org.bouncycastle.crypto.hash2curve.impl

Class XmdMessageExpansion

java.lang.Object

org.bouncycastle.crypto.hash2curve.impl.XmdMessageExpansion

All Implemented Interfaces:

MessageExpansion

public class XmdMessageExpansion
extends java.lang.Object
implements MessageExpansion

XmdMessageExpansion is an implementation of the MessageExpansion interface, used to expand a given message to a specified length in bytes while following cryptographic domain separation principles. The implementation uses a selected hash function to achieve the expansion.

Constructor Summary

Constructors

Constructor and Description
XmdMessageExpansion(Digest digest, int k, int s) Constructs an XmdMessageExpansion instance capable of performing cryptographic message expansion using the specified digest algorithm, security parameter, and custom input block size parameter.
XmdMessageExpansion(ExtendedDigest digest, int k) Constructs an XmdMessageExpansion instance with the given digest algorithm and security parameter.

Method Summary

Modifier and Type	Method and Description
byte[]	expandMessage(byte[] msg, byte[] dst, int lenInBytes) Expands a given input message to a fixed-length output, using a cryptographic digest and additional parameters such as domain separation tag (DST) and desired output length.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

XmdMessageExpansion

public XmdMessageExpansion(Digest digest,
                           int k,
                           int s)

Constructs an XmdMessageExpansion instance capable of performing cryptographic message expansion using the specified digest algorithm, security parameter, and custom input block size parameter. The security of the curve's operations is validated against the output size of the digest algorithm.

Parameters:

digest - the cryptographic digest algorithm to be used

k - the security parameter defining the required minimum security strength, in bits

s - the input block size parameter for the cryptographic digest algorithm

Throws:

java.lang.IllegalArgumentException - if the hash output size is too small for the specified security level

XmdMessageExpansion

public XmdMessageExpansion(ExtendedDigest digest,
                           int k)

Constructs an XmdMessageExpansion instance with the given digest algorithm and security parameter.

Parameters:

digest - the cryptographic digest algorithm to be used

k - the security parameter defining the required minimum security strength

Method Detail

expandMessage

public byte[] expandMessage(byte[] msg,
                            byte[] dst,
                            int lenInBytes)

Expands a given input message to a fixed-length output, using a cryptographic digest and additional parameters such as domain separation tag (DST) and desired output length. This method is compliant with hash-to-curve message expansion defined in certain cryptographic algorithms and standards.

Specified by:

expandMessage in interface MessageExpansion

Parameters:

msg - the input message to be expanded

dst - the domain separation tag used to isolate cryptographic domains

lenInBytes - the desired byte-length of the output message

Returns:

the byte array resulting from the message expansion process

Throws:

java.lang.IllegalArgumentException - if ell exceeds 255, lenInBytes exceeds 65535, or dst length is greater than 255