ExemptionMechanism

public class ExemptionMechanism extends Object

This class provides the functionality of an exemption mechanism, examples of which are key recovery, key weakening, and key escrow.

Applications or applets that use an exemption mechanism may be granted stronger encryption capabilities than those which don't.

Protected Constructor Summary

ExemptionMechanism(ExemptionMechanismSpi exmechSpi, Provider provider, String mechanism)
Creates a ExemptionMechanism object.

Public Method Summary

final int
genExemptionBlob(byte[] output)
Generates the exemption mechanism key blob, and stores the result in the output buffer.
final byte[]
genExemptionBlob()
Generates the exemption mechanism key blob.
final int
genExemptionBlob(byte[] output, int outputOffset)
Generates the exemption mechanism key blob, and stores the result in the output buffer, starting at outputOffset inclusive.
final static ExemptionMechanism
getInstance(String algorithm)
Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.
final static ExemptionMechanism
getInstance(String algorithm, String provider)
Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.
final static ExemptionMechanism
getInstance(String algorithm, Provider provider)
Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.
final String
getName()
Returns the exemption mechanism name of this ExemptionMechanism object.
final int
getOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next genExemptionBlob operation, given the input length inputLen (in bytes).
final Provider
getProvider()
Returns the provider of this ExemptionMechanism object.
final void
init(Key key, AlgorithmParameters params)
Initializes this exemption mechanism with a key and a set of algorithm parameters.
final void
init(Key key, AlgorithmParameterSpec params)
Initializes this exemption mechanism with a key and a set of algorithm parameters.
final void
init(Key key)
Initializes this exemption mechanism with a key.
final boolean
isCryptoAllowed(Key key)
Returns whether the result blob has been generated successfully by this exemption mechanism.

Protected Method Summary

void
finalize()
Ensures that the key stored away by this ExemptionMechanism object will be wiped out when there are no more references to it.

Inherited Method Summary

Protected Constructors

protected ExemptionMechanism (ExemptionMechanismSpi exmechSpi, Provider provider, String mechanism)

Creates a ExemptionMechanism object.

Parameters
exmechSpi the delegate
provider the provider
mechanism the exemption mechanism

Public Methods

public final int genExemptionBlob (byte[] output)

Generates the exemption mechanism key blob, and stores the result in the output buffer.

If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.

Parameters
output the buffer for the result
Returns
  • the number of bytes stored in output
Throws
IllegalStateException if this exemption mechanism is in a wrong state (e.g., has not been initialized).
ShortBufferException if the given output buffer is too small to hold the result.
ExemptionMechanismException if problem(s) encountered in the process of generating.

public final byte[] genExemptionBlob ()

Generates the exemption mechanism key blob.

Returns
  • the new buffer with the result key blob.
Throws
IllegalStateException if this exemption mechanism is in a wrong state (e.g., has not been initialized).
ExemptionMechanismException if problem(s) encountered in the process of generating.

public final int genExemptionBlob (byte[] output, int outputOffset)

Generates the exemption mechanism key blob, and stores the result in the output buffer, starting at outputOffset inclusive.

If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.

Parameters
output the buffer for the result
outputOffset the offset in output where the result is stored
Returns
  • the number of bytes stored in output
Throws
IllegalStateException if this exemption mechanism is in a wrong state (e.g., has not been initialized).
ShortBufferException if the given output buffer is too small to hold the result.
ExemptionMechanismException if problem(s) encountered in the process of generating.

public static final ExemptionMechanism getInstance (String algorithm)

Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.

This method traverses the list of registered security Providers, starting with the most preferred Provider. A new ExemptionMechanism object encapsulating the ExemptionMechanismSpi implementation from the first Provider that supports the specified algorithm is returned.

Note that the list of registered providers may be retrieved via the Security.getProviders() method.

Parameters
algorithm the standard name of the requested exemption mechanism. See the ExemptionMechanism section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard exemption mechanism names.
Returns
  • the new ExemptionMechanism object.
Throws
NullPointerException if algorithm is null.
NoSuchAlgorithmException if no Provider supports an ExemptionMechanismSpi implementation for the specified algorithm.
See Also

public static final ExemptionMechanism getInstance (String algorithm, String provider)

Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.

A new ExemptionMechanism object encapsulating the ExemptionMechanismSpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list.

Note that the list of registered providers may be retrieved via the Security.getProviders() method.

