Interface AgreementMethod
AgreementMethod element while that
associated with the recipient is indicated by an optional RecipientKeyInfo. A
shared key is derived from this shared secret by a method determined by the
Key Agreement algorithm.
Note: XML Encryption does not provide an on-line key agreement
negotiation protocol. The AgreementMethod element can be used by
the originator to identify the keys and computational procedure that were
used to obtain a shared encryption key. The method used to obtain or select
the keys or algorithm used for the agreement computation is beyond the scope
of this specification.
The AgreementMethod element appears as the content of a
ds:KeyInfo since, like other ds:KeyInfo children,
it yields a key. This ds:KeyInfo is in turn a child of an
EncryptedData or EncryptedKey element. The
Algorithm attribute and KeySize child of the EncryptionMethod
element under this EncryptedData or EncryptedKey
element are implicit parameters to the key agreement computation. In cases
where this EncryptionMethod algorithm URI is
insufficient to determine the key length, a KeySize MUST have been included.
In addition, the sender may place a KA-Nonce element under
AgreementMethod to assure that different keying material is
generated even for repeated agreements using the same sender and recipient
public keys.
If the agreed key is being used to wrap a key, then
AgreementMethod would appear inside a ds:KeyInfo
inside an EncryptedKey element.
The Schema for AgreementMethod is as follows:
-
Method Summary
Modifier and TypeMethodDescriptionvoidAdds additionalAgreementMethodinformation.Returns additional information regarding theAgreementMethod.Returns the algorithm URI of thisCryptographicMethod.byte[]Returns abytearray.Returns information relating to the originator's shared secret.Returns information relating to the recipient's shared secret.voidRemoves additionalAgreementMethodinformation.voidsetKANonce(byte[] kanonce) Sets the KANonce.jjvoidsetOriginatorKeyInfo(KeyInfo keyInfo) Sets the information relating to the originator's shared secret.voidsetRecipientKeyInfo(KeyInfo keyInfo) Sets the information relating to the recipient's shared secret.
-
Method Details
-
getKANonce
byte[] getKANonce()Returns abytearray.- Returns:
- a
bytearray.
-
setKANonce
void setKANonce(byte[] kanonce) Sets the KANonce.jj- Parameters:
kanonce-
-
getAgreementMethodInformation
Returns additional information regarding theAgreementMethod.- Returns:
- additional information regarding the
AgreementMethod.
-
addAgreementMethodInformation
Adds additionalAgreementMethodinformation.- Parameters:
info- aElementthat represents additional information specified by
-
revoveAgreementMethodInformation
Removes additionalAgreementMethodinformation.- Parameters:
info- aElementthat represents additional information specified by
-
getOriginatorKeyInfo
KeyInfo getOriginatorKeyInfo()Returns information relating to the originator's shared secret.- Returns:
- information relating to the originator's shared secret.
-
setOriginatorKeyInfo
Sets the information relating to the originator's shared secret.- Parameters:
keyInfo- information relating to the originator's shared secret.
-
getRecipientKeyInfo
KeyInfo getRecipientKeyInfo()Returns information relating to the recipient's shared secret.- Returns:
- information relating to the recipient's shared secret.
-
setRecipientKeyInfo
Sets the information relating to the recipient's shared secret.- Parameters:
keyInfo- information relating to the recipient's shared secret.
-
getAlgorithm
String getAlgorithm()Returns the algorithm URI of thisCryptographicMethod.- Returns:
- the algorithm URI of this
CryptographicMethod
-