Class ExemptionMechanism

java.lang.Object
javax.crypto.ExemptionMechanism

public class ExemptionMechanism extends Object
This class provides the functionality of an exemption mechanism, examples of which are key recovery, key weakening, and key escrow.

Applications that use an exemption mechanism may be granted stronger encryption capabilities than those which don't.

Since:
1.4
  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    protected
    ExemptionMechanism(ExemptionMechanismSpi exmechSpi, Provider provider, String mechanism)
    Creates an ExemptionMechanism object.
  • Method Summary

    Modifier and Type
    Method
    Description
    final byte[]
    Generates the exemption mechanism key blob.
    final int
    genExemptionBlob(byte[] output)
    Generates the exemption mechanism key blob, and stores the result in the output buffer.
    final int
    genExemptionBlob(byte[] output, int outputOffset)
    Generates the exemption mechanism key blob, and stores the result in the output buffer, starting at outputOffset inclusive.
    static final ExemptionMechanism
    getInstance(String algorithm)
    Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.
    static final ExemptionMechanism
    getInstance(String algorithm, String provider)
    Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.
    static final ExemptionMechanism
    getInstance(String algorithm, Provider provider)
    Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.
    final String
    Returns the exemption mechanism name of this ExemptionMechanism object.
    final int
    getOutputSize(int inputLen)
    Returns the length in bytes that an output buffer would need to be in order to hold the result of the next genExemptionBlob operation, given the input length inputLen (in bytes).
    final Provider
    Returns the provider of this ExemptionMechanism object.
    final void
    init(Key key)
    Initializes this exemption mechanism with a key.
    final void
    Initializes this exemption mechanism with a key and a set of algorithm parameters.
    final void
    Initializes this exemption mechanism with a key and a set of algorithm parameters.
    final boolean
    Returns whether the result blob has been generated successfully by this exemption mechanism.
  • Constructor Details

    • ExemptionMechanism

      protected ExemptionMechanism(ExemptionMechanismSpi exmechSpi, Provider provider, String mechanism)
      Creates an ExemptionMechanism object.
      Parameters:
      exmechSpi - the delegate
      provider - the provider
      mechanism - the exemption mechanism
  • Method Details

    • getName

      public final String getName()
      Returns the exemption mechanism name of this ExemptionMechanism object.

      This is the same name that was specified in one of the getInstance calls that created this ExemptionMechanism object.

      Returns:
      the exemption mechanism name of this ExemptionMechanism object.
    • getInstance

      public static final ExemptionMechanism getInstance(String algorithm) throws NoSuchAlgorithmException
      Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.

      This method traverses the list of registered security providers, starting with the most preferred provider. A new ExemptionMechanism object encapsulating the ExemptionMechanismSpi implementation from the first provider that supports the specified algorithm is returned.

      Note that the list of registered providers may be retrieved via the Security.getProviders() method.

      Implementation Note:
      The JDK Reference Implementation additionally uses the jdk.security.provider.preferred Security property to determine the preferred provider order for the specified algorithm. This may be different from the order of providers returned by Security.getProviders().
      Parameters:
      algorithm - the standard name of the requested exemption mechanism. See the ExemptionMechanism section in the Java Security Standard Algorithm Names Specification for information about standard exemption mechanism names.
      Returns:
      the new ExemptionMechanism object
      Throws:
      NoSuchAlgorithmException - if no Provider supports an ExemptionMechanismSpi implementation for the specified algorithm
      NullPointerException - if algorithm is null
      See Also:
    • getInstance

      public static final ExemptionMechanism getInstance(String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException
      Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.

      A new ExemptionMechanism object encapsulating the ExemptionMechanismSpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list.

      Note that the list of registered providers may be retrieved via the Security.getProviders() method.

      Parameters:
      algorithm - the standard name of the requested exemption mechanism. See the ExemptionMechanism section in the Java Security Standard Algorithm Names Specification for information about standard exemption mechanism names.
      provider - the name of the provider.
      Returns:
      the new ExemptionMechanism object
      Throws:
      IllegalArgumentException - if the provider is null or empty
      NoSuchAlgorithmException - if an ExemptionMechanismSpi implementation for the specified algorithm is not available from the specified provider
      NoSuchProviderException - if the specified provider is not registered in the security provider list
      NullPointerException - if algorithm is null
      See Also:
    • getInstance

      public static final ExemptionMechanism getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
      Returns an ExemptionMechanism object that implements the specified exemption mechanism algorithm.

      A new ExemptionMechanism object encapsulating the ExemptionMechanismSpi implementation from the specified provider object is returned. Note that the specified provider object does not have to be registered in the provider list.