Parameters
algorithm the standard name of the requested exemption mechanism. See the ExemptionMechanism section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard exemption mechanism names.
provider the name of the provider.
Returns
  • the new ExemptionMechanism object.
Throws
NullPointerException if algorithm is null.
NoSuchAlgorithmException if an ExemptionMechanismSpi implementation for the specified algorithm is not available from the specified provider.
NoSuchProviderException if the specified provider is not registered in the security provider list.
IllegalArgumentException if the provider is null or empty.
See Also

public static final ExemptionMechanism getInstance (String algorithm, Provider provider)

Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.

A new ExemptionMechanism object encapsulating the ExemptionMechanismSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.

Parameters
algorithm the standard name of the requested exemption mechanism. See the ExemptionMechanism section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard exemption mechanism names.
provider the provider.
Returns
  • the new ExemptionMechanism object.
Throws
NullPointerException if algorithm is null.
NoSuchAlgorithmException if an ExemptionMechanismSpi implementation for the specified algorithm is not available from the specified Provider object.
IllegalArgumentException if the provider is null.
See Also

public final String getName ()

Returns the exemption mechanism name of this ExemptionMechanism object.

This is the same name that was specified in one of the getInstance calls that created this ExemptionMechanism object.

Returns
  • the exemption mechanism name of this ExemptionMechanism object.

public final int getOutputSize (int inputLen)

Returns the length in bytes that an output buffer would need to be in order to hold the result of the next genExemptionBlob operation, given the input length inputLen (in bytes).

The actual output length of the next genExemptionBlob call may be smaller than the length returned by this method.

Parameters
inputLen the input length (in bytes)
Returns
  • the required output buffer size (in bytes)
Throws
IllegalStateException if this exemption mechanism is in a wrong state (e.g., has not yet been initialized)

public final Provider getProvider ()

Returns the provider of this ExemptionMechanism object.

Returns
  • the provider of this ExemptionMechanism object.

public final void init (Key key, AlgorithmParameters params)

Initializes this exemption mechanism with a key and a set of algorithm parameters.

If this exemption mechanism requires any algorithm parameters and params is null, the underlying exemption mechanism implementation is supposed to generate the required parameters itself (using provider-specific default values); in the case that algorithm parameters must be specified by the caller, an InvalidAlgorithmParameterException is raised.

Parameters
key the key for this exemption mechanism
params the algorithm parameters
Throws
InvalidKeyException if the given key is inappropriate for this exemption mechanism.
InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for this exemption mechanism.
ExemptionMechanismException if problem(s) encountered in the process of initializing.

public final void init (Key key, AlgorithmParameterSpec params)

Initializes this exemption mechanism with a key and a set of algorithm parameters.

If this exemption mechanism requires any algorithm parameters and params is null, the underlying exemption mechanism implementation is supposed to generate the required parameters itself (using provider-specific default values); in the case that algorithm parameters must be specified by the caller, an InvalidAlgorithmParameterException is raised.

Parameters
key the key for this exemption mechanism
params the algorithm parameters
Throws
InvalidKeyException if the given key is inappropriate for this exemption mechanism.
InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for this exemption mechanism.
ExemptionMechanismException if problem(s) encountered in the process of initializing.

public final void init (Key key)

Initializes this exemption mechanism with a key.

If this exemption mechanism requires any algorithm parameters that cannot be derived from the given key, the underlying exemption mechanism implementation is supposed to generate the required parameters itself (using provider-specific default values); in the case that algorithm parameters must be specified by the caller, an InvalidKeyException is raised.

Parameters
key the key for this exemption mechanism
Throws
InvalidKeyException if the given key is inappropriate for this exemption mechanism.
ExemptionMechanismException if problem(s) encountered in the process of initializing.

public final boolean isCryptoAllowed (Key key)

Returns whether the result blob has been generated successfully by this exemption mechanism.

The method also makes sure that the key passed in is the same as the one this exemption mechanism used in initializing and generating phases.

Parameters
key the key the crypto is going to use.
Returns
  • whether the result blob of the same key has been generated successfully by this exemption mechanism; false if key is null.
Throws
ExemptionMechanismException if problem(s) encountered while determining whether the result blob has been generated successfully by this exemption mechanism object.

Protected Methods

protected void finalize ()

Ensures that the key stored away by this ExemptionMechanism object will be wiped out when there are no more references to it.