iaik.security.kdf

Class HKDFExpandOnlyParameterSpec

java.lang.Object

iaik.security.kdf.HKDFExpandOnlyParameterSpec

All Implemented Interfaces:

java.security.spec.AlgorithmParameterSpec

Direct Known Subclasses:

HKDFParameterSpec

public class HKDFExpandOnlyParameterSpec
extends java.lang.Object
implements java.security.spec.AlgorithmParameterSpec

AlgorithmParameterSpec for the HKDF key derivation function.

Generally a HKDF KeyGenerator will be initialized by a HKDFParameterSpec to first extract a pseudorandom key from some input keying material and then extracts cryptographic strong secret keys from it. However, if the input already represents a good pseudorandom key (prk), this HKDFExpandOnlyParameterSpec maybe used to initialize the HKDF KeyGenerator to omit the extract step and only expand a secret key from the input prk:

 // the input key:
 byte[] prk = ...;
 // the info string:
 byte[] info = ...;
 // the length of the output key:
 byte[] l = ...;
 // create a HKDF KeyGenerator for the desired hash function:
 KeyGenerator hkdf = KeyGenerator.getInstance("HKDFwithSHA256");
 // initialize the HKDF:
 HKDFExpandOnlyParameterSpec hkdfParamSpec = new HKDFExpandOnlyParameterSpec(prk, info, L);
 hkdf.init(hkdfParamSpec, null);
 // generate the key:
 SecretKey key = hkdf.generateKey(); 
 

See Also:

HKDFParameterSpec, HKDF, HKDF.HKDFwithSHA1, HKDF.HKDFwithSHA224, HKDF.HKDFwithSHA256, HKDF.HKDFwithSHA384, HKDF.HKDFwithSHA512

Constructor Summary

Constructors

Constructor and Description
HKDFExpandOnlyParameterSpec(byte[] prk, byte[] info, int l) Creates a HKDFExpandOnlyParameterSpec for the given pseudo-random key, optional context and application specific information and length of the output keying material.
HKDFExpandOnlyParameterSpec(javax.crypto.SecretKey prk, byte[] info, int l) Creates a HKDFExpandOnlyParameterSpec for the given pseudo-random key, optional context and application specific information and length of the output keying material.

Method Summary

Modifier and Type	Method and Description
byte[]	getInfo() Gets the optional context and application specific information.
int	getL() Gets the length of output keying material in octets.
javax.crypto.SecretKey	getPRK() Gets the pseudo-random key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

HKDFExpandOnlyParameterSpec

public HKDFExpandOnlyParameterSpec(javax.crypto.SecretKey prk,
                                   byte[] info,
                                   int l)

Creates a HKDFExpandOnlyParameterSpec for the given pseudo-random key, optional context and application specific information and length of the output keying material.

Parameters:

prk - the pseudo-random key (of at least HashLen octets)

info - the optional context and application specific information (may be null)

l - the length of output keying material in octets (<= 255*hashLen)

HKDFExpandOnlyParameterSpec

public HKDFExpandOnlyParameterSpec(byte[] prk,
                                   byte[] info,
                                   int l)

Creates a HKDFExpandOnlyParameterSpec for the given pseudo-random key, optional context and application specific information and length of the output keying material.

Parameters:

prk - the pseudo-random key (as byte array of at least HashLen octets)

info - the optional context and application specific information (may be a null)

l - the length of output keying material in octets (<= 255*hashLen)

Method Detail

getPRK

public javax.crypto.SecretKey getPRK()

Gets the pseudo-random key.

Returns:

the pseudo-random key

getInfo

public byte[] getInfo()

Gets the optional context and application specific information.

Returns:

the info value or null if it has not been set

getL

public int getL()

Gets the length of output keying material in octets.

Returns:

the length of output keying material in octets