Package com.nimbusds.jose.crypto.impl

Class ConcatKDF

  • All Implemented Interfaces:
    JCAAware<JCAContext>
    @ThreadSafe
public class ConcatKDF
extends Object
implements JCAAware<JCAContext>
    Concatenation Key Derivation Function (KDF). This class is thread-safe.

    See NIST.800-56A.

    Version:
    2017-06-01
    Author:
    Vladimir Dzhuvinov

    • Constructor Summary

      Constructors 
      Constructor Description
      ConcatKDF​(String jcaHashAlg)
      Creates a new concatenation Key Derivation Function (KDF) with the specified hash algorithm.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static byte[] composeOtherInfo​(byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo)
      Composes the other info as algID || partyUInfo || partyVInfo || suppPubInfo || suppPrivInfo.
      static byte[] composeOtherInfo​(byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo, byte[] tag)
      Composes the other info as algID || partyUInfo || partyVInfo || suppPubInfo || suppPrivInfo || tag.
      static int computeDigestCycles​(int digestLengthBits, int keyLengthBits)
      Computes the required digest (hashing) cycles for the specified message digest length and derived key length.
      SecretKey deriveKey​(SecretKey sharedSecret, int keyLengthBits, byte[] otherInfo)
      Derives a key from the specified inputs.
      SecretKey deriveKey​(SecretKey sharedSecret, int keyLength, byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo)
      Derives a key from the specified inputs.
      SecretKey deriveKey​(SecretKey sharedSecret, int keyLength, byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo, byte[] tag)
      Derives a key from the specified inputs.
      static byte[] encodeDataWithLength​(byte[] data)
      Encodes the specified data as data.length || data.
      static byte[] encodeDataWithLength​(Base64URL data)
      Encodes the specified BASE64URL encoded data data.length || data.
      static byte[] encodeIntData​(int data)
      Encodes the specified integer data as a four byte array.
      static byte[] encodeNoData()
      Encodes no / empty data as an empty byte array.
      static byte[] encodeStringData​(String data)
      Encodes the specified string data as data.length || data.
      String getHashAlgorithm()
      Returns the JCA name of the hash algorithm.
      JCAContext getJCAContext()
      Returns the Java Cryptography Architecture (JCA) context.

    • Constructor Detail

      • ConcatKDF

        public ConcatKDF​(String jcaHashAlg)
        Creates a new concatenation Key Derivation Function (KDF) with the specified hash algorithm.
        Parameters:
        jcaHashAlg - The JCA name of the hash algorithm. Must be supported and not null.

    • Method Detail

      • getHashAlgorithm

        public String getHashAlgorithm()
        Returns the JCA name of the hash algorithm.
        Returns:
        The JCA name of the hash algorithm.

      • getJCAContext

        public JCAContext getJCAContext()
        Description copied from interface: JCAAware
        Returns the Java Cryptography Architecture (JCA) context. May be used to set a specific JCA security provider or secure random generator.
        Specified by:
        getJCAContext in interface JCAAware<JCAContext>
        Returns:
        The JCA context. Not null.

      • deriveKey

        public SecretKey deriveKey​(SecretKey sharedSecret,
                           int keyLengthBits,
                           byte[] otherInfo)
                    throws JOSEException
        Derives a key from the specified inputs.
        Parameters:
        sharedSecret - The shared secret. Must not be null.
        keyLengthBits - The length of the key to derive, in bits.
        otherInfo - Other info, null if not specified.
        Returns:
        The derived key, with algorithm set to "AES".
        Throws:
        JOSEException - If the key derivation failed.

      • deriveKey

        public SecretKey deriveKey​(SecretKey sharedSecret,
                           int keyLength,
                           byte[] algID,
                           byte[] partyUInfo,
                           byte[] partyVInfo,
                           byte[] suppPubInfo,
                           byte[] suppPrivInfo)
                    throws JOSEException
        Derives a key from the specified inputs.
        Parameters:
        sharedSecret - The shared secret. Must not be null.
        keyLength - The length of the key to derive, in bits.
        algID - The algorithm identifier, null if not specified.
        partyUInfo - The partyUInfo, null if not specified.
        partyVInfo - The partyVInfo null if not specified.
        suppPubInfo - The suppPubInfo, null if not specified.
        suppPrivInfo - The suppPrivInfo, null if not specified.
        Returns:
        The derived key, with algorithm set to "AES".
        Throws:
        JOSEException - If the key derivation failed.

