Package org.opensaml.xmlsec.derivation.impl

Class DHLegacyKDF

  • public class DHLegacyKDF
extends Object
    Implementation of the key derivation function used with Diffie-Hellman Key Agreement With Legacy Key Derivation Function as defined in XML Encryption 1.1.

    • Field Detail

      • log

        private final org.slf4j.Logger log
        Logger.

      • digestMethod

        @Nullable
private String digestMethod
        Digest method.

      • nonce

        @Nullable
private String nonce
        Nonce.

    • Constructor Detail

      • DHLegacyKDF

        public DHLegacyKDF()

    • Method Detail

      • getDigestMethod

        @Nullable
public String getDigestMethod()
        Get the digest method algorithm URI.
        Returns:
        the algorithm URI

      • setDigestMethod

        public void setDigestMethod​(@Nullable
                            String newDigestMethod)
        Set the digest method algorithm URI.
        Parameters:
        newDigestMethod - the algorithm URI

      • getNonce

        @Nullable
public String getNonce()
        Get the Base64-encoded nonce value.
        Returns:
        the nonce value

      • setNonce

        public void setNonce​(@Nullable
                     String newNonce)
        Set the digest method algorithm URI.
        Parameters:
        newNonce - the algorithm URI

      • deriveBytes

        protected byte[] deriveBytes​(@Nonnull
                             byte[] secret,
                             @Nonnull
                             String encryptionAlgorithm,
                             @Nonnull
                             Integer keyLength)
                      throws KeyDerivationException
        Derive the key bytes from the specified inputs.
        Parameters:
        secret - the input secret
        encryptionAlgorithm - the encryption algorithm URI to be used with the derived key
        keyLength - the key length
        Returns:
        derived bytes the derived key bytes
        Throws:
        KeyDerivationException - if any of the inputs are invalid

      • digest

        protected byte[] digest​(int counter,
                        @Nonnull
                        String digestAlgorithm,
                        @Nonnull
                        byte[] secret,
                        @Nonnull
                        String encryptionAlgorithm,
                        @Nonnull
                        Integer keyLength,
                        @Nonnull
                        byte[] nonceBytes)
                 throws KeyDerivationException
        Produce the digest of the specified inputs according to XML Encryption section 1.1, section 5.6.2.2.
        Parameters:
        counter - the counter value
        digestAlgorithm - the JCA digest algorithm
        secret - the input secret
        encryptionAlgorithm - the encryption algorithm URI to be used with the derived key
        keyLength - the key length
        nonceBytes - the nonce, which may be an empty byte[] array, but not null
        Returns:
        digest output for the specified inputs
        Throws:
        KeyDerivationException - if any of the inputs are invalid