Package org.opensaml.security.crypto.dh

Class DHSupport

java.lang.Object

org.opensaml.security.crypto.dh.DHSupport

public final class DHSupport
extends Object

Cryptography support related to Elliptic Curve.

Field Summary

Fields

Modifier and Type	Field	Description
private static final org.slf4j.Logger	LOG	Logger.

Constructor Summary

Constructors

Modifier	Constructor	Description
private	DHSupport()	Constructor.

Method Summary

Modifier and Type	Method	Description
static KeyPair	generateCompatibleKeyPair(DHPublicKey publicKey, String provider)	Generate a key pair whose parameters are compatible with those of the specified DH public key.
static BigInteger	getPrimeQDomainParameter(DHPublicKey publicKey)	Obtain the prime Q domain parameter from the specified DH public key.
static byte[]	performKeyAgreement(DHPublicKey publicKey, DHPrivateKey privateKey, String provider)	Perform DH key agreement between the given public and private keys.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG

@Nonnull
private static final org.slf4j.Logger LOG

Logger.

Constructor Details

DHSupport

private DHSupport()

Constructor.

Method Details

performKeyAgreement

@Nonnull
public static byte[] performKeyAgreement(@Nonnull
 DHPublicKey publicKey,
 @Nonnull
 DHPrivateKey privateKey,
 @Nullable
 String provider)
                                  throws NoSuchAlgorithmException,
NoSuchProviderException,
InvalidKeyException

Perform DH key agreement between the given public and private keys.

Parameters:

publicKey - the public key

privateKey - the private key

provider - the optional security provider to use

Returns:

the secret produced by key agreement

Throws:

NoSuchAlgorithmException - if algorithm is unknown

NoSuchProviderException - if provider is unknown

InvalidKeyException - if supplied key is invalid

generateCompatibleKeyPair

@Nonnull
public static KeyPair generateCompatibleKeyPair(@Nonnull
 DHPublicKey publicKey,
 @Nullable
 String provider)
                                         throws NoSuchAlgorithmException,
NoSuchProviderException,
InvalidAlgorithmParameterException

Generate a key pair whose parameters are compatible with those of the specified DH public key.

Parameters:

publicKey - the public key

provider - the optional security provider to use

Returns:

the generated key pair

Throws:

NoSuchAlgorithmException - if algorithm is unknown

NoSuchProviderException - if provider is unknown

InvalidAlgorithmParameterException - if the public key's DHParameterSpec is not supported

getPrimeQDomainParameter

@Nullable
public static BigInteger getPrimeQDomainParameter(@Nonnull
 DHPublicKey publicKey)

Obtain the prime Q domain parameter from the specified DH public key.

Java's interface for DH domain parameters DHParameterSpec doesn't expose the prime Q parameter, but in some contexts it is required, e.g XML Encryption DHKeyValue element. The approach here is to parse the ASN.1 encoding of the key directly.

Parameters:

publicKey - the public key

Returns:

the prime Q domain parameter, or null if could not be processed