      • deriveKey

        public SecretKey deriveKey​(SecretKey sharedSecret,
                           int keyLength,
                           byte[] algID,
                           byte[] partyUInfo,
                           byte[] partyVInfo,
                           byte[] suppPubInfo,
                           byte[] suppPrivInfo,
                           byte[] tag)
                    throws JOSEException
        Derives a key from the specified inputs.
        Parameters:
        sharedSecret - The shared secret. Must not be null.
        keyLength - The length of the key to derive, in bits.
        algID - The algorithm identifier, null if not specified.
        partyUInfo - The partyUInfo, null if not specified.
        partyVInfo - The partyVInfo null if not specified.
        suppPubInfo - The suppPubInfo, null if not specified.
        suppPrivInfo - The suppPrivInfo, null if not specified.
        Returns:
        The derived key, with algorithm set to "AES".
        Throws:
        JOSEException - If the key derivation failed.

      • composeOtherInfo

        public static byte[] composeOtherInfo​(byte[] algID,
                                      byte[] partyUInfo,
                                      byte[] partyVInfo,
                                      byte[] suppPubInfo,
                                      byte[] suppPrivInfo)
        Composes the other info as algID || partyUInfo || partyVInfo || suppPubInfo || suppPrivInfo.
        Parameters:
        algID - The algorithm identifier, null if not specified.
        partyUInfo - The partyUInfo, null if not specified.
        partyVInfo - The partyVInfo null if not specified.
        suppPubInfo - The suppPubInfo, null if not specified.
        suppPrivInfo - The suppPrivInfo, null if not specified.
        Returns:
        The resulting other info.

      • composeOtherInfo

        public static byte[] composeOtherInfo​(byte[] algID,
                                      byte[] partyUInfo,
                                      byte[] partyVInfo,
                                      byte[] suppPubInfo,
                                      byte[] suppPrivInfo,
                                      byte[] tag)
        Composes the other info as algID || partyUInfo || partyVInfo || suppPubInfo || suppPrivInfo || tag.
        Parameters:
        algID - The algorithm identifier, null if not specified.
        partyUInfo - The partyUInfo, null if not specified.
        partyVInfo - The partyVInfo null if not specified.
        suppPubInfo - The suppPubInfo, null if not specified.
        suppPrivInfo - The suppPrivInfo, null if not specified.
        tag - The cctag, null if not specified.
        Returns:
        The resulting other info.

      • computeDigestCycles

        public static int computeDigestCycles​(int digestLengthBits,
                                      int keyLengthBits)
        Computes the required digest (hashing) cycles for the specified message digest length and derived key length.
        Parameters:
        digestLengthBits - The length of the message digest, in bits.
        keyLengthBits - The length of the derived key, in bits.
        Returns:
        The digest cycles.

      • encodeNoData

        public static byte[] encodeNoData()
        Encodes no / empty data as an empty byte array.
        Returns:
        The encoded data.

      • encodeIntData

        public static byte[] encodeIntData​(int data)
        Encodes the specified integer data as a four byte array.
        Parameters:
        data - The integer data to encode.
        Returns:
        The encoded data.

      • encodeStringData

        public static byte[] encodeStringData​(String data)
        Encodes the specified string data as data.length || data.
        Parameters:
        data - The string data, UTF-8 encoded. May be null.
        Returns:
        The encoded data.

      • encodeDataWithLength

        public static byte[] encodeDataWithLength​(byte[] data)
        Encodes the specified data as data.length || data.
        Parameters:
        data - The data to encode, may be null.
        Returns:
        The encoded data.

      • encodeDataWithLength

        public static byte[] encodeDataWithLength​(Base64URL data)
        Encodes the specified BASE64URL encoded data data.length || data.
        Parameters:
        data - The data to encode, may be null.
        Returns:
        The encoded data.