Module java.base
Package java.security

Enum DrbgParameters.Capability

java.lang.Object
java.lang.Enum<DrbgParameters.Capability>
java.security.DrbgParameters.Capability
All Implemented Interfaces:
Serializable, Comparable<DrbgParameters.Capability>, Constable
Enclosing class:
DrbgParameters

public static enum DrbgParameters.Capability
extends Enum<DrbgParameters.Capability>
The reseedable and prediction resistance capabilities of a DRBG.

When this object is passed to a SecureRandom.getInstance() call, it is the requested minimum capability. When it's returned from SecureRandom.getParameters(), it is the effective capability.

Please note that while the Instantiate_function defined in NIST SP 800-90Ar1 only includes a prediction_resistance_flag parameter, the Capability type includes an extra value RESEED_ONLY because reseeding is an optional function. If NONE is used in an Instantiation object in calling the SecureRandom.getInstance method, the returned DRBG instance is not guaranteed to support reseeding. If RESEED_ONLY or PR_AND_RESEED is used, the instance must support reseeding.

The table below lists possible effective values if a certain capability is requested, i.e.

 Capability requested = ...;
 SecureRandom s = SecureRandom.getInstance("DRBG",
         DrbgParameters(-1, requested, null));
 Capability effective = ((DrbgParametes.Initiate) s.getParameters())
         .getCapability();
requested and effective capabilities
Requested Value Possible Effective Values
NONENONE, RESEED_ONLY, PR_AND_RESEED
RESEED_ONLYRESEED_ONLY, PR_AND_RESEED
PR_AND_RESEEDPR_AND_RESEED

A DRBG implementation supporting prediction resistance must also support reseeding.

Since:
9