**javacard.security** 
 ====Class KeyAgreement  ====
  *[[javacard:java-card-api:object|java.lang.Object]] \\ 


 ----

public abstract class **KeyAgreement**extends [[javacard:java-card-api:Object|Object]] 



The KeyAgreement class is the base class for key agreement algorithms
 such as Diffie-Hellman and EC Diffie-Hellman [IEEE P1363]. Implementations
 of KeyAgreement algorithms must extend this class and implement all the
 abstract methods.

 A tear or card reset event resets an initialized KeyAgreement object to the
 state it was in when previously initialized via a call to init().




**Version:**
  1.0 
 



 ----






^ Field Summary ^^ 
| **static byte** | **[[javacard:java-card-api:KeyAgreement#ALG_EC_SVDP_DH|ALG_EC_SVDP_DH]] **          Elliptic curve secret value derivation primitive, Diffie-Hellman version, as per [IEEE P1363]. |
| **static byte** | **[[javacard:java-card-api:KeyAgreement#ALG_EC_SVDP_DHC|ALG_EC_SVDP_DHC]] **          Elliptic curve secret value derivation primitive, Diffie-Hellman version, with cofactor multiplication, as per [IEEE P1363]. |

 




^ Constructor Summary ^^ 
| **protected ** | **[[javacard:java-card-api:KeyAgreement#KeyAgreement()|KeyAgreement]] **()          Protected constructor. |

 




^ Method Summary ^^ 
| **abstract  short** | **[[javacard:java-card-api:KeyAgreement#generateSecret(byte[], short, short, byte[], short)|generateSecret]] **(byte[] publicData,short publicOffset,short publicLength,byte[] secret,short secretOffset)          Generates the secret data as per the requested algorithm using the PrivateKey specified during initialization and the public key data provided. |
| **abstract  byte** | **[[javacard:java-card-api:KeyAgreement#getAlgorithm()|getAlgorithm]] **()          Gets the KeyAgreement algorithm. |
| **static [[javacard:java-card-api:KeyAgreement|KeyAgreement]] ** | **[[javacard:java-card-api:KeyAgreement#getInstance(byte, boolean)|getInstance]] **(byte algorithm,boolean externalAccess)          Creates a KeyAgreement object instance of the selected algorithm. |
| **abstract  void** | **[[javacard:java-card-api:KeyAgreement#init(javacard.security.PrivateKey)|init]] **([[javacard:java-card-api:PrivateKey|PrivateKey]]  privKey)          Initializes the object with the given private key. |

 

^ Methods inherited from class java.lang.Object ^ 
| [[javacard:java-card-api:Object#equals(java.lang.Object)|equals]]  |

 






^ Field Detail ^ 



 === ALG_EC_SVDP_DH === 
public static final byte **ALG_EC_SVDP_DH**

Elliptic curve secret value derivation primitive, Diffie-Hellman
 version, as per [IEEE P1363].


**See Also:**[[javacard:java-card-api:constant-values#javacard.security.KeyAgreement.ALG_EC_SVDP_DH|Constant Field Values]]  
 

 
 


 ----


 === ALG_EC_SVDP_DHC === 
public static final byte **ALG_EC_SVDP_DHC**

Elliptic curve secret value derivation primitive, Diffie-Hellman
 version, with cofactor multiplication, as per [IEEE P1363].
 (output value is to be equal to that from ALG_EC_SVDP_DH)


**See Also:**[[javacard:java-card-api:constant-values#javacard.security.KeyAgreement.ALG_EC_SVDP_DHC|Constant Field Values]]  
 

 
 






^ Constructor Detail ^ 



 === KeyAgreement === 
protected **KeyAgreement**()

Protected constructor.

 
 






^ Method Detail ^ 



 === getInstance === 
public static final [[javacard:java-card-api:KeyAgreement|KeyAgreement]]  **getInstance**(byte algorithm,
boolean externalAccess)
throws [[javacard:java-card-api:CryptoException|CryptoException]] 

Creates a KeyAgreement object instance of the selected algorithm.

 
 

**Parameters:**algorithm - the desired key agreement algorithm
 Valid codes listed in ALG_* constants above, for example, [[javacard:java-card-api:KeyAgreement#ALG_EC_SVDP_DH|ALG_EC_SVDP_DH]] . 
 
externalAccess - if true indicates that the instance will be shared among
 multiple applet instances and that the KeyAgreement instance will also be accessed (via a Shareable
 interface) when the owner of the KeyAgreement instance is not the currently selected applet.
 If true the implementation must not 
 allocate CLEAR_ON_DESELECT transient space for internal data.
 
 
**Returns:**the KeyAgreement object instance of the requested algorithm
 
 
**Throws:**
[[javacard:java-card-api:CryptoException|CryptoException]]  - with the following reason codes:
 \\ 
 
  *CryptoException.NO_SUCH_ALGORITHM if the requested algorithm or shared access mode is not supported. 
 \\   
 

 
 



 ----


 === init === 
public abstract void **init**([[javacard:java-card-api:PrivateKey|PrivateKey]]  privKey)
throws [[javacard:java-card-api:CryptoException|CryptoException]] 

Initializes the object with the given private key.

 
 

**Parameters:**privKey - the private key
 
 
**Throws:**
[[javacard:java-card-api:CryptoException|CryptoException]]  - with the following reason codes:
 \\ 
 
  *CryptoException.ILLEGAL_VALUE if the input key type is inconsistent with the KeyAgreement algorithm,for example, if the KeyAgreement algorithm is ALG_EC_SVDP_DH and the key type isTYPE_RSA_PRIVATE, or if privKey is inconsistent with the implementation.
 \\ 
 
  *CryptoException.UNINITIALIZED_KEY if privKey is uninitialized, or if the KeyAgreement algorithm is set to ALG_EC_SVDP_DHC and the cofactor, K,has not been successfully initialized since the time the initialized state of the key was set to false.
 \\ 
   
 

 
 



 ----


 === getAlgorithm === 
public abstract byte **getAlgorithm**()

Gets the KeyAgreement algorithm.

 
 


**Returns:**the algorithm code defined above 
 

 
 



 ----


 === generateSecret === 
public abstract short **generateSecret**(byte[] publicData,
short publicOffset,
short publicLength,
byte[] secret,
short secretOffset)
throws [[javacard:java-card-api:CryptoException|CryptoException]] 

Generates the secret data as per the requested algorithm using the
 PrivateKey specified during initialization and the public key data
 provided.

 Note that in the case of the algorithms ALG_EC_SVDP_DH and ALG_EC_SVDP_DHC
 the public key data provided should be the public elliptic curve
 point of the second party in the protocol, specified as per ANSI X9.62.
 A specific implementation need not support the compressed form,
 but must support the uncompressed form of the point.

 
 

**Parameters:**publicData - buffer holding the public data of the second party 
 
publicOffset - offset into the publicData buffer at which the data begins 
 
publicLength - byte length of the public data 
 
secret - buffer to hold the secret output 
 
secretOffset - offset into the secret array at which to start writing
 the secret
 
 
**Returns:**byte length of the secret
 
 
**Throws:**
[[javacard:java-card-api:CryptoException|CryptoException]]  - with the following reason codes:
 \\ 
 
  *CryptoException.ILLEGAL_VALUE if the publicData data format is incorrect, or if the publicData data is inconsistent with the PrivateKey specified during initialization. 
 \\ 
  *CryptoException.INVALID_INIT if this KeyAgreement object is not initialized.
 \\