@ThreadSafe public class ConcatKDF extends Object implements JCAAware<JCAContext>
See NIST.800-56A.
Constructor and Description |
---|
ConcatKDF(String jcaHashAlg)
Creates a new concatenation Key Derivation Function (KDF) with the
specified hash algorithm.
|
Modifier and Type | Method and Description |
---|---|
static byte[] |
composeOtherInfo(byte[] algID,
byte[] partyUInfo,
byte[] partyVInfo,
byte[] suppPubInfo,
byte[] suppPrivInfo)
Composes the other info as
algID || partyUInfo || partyVInfo
|| suppPubInfo || suppPrivInfo . |
static int |
computeDigestCycles(int digestLengthBits,
int keyLengthBits)
Computes the required digest (hashing) cycles for the specified
message digest length and derived key length.
|
SecretKey |
deriveKey(SecretKey sharedSecret,
int keyLengthBits,
byte[] otherInfo)
Derives a key from the specified inputs.
|
SecretKey |
deriveKey(SecretKey sharedSecret,
int keyLength,
byte[] algID,
byte[] partyUInfo,
byte[] partyVInfo,
byte[] suppPubInfo,
byte[] suppPrivInfo)
Derives a key from the specified inputs.
|
static byte[] |
encodeDataWithLength(Base64URL data)
Encodes the specified BASE64URL encoded data
data.length || data . |
static byte[] |
encodeDataWithLength(byte[] data)
Encodes the specified data as
data.length || data . |
static byte[] |
encodeIntData(int data)
Encodes the specified integer data as a four byte array.
|
static byte[] |
encodeNoData()
Encodes no / empty data as an empty byte array.
|
static byte[] |
encodeStringData(String data)
Encodes the specified string data as
data.length || data . |
String |
getHashAlgorithm()
Returns the JCA name of the hash algorithm.
|
JCAContext |
getJCAContext()
Returns the Java Cryptography Architecture (JCA) context.
|
public String getHashAlgorithm()
public JCAContext getJCAContext()
JCAAware
getJCAContext
in interface JCAAware<JCAContext>
null
.public SecretKey deriveKey(SecretKey sharedSecret, int keyLengthBits, byte[] otherInfo) throws JOSEException
sharedSecret
- The shared secret. Must not be null
.keyLengthBits
- The length of the key to derive, in bits.otherInfo
- Other info, null
if not specified.JOSEException
- If the key derivation failed.public SecretKey deriveKey(SecretKey sharedSecret, int keyLength, byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo) throws JOSEException
sharedSecret
- The shared secret. Must not be null
.keyLength
- The length of the key to derive, in bits.algID
- The algorithm identifier, null
if not
specified.partyUInfo
- The partyUInfo, null
if not specified.partyVInfo
- The partyVInfo null
if not specified.suppPubInfo
- The suppPubInfo, null
if not specified.suppPrivInfo
- The suppPrivInfo, null
if not specified.JOSEException
- If the key derivation failed.public static byte[] composeOtherInfo(byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo)
algID || partyUInfo || partyVInfo
|| suppPubInfo || suppPrivInfo
.algID
- The algorithm identifier, null
if not
specified.partyUInfo
- The partyUInfo, null
if not specified.partyVInfo
- The partyVInfo null
if not specified.suppPubInfo
- The suppPubInfo, null
if not specified.suppPrivInfo
- The suppPrivInfo, null
if not specified.public static int computeDigestCycles(int digestLengthBits, int keyLengthBits)
digestLengthBits
- The length of the message digest, in bits.keyLengthBits
- The length of the derived key, in bits.public static byte[] encodeNoData()
public static byte[] encodeIntData(int data)
data
- The integer data to encode.public static byte[] encodeStringData(String data)
data.length || data
.data
- The string data, UTF-8 encoded. May be null
.public static byte[] encodeDataWithLength(byte[] data)
data.length || data
.data
- The data to encode, may be null
.public static byte[] encodeDataWithLength(Base64URL data)
data.length || data
.data
- The data to encode, may be null
.Copyright © 2020 Connect2id Ltd.. All rights reserved.