KeyFactorySpi

  • KeyFactorySpi is a Service Provider Interface (SPI) for the KeyFactory class, enabling cryptographic providers to implement key factory functionalities for specific algorithms.

  • Key factories are used to convert between opaque Key objects and transparent KeySpec objects, allowing bidirectional transformation between keys and their underlying specifications.

  • They support translating keys between compatible key specifications, such as converting a DSA public key from DSAPublicKeySpec to X509EncodedKeySpec.

  • Implementations of KeyFactorySpi must provide methods for generating public/private keys from key specifications, retrieving key specifications from key objects, and translating keys between providers.

public abstract class KeyFactorySpi extends Object

This class defines the Service Provider Interface (SPI) for the KeyFactory class. All the abstract methods in this class must be implemented by each cryptographic service provider who wishes to supply the implementation of a key factory for a particular algorithm.

Key factories are used to convert keys (opaque cryptographic keys of type Key) into key specifications (transparent representations of the underlying key material), and vice versa.

Key factories are bi-directional. That is, they allow you to build an opaque key object from a given key specification (key material), or to retrieve the underlying key material of a key object in a suitable format.

Multiple compatible key specifications may exist for the same key. For example, a DSA public key may be specified using DSAPublicKeySpec or X509EncodedKeySpec. A key factory can be used to translate between compatible key specifications.

A provider should document all the key specifications supported by its key factory.

Public Constructor Summary

Protected Method Summary

abstract PrivateKey
engineGeneratePrivate(KeySpec keySpec)
Generates a private key object from the provided key specification (key material).
abstract PublicKey
engineGeneratePublic(KeySpec keySpec)
Generates a public key object from the provided key specification (key material).
abstract <T extends KeySpec> T
engineGetKeySpec(Key key, Class<T> keySpec)
Returns a specification (key material) of the given key object.
abstract Key
engineTranslateKey(Key key)
Translates a key object, whose provider may be unknown or potentially untrusted, into a corresponding key object of this key factory.

Inherited Method Summary

Public Constructors

public KeyFactorySpi ()

Protected Methods

protected abstract PrivateKey engineGeneratePrivate (KeySpec keySpec)

Generates a private key object from the provided key specification (key material).

Parameters
keySpec the specification (key material) of the private key.
Returns
  • the private key.
Throws
InvalidKeySpecException if the given key specification is inappropriate for this key factory to produce a private key.

protected abstract PublicKey engineGeneratePublic (KeySpec keySpec)

Generates a public key object from the provided key specification (key material).

Parameters
keySpec the specification (key material) of the public key.
Returns
  • the public key.
Throws
InvalidKeySpecException if the given key specification is inappropriate for this key factory to produce a public key.

protected abstract T engineGetKeySpec (Key key, Class<T> keySpec)

Returns a specification (key material) of the given key object. keySpec identifies the specification class in which the key material should be returned. It could, for example, be DSAPublicKeySpec.class, to indicate that the key material should be returned in an instance of the DSAPublicKeySpec class.

Parameters
key the key.
keySpec the specification class in which the key material should be returned.
Returns
  • the underlying key specification (key material) in an instance of the requested specification class.
Throws
InvalidKeySpecException if the requested key specification is inappropriate for the given key, or the given key cannot be dealt with (e.g., the given key has an unrecognized format).

protected abstract Key engineTranslateKey (Key key)

Translates a key object, whose provider may be unknown or potentially untrusted, into a corresponding key object of this key factory.

Parameters
key the key whose provider is unknown or untrusted.
Returns
  • the translated key.
Throws
InvalidKeyException if the given key cannot be processed by this key factory.