@ThreadSafe public class ConcatKDF extends Object implements JCAAware<JCAContext>
See NIST.800-56A.
| Constructor and Description |
|---|
ConcatKDF(String jcaHashAlg)
Creates a new concatenation Key Derivation Function (KDF) with the
specified hash algorithm.
|
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
composeOtherInfo(byte[] algID,
byte[] partyUInfo,
byte[] partyVInfo,
byte[] suppPubInfo,
byte[] suppPrivInfo)
Composes the other info as
algID || partyUInfo || partyVInfo
|| suppPubInfo || suppPrivInfo. |
static int |
computeDigestCycles(int digestLengthBits,
int keyLengthBits)
Computes the required digest (hashing) cycles for the specified
message digest length and derived key length.
|
SecretKey |
deriveKey(SecretKey sharedSecret,
int keyLengthBits,
byte[] otherInfo)
Derives a key from the specified inputs.
|
SecretKey |
deriveKey(SecretKey sharedSecret,
int keyLength,
byte[] algID,
byte[] partyUInfo,
byte[] partyVInfo,
byte[] suppPubInfo,
byte[] suppPrivInfo)
Derives a key from the specified inputs.
|
static byte[] |
encodeDataWithLength(Base64URL data)
Encodes the specified BASE64URL encoded data
data.length || data. |
static byte[] |
encodeDataWithLength(byte[] data)
Encodes the specified data as
data.length || data. |
static byte[] |
encodeIntData(int data)
Encodes the specified integer data as a four byte array.
|
static byte[] |
encodeNoData()
Encodes no / empty data as an empty byte array.
|
static byte[] |
encodeStringData(String data)
Encodes the specified string data as
data.length || data. |
String |
getHashAlgorithm()
Returns the JCA name of the hash algorithm.
|
JCAContext |
getJCAContext()
Returns the Java Cryptography Architecture (JCA) context.
|
public String getHashAlgorithm()
public JCAContext getJCAContext()
JCAAwaregetJCAContext in interface JCAAware<JCAContext>null.public SecretKey deriveKey(SecretKey sharedSecret, int keyLengthBits, byte[] otherInfo) throws JOSEException
sharedSecret - The shared secret. Must not be null.keyLengthBits - The length of the key to derive, in bits.otherInfo - Other info, null if not specified.JOSEException - If the key derivation failed.public SecretKey deriveKey(SecretKey sharedSecret, int keyLength, byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo) throws JOSEException
sharedSecret - The shared secret. Must not be null.keyLength - The length of the key to derive, in bits.algID - The algorithm identifier, null if not
specified.partyUInfo - The partyUInfo, null if not specified.partyVInfo - The partyVInfo null if not specified.suppPubInfo - The suppPubInfo, null if not specified.suppPrivInfo - The suppPrivInfo, null if not specified.JOSEException - If the key derivation failed.public static byte[] composeOtherInfo(byte[] algID, byte[] partyUInfo, byte[] partyVInfo, byte[] suppPubInfo, byte[] suppPrivInfo)
algID || partyUInfo || partyVInfo
|| suppPubInfo || suppPrivInfo.algID - The algorithm identifier, null if not
specified.partyUInfo - The partyUInfo, null if not specified.partyVInfo - The partyVInfo null if not specified.suppPubInfo - The suppPubInfo, null if not specified.suppPrivInfo - The suppPrivInfo, null if not specified.public static int computeDigestCycles(int digestLengthBits, int keyLengthBits)
digestLengthBits - The length of the message digest, in bits.keyLengthBits - The length of the derived key, in bits.public static byte[] encodeNoData()
public static byte[] encodeIntData(int data)
data - The integer data to encode.public static byte[] encodeStringData(String data)
data.length || data.data - The string data, UTF-8 encoded. May be null.public static byte[] encodeDataWithLength(byte[] data)
data.length || data.data - The data to encode, may be null.public static byte[] encodeDataWithLength(Base64URL data)
data.length || data.data - The data to encode, may be null.Copyright © 2019 Connect2id Ltd.. All rights reserved.