Class JceTlsSecret
- java.lang.Object
-
- org.bouncycastle.tls.crypto.impl.AbstractTlsSecret
-
- org.bouncycastle.tls.crypto.impl.jcajce.JceTlsSecret
-
- All Implemented Interfaces:
TlsSecret
public class JceTlsSecret extends AbstractTlsSecret
JCE support class for handling TLS secrets and deriving key material and other secrets from them.
-
-
Field Summary
Fields Modifier and Type Field Description protected JcaTlsCrypto
crypto
-
Fields inherited from class org.bouncycastle.tls.crypto.impl.AbstractTlsSecret
data
-
-
Constructor Summary
Constructors Constructor Description JceTlsSecret(JcaTlsCrypto crypto, byte[] data)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description TlsSecret
deriveUsingPRF(int prfAlgorithm, java.lang.String label, byte[] seed, int length)
Return a new secret based on applying a PRF to this one.protected AbstractTlsCrypto
getCrypto()
TlsSecret
hkdfExpand(short hashAlgorithm, byte[] info, int length)
RFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk').TlsSecret
hkdfExtract(short hashAlgorithm, byte[] ikm)
RFC 5869 HKDF-Extract function, with this secret's data as the 'salt'.protected void
hmacHash(java.lang.String digestName, byte[] secret, int secretOff, int secretLen, byte[] seed, byte[] output)
protected byte[]
prf(int prfAlgorithm, java.lang.String label, byte[] seed, int length)
protected byte[]
prf_1_0(byte[] labelSeed, int length)
protected byte[]
prf_1_2(int prfAlgorithm, byte[] labelSeed, int length)
protected byte[]
prf_SSL(byte[] seed, int length)
-
Methods inherited from class org.bouncycastle.tls.crypto.impl.AbstractTlsSecret
checkAlive, destroy, encrypt, extract, isAlive
-
-
-
-
Field Detail
-
crypto
protected final JcaTlsCrypto crypto
-
-
Constructor Detail
-
JceTlsSecret
public JceTlsSecret(JcaTlsCrypto crypto, byte[] data)
-
-
Method Detail
-
deriveUsingPRF
public TlsSecret deriveUsingPRF(int prfAlgorithm, java.lang.String label, byte[] seed, int length)
Description copied from interface:TlsSecret
Return a new secret based on applying a PRF to this one.- Parameters:
prfAlgorithm
- PRF algorithm to use.label
- the label details.seed
- the seed details.length
- the size (in bytes) of the secret to generate.- Returns:
- the new secret.
-
hkdfExpand
public TlsSecret hkdfExpand(short hashAlgorithm, byte[] info, int length)
Description copied from interface:TlsSecret
RFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk').- Parameters:
hashAlgorithm
- the hash algorithm to instantiate HMAC with. SeeHashAlgorithm
for values.info
- optional context and application specific information (can be zero-length).length
- length of output keying material in octets.- Returns:
- output keying material (of 'length' octets).
-
hkdfExtract
public TlsSecret hkdfExtract(short hashAlgorithm, byte[] ikm)
Description copied from interface:TlsSecret
RFC 5869 HKDF-Extract function, with this secret's data as the 'salt'. TheTlsSecret
does not keep a copy of the data. After this call, any attempt to use theTlsSecret
will result in anIllegalStateException
being thrown.- Parameters:
hashAlgorithm
- the hash algorithm to instantiate HMAC with. SeeHashAlgorithm
for values.ikm
- input keying material.- Returns:
- a pseudo-random key (of HashLen octets).
-
getCrypto
protected AbstractTlsCrypto getCrypto()
- Specified by:
getCrypto
in classAbstractTlsSecret
-
hmacHash
protected void hmacHash(java.lang.String digestName, byte[] secret, int secretOff, int secretLen, byte[] seed, byte[] output) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
prf
protected byte[] prf(int prfAlgorithm, java.lang.String label, byte[] seed, int length) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
prf_SSL
protected byte[] prf_SSL(byte[] seed, int length) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
prf_1_0
protected byte[] prf_1_0(byte[] labelSeed, int length) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
prf_1_2
protected byte[] prf_1_2(int prfAlgorithm, byte[] labelSeed, int length) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
-