1. /*

  2.  * @(#)KeyPairGenerator.java	1.52 03/01/23

  3.  *

  4.  * Copyright 2003 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7.  

  8. package java.security;

  9. 

  10. import java.security.spec.AlgorithmParameterSpec;

  11. 

  12. /**

  13.  * The KeyPairGenerator class is used to generate pairs of

  14.  * public and private keys. Key pair generators are constructed using the

  15.  * <code>getInstance</code> factory methods (static methods that

  16.  * return instances of a given class).

  17.  *

  18.  * <p>A Key pair generator for a particular algorithm creates a public/private

  19.  * key pair that can be used with this algorithm. It also associates

  20.  * algorithm-specific parameters with each of the generated keys.

  21.  * 

  22.  * <p>There are two ways to generate a key pair: in an algorithm-independent

  23.  * manner, and in an algorithm-specific manner.

  24.  * The only difference between the two is the initialization of the object:

  25.  * 

  26.  * <ul>

  27.  * <li><b>Algorithm-Independent Initialization</b>

  28.  * <p>All key pair generators share the concepts of a keysize and a

  29.  * source of randomness. The keysize is interpreted differently for different

  30.  * algorithms (e.g., in the case of the <i>DSA</i> algorithm, the keysize 

  31.  * corresponds to the length of the modulus).

  32.  * There is an 

  33.  * {@link #initialize(int, java.security.SecureRandom) initialize}

  34.  * method in this KeyPairGenerator class that takes these two universally

  35.  * shared types of arguments. There is also one that takes just a

  36.  * <code>keysize</code> argument, and uses the <code>SecureRandom</code>

  37.  * implementation of the highest-priority installed provider as the source

  38.  * of randomness. (If none of the installed providers supply an implementation

  39.  * of <code>SecureRandom</code>, a system-provided source of randomness is

  40.  * used.)

  41.  * 

  42.  * <p>Since no other parameters are specified when you call the above

  43.  * algorithm-independent <code>initialize</code> methods, it is up to the

  44.  * provider what to do about the algorithm-specific parameters (if any) to be

  45.  * associated with each of the keys.

  46.  * 

  47.  * <p>If the algorithm is the <i>DSA</i> algorithm, and the keysize (modulus

  48.  * size) is 512, 768, or 1024, then the <i>Sun</i> provider uses a set of

  49.  * precomputed values for the <code>p</code>, <code>q</code>, and

  50.  * <code>g</code> parameters. If the modulus size is not one of the above

  51.  * values, the <i>Sun</i> provider creates a new set of parameters. Other

  52.  * providers might have precomputed parameter sets for more than just the

  53.  * three modulus sizes mentioned above. Still others might not have a list of

  54.  * precomputed parameters at all and instead always create new parameter sets.

  55.  * <p>

  56.  *

  57.  * <li><b>Algorithm-Specific Initialization</b>

  58.  * <p>For situations where a set of algorithm-specific parameters already

  59.  * exists (e.g., so-called <i>community parameters</i> in DSA), there are two

  60.  * {@link #initialize(java.security.spec.AlgorithmParameterSpec)

  61.  * initialize} methods that have an <code>AlgorithmParameterSpec</code>

  62.  * argument. One also has a <code>SecureRandom</code> argument, while the

  63.  * the other uses the <code>SecureRandom</code>

  64.  * implementation of the highest-priority installed provider as the source

  65.  * of randomness. (If none of the installed providers supply an implementation

  66.  * of <code>SecureRandom</code>, a system-provided source of randomness is

  67.  * used.)

  68.  * </ul>

  69.  *

  70.  * <p>In case the client does not explicitly initialize the KeyPairGenerator

  71.  * (via a call to an <code>initialize</code> method), each provider must

  72.  * supply (and document) a default initialization.

  73.  * For example, the <i>Sun</i> provider uses a default modulus size (keysize)

  74.  * of 1024 bits.

  75.  *

  76.  * <p>Note that this class is abstract and extends from

  77.  * <code>KeyPairGeneratorSpi</code> for historical reasons.

  78.  * Application developers should only take notice of the methods defined in

  79.  * this <code>KeyPairGenerator</code> class; all the methods in

  80.  * the superclass are intended for cryptographic service providers who wish to

  81.  * supply their own implementations of key pair generators.

