- Enclosing class:
- KEM
KEM.newEncapsulator(java.security.PublicKey)
on the KEM
sender side.
This class represents the key encapsulation function of a KEM.
Each invocation of the encapsulate
method generates a
new secret key and key encapsulation message that is returned
in an KEM.Encapsulated
object.
- API Note:
- This class is defined in Java SE 17 Maintenance Release 1.
- Since:
- 17
-
Method Summary
Modifier and TypeMethodDescriptionThe key encapsulation function.encapsulate
(int from, int to, String algorithm) The key encapsulation function.int
Returns the size of the key encapsulation message.Returns the name of the provider.int
Returns the size of the shared secret.
-
Method Details
-
providerName
Returns the name of the provider.- Returns:
- the name of the provider
-
encapsulate
The key encapsulation function.This method is equivalent to
encapsulate(0, secretSize(), "Generic")
. This combination of arguments must be supported by every implementation.The generated secret key is usually passed to a key derivation function (KDF) as the input keying material.
- Returns:
- a
KEM.Encapsulated
object containing the shared secret, key encapsulation message, and optional parameters. The shared secret is aSecretKey
containing all of the bytes of the secret, and an algorithm name of "Generic".
-
encapsulate
The key encapsulation function.Each invocation of this method generates a new secret key and key encapsulation message that is returned in an
KEM.Encapsulated
object.An implementation may choose to not support arbitrary combinations of
from
,to
, andalgorithm
.- Parameters:
from
- the initial index of the shared secret byte array to be returned, inclusiveto
- the final index of the shared secret byte array to be returned, exclusivealgorithm
- the algorithm name for the secret key that is returned- Returns:
- a
KEM.Encapsulated
object containing a portion of the shared secret, key encapsulation message, and optional parameters. The portion of the shared secret is aSecretKey
containing the bytes of the secret ranging fromfrom
toto
, exclusive, and an algorithm name as specified. For example,encapsulate(0, 16, "AES")
uses the first 16 bytes of the shared secret as a 128-bit AES key. - Throws:
IndexOutOfBoundsException
- iffrom < 0
,from > to
, orto > secretSize()
NullPointerException
- ifalgorithm
isnull
UnsupportedOperationException
- if the combination offrom
,to
, andalgorithm
is not supported by the encapsulator
-
secretSize
public int secretSize()Returns the size of the shared secret.This method can be called to find out the length of the shared secret before
encapsulate
is called or if the obtainedSecretKey
is not extractable.- Returns:
- the size of the shared secret
-
encapsulationSize
public int encapsulationSize()Returns the size of the key encapsulation message.This method can be called to find out the length of the encapsulation message before
encapsulate
is called.- Returns:
- the size of the key encapsulation message
-