public class KeyGenerator extends Object
Key generators are constructed using one of the getInstance
class methods of this class.
KeyGenerator objects are reusable, i.e., after a key has been generated, the same KeyGenerator object can be re-used to generate further keys.
There are two ways to generate a key: in an algorithm-independent manner, and in an algorithm-specific manner. The only difference between the two is the initialization of the object:
All key generators share the concepts of a keysize and a
source of randomness.
There is an
init
method in this KeyGenerator class that takes these two universally
shared types of arguments. There is also one that takes just a
keysize
argument, and uses the SecureRandom implementation
of the highest-priority installed provider as the source of randomness
(or a system-provided source of randomness if none of the installed
providers supply a SecureRandom implementation), and one that takes just a
source of randomness.
Since no other parameters are specified when you call the above
algorithm-independent init
methods, it is up to the
provider what to do about the algorithm-specific parameters (if any) to be
associated with each of the keys.
For situations where a set of algorithm-specific parameters already
exists, there are two
init
methods that have an AlgorithmParameterSpec
argument. One also has a SecureRandom
argument, while the
other uses the SecureRandom implementation
of the highest-priority installed provider as the source of randomness
(or a system-provided source of randomness if none of the installed
providers supply a SecureRandom implementation).
In case the client does not explicitly initialize the KeyGenerator
(via a call to an init
method), each provider must
supply (and document) a default initialization.
Every implementation of the Java platform is required to support the
following standard KeyGenerator
algorithms with the keysizes in
parentheses:
AES
(128)DES
(56)DESede
(168)HmacSHA1
HmacSHA256
SecretKey
Modifier | Constructor and Description |
---|---|
protected |
KeyGenerator(KeyGeneratorSpi keyGenSpi,
Provider provider,
String algorithm)
Creates a KeyGenerator object.
|
Modifier and Type | Method and Description |
---|---|
SecretKey |
generateKey()
Generates a secret key.
|
String |
getAlgorithm()
Returns the algorithm name of this
KeyGenerator object. |
static KeyGenerator |
getInstance(String algorithm)
Returns a
KeyGenerator object that generates secret keys
for the specified algorithm. |
static KeyGenerator |
getInstance(String algorithm,
Provider provider)
Returns a
KeyGenerator object that generates secret keys
for the specified algorithm. |
static KeyGenerator |
getInstance(String algorithm,
String provider)
Returns a
KeyGenerator object that generates secret keys
for the specified algorithm. |
Provider |
getProvider()
Returns the provider of this
KeyGenerator object. |
void |
init(AlgorithmParameterSpec params)
Initializes this key generator with the specified parameter set.
|
void |
init(AlgorithmParameterSpec params,
SecureRandom random)
Initializes this key generator with the specified parameter
set and a user-provided source of randomness.
|
void |
init(int keysize)
Initializes this key generator for a certain keysize.
|
void |
init(int keysize,
SecureRandom random)
Initializes this key generator for a certain keysize, using a
user-provided source of randomness.
|
void |
init(SecureRandom random)
Initializes this key generator.
|
protected KeyGenerator(KeyGeneratorSpi keyGenSpi, Provider provider, String algorithm)
keyGenSpi
- the delegateprovider
- the provideralgorithm
- the algorithmpublic final String getAlgorithm()
KeyGenerator
object.
This is the same name that was specified in one of the
getInstance
calls that created this
KeyGenerator
object.
KeyGenerator
object.public static final KeyGenerator getInstance(String algorithm) throws NoSuchAlgorithmException
KeyGenerator
object that generates secret keys
for the specified algorithm.
This method traverses the list of registered security Providers, starting with the most preferred Provider. A new KeyGenerator object encapsulating the KeyGeneratorSpi implementation from the first Provider that supports the specified algorithm is returned.
Note that the list of registered providers may be retrieved via
the Security.getProviders()
method.
algorithm
- the standard name of the requested key algorithm.
See the KeyGenerator section in the
Java Cryptography Architecture Standard Algorithm Name Documentation
for information about standard algorithm names.KeyGenerator
object.NullPointerException
- if the specified algorithm is null.NoSuchAlgorithmException
- if no Provider supports a
KeyGeneratorSpi implementation for the
specified algorithm.Provider
public static final KeyGenerator getInstance(String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException
KeyGenerator
object that generates secret keys
for the specified algorithm.
A new KeyGenerator object encapsulating the KeyGeneratorSpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list.
Note that the list of registered providers may be retrieved via
the Security.getProviders()
method.
algorithm
- the standard name of the requested key algorithm.
See the KeyGenerator section in the
Java Cryptography Architecture Standard Algorithm Name Documentation
for information about standard algorithm names.provider
- the name of the provider.KeyGenerator
object.NullPointerException
- if the specified algorithm is null.NoSuchAlgorithmException
- if a KeyGeneratorSpi
implementation for the specified algorithm is not
available from the specified provider.NoSuchProviderException
- if the specified provider is not
registered in the security provider list.IllegalArgumentException
- if the provider
is null or empty.Provider
public static final KeyGenerator getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
KeyGenerator
object that generates secret keys
for the specified algorithm.
A new KeyGenerator object encapsulating the KeyGeneratorSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.
algorithm
- the standard name of the requested key algorithm.
See the KeyGenerator section in the
Java Cryptography Architecture Standard Algorithm Name Documentation
for information about standard algorithm names.provider
- the provider.KeyGenerator
object.NullPointerException
- if the specified algorithm is null.NoSuchAlgorithmException
- if a KeyGeneratorSpi
implementation for the specified algorithm is not available
from the specified Provider object.IllegalArgumentException
- if the provider
is null.Provider
public final Provider getProvider()
KeyGenerator
object.KeyGenerator
objectpublic final void init(SecureRandom random)
random
- the source of randomness for this generatorpublic final void init(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException
If this key generator requires any random bytes, it will get them
using the
SecureRandom
implementation of the highest-priority installed
provider as the source of randomness.
(If none of the installed providers supply an implementation of
SecureRandom, a system-provided source of randomness will be used.)
params
- the key generation parametersInvalidAlgorithmParameterException
- if the given parameters
are inappropriate for this key generatorpublic final void init(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException
params
- the key generation parametersrandom
- the source of randomness for this key generatorInvalidAlgorithmParameterException
- if params
is
inappropriate for this key generatorpublic final void init(int keysize)
If this key generator requires any random bytes, it will get them
using the
SecureRandom
implementation of the highest-priority installed
provider as the source of randomness.
(If none of the installed providers supply an implementation of
SecureRandom, a system-provided source of randomness will be used.)
keysize
- the keysize. This is an algorithm-specific metric,
specified in number of bits.InvalidParameterException
- if the keysize is wrong or not
supported.public final void init(int keysize, SecureRandom random)
keysize
- the keysize. This is an algorithm-specific metric,
specified in number of bits.random
- the source of randomness for this key generatorInvalidParameterException
- if the keysize is wrong or not
supported.public final SecretKey generateKey()
Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2022, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.