* This class implements the Diffie-Hellman key agreement protocol between * Initializes this key agreement with the given key and source of * randomness. The given key is required to contain all the algorithm * parameters required for this key agreement. * <p> If the key agreement algorithm requires random bytes, it gets them * from the given source of randomness, <code>random</code>. * However, if the underlying * algorithm implementation does not require any random bytes, * <code>random</code> is ignored. * @param key the party's private information. For example, in the case * of the Diffie-Hellman key agreement, this would be the party's own * Diffie-Hellman private key. * @param random the source of randomness * @exception InvalidKeyException if the given key is * inappropriate for this key agreement, e.g., is of the wrong type or * has an incompatible algorithm type. // never happens, because we did not pass any parameters * Initializes this key agreement with the given key, set of * algorithm parameters, and source of randomness. * @param key the party's private information. For example, in the case * of the Diffie-Hellman key agreement, this would be the party's own * Diffie-Hellman private key. * @param params the key agreement parameters * @param random the source of randomness * @exception InvalidKeyException if the given key is * inappropriate for this key agreement, e.g., is of the wrong type or * has an incompatible algorithm type. * @exception InvalidAlgorithmParameterException if the given parameters * are inappropriate for this key agreement. // ignore "random" parameter, because our implementation does not // require any source of randomness (
"Diffie-Hellman parameters expected");
// check if private key parameters are compatible with * Executes the next phase of this key agreement with the given * key that was received from one of the other parties involved in this key * @param key the key for this phase. For example, in the case of * Diffie-Hellman between 2 parties, this would be the other party's * Diffie-Hellman public key. * @param lastPhase flag which indicates whether or not this is the last * phase of this key agreement. * @return the (intermediate) key resulting from this phase, or null if * this phase does not yield a key * @exception InvalidKeyException if the given key is inappropriate for * @exception IllegalStateException if this key agreement has not been // check if public key parameters are compatible with // validate the Diffie-Hellman public key // we've received a public key (from one of the other parties), // so we are ready to create the secret, which may be an // intermediate secret, in which case we wrap it into a // Diffie-Hellman public key object and return it. * Generates the shared secret and returns it in a new buffer. * <p>This method resets this <code>KeyAgreementSpi</code> object, * can be reused for further key agreements. Unless this key agreement is * reinitialized with one of the <code>engineInit</code> methods, the same * private information and algorithm parameters will be used for * subsequent key agreements. * @return the new buffer with the shared secret * @exception IllegalStateException if this key agreement has not been // should never happen since secret lengths in the two * Generates the shared secret, and places it into the buffer * <code>sharedSecret</code>, beginning at <code>offset</code>. * <p>If the <code>sharedSecret</code> buffer is too small to hold the * result, a <code>ShortBufferException</code> is thrown. * In this case, this call should be repeated with a larger output buffer. * <p>This method resets this <code>KeyAgreementSpi</code> object, * can be reused for further key agreements. Unless this key agreement is * reinitialized with one of the <code>engineInit</code> methods, the same * private information and algorithm parameters will be used for * subsequent key agreements. * @param sharedSecret the buffer for the shared secret * @param offset the offset in <code>sharedSecret</code> where the * shared secret will be stored * @return the number of bytes placed into <code>sharedSecret</code> * @exception IllegalStateException if this key agreement has not been * @exception ShortBufferException if the given output buffer is too small (
"Key agreement has not been completed yet");
(
"No buffer provided for shared secret");
(
"Buffer too short for shared secret");
// Reset the key agreement after checking for ShortBufferException // above, so user can recover w/o losing internal state * NOTE: BigInteger.toByteArray() returns a byte array containing * the two's-complement representation of this BigInteger with * the most significant byte is in the zeroth element. This * contains the minimum number of bytes required to represent * this BigInteger, including at least one sign bit whose value * Keys are always positive, and the above sign bit isn't * actually used when representing keys. (i.e. key = new * BigInteger(1, byteArray)) To obtain an array containing * exactly expectedLen bytes of magnitude, we strip any extra * leading 0's, or pad with 0's in case of a "short" secret. // Array too short, pad it w/ leading 0s // Array too long, check and trim off the excess // ignore the leading sign byte * Creates the shared secret and returns it as a secret key object * of the requested algorithm type. * <p>This method resets this <code>KeyAgreementSpi</code> object, * can be reused for further key agreements. Unless this key agreement is * reinitialized with one of the <code>engineInit</code> methods, the same * private information and algorithm parameters will be used for * subsequent key agreements. * @param algorithm the requested secret key algorithm * @return the shared secret key * @exception IllegalStateException if this key agreement has not been * @exception NoSuchAlgorithmException if the requested secret key * algorithm is not available * @exception InvalidKeyException if the shared secret key material cannot * be used to generate a secret key of the requested algorithm type (e.g., * the key material is too short) // Generate the strongest key using the shared secret // assuming the key sizes in AESConstants class are