      Parameters:
      algorithm - the standard name of the requested exemption mechanism. See the ExemptionMechanism section in the Java Security Standard Algorithm Names Specification for information about standard exemption mechanism names.
      provider - the provider.
      Returns:
      the new ExemptionMechanism object
      Throws:
      IllegalArgumentException - if the provider is null
      NoSuchAlgorithmException - if an ExemptionMechanismSpi implementation for the specified algorithm is not available from the specified Provider object
      NullPointerException - if algorithm is null
      See Also:
    • getProvider

      public final Provider getProvider()
      Returns the provider of this ExemptionMechanism object.
      Returns:
      the provider of this ExemptionMechanism object.
    • isCryptoAllowed

      public final boolean isCryptoAllowed(Key key) throws ExemptionMechanismException
      Returns whether the result blob has been generated successfully by this exemption mechanism.

      The method also makes sure that the key passed in is the same as the one this exemption mechanism used in initializing and generating phases.

      Parameters:
      key - the key the crypto is going to use.
      Returns:
      whether the result blob of the same key has been generated successfully by this exemption mechanism; false if key is null.
      Throws:
      ExemptionMechanismException - if problem(s) encountered while determining whether the result blob has been generated successfully by this exemption mechanism object.
    • getOutputSize

      public final int getOutputSize(int inputLen) throws IllegalStateException
      Returns the length in bytes that an output buffer would need to be in order to hold the result of the next genExemptionBlob operation, given the input length inputLen (in bytes).

      The actual output length of the next genExemptionBlob call may be smaller than the length returned by this method.

      Parameters:
      inputLen - the input length (in bytes)
      Returns:
      the required output buffer size (in bytes)
      Throws:
      IllegalStateException - if this exemption mechanism is in a wrong state (e.g., has not yet been initialized)
    • init

      public final void init(Key key) throws InvalidKeyException, ExemptionMechanismException
      Initializes this exemption mechanism with a key.

      If this exemption mechanism requires any algorithm parameters that cannot be derived from the given key, the underlying exemption mechanism implementation is supposed to generate the required parameters itself (using provider-specific default values); in the case that algorithm parameters must be specified by the caller, an InvalidKeyException is raised.

      Parameters:
      key - the key for this exemption mechanism
      Throws:
      InvalidKeyException - if the given key is inappropriate for this exemption mechanism.
      ExemptionMechanismException - if problem(s) encountered in the process of initializing.
    • init

      Initializes this exemption mechanism with a key and a set of algorithm parameters.

      If this exemption mechanism requires any algorithm parameters and params is null, the underlying exemption mechanism implementation is supposed to generate the required parameters itself (using provider-specific default values); in the case that algorithm parameters must be specified by the caller, an InvalidAlgorithmParameterException is raised.

      Parameters:
      key - the key for this exemption mechanism
      params - the algorithm parameters
      Throws:
      InvalidKeyException - if the given key is inappropriate for this exemption mechanism.
      InvalidAlgorithmParameterException - if the given algorithm parameters are inappropriate for this exemption mechanism.
      ExemptionMechanismException - if problem(s) encountered in the process of initializing.
    • init

      Initializes this exemption mechanism with a key and a set of algorithm parameters.

      If this exemption mechanism requires any algorithm parameters and params is null, the underlying exemption mechanism implementation is supposed to generate the required parameters itself (using provider-specific default values); in the case that algorithm parameters must be specified by the caller, an InvalidAlgorithmParameterException is raised.

      Parameters:
      key - the key for this exemption mechanism
      params - the algorithm parameters
      Throws:
      InvalidKeyException - if the given key is inappropriate for this exemption mechanism.
      InvalidAlgorithmParameterException - if the given algorithm parameters are inappropriate for this exemption mechanism.
      ExemptionMechanismException - if problem(s) encountered in the process of initializing.
    • genExemptionBlob

      public final byte[] genExemptionBlob() throws IllegalStateException, ExemptionMechanismException
      Generates the exemption mechanism key blob.
      Returns:
      the new buffer with the result key blob.
      Throws:
      IllegalStateException - if this exemption mechanism is in a wrong state (e.g., has not been initialized).
      ExemptionMechanismException - if problem(s) encountered in the process of generating.
    • genExemptionBlob

      public final int genExemptionBlob(byte[] output) throws IllegalStateException, ShortBufferException, ExemptionMechanismException
      Generates the exemption mechanism key blob, and stores the result in the output buffer.

      If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.

      Parameters:
      output - the buffer for the result
      Returns:
      the number of bytes stored in output
      Throws:
      IllegalStateException - if this exemption mechanism is in a wrong state (e.g., has not been initialized).
      ShortBufferException - if the given output buffer is too small to hold the result.
      ExemptionMechanismException - if problem(s) encountered in the process of generating.
    • genExemptionBlob

      public final int genExemptionBlob(byte[] output, int outputOffset) throws IllegalStateException, ShortBufferException, ExemptionMechanismException
      Generates the exemption mechanism key blob, and stores the result in the output buffer, starting at outputOffset inclusive.

      If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.

      Parameters:
      output - the buffer for the result
      outputOffset - the offset in output where the result is stored
      Returns:
      the number of bytes stored in output
      Throws:
      IllegalStateException - if this exemption mechanism is in a wrong state (e.g., has not been initialized).
      ShortBufferException - if the given output buffer is too small to hold the result.
      ExemptionMechanismException - if problem(s) encountered in the process of generating.