OpenJDK 1.22 · sun.security.provider.CtrDrbg

Modifier and Type	Field and Description
private static final int	AES_LIMIT
private int	blockLen
private Cipher	cipher
private String	cipherAlg
private int	ctrLen
private byte[]	k
private String	keyAlg
private int	keyLen
private int	seedLen
private byte[]	v

Access	Constructor and Description
public	CtrDrbg(SecureRandomParameters params)

Method Summary

Modifier and Type	Method and Description
private static void	addOne(byte[] data, int len) Add one to data, only touch the last len bytes.
private static int	alg2strength(String algorithm)
private byte[]	Returns: the result bcc(byte[] the key k, byte[]... after concatenated, the data to be operated upon. This is a series of byte[], each with an arbitrary length. Note that the full length is not necessarily a multiple of outlen. XOR with zero is no-op. data) Block_Encrypt in 10.3.3
protected void	chooseAlgorithmAndStrength() Implements abstract sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength. Decides what algorithm and strength to use (SHA-256 or AES-256, 128 or 256).
private byte[]	Returns: the output block (always of seedLen) df(byte[] the input string input) Block_cipher_df in 10.3.2
public synchronized void	generateAlgorithm(byte[] fill result here, not null result, byte[] additional input, can be null. If not null, its length is smaller than `maxAdditionalInputLength` additionalInput) Implements abstract sun.security.provider.AbstractDrbg.generateAlgorithm. The generate function.
protected void	initEngine() Implements abstract sun.security.provider.AbstractDrbg.initEngine. This call, used by the constructors, instantiates the digest.
protected void	instantiateAlgorithm(byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. ei) Implements abstract sun.security.provider.AbstractDrbg.instantiateAlgorithm. Instantiates a DRBG.
protected synchronized void	reseedAlgorithm(byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. ei, byte[] additional input, can be null. If not null, its length is smaller than `maxAdditionalInputLength` additionalInput) Overrides sun.security.provider.AbstractDrbg.reseedAlgorithm. The reseed function.
private void	status()
public String	toString() Overrides sun.security.provider.AbstractDrbg.toString. Returns a string representation of the object.
private void	update(byte[] input)

Inherited from sun.security.provider.AbstractDrbg:: configure engineGenerateSeed engineGetParameters engineNextBytes engineNextBytes engineReseed engineSetSeed getStandardStrength

AES_LIMIT	back to summary
private static final int AES_LIMIT

blockLen	back to summary
private int blockLen

cipher	back to summary
private Cipher cipher

cipherAlg	back to summary
private String cipherAlg

ctrLen	back to summary
private int ctrLen

k	back to summary
private byte[] k

keyAlg	back to summary
private String keyAlg

keyLen	back to summary
private int keyLen

seedLen	back to summary
private int seedLen

v	back to summary
private byte[] v

CtrDrbg	back to summary
public CtrDrbg(SecureRandomParameters params)

Method Detail

addOne	back to summary
private static void addOne(byte[] data, int len) Add one to data, only touch the last len bytes.

alg2strength	back to summary
private static int alg2strength(String algorithm)

bcc	back to summary
private byte[] bcc(byte[] k, byte[]... data) Block_Encrypt in 10.3.3 Parameters k:byte[] the key data:byte[][] after concatenated, the data to be operated upon. This is a series of byte[], each with an arbitrary length. Note that the full length is not necessarily a multiple of outlen. XOR with zero is no-op. Returns:byte[] the result

bcc

back to summary

private byte[] bcc(byte[] k, byte[]... data)

Block_Encrypt in 10.3.3

Parameters

k:byte[]: the key
data:byte[][]: after concatenated, the data to be operated upon. This is a series of byte[], each with an arbitrary length. Note that the full length is not necessarily a multiple of outlen. XOR with zero is no-op.

Returns:byte[]

the result

chooseAlgorithmAndStrength back to summary

chooseAlgorithmAndStrength	back to summary
protected void chooseAlgorithmAndStrength() Implements abstract sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength. Doc from sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength. Decides what algorithm and strength to use (SHA-256 or AES-256, 128 or 256). Strength related fields must also be defined or redefined here. Called in `configure`. A mechanism uses `requestedAlgorithm`, `requestedInstantiationSecurityStrength`, and `DEFAULT_STRENGTH` to decide which algorithm and strength to use. If `requestedAlgorithm` is provided, it will always be used. If `requestedInstantiationSecurityStrength` is also provided, the algorithm will use the strength (an exception will be thrown if the strength is not supported), otherwise, the smaller one of the highest supported strength of the algorithm and the default strength will be used. If `requestedAlgorithm` is not provided, an algorithm will be chosen that supports `requestedInstantiationSecurityStrength` (or `DEFAULT_STRENGTH` if there is no request). Since every call to `configure` will call this method, make sure to the calls do not contradict with each other. Here are some examples of the algorithm and strength chosen (suppose `DEFAULT_STRENGTH` is 128) for HashDRBG: requested effective (SHA-224, 256) IAE (SHA-256, -1) (SHA-256,128) (SHA-256, 112) (SHA-256,112) (SHA-256, 128) (SHA-256,128) (SHA-3, -1) IAE (null, -1) (SHA-256,128) (null, 112) (SHA-256,112) (null, 192) (SHA-256,192) (null, 256) (SHA-256,256) (null, 384) IAE Annotations @Override

protected void chooseAlgorithmAndStrength()

Implements abstract sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength.

Doc from sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength.

