W3cubDocs

/OpenJDK 21

Class KEM.Decapsulator

java.lang.Object
javax.crypto.KEM.Decapsulator
Enclosing class:
KEM
public static final class KEM.Decapsulator extends Object
A decapsulator, generated by KEM.newDecapsulator(java.security.PrivateKey) on the KEM receiver side.

This class represents the key decapsulation function of a KEM. An invocation of the decapsulate method recovers the secret key from the key encapsulation message.

Since:
21

Method Summary

Modifier and Type Method Description
SecretKey decapsulate(byte[] encapsulation)
The key decapsulation function.
SecretKey decapsulate(byte[] encapsulation, int from, int to, String algorithm)
The key decapsulation function.
int encapsulationSize()
Returns the size of the key encapsulation message.
String providerName()
Returns the name of the provider.
int secretSize()
Returns the size of the shared secret.

Methods declared in class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

providerName

public String providerName()
Returns the name of the provider.
Returns:
the name of the provider

decapsulate

public SecretKey decapsulate(byte[] encapsulation) throws DecapsulateException
The key decapsulation function.

This method is equivalent to decapsulate(encapsulation, 0, secretSize(), "Generic"). This combination of arguments must be supported by every implementation.

The generated secret key is usually passed to a key derivation function (KDF) as the input keying material.

Parameters:
encapsulation - the key encapsulation message from the sender. The size must be equal to the value returned by encapsulationSize(), or a DecapsulateException will be thrown.
Returns:
the shared secret as a SecretKey with an algorithm name of "Generic"
Throws:
DecapsulateException - if an error occurs during the decapsulation process
NullPointerException - if encapsulation is null

decapsulate

public SecretKey decapsulate(byte[] encapsulation, int from, int to, String algorithm) throws DecapsulateException
The key decapsulation function.

An invocation of this method recovers the secret key from the key encapsulation message.

An implementation may choose to not support arbitrary combinations of from, to, and algorithm.

Parameters:
encapsulation - the key encapsulation message from the sender. The size must be equal to the value returned by encapsulationSize(), or a DecapsulateException will be thrown.
from - the initial index of the shared secret byte array to be returned, inclusive
to - the final index of the shared secret byte array to be returned, exclusive
algorithm - the algorithm name for the secret key that is returned
Returns:
a portion of the shared secret as a SecretKey containing the bytes of the secret ranging from from to to, exclusive, and an algorithm name as specified. For example, decapsulate(encapsulation, secretSize() - 16, secretSize(), "AES") uses the last 16 bytes of the shared secret as a 128-bit AES key.
Throws:
DecapsulateException - if an error occurs during the decapsulation process
IndexOutOfBoundsException - if from < 0, from > to, or to > secretSize()
NullPointerException - if encapsulation or algorithm is null
UnsupportedOperationException - if the combination of from, to, and algorithm is not supported by the decapsulator

secretSize

public int secretSize()
Returns the size of the shared secret.

This method can be called to find out the length of the shared secret before decapsulate is called or if the obtained SecretKey is not extractable.

Returns:
the size of the shared secret

encapsulationSize

public int encapsulationSize()
Returns the size of the key encapsulation message.

This method can be used to extract the encapsulation message from a longer byte array if no length information is provided by a higher level protocol.

Returns:
the size of the key encapsulation message

© 1993, 2023, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
https://docs.oracle.com/en/java/javase/21/docs/api/java.base/javax/crypto/KEM.Decapsulator.html