public class KDF2 extends KDF1
This class implements the Key Derivation Function (KDF) 2, defined in ISO/IEC 18033-2. A KDF is a function which derives keying material of desired length from a shared secret and additional, optional information. The KDF itself is further parameterized with, e.g., a cryptographic hash function.
An application which wants to use KDF2 has to obtain it via the KeyGenerator engine class.
KeyGenerator kdf2 = KeyGenerator.getInstance("KDF2", "IAIK");
A caller has to configure the KDF2 with a cryptographic hash function, like
SHA2-256, SHA3-256,...
. For that use KDF2ParameterSpec.
An example usage may look like this:
A AlgorithmID hashAlg = ...; int keyLength = ...; byte[] secretValue = ... KDF2ParameterSpec spec = new KDF2ParameterSpec(hashAlg, keyLength); spec.setSecretValue(secretValue); kg.init(spec); SecretKey key = (SecretKey) kg.generateKey();
If an implementation tries to use the KDF2 without a call to KDF1.engineInit(AlgorithmParameterSpec, SecureRandom), the class will throw an exception.
This class extends KDF1, because of the similarity of their workflow.
KDF2ParameterSpec
Modifier and Type | Field and Description |
---|---|
static ObjectID |
OID
The ASN.1 object identifier (1.3.133.16.840.9.44.1.1) for the KDF2 key derivation
function.
|
Constructor and Description |
---|
KDF2() |
Modifier and Type | Method and Description |
---|---|
protected javax.crypto.SecretKey |
engineGenerateKey()
Generates a key according to the specification of KDF2 with the provided
information.
|
protected HashBasedGenerationFunction |
generateHBGF(KDF1ParameterSpec spec)
Intern helper function to create an instance of HashBasedGenerationFunction.
|
protected java.lang.String |
name()
Outputs the algorithm name.
|
engineInit, engineInit, engineInit
public static final ObjectID OID
protected java.lang.String name()
protected HashBasedGenerationFunction generateHBGF(KDF1ParameterSpec spec)
Intern helper function to create an instance of HashBasedGenerationFunction. Note: Do not call this on your own.
generateHBGF
in class KDF1
protected javax.crypto.SecretKey engineGenerateKey()
Generates a key according to the specification of KDF2 with the provided information. This method returns an instance of SecretKey. To obtain the secret, call SecretKey.getEncoded().
engineGenerateKey
in class KDF1
InternalErrorException
- if the caller did not initialize the object accordingly.