public final class HKDFParameterSpec extends Object implements KDFParameterSpec
HKDF key derivation function as
specified in [1], [2] and [32].
References:
[1] RFC 5869, HMAC-based Extract-and-Expand Key Derivation Function (HKDF), see RFC 5869
[2] RFC 8418, Use of the Elliptic Curve Diffie-Hellman Key Agreement Algorithm with X25519 and X448 in the Cryptographic Message Syntax (CMS), see RFC 8418
[3] RFC 8619, Algorithm Identifiers for the HMAC-based Extract-and-Expand Key Derivation Function (HKDF), see RFC 8619
The parameters consist of hash algorithm to be used, the length of the key to be
generated, optional shared information and user keying material. The shared information
represents the optional context and application specific information input to the
expand function, and the user keying material represents the optional
salt input to the extract function.
The toASN1Object() method of this HKDFParameterSpec class
returns the HKDF algorithm identifier according to RFC 8619 depending on the
hash function that is used:
id-alg-hkdf-with-sha256 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 28 }
id-alg-hkdf-with-sha384 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 29 }
id-alg-hkdf-with-sha512 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 30 }
| Constructor and Description |
|---|
HKDFParameterSpec(iaik.asn1.structures.AlgorithmID hashAlgID,
int keyLength,
byte[] sharedInformation,
byte[] ukm)
Creates a new HKDF parameter spec object with shared information.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
equals(Object obj) |
iaik.asn1.structures.AlgorithmID |
getID()
Retruns returns the HKDF algorithm identifier for this
HKDFParameterSpec according to RFC 8619.
|
int |
getKeyLength()
Returns the length of the key to be generated.
|
byte[] |
getSharedInformation()
Returns the optional shared information.
|
byte[] |
getUKM()
Returns the optional user keying material.
|
int |
hashCode() |
iaik.asn1.ASN1Object |
toASN1Object()
This method returns the HKDF algorithm identifier for this
HKDFParameterSpec as ASN1Object according to RFC 8619.
|
public HKDFParameterSpec(iaik.asn1.structures.AlgorithmID hashAlgID,
int keyLength,
byte[] sharedInformation,
byte[] ukm)
hashAlgID - the message digest algorithm id that will be used to derive the keying datakeyLength - the length of the key to be generated/derived in bitssharedInformation - an octet string holding the shared informationukm - optional user keying material of the sender (used as HKF salt)public int getKeyLength()
public byte[] getSharedInformation()
null if no shared information is availablepublic byte[] getUKM()
null if no user keying material is available.public iaik.asn1.structures.AlgorithmID getID()
RFC 8619 specifies the following algorithm identifiers for HKDF:
id-alg-hkdf-with-sha256 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 28 }
id-alg-hkdf-with-sha384 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 29 }
id-alg-hkdf-with-sha512 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 30 }
public iaik.asn1.ASN1Object toASN1Object()
RFC 8619 specifies the following algorithm identifiers for HKDF:
id-alg-hkdf-with-sha256 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 28 }
id-alg-hkdf-with-sha384 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 29 }
id-alg-hkdf-with-sha512 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 30 }
toASN1Object in interface KDFParameterSpecCopyright © 2011–2022 Stiftung SIC. All rights reserved.