  82.  *

  83.  * @author Benjamin Renaud

  84.  *

  85.  * @version 1.52, 01/23/03

  86.  *

  87.  * @see java.security.spec.AlgorithmParameterSpec

  88.  */

  89. 

  90. public abstract class KeyPairGenerator extends KeyPairGeneratorSpi {

  91. 

  92.     private String algorithm;

  93. 

  94.     // The provider

  95.     private Provider provider;

  96. 

  97.     /**

  98.      * Creates a KeyPairGenerator object for the specified algorithm.

  99.      *

  100.      * @param algorithm the standard string name of the algorithm. 

  101.      * See Appendix A in the <a href=

  102.      * "../../../guide/security/CryptoSpec.html#AppA">

  103.      * Java Cryptography Architecture API Specification & Reference </a> 

  104.      * for information about standard algorithm names.

  105.      */

  106.     protected KeyPairGenerator(String algorithm) {

  107. 	this.algorithm = algorithm;

  108.     }

  109.     

  110.     /**

  111.      * Returns the standard name of the algorithm for this key pair generator.

  112.      * See Appendix A in the <a href=

  113.      * "../../../guide/security/CryptoSpec.html#AppA">

  114.      * Java Cryptography Architecture API Specification & Reference </a> 

  115.      * for information about standard algorithm names.

  116.      * 

  117.      * @return the standard string name of the algorithm. 

  118.      */

  119.     public String getAlgorithm() {

  120. 	return this.algorithm;

  121.     }

  122. 

  123.     /**

  124.      * Generates a KeyPairGenerator object that implements the specified digest

  125.      * algorithm. If the default provider package

  126.      * provides an implementation of the requested digest algorithm,

  127.      * an instance of KeyPairGenerator containing that implementation is

  128.      * returned.

  129.      * If the algorithm is not available in the default 

  130.      * package, other packages are searched.

  131.      *

  132.      * @param algorithm the standard string name of the algorithm. 

  133.      * See Appendix A in the <a href=

  134.      * "../../../guide/security/CryptoSpec.html#AppA">

  135.      * Java Cryptography Architecture API Specification & Reference </a> 

  136.      * for information about standard algorithm names.

  137.      *

  138.      * @return the new KeyPairGenerator object.

  139.      *

  140.      * @exception NoSuchAlgorithmException if the algorithm is

  141.      * not available in the environment.  

  142.      */

  143.     public static KeyPairGenerator getInstance(String algorithm)

  144.     throws NoSuchAlgorithmException {

  145. 	try {

  146. 	    Object[] objs = Security.getImpl(algorithm, "KeyPairGenerator",

  147. 					     (String)null);

  148. 	    if (objs[0] instanceof KeyPairGenerator) {

  149. 		KeyPairGenerator keyPairGen = (KeyPairGenerator)objs[0];

  150. 		keyPairGen.provider = (Provider)objs[1];

  151. 		return keyPairGen;

  152. 	    } else {

  153. 		KeyPairGenerator delegate =

  154. 		    new Delegate((KeyPairGeneratorSpi)objs[0], algorithm);

  155. 		delegate.provider = (Provider)objs[1];

  156. 		return delegate;

  157. 	    }

  158. 	} catch(NoSuchProviderException e) {

  159. 	    throw new NoSuchAlgorithmException(algorithm + " not found");

  160. 	}

  161.     }

  162. 

  163.     /** 

  164.      * Generates a KeyPairGenerator object implementing the specified

  165.      * algorithm, as supplied from the specified provider, 

  166.      * if such an algorithm is available from the provider.

  167.      *

  168.      * @param algorithm the standard string name of the algorithm.

  169.      * See Appendix A in the <a href=

  170.      * "../../../guide/security/CryptoSpec.html#AppA">

  171.      * Java Cryptography Architecture API Specification & Reference </a> 

  172.      * for information about standard algorithm names.

  173.      *

  174.      * @param provider the string name of the provider.

  175.      *

  176.      * @return the new KeyPairGenerator object.

  177.      *

  178.      * @exception NoSuchAlgorithmException if the algorithm is

  179.      * not available from the provider.

