KDF2 (6.2 API Documentation)

Skip navigation links

IAIK-JCE Provider API Documentation
Version 6.2

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- javax.crypto.KeyGeneratorSpi
- - iaik.security.kdf.KDF1
  - - iaik.security.kdf.KDF2

Direct Known Subclasses:

KDF3
```
public class KDF2
extends KDF1
```
This class implements the Key Derivation Function (KDF) 2, defined in ISO/IEC 18033-2. A KDF is a function which derives keying material of desired length from a shared secret and additional, optional information. The KDF itself is further parameterized with, e.g., a cryptographic hash function.

An application which wants to use KDF2 has to obtain it via the KeyGenerator engine class.
```
     KeyGenerator kdf2 = KeyGenerator.getInstance("KDF2", "IAIK");
 
```
A caller has to configure the KDF2 with a cryptographic hash function, like SHA2-256, SHA3-256,.... For that use KDF2ParameterSpec. An example usage may look like this:
```
A
     AlgorithmID hashAlg = ...;
     int keyLength = ...;
     byte[] secretValue = ...
     KDF2ParameterSpec spec = new KDF2ParameterSpec(hashAlg, keyLength);
     spec.setSecretValue(secretValue);
     kg.init(spec);
     SecretKey key = (SecretKey) kg.generateKey();
 
```
If an implementation tries to use the KDF2 without a call to KDF1.engineInit(AlgorithmParameterSpec, SecureRandom), the class will throw an exception.

This class extends KDF1, because of the similarity of their workflow.
See Also:

KDF2ParameterSpec

Field Summary

Fields
Modifier and Type Field and Description

static ObjectID OID
The ASN.1 object identifier (1.3.133.16.840.9.44.1.1) for the KDF2 key derivation function.

Constructor Summary

Constructors
Constructor and Description

KDF2()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected javax.crypto.SecretKey`	`engineGenerateKey()` Generates a key according to the specification of KDF2 with the provided information.
`protected HashBasedGenerationFunction`	`generateHBGF(KDF1ParameterSpec spec)` Intern helper function to create an instance of HashBasedGenerationFunction.
`protected java.lang.String`	`name()` Outputs the algorithm name.

Methods inherited from class iaik.security.kdf.KDF1
engineInit, engineInit, engineInit

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - OID
```
public static final ObjectID OID
```
    The ASN.1 object identifier (1.3.133.16.840.9.44.1.1) for the KDF2 key derivation function.
- Constructor Detail
  - KDF2
```
public KDF2()
```
- Method Detail
  - name
```
protected java.lang.String name()
```
    Outputs the algorithm name. Will always return "KDF2".
    
    Overrides:
    
    name in class KDF1
    
    Returns:
    
    "KDF2"
  - generateHBGF
```
protected HashBasedGenerationFunction generateHBGF(KDF1ParameterSpec spec)
```
    Intern helper function to create an instance of HashBasedGenerationFunction. Note: Do not call this on your own.
    
    Overrides:
    
    generateHBGF in class KDF1
  - engineGenerateKey
```
protected javax.crypto.SecretKey engineGenerateKey()
```
    Generates a key according to the specification of KDF2 with the provided information. This method returns an instance of SecretKey. To obtain the secret, call SecretKey.getEncoded().
    
    Overrides:
    
    engineGenerateKey in class KDF1
    
    Returns:
    
    an instance of SecretKey holding the derived secret.
    
    Throws:
    
    InternalErrorException - if the caller did not initialize the object accordingly.

Skip navigation links

This Javadoc may contain text parts from IETF Internet Standard specifications (see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS, see copyright note).

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

6.2
(c) 2002 IAIK, (c) 2003 - 2025 SIC