Class JceTlsSecret
java.lang.Object
org.bouncycastle.tls.crypto.impl.AbstractTlsSecret
org.bouncycastle.tls.crypto.impl.jcajce.JceTlsSecret
- All Implemented Interfaces:
TlsSecret
JCE support class for handling TLS secrets and deriving key material and other secrets from them.
-
Field Summary
FieldsFields inherited from class org.bouncycastle.tls.crypto.impl.AbstractTlsSecret
data -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic JceTlsSecretconvert(JcaTlsCrypto crypto, TlsSecret secret) deriveUsingPRF(int prfAlgorithm, String label, byte[] seed, int length) Return a new secret based on applying a PRF to this one.protected AbstractTlsCryptohkdfExpand(int cryptoHashAlgorithm, byte[] info, int length) RFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk').hkdfExtract(int cryptoHashAlgorithm, TlsSecret ikm) RFC 5869 HKDF-Extract function, with this secret's data as the 'salt'.protected voidhmacHash(int cryptoHashAlgorithm, byte[] secret, int secretOff, int secretLen, byte[] seed, byte[] output) protected byte[]protected byte[]prf_1_0(byte[] labelSeed, int length) protected byte[]prf_1_2(int prfAlgorithm, byte[] labelSeed, int length) protected byte[]prf_SSL(byte[] seed, int length) protected voidMethods inherited from class org.bouncycastle.tls.crypto.impl.AbstractTlsSecret
calculateHMAC, checkAlive, copyData, destroy, encrypt, extract, isAlive
-
Field Details
-
crypto
-
-
Constructor Details
-
JceTlsSecret
-
-
Method Details
-
convert
-
deriveUsingPRF
Description copied from interface:TlsSecretReturn a new secret based on applying a PRF to this one.- Parameters:
prfAlgorithm- PRF algorithm to use.label- the label details.seed- the seed details.length- the size (in bytes) of the secret to generate.- Returns:
- the new secret.
-
hkdfExpand
Description copied from interface:TlsSecretRFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk').- Parameters:
cryptoHashAlgorithm- the hash algorithm to instantiate HMAC with. SeeCryptoHashAlgorithmfor values.info- optional context and application specific information (can be zero-length).length- length of output keying material in octets.- Returns:
- output keying material (of 'length' octets).
-
hkdfExtract
Description copied from interface:TlsSecretRFC 5869 HKDF-Extract function, with this secret's data as the 'salt'. TheTlsSecretdoes not keep a copy of the data. After this call, any attempt to use theTlsSecretwill result in anIllegalStateExceptionbeing thrown.- Parameters:
cryptoHashAlgorithm- the hash algorithm to instantiate HMAC with. SeeCryptoHashAlgorithmfor values.ikm- input keying material.- Returns:
- a pseudo-random key (of HashLen octets).
-
getCrypto
- Specified by:
getCryptoin classAbstractTlsSecret
-
hmacHash
protected void hmacHash(int cryptoHashAlgorithm, byte[] secret, int secretOff, int secretLen, byte[] seed, byte[] output) throws GeneralSecurityException - Throws:
GeneralSecurityException
-
prf
protected byte[] prf(int prfAlgorithm, String label, byte[] seed, int length) throws GeneralSecurityException - Throws:
GeneralSecurityException
-
prf_SSL
- Throws:
GeneralSecurityException
-
prf_1_0
- Throws:
GeneralSecurityException
-
prf_1_2
protected byte[] prf_1_2(int prfAlgorithm, byte[] labelSeed, int length) throws GeneralSecurityException - Throws:
GeneralSecurityException
-
updateMac
-