  180.      *

  181.      * @exception NoSuchProviderException if the provider is not

  182.      * available in the environment.

  183.      *

  184.      * @exception IllegalArgumentException if the provider name is null

  185.      * or empty.

  186.      * 

  187.      * @see Provider 

  188.      */

  189.     public static KeyPairGenerator getInstance(String algorithm,

  190. 					       String provider) 

  191. 	throws NoSuchAlgorithmException, NoSuchProviderException

  192.     {

  193. 	if (provider == null || provider.length() == 0)

  194. 	    throw new IllegalArgumentException("missing provider");

  195. 	Object[] objs = Security.getImpl(algorithm, "KeyPairGenerator",

  196. 					 provider);

  197. 	if (objs[0] instanceof KeyPairGenerator) {

  198. 	    KeyPairGenerator keyPairGen = (KeyPairGenerator)objs[0];

  199. 	    keyPairGen.provider = (Provider)objs[1];

  200. 	    return keyPairGen;

  201. 	} else {

  202. 	    KeyPairGenerator delegate =

  203. 		new Delegate((KeyPairGeneratorSpi)objs[0], algorithm);

  204. 	    delegate.provider = (Provider)objs[1];

  205. 	    return delegate;

  206. 	}

  207.     }

  208. 

  209.     /** 

  210.      * Generates a KeyPairGenerator object implementing the specified

  211.      * algorithm, as supplied from the specified provider, 

  212.      * if such an algorithm is available from the provider.

  213.      * Note: the <code>provider</code> doesn't have to be registered.

  214.      *

  215.      * @param algorithm the standard string name of the algorithm.

  216.      * See Appendix A in the <a href=

  217.      * "../../../guide/security/CryptoSpec.html#AppA">

  218.      * Java Cryptography Architecture API Specification & Reference </a> 

  219.      * for information about standard algorithm names.

  220.      *

  221.      * @param provider the provider.

  222.      *

  223.      * @return the new KeyPairGenerator object.

  224.      *

  225.      * @exception NoSuchAlgorithmException if the algorithm is

  226.      * not available from the provider.

  227.      *

  228.      * @exception IllegalArgumentException if the <code>provider</code> is

  229.      * null.

  230.      *

  231.      * @see Provider

  232.      *

  233.      * @since 1.4

  234.      */

  235.     public static KeyPairGenerator getInstance(String algorithm,

  236. 					       Provider provider) 

  237. 	throws NoSuchAlgorithmException

  238.     {

  239. 	if (provider == null)

  240. 	    throw new IllegalArgumentException("missing provider");

  241. 	Object[] objs = Security.getImpl(algorithm, "KeyPairGenerator",

  242. 					 provider);

  243. 	if (objs[0] instanceof KeyPairGenerator) {

  244. 	    KeyPairGenerator keyPairGen = (KeyPairGenerator)objs[0];

  245. 	    keyPairGen.provider = (Provider)objs[1];

  246. 	    return keyPairGen;

  247. 	} else {

  248. 	    KeyPairGenerator delegate =

  249. 		new Delegate((KeyPairGeneratorSpi)objs[0], algorithm);

  250. 	    delegate.provider = (Provider)objs[1];

  251. 	    return delegate;

  252. 	}

  253.     }

  254. 

  255.     /** 

  256.      * Returns the provider of this key pair generator object.

  257.      * 

  258.      * @return the provider of this key pair generator object

  259.      */

  260.     public final Provider getProvider() {

  261. 	return this.provider;

  262.     }

  263. 

  264.     /**

  265.      * Initializes the key pair generator for a certain keysize using

  266.      * a default parameter set and the <code>SecureRandom</code>

  267.      * implementation of the highest-priority installed provider as the source

  268.      * of randomness.

  269.      * (If none of the installed providers supply an implementation of

  270.      * <code>SecureRandom</code>, a system-provided source of randomness is

  271.      * used.)

  272.      *

  273.      * @param keysize the keysize. This is an

  274.      * algorithm-specific metric, such as modulus length, specified in

  275.      * number of bits.

  276.      *

  277.      * @exception InvalidParameterException if the <code>keysize</code> is not

  278.      * supported by this KeyPairGenerator object.

