Date: Mon, 8 Mar 1999 17:23:38 -0800 (PST)
From: Jan Luehe <Jan.Luehe@eng.sun.com>
Subject: RE: More security
To: java-security@java.sun.com, Frank.Yellin@eng.sun.com
Frank:
In your proposal, users who have executed a key agreement
protocol to create a shared DES or DES-EDE key (to encrypt
their traffic) would not be able to use that key with a Mac
algorithm. They first would have
to convert that key to an HmacMD5 key. I think this is overhead.
If I decided to add key objects of type "HmacMD5" and "HmacSHA1",
I would have to add 4 classes to the SunJCE provider package:
A KeyGenerator and SecretKey class for each.
This would grow the size of the provider package unnecessarily.
Below is the paragraph I added to the Mac chapter in the user
guide.
This implies that if your provider does not supply
KeyGenerator classes for "HmacMD5", you could use
javax.crypto.spec.SecretKeySpec to generate your own
key of that algorithm.
Jan
<H4>Initializing a Mac Object</H4>
<blockquote>
<P> A Mac object is always initialized with a (secret) key and may
optionally be initialized with a set of parameters, depending on the
underlying MAC algorithm.
<P> To initialize a Mac object, call one of its <code>init</code>
methods:
<pre>
public void init(Key key);
public void init(Key key, AlgorithmParameterSpec params);
</pre>
<P> You can initialize your Mac object with any (secret-)key object
that implements the <code>javax.crypto.SecretKey</code>
interface. This could be an object returned by
<code>javax.crypto.KeyGenerator.generateKey()</code>, or one that is
the result of a key agreement protocol, as returned by
<code>javax.crypto.KeyAgreement.generateSecret()</code>, or an
instance of <code>javax.crypto.spec.SecretKeySpec</code>.
<P> With some MAC algorithms, the (secret-)key algorithm associated
with the (secret-)key object used to initialize the Mac object does
not matter (this is the case with the HMAC-MD5 and HMAC-SHA1
implementations of the SunJCE provider). With others, however, the
(secret-)key algorithm does matter, and an
<code>InvalidKeyException</code> is thrown if a (secret-)key object
with an inappropriate (secret-)key algorithm is used.