iaik.security.kdf

Class HKDFParameterSpec

java.lang.Object

iaik.security.kdf.HKDFExpandOnlyParameterSpec

iaik.security.kdf.HKDFParameterSpec

All Implemented Interfaces:

java.security.spec.AlgorithmParameterSpec

public class HKDFParameterSpec
extends HKDFExpandOnlyParameterSpec

AlgorithmParameterSpec for the HKDF key derivation function.

This HKDFParameterSpec maybe used to initialize a HKDF KeyGenerator with the input keying material (IKM), salt value, context and application specific information string, and the length of the output keying material to be derived (salt and info string are optional; if not provided they are set to a strings of hashLen zeros and a zero-length string, respectively), e.g.:

 // the salt:
 byte[] salt = ...;
 // the input keying material:
 byte[] ikm = ...;
 // the info string:
 byte[] info = ...;
 // the length of the output key:
 byte[] l = ...;
 // create a HKDF KeyGenerator for the desired hash function:
 KeyGenerator hkdf = KeyGenerator.getInstance("HKDFwithSHA256");
 // initialize the HKDF:
 HKDFParameterSpec hkdfParamSpec = new HKDFParameterSpec(salt, ikm, info, L);
 hkdf.init(hkdfParamSpec, null);
 // generate the key:
 SecretKey key = hkdf.generateKey(); 
 

See Also:

HKDF, HKDF.HKDFwithSHA1, HKDF.HKDFwithSHA224, HKDF.HKDFwithSHA256, HKDF.HKDFwithSHA384, HKDF.HKDFwithSHA512

Constructor Summary

Constructors

Constructor and Description
HKDFParameterSpec(byte[] salt, byte[] ikm, byte[] info, int l) Creates a HKDFParameterSpec for the given the salt value, the input keying material, optional context and application specific information and length of the output keying material.
HKDFParameterSpec(byte[] salt, javax.crypto.SecretKey ikm, byte[] info, int l) Creates a HKDFParameterSpec for the given the salt value, the input keying material, optional context and application specific information and length of the output keying material.

Method Summary

Methods

Modifier and Type	Method and Description
javax.crypto.SecretKey	getIKM() Gets the input keying material.
byte[]	getSalt() Gets the salt value.

Methods inherited from class iaik.security.kdf.HKDFExpandOnlyParameterSpec

getInfo, getL, getPRK

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

HKDFParameterSpec

public HKDFParameterSpec(byte[] salt,
                 byte[] ikm,
                 byte[] info,
                 int l)

Creates a HKDFParameterSpec for the given the salt value, the input keying material, optional context and application specific information and length of the output keying material.

Parameters:

salt - the salt value (if null it is set to a string of HashLen zeros)

ikm - the input keying material (as byte array)

info - the optional context and application specific information (may be null)

l - the length of output keying material in octets (<= 255*hashLen)

HKDFParameterSpec

public HKDFParameterSpec(byte[] salt,
                 javax.crypto.SecretKey ikm,
                 byte[] info,
                 int l)

Creates a HKDFParameterSpec for the given the salt value, the input keying material, optional context and application specific information and length of the output keying material.

Parameters:

salt - the salt value (if null it is set to a string of HashLen zeros)

ikm - the input keying material

info - the optional context and application specific information (may be null)

l - the length of output keying material in octets (<= 255*hashLen)

Method Detail

getSalt

public byte[] getSalt()

Gets the salt value.

Returns:

the salt value or null if it has not been set

getIKM

public javax.crypto.SecretKey getIKM()

Gets the input keying material.

Returns:

the input keying material