Package org.opensaml.xmlsec.derivation.impl

Class DHLegacyKDF

java.lang.Object

org.opensaml.xmlsec.derivation.impl.DHLegacyKDF

public class DHLegacyKDF
extends Object

Implementation of the key derivation function used with Diffie-Hellman Key Agreement With Legacy Key Derivation Function as defined in XML Encryption 1.1.

Field Summary

Fields

Modifier and Type	Field	Description
private String	digestMethod	Digest method.
private final org.slf4j.Logger	log	Logger.
private String	nonce	Nonce.

Constructor Summary

Constructors

Constructor	Description
DHLegacyKDF()

Method Summary

Modifier and Type	Method	Description
SecretKey	derive(byte[] secret, String keyAlgorithm, Integer keyLength)	Derrive secret key from inouts.
protected byte[]	deriveBytes(byte[] secret, String encryptionAlgorithm, Integer keyLength)	Derive the key bytes from the specified inputs.
protected byte[]	digest(int counter, String digestAlgorithm, byte[] secret, String encryptionAlgorithm, Integer keyLength, byte[] nonceBytes)	Produce the digest of the specified inputs according to XML Encryption section 1.1, section 5.6.2.2.
String	getDigestMethod()	Get the digest method algorithm URI.
String	getNonce()	Get the Base64-encoded nonce value.
void	setDigestMethod(String newDigestMethod)	Set the digest method algorithm URI.
void	setNonce(String newNonce)	Set the digest method algorithm URI.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

log

@Nonnull
private final org.slf4j.Logger log

Logger.

digestMethod

@Nullable
private String digestMethod

Digest method.

nonce

@Nullable
private String nonce

Nonce.

Constructor Details

DHLegacyKDF

public DHLegacyKDF()

Method Details

getDigestMethod

@Nullable
public String getDigestMethod()

Get the digest method algorithm URI.

Returns:

the algorithm URI

setDigestMethod

public void setDigestMethod(@Nullable
 String newDigestMethod)

Set the digest method algorithm URI.

Parameters:

newDigestMethod - the algorithm URI

getNonce

@Nullable
public String getNonce()

Get the Base64-encoded nonce value.

Returns:

the nonce value

setNonce

public void setNonce(@Nullable
 String newNonce)

Set the digest method algorithm URI.

Parameters:

newNonce - the algorithm URI

derive

@Nonnull
public SecretKey derive(@Nonnull
 byte[] secret,
 @Nonnull
 String keyAlgorithm,
 @Nullable
 Integer keyLength)
                 throws KeyDerivationException

Derrive secret key from inouts.

Parameters:

secret - underlying secret

keyAlgorithm - key algorithm

keyLength - key length

Returns:

derived key

Throws:

KeyDerivationException - on failure

deriveBytes

protected byte[] deriveBytes(@Nonnull
 byte[] secret,
 @Nonnull
 String encryptionAlgorithm,
 @Nonnull
 Integer keyLength)
                      throws KeyDerivationException

Derive the key bytes from the specified inputs.

Parameters:

secret - the input secret

encryptionAlgorithm - the encryption algorithm URI to be used with the derived key

keyLength - the key length

Returns:

derived bytes the derived key bytes

Throws:

KeyDerivationException - if any of the inputs are invalid

digest

protected byte[] digest(int counter,
 @Nonnull
 String digestAlgorithm,
 @Nonnull
 byte[] secret,
 @Nonnull
 String encryptionAlgorithm,
 @Nonnull
 Integer keyLength,
 @Nonnull
 byte[] nonceBytes)
                 throws KeyDerivationException

Produce the digest of the specified inputs according to XML Encryption section 1.1, section 5.6.2.2.

Parameters:

counter - the counter value

digestAlgorithm - the JCA digest algorithm

secret - the input secret

encryptionAlgorithm - the encryption algorithm URI to be used with the derived key

keyLength - the key length

nonceBytes - the nonce, which may be an empty byte[] array, but not null

Returns:

digest output for the specified inputs

Throws:

KeyDerivationException - if any of the inputs are invalid