  279.      */

  280.     public void initialize(int keysize) {

  281. 	initialize(keysize, new SecureRandom());

  282.     }

  283. 

  284.     /**

  285.      * Initializes the key pair generator for a certain keysize with

  286.      * the given source of randomness (and a default parameter set).

  287.      *

  288.      * @param keysize the keysize. This is an

  289.      * algorithm-specific metric, such as modulus length, specified in

  290.      * number of bits.

  291.      * @param random the source of randomness.

  292.      *

  293.      * @exception InvalidParameterException if the <code>keysize</code> is not

  294.      * supported by this KeyPairGenerator object.

  295.      *

  296.      * @since 1.2

  297.      */

  298.     public void initialize(int keysize, SecureRandom random) {

  299. 	// This does nothing, because either

  300. 	// 1. the implementation object returned by getInstance() is an

  301. 	//    instance of KeyPairGenerator which has its own 

  302. 	//    initialize(keysize, random) method, so the application would

  303. 	//    be calling that method directly, or

  304. 	// 2. the implementation returned by getInstance() is an instance

  305. 	//    of Delegate, in which case initialize(keysize, random) is

  306. 	//    overridden to call the corresponding SPI method.

  307. 	// (This is a special case, because the API and SPI method have the

  308. 	// same name.)

  309.     }

  310. 

  311.     /**

  312.      * Initializes the key pair generator using the specified parameter 

  313.      * set and the <code>SecureRandom</code>

  314.      * implementation of the highest-priority installed provider as the source

  315.      * of randomness.

  316.      * (If none of the installed providers supply an implementation of

  317.      * <code>SecureRandom</code>, a system-provided source of randomness is

  318.      * used.).

  319.      *

  320.      * <p>This concrete method has been added to this previously-defined

  321.      * abstract class.

  322.      * This method calls the KeyPairGeneratorSpi 

  323.      * {@link KeyPairGeneratorSpi.html#

  324.      * initialize(java.security.spec.AlgorithmParameterSpec,

  325.      * java.security.SecureRandom) initialize} method, 

  326.      * passing it <code>params</code> and a source of randomness (obtained

  327.      * from the highest-priority installed provider or system-provided if none

  328.      * of the installed providers supply one).

  329.      * That <code>initialize</code> method always throws an

  330.      * UnsupportedOperationException if it is not overridden by the provider.

  331.      *

  332.      * @param params the parameter set used to generate the keys.

  333.      *

  334.      * @exception InvalidAlgorithmParameterException if the given parameters

  335.      * are inappropriate for this key pair generator.

  336.      *

  337.      * @since 1.2

  338.      */

  339.     public void initialize(AlgorithmParameterSpec params)

  340. 	throws InvalidAlgorithmParameterException {

  341. 	    initialize(params, new SecureRandom());

  342.     }

  343. 

  344.     /**

  345.      * Initializes the key pair generator with the given parameter 

  346.      * set and source of randomness.

  347.      *

  348.      * <p>This concrete method has been added to this previously-defined

  349.      * abstract class.

  350.      * This method calls the KeyPairGeneratorSpi {@link 

  351.      * KeyPairGeneratorSpi.html#

  352.      * initialize(java.security.spec.AlgorithmParameterSpec,

  353.      * java.security.SecureRandom) initialize} method, 

  354.      * passing it <code>params</code> and <code>random</code>.

  355.      * That <code>initialize</code>

  356.      * method always throws an

  357.      * UnsupportedOperationException if it is not overridden by the provider.

  358.      *

  359.      * @param params the parameter set used to generate the keys.

  360.      * @param random the source of randomness.

  361.      *

  362.      * @exception InvalidAlgorithmParameterException if the given parameters

  363.      * are inappropriate for this key pair generator.

  364.      *

  365.      * @since 1.2

  366.      */

  367.     public void initialize(AlgorithmParameterSpec params,

  368. 			   SecureRandom random)

  369. 	throws InvalidAlgorithmParameterException

  370.     {

  371. 	// This does nothing, because either

  372. 	// 1. the implementation object returned by getInstance() is an

  373. 	//    instance of KeyPairGenerator which has its own 

  374. 	//    initialize(params, random) method, so the application would

  375. 	//    be calling that method directly, or

  376. 	// 2. the implementation returned by getInstance() is an instance

  377. 	//    of Delegate, in which case initialize(params, random) is

  378. 	//    overridden to call the corresponding SPI method.

