Class KEM.Decapsulator

java.lang.Object
javax.crypto.KEM.Decapsulator
Enclosing class:
KEM
public static final class KEM.Decapsulator extends Object
A decapsulator, generated by KEM.newDecapsulator(PrivateKey) on the KEM receiver side.

This class represents the key decapsulation function of a KEM. An invocation of the decapsulate method recovers the secret key from the key encapsulation message.

Since:
21

  • Method Summary

    Modifier and Type
    Method
    Description
    SecretKey
    decapsulate(byte[] encapsulation)
    The key decapsulation function.
    SecretKey
    decapsulate(byte[] encapsulation, int from, int to, String algorithm)
    The key decapsulation function.
    int
    encapsulationSize()
    Returns the size of the key encapsulation message.
    String
    providerName()
    Returns the name of the provider.
    int
    secretSize()
    Returns the size of the shared secret.

    Methods declared in class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    Modifier and Type
    Method
    Description
    protected Object
    clone()
    Creates and returns a copy of this object.
    boolean
    equals(Object obj)
    Indicates whether some other object is "equal to" this one.
    protected void
    finalize()
    Deprecated, for removal: This API element is subject to removal in a future version.
    Finalization is deprecated and subject to removal in a future release.
    final Class<?>
    getClass()
    Returns the runtime class of this Object.
    int
    hashCode()
    Returns a hash code value for this object.
    final void
    notify()
    Wakes up a single thread that is waiting on this object's monitor.
    final void
    notifyAll()
    Wakes up all threads that are waiting on this object's monitor.
    String
    toString()
    Returns a string representation of the object.
    final void
    wait()
    Causes the current thread to wait until it is awakened, typically by being notified or interrupted.
    final void
    wait(long timeoutMillis)
    Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
    final void
    wait(long timeoutMillis, int nanos)
    Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.

  • Method Details

    • providerName

      public String providerName()
      Returns the name of the provider.
      Returns:
      the name of the provider

    • decapsulate

      public SecretKey decapsulate(byte[] encapsulation) throws DecapsulateException
      The key decapsulation function.

      This method is equivalent to decapsulate(encapsulation, 0, secretSize(), "Generic"). This combination of arguments must be supported by every implementation.

      The generated secret key is usually passed to a key derivation function (KDF) as the input keying material.

      Parameters:
      encapsulation - the key encapsulation message from the sender. The size must be equal to the value returned by encapsulationSize(), or a DecapsulateException will be thrown.
      Returns:
      the shared secret as a SecretKey with an algorithm name of "Generic"
      Throws:
      DecapsulateException - if an error occurs during the decapsulation process
      NullPointerException - if encapsulation is null

    • decapsulate

      public SecretKey decapsulate(byte[] encapsulation, int from, int to, String algorithm) throws DecapsulateException
      The key decapsulation function.

      An invocation of this method recovers the secret key from the key encapsulation message.

      An implementation may choose to not support arbitrary combinations of from, to, and algorithm.

      Parameters:
      encapsulation - the key encapsulation message from the sender. The size must be equal to the value returned by encapsulationSize(), or a DecapsulateException will be thrown.
      from - the initial index of the shared secret byte array to be returned, inclusive
      to - the final index of the shared secret byte array to be returned, exclusive
      algorithm - the algorithm name for the secret key that is returned. See the SecretKey Algorithms section in the Java Security Standard Algorithm Names Specification for information about standard secret key algorithm names. Specify "Generic" if the output will be used as the input keying material of a key derivation function (KDF).
      Returns:
      a portion of the shared secret as a SecretKey containing the bytes of the secret ranging from from to to, exclusive, and an algorithm name as specified. For example, decapsulate(encapsulation, secretSize() - 16, secretSize(), "AES") uses the last 16 bytes of the shared secret as a 128-bit AES key.
      Throws:
      DecapsulateException - if an error occurs during the decapsulation process
      IndexOutOfBoundsException - if from < 0, from > to, or to > secretSize()
      NullPointerException - if encapsulation or algorithm is null
      UnsupportedOperationException - if the combination of from, to, and algorithm is not supported by the decapsulator
      External Specifications

    • secretSize

      public int secretSize()
      Returns the size of the shared secret.

      This method can be called to find out the length of the shared secret before decapsulate is called or if the obtained SecretKey is not extractable.

      Returns:
      the size of the shared secret

    • encapsulationSize

      public int encapsulationSize()
      Returns the size of the key encapsulation message.

      This method can be used to extract the encapsulation message from a longer byte array if no length information is provided by a higher level protocol.

      Returns:
      the size of the key encapsulation message