      */

  211.     public final Provider getProvider() {

  212. 	return this.provider;

  213.     }

  214. 

  215.     /**

  216.      * Initializes the key pair generator for a certain keysize using

  217.      * a default parameter set and the <code>SecureRandom</code>

  218.      * implementation of the highest-priority installed provider as the source

  219.      * of randomness.

  220.      * (If none of the installed providers supply an implementation of

  221.      * <code>SecureRandom</code>, a system-provided source of randomness is

  222.      * used.)

  223.      *

  224.      * @param keysize the keysize. This is an

  225.      * algorithm-specific metric, such as modulus length, specified in

  226.      * number of bits.

  227.      */

  228.     public void initialize(int keysize) {

  229. 	initialize(keysize, new SecureRandom());

  230.     }

  231. 

  232.     /**

  233.      * Initializes the key pair generator for a certain keysize with

  234.      * the given source of randomness (and a default parameter set).

  235.      *

  236.      * @param keysize the keysize. This is an

  237.      * algorithm-specific metric, such as modulus length, specified in

  238.      * number of bits.

  239.      * @param random the source of randomness.

  240.      *

  241.      * @since JDK1.2

  242.      */

  243.     public void initialize(int keysize, SecureRandom random) {

  244. 	// This does nothing, because either

  245. 	// 1. the implementation object returned by getInstance() is an

  246. 	//    instance of KeyPairGenerator which has its own 

  247. 	//    initialize(keysize, random) method, so the application would

  248. 	//    be calling that method directly, or

  249. 	// 2. the implementation returned by getInstance() is an instance

  250. 	//    of Delegate, in which case initialize(keysize, random) is

  251. 	//    overridden to call the corresponding SPI method.

  252. 	// (This is a special case, because the API and SPI method have the

  253. 	// same name.)

  254.     }

  255. 

  256.     /**

  257.      * Initializes the key pair generator using the specified parameter 

  258.      * set and the <code>SecureRandom</code>

  259.      * implementation of the highest-priority installed provider as the source

  260.      * of randomness.

  261.      * (If none of the installed providers supply an implementation of

  262.      * <code>SecureRandom</code>, a system-provided source of randomness is

  263.      * used.).

  264.      *

  265.      * <p>This concrete method has been added to this previously-defined

  266.      * abstract class.

  267.      * This method calls the KeyPairGeneratorSpi <a href =

  268.      * "KeyPairGeneratorSpi.html#

  269.      * initialize(java.security.spec.AlgorithmParameterSpec,

  270.      * java.security.SecureRandom)">initialize</a> method, 

  271.      * passing it <code>params</code> and a source of randomness (obtained

  272.      * from the highest-priority installed provider or system-provided if none

  273.      * of the installed providers supply one).

  274.      * That <code>initialize</code> method always throws an

  275.      * UnsupportedOperationException if it is not overridden by the provider.

  276.      *

  277.      * @param params the parameter set used to generate the keys.

  278.      *

  279.      * @exception InvalidAlgorithmParameterException if the given parameters

  280.      * are inappropriate for this key pair generator.

  281.      *

  282.      * @since JDK1.2

  283.      */

  284.     public void initialize(AlgorithmParameterSpec params)

  285. 	throws InvalidAlgorithmParameterException {

  286. 	    initialize(params, new SecureRandom());

  287.     }

  288. 

  289.     /**

  290.      * Initializes the key pair generator with the given parameter 

  291.      * set and source of randomness.

  292.      *

  293.      * <p>This concrete method has been added to this previously-defined

  294.      * abstract class.

  295.      * This method calls the KeyPairGeneratorSpi <a href =

  296.      * "KeyPairGeneratorSpi.html#

  297.      * initialize(java.security.spec.AlgorithmParameterSpec,

  298.      * java.security.SecureRandom)">initialize</a> method, 

  299.      * passing it <code>params</code> and <code>random</code>.

  300.      * That <code>initialize</code>

  301.      * method always throws an

  302.      * UnsupportedOperationException if it is not overridden by the provider.

  303.      *

  304.      * @param params the parameter set used to generate the keys.

  305.      * @param random the source of randomness.

  306.      *

  307.      * @exception InvalidAlgorithmParameterException if the given parameters

  308.      * are inappropriate for this key pair generator.

  309.      *

  310.      * @since JDK1.2

  311.      */

  312.     public void initialize(AlgorithmParameterSpec params,

  313. 			   SecureRandom random)

  314. 	throws InvalidAlgorithmParameterException

  315.     {

  316. 	// This does nothing, because either

  317. 	// 1. the implementation object returned by getInstance() is an

  318. 	//    instance of KeyPairGenerator which has its own 

  319. 	//    initialize(params, random) method, so the application would

  320. 	//    be calling that method directly, or

  321. 	// 2. the implementation returned by getInstance() is an instance

  322. 	//    of Delegate, in which case initialize(params, random) is

  323. 	//    overridden to call the corresponding SPI method.

  324. 	// (This is a special case, because the API and SPI method have the

  325. 	// same name.)

  326.     }

  327. 

  328.     /**

  329.      * Generates a key pair. Unless an initialization method is called

  330.      * using a KeyPairGenerator interface, algorithm-specific defaults

  331.      * will be used. This will generate a new key pair every time it

  332.      * is called.

  333.      *

  334.      * @return the generated key pair

  335.      *

  336.      * @since JDK1.2

  337.      */

  338.     public final KeyPair genKeyPair() {

  339. 	return generateKeyPair();

  340.     }

  341. 

  342. 

  343. 

  344. 

  345.     /*

  346.      * The following class allows providers to extend from KeyPairGeneratorSpi

  347.      * rather than from KeyPairGenerator. It represents a KeyPairGenerator

  348.      * with an encapsulated, provider-supplied SPI object (of type

  349.      * KeyPairGeneratorSpi).

  350.      * If the provider implementation is an instance of KeyPairGeneratorSpi,

  351.      * the getInstance() methods above return an instance of this class, with

  352.      * the SPI object encapsulated.

  353.      *

  354.      * Note: All SPI methods from the original KeyPairGenerator class have been

  355.      * moved up the hierarchy into a new class (KeyPairGeneratorSpi), which has

  356.      * been interposed in the hierarchy between the API (KeyPairGenerator)

  357.      * and its original parent (Object).

  358.      */

  359. 

  360.     static class Delegate extends KeyPairGenerator {

  361. 

  362. 	// The provider implementation (delegate)

  363. 	private KeyPairGeneratorSpi kpairGenSpi;

  364. 

  365. 	// constructor

  366. 	public Delegate(KeyPairGeneratorSpi kpairGenSpi, String algorithm) {

  367. 	    super(algorithm);

  368. 	    this.kpairGenSpi = kpairGenSpi;

  369. 	}

  370.     

  371. 	// engine method

  372. 	public void initialize(int keysize, SecureRandom random) {

  373. 	    kpairGenSpi.initialize(keysize, random);

  374. 	}

  375. 

  376. 	// engine method

  377. 	public void initialize(AlgorithmParameterSpec params,

  378. 			       SecureRandom random)

  379. 	    throws InvalidAlgorithmParameterException {

  380. 		kpairGenSpi.initialize(params, random);;

  381. 	}

  382. 

  383. 	// engine method

  384. 	public KeyPair generateKeyPair() {

  385. 	    return kpairGenSpi.generateKeyPair();

  386. 	}

  387.     }

  388. }