  379. 	// (This is a special case, because the API and SPI method have the

  380. 	// same name.)

  381.     }

  382. 

  383.     /**

  384.      * Generates a key pair.

  385.      *

  386.      * <p>If this KeyPairGenerator has not been initialized explicitly,

  387.      * provider-specific defaults will be used for the size and other

  388.      * (algorithm-specific) values of the generated keys.

  389.      *

  390.      * <p>This will generate a new key pair every time it is called.

  391.      *

  392.      * <p>This method is functionally equivalent to 

  393.      * {@link #generateKeyPair() generateKeyPair}.

  394.      *

  395.      * @return the generated key pair

  396.      *

  397.      * @since 1.2

  398.      */

  399.     public final KeyPair genKeyPair() {

  400. 	return generateKeyPair();

  401.     }

  402. 

  403.     /**

  404.      * Generates a key pair.

  405.      *

  406.      * <p>If this KeyPairGenerator has not been initialized explicitly,

  407.      * provider-specific defaults will be used for the size and other

  408.      * (algorithm-specific) values of the generated keys.

  409.      *

  410.      * <p>This will generate a new key pair every time it is called.

  411.      * 

  412.      * <p>This method is functionally equivalent to 

  413.      * {@link #genKeyPair() genKeyPair}.

  414.      *

  415.      * @return the generated key pair

  416.      */

  417.     public KeyPair generateKeyPair() {

  418. 	// This does nothing (except returning null), because either:

  419. 	//

  420. 	// 1. the implementation object returned by getInstance() is an

  421. 	//    instance of KeyPairGenerator which has its own implementation

  422. 	//    of generateKeyPair (overriding this one), so the application

  423. 	//    would be calling that method directly, or

  424. 	//

  425. 	// 2. the implementation returned by getInstance() is an instance

  426. 	//    of Delegate, in which case generateKeyPair is

  427. 	//    overridden to invoke the corresponding SPI method.

  428. 	//

  429. 	// (This is a special case, because in JDK 1.1.x the generateKeyPair

  430. 	// method was used both as an API and a SPI method.)

  431.         return null;

  432.     }

  433. 

  434. 

  435.     /*

  436.      * The following class allows providers to extend from KeyPairGeneratorSpi

  437.      * rather than from KeyPairGenerator. It represents a KeyPairGenerator

  438.      * with an encapsulated, provider-supplied SPI object (of type

  439.      * KeyPairGeneratorSpi).

  440.      * If the provider implementation is an instance of KeyPairGeneratorSpi,

  441.      * the getInstance() methods above return an instance of this class, with

  442.      * the SPI object encapsulated.

  443.      *

  444.      * Note: All SPI methods from the original KeyPairGenerator class have been

  445.      * moved up the hierarchy into a new class (KeyPairGeneratorSpi), which has

  446.      * been interposed in the hierarchy between the API (KeyPairGenerator)

  447.      * and its original parent (Object).

  448.      */

  449. 

  450.     static class Delegate extends KeyPairGenerator {

  451. 

  452. 	// The provider implementation (delegate)

  453. 	private KeyPairGeneratorSpi kpairGenSpi;

  454. 

  455. 	// constructor

  456. 	public Delegate(KeyPairGeneratorSpi kpairGenSpi, String algorithm) {

  457. 	    super(algorithm);

  458. 	    this.kpairGenSpi = kpairGenSpi;

  459. 	}

  460.     

  461. 	// engine method

  462. 	public void initialize(int keysize, SecureRandom random) {

  463. 	    kpairGenSpi.initialize(keysize, random);

  464. 	}

  465. 

  466. 	// engine method

  467. 	public void initialize(AlgorithmParameterSpec params,

  468. 			       SecureRandom random)

  469. 	    throws InvalidAlgorithmParameterException {

  470. 		kpairGenSpi.initialize(params, random);;

  471. 	}

  472. 

  473. 	// engine method

  474. 	public KeyPair generateKeyPair() {

  475. 	    return kpairGenSpi.generateKeyPair();

  476. 	}

  477.     }

  478. }