1 /* 2 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 package java.security.interfaces; 26 27 import java.security.PrivateKey; 28 import java.util.Optional; 29 30 /** 31 * An XEC private key is an encoded scalar value as described in RFC 7748. 32 * The decoding procedure defined in this RFC includes an operation that forces 33 * certain bits of the key to either 1 or 0. This operation is known as 34 * "pruning" or "clamping" the private key. Arrays returned by this interface 35 * are unpruned, and implementations will need to prune the array before 36 * using it in any numerical operations. 37 * 38 * @since 11 39 */ 40 public interface XECPrivateKey extends XECKey, PrivateKey { 41 42 /** 43 * Get the scalar value encoded as an unpruned byte array. A new copy of 44 * the array is returned each time this method is called. 45 * 46 * @return the unpruned encoded scalar value, or an empty Optional if the 47 * scalar cannot be extracted (e.g. if the provider is a hardware token 48 * and the private key is not allowed to leave the crypto boundary). 49 */ 50 Optional<byte[]> getScalar(); 51 } 52