Decides what algorithm and strength to use (SHA-256 or AES-256, 128 or 256). Strength related fields must also be defined or redefined here. Called in configure. A mechanism uses requestedAlgorithm, requestedInstantiationSecurityStrength, and DEFAULT_STRENGTH to decide which algorithm and strength to use.

If requestedAlgorithm is provided, it will always be used. If requestedInstantiationSecurityStrength is also provided, the algorithm will use the strength (an exception will be thrown if the strength is not supported), otherwise, the smaller one of the highest supported strength of the algorithm and the default strength will be used.

If requestedAlgorithm is not provided, an algorithm will be chosen that supports requestedInstantiationSecurityStrength (or DEFAULT_STRENGTH if there is no request).

Since every call to configure will call this method, make sure to the calls do not contradict with each other.

Here are some examples of the algorithm and strength chosen (suppose DEFAULT_STRENGTH is 128) for HashDRBG:

requested             effective
(SHA-224, 256)        IAE
(SHA-256, -1)         (SHA-256,128)
(SHA-256, 112)        (SHA-256,112)
(SHA-256, 128)        (SHA-256,128)
(SHA-3, -1)           IAE
(null, -1)            (SHA-256,128)
(null, 112)           (SHA-256,112)
(null, 192)           (SHA-256,192)
(null, 256)           (SHA-256,256)
(null, 384)           IAE

Annotations

@Override

df	back to summary
private byte[] df(byte[] input) Block_cipher_df in 10.3.2 Parameters input:byte[] the input string Returns:byte[] the output block (always of seedLen)

back to summary

private byte[] df(byte[] input)

Block_cipher_df in 10.3.2

Parameters

input:byte[]: the input string

Returns:byte[]

the output block (always of seedLen)

generateAlgorithm back to summary

generateAlgorithm	back to summary
public synchronized void generateAlgorithm(byte[] result, byte[] additionalInput) Implements abstract sun.security.provider.AbstractDrbg.generateAlgorithm. Doc from sun.security.provider.AbstractDrbg.generateAlgorithm. The generate function. Parameters result:byte[] fill result here, not null additionalInput:byte[] additional input, can be null. If not null, its length is smaller than `maxAdditionalInputLength` Annotations @Override

public synchronized void generateAlgorithm(byte[] result, byte[] additionalInput)

Implements abstract sun.security.provider.AbstractDrbg.generateAlgorithm.

Doc from sun.security.provider.AbstractDrbg.generateAlgorithm.

The generate function.

Parameters

result:byte[]: fill result here, not null
additionalInput:byte[]: additional input, can be null. If not null, its length is smaller than maxAdditionalInputLength

Annotations

@Override

initEngine	back to summary
protected void initEngine() Implements abstract sun.security.provider.AbstractDrbg.initEngine. This call, used by the constructors, instantiates the digest. Annotations @Override

initEngine

back to summary

protected void initEngine()

Implements abstract sun.security.provider.AbstractDrbg.initEngine.

This call, used by the constructors, instantiates the digest.

Annotations

@Override

instantiateAlgorithm back to summary

instantiateAlgorithm	back to summary
protected void instantiateAlgorithm(byte[] ei) Implements abstract sun.security.provider.AbstractDrbg.instantiateAlgorithm. Doc from sun.security.provider.AbstractDrbg.instantiateAlgorithm. Instantiates a DRBG. Called automatically before the first `nextBytes` call. Note that the other parameters (nonce, strength, ps) are already stored inside at configuration. Parameters ei:byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. Annotations @Override

protected void instantiateAlgorithm(byte[] ei)

Implements abstract sun.security.provider.AbstractDrbg.instantiateAlgorithm.

Doc from sun.security.provider.AbstractDrbg.instantiateAlgorithm.

Instantiates a DRBG. Called automatically before the first nextBytes call.

Note that the other parameters (nonce, strength, ps) are already stored inside at configuration.

Parameters

ei:byte[]: the entropy input, its length is already conditioned to be between minLength and maxLength.

Annotations

@Override

reseedAlgorithm back to summary

reseedAlgorithm	back to summary
protected synchronized void reseedAlgorithm(byte[] ei, byte[] additionalInput) Overrides sun.security.provider.AbstractDrbg.reseedAlgorithm. Doc from sun.security.provider.AbstractDrbg.reseedAlgorithm. The reseed function. Parameters ei:byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. additionalInput:byte[] additional input, can be null. If not null, its length is smaller than `maxAdditionalInputLength` Annotations @Override

protected synchronized void reseedAlgorithm(byte[] ei, byte[] additionalInput)

Overrides sun.security.provider.AbstractDrbg.reseedAlgorithm.

Doc from sun.security.provider.AbstractDrbg.reseedAlgorithm.

The reseed function.

Parameters

ei:byte[]: the entropy input, its length is already conditioned to be between minLength and maxLength.
additionalInput:byte[]: additional input, can be null. If not null, its length is smaller than maxAdditionalInputLength

Annotations

@Override

status	back to summary
private void status()

toString	back to summary
public String toString() Overrides sun.security.provider.AbstractDrbg.toString. Doc from java.lang.Object.toString. Returns a string representation of the object. Returns:String a string representation of the object Annotations @Override

toString

back to summary

public String toString()

Overrides sun.security.provider.AbstractDrbg.toString.

Doc from java.lang.Object.toString.

Returns a string representation of the object.

Returns:String

a string representation of the object

Annotations

@Override

update	back to summary
private void update(byte[] input)

public Class CtrDrbg

Field Summary

Constructor Summary

Method Summary

Field Detail

Constructor Detail

Method Detail