3-10 Oracle Fusion Middleware Reference for Oracle Security Developer Tools Example 3–15 Code Example for Key Agreement Create a DH key agreement object KeyAgreement dh = KeyAgreement.getInstanceAlgID.dhKeyAgreement; Set the private key and public key dh.setPrivateKeyprivKey; dh.setPublicKeyotherPubKey; Compute the shared secret byte[] sharedSecret = dh.generateSecret;

3.3.7 Pseudo-Random Number Generators

In cryptography, random numbers are used to generate keys. Cryptographic systems need cryptographically strong pseudo random numbers that cannot be guessed by an attacker. Oracle Crypto provides the following pseudo-random number generator PRNG classes: ■ The oracle.security.crypto.core.RandomBitsSource class ■ The oracle.security.crypto.core.EntropySource class

3.3.7.1 The oracle.security.crypto.core.RandomBitsSource class

RandomBitsSource is an abstract class representing secure PRNG implementations. Note that, by the very nature of PRNGs, the security of their output depends on the amount and quality of seeding entropy used. Implementing classes should provide guidance as to their proper initialization and use. The concrete classes extending the RandomBitsSource are the MD5RandomBitsSource, SHA1RandomBitsSource, and the DSARandomBitsSource classes. Create a new instance of RandomBitsSource by calling the static getDefault method to return the default PRNG: RandomBitsSource rbs = RandomBitsSource.getDefault; A RandomBitsSource object can also be created by instantiating one of the subclasses: RandomBitsSource rbs = new SHA1RandomBitsSource; By default, a newly created PRNG created from a subclass will be seeded. To seed a generic RandomBitsSource object, use one of the seed methods by using a byte array or an EntropySource object: rbs.seedmyByteArray; The object is then ready to generate random data: rbs.randomBytesmyRandomByteArray;

3.3.7.2 The oracle.security.crypto.core.EntropySource class

The EntropySource class provides a source of seed material for the PRNGs. The concrete classes extending the EntropySource are the SpinnerEntropySource and SREntropySource classes. Oracle Crypto 3-11 Create a new instance of EntropySource by calling the static getDefault method to return the default entropy source: EntropySource es = EntropySource.getDefault; You can also create an EntropySource object by instantiating one of the subclasses: EntropySource rbs = new SpinnerEntropySource; The entropy source is readied for use by using one of the generateByte methods: es.generateBytesmySeedingArray;

3.4 The Oracle Crypto Java API Reference

The Oracle Crypto Java API reference Javadoc is available at: Oracle Fusion Middleware Crypto Java API Reference for Oracle Security Developer Tools

3.5 Example Programs

For example programs using the Oracle Security Developer Tools, see the Oracle Technology Network Web Site at http:www.oracle.comtechnologysample_codeproductsid_ mgmtindex.html .