OpenJDK 1.23 · sun.security.provider.AbstractHashDrbg

Modifier and Type	Field and Description
protected int	outLen
protected int	seedLen

Access	Constructor and Description
public	AbstractHashDrbg()

Method Summary

Modifier and Type	Method and Description
private static int	alg2strength(String algorithm)
protected void	chooseAlgorithmAndStrength() Implements abstract sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength. Decides what algorithm and strength to use (SHA-256 or AES-256, 128 or 256).
protected abstract void	hashReseedInternal(List<byte[]> not null, each element neither null inputs) Operates on multiple inputs.
public void	instantiateAlgorithm(byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. entropy) Implements abstract sun.security.provider.AbstractDrbg.instantiateAlgorithm. Instantiates a DRBG.
protected void	reseedAlgorithm(byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. ei, byte[] additional input, can be null. If not null, its length is smaller than `maxAdditionalInputLength` additionalInput) Overrides sun.security.provider.AbstractDrbg.reseedAlgorithm. The reseed function.

Inherited from sun.security.provider.AbstractDrbg:: configure engineGenerateSeed engineGetParameters engineNextBytes engineNextBytes engineReseed engineSetSeed generateAlgorithm getStandardStrength initEngine toString

outLen	back to summary
protected int outLen

seedLen	back to summary
protected int seedLen

AbstractHashDrbg	back to summary
public AbstractHashDrbg()

Method Detail

alg2strength	back to summary
private static int alg2strength(String algorithm)

chooseAlgorithmAndStrength back to summary

chooseAlgorithmAndStrength	back to summary
protected void chooseAlgorithmAndStrength() Implements abstract sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength. Doc from sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength. Decides what algorithm and strength to use (SHA-256 or AES-256, 128 or 256). Strength related fields must also be defined or redefined here. Called in `configure`. A mechanism uses `requestedAlgorithm`, `requestedInstantiationSecurityStrength`, and `DEFAULT_STRENGTH` to decide which algorithm and strength to use. If `requestedAlgorithm` is provided, it will always be used. If `requestedInstantiationSecurityStrength` is also provided, the algorithm will use the strength (an exception will be thrown if the strength is not supported), otherwise, the smaller one of the highest supported strength of the algorithm and the default strength will be used. If `requestedAlgorithm` is not provided, an algorithm will be chosen that supports `requestedInstantiationSecurityStrength` (or `DEFAULT_STRENGTH` if there is no request). Since every call to `configure` will call this method, make sure to the calls do not contradict with each other. Here are some examples of the algorithm and strength chosen (suppose `DEFAULT_STRENGTH` is 128) for HashDRBG: requested effective (SHA-224, 256) IAE (SHA-256, -1) (SHA-256,128) (SHA-256, 112) (SHA-256,112) (SHA-256, 128) (SHA-256,128) (SHA-3, -1) IAE (null, -1) (SHA-256,128) (null, 112) (SHA-256,112) (null, 192) (SHA-256,192) (null, 256) (SHA-256,256) (null, 384) IAE

protected void chooseAlgorithmAndStrength()

Implements abstract sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength.

Doc from sun.security.provider.AbstractDrbg.chooseAlgorithmAndStrength.

Decides what algorithm and strength to use (SHA-256 or AES-256, 128 or 256). Strength related fields must also be defined or redefined here. Called in configure. A mechanism uses requestedAlgorithm, requestedInstantiationSecurityStrength, and DEFAULT_STRENGTH to decide which algorithm and strength to use.

If requestedAlgorithm is provided, it will always be used. If requestedInstantiationSecurityStrength is also provided, the algorithm will use the strength (an exception will be thrown if the strength is not supported), otherwise, the smaller one of the highest supported strength of the algorithm and the default strength will be used.

If requestedAlgorithm is not provided, an algorithm will be chosen that supports requestedInstantiationSecurityStrength (or DEFAULT_STRENGTH if there is no request).

Since every call to configure will call this method, make sure to the calls do not contradict with each other.

Here are some examples of the algorithm and strength chosen (suppose DEFAULT_STRENGTH is 128) for HashDRBG:

requested             effective
(SHA-224, 256)        IAE
(SHA-256, -1)         (SHA-256,128)
(SHA-256, 112)        (SHA-256,112)
(SHA-256, 128)        (SHA-256,128)
(SHA-3, -1)           IAE
(null, -1)            (SHA-256,128)
(null, 112)           (SHA-256,112)
(null, 192)           (SHA-256,192)
(null, 256)           (SHA-256,256)
(null, 384)           IAE

hashReseedInternal	back to summary
protected abstract void hashReseedInternal(List<byte[]> inputs) Operates on multiple inputs. Parameters inputs:List<byte[]> not null, each element neither null

hashReseedInternal

back to summary

protected abstract void hashReseedInternal(List<byte[]> inputs)

Operates on multiple inputs.

Parameters

inputs:List<byte[]>: not null, each element neither null

instantiateAlgorithm back to summary

instantiateAlgorithm	back to summary
public void instantiateAlgorithm(byte[] entropy) Implements abstract sun.security.provider.AbstractDrbg.instantiateAlgorithm. Doc from sun.security.provider.AbstractDrbg.instantiateAlgorithm. Instantiates a DRBG. Called automatically before the first `nextBytes` call. Note that the other parameters (nonce, strength, ps) are already stored inside at configuration. Parameters entropy:byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. Annotations @Override

public void instantiateAlgorithm(byte[] entropy)

Implements abstract sun.security.provider.AbstractDrbg.instantiateAlgorithm.

Doc from sun.security.provider.AbstractDrbg.instantiateAlgorithm.

Instantiates a DRBG. Called automatically before the first nextBytes call.

Note that the other parameters (nonce, strength, ps) are already stored inside at configuration.

Parameters

entropy:byte[]: the entropy input, its length is already conditioned to be between minLength and maxLength.

Annotations

@Override

reseedAlgorithm back to summary

reseedAlgorithm	back to summary
protected void reseedAlgorithm(byte[] ei, byte[] additionalInput) Overrides sun.security.provider.AbstractDrbg.reseedAlgorithm. Doc from sun.security.provider.AbstractDrbg.reseedAlgorithm. The reseed function. Parameters ei:byte[] the entropy input, its length is already conditioned to be between `minLength` and `maxLength`. additionalInput:byte[] additional input, can be null. If not null, its length is smaller than `maxAdditionalInputLength` Annotations @Override

protected void reseedAlgorithm(byte[] ei, byte[] additionalInput)

Overrides sun.security.provider.AbstractDrbg.reseedAlgorithm.

Doc from sun.security.provider.AbstractDrbg.reseedAlgorithm.

The reseed function.

Parameters

ei:byte[]: the entropy input, its length is already conditioned to be between minLength and maxLength.
additionalInput:byte[]: additional input, can be null. If not null, its length is smaller than maxAdditionalInputLength

Annotations

@Override

public abstract Class AbstractHashDrbg

Field Summary

Constructor Summary

Method Summary

Field Detail

Constructor Detail

Method Detail