Interface HpkeKdf
-
@Immutable public interface HpkeKdfInterface for Hybrid Public Key Encryption (HPKE) key derivation function (KDF).HPKE RFC is available at https://www.rfc-editor.org/rfc/rfc9180.html.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description byte[]extractAndExpand(byte[] salt, byte[] ikm, java.lang.String ikmLabel, byte[] info, java.lang.String infoLabel, byte[] suiteId, int length)CombineslabeledExtract(byte[], byte[], String, byte[])andlabeledExpand(byte[], byte[], String, byte[], int)into a single method.byte[]getKdfId()Returns the HPKE KDF algorithm identifier for the underlying KDF implementation.byte[]labeledExpand(byte[] prk, byte[] info, java.lang.String infoLabel, byte[] suiteId, int length)Expands pseudorandom keyprkintolengthpseudorandom bytes usinginfoalong with the HPKE-specific valuesinfoLabelandsuiteIdto facilitate domain separation and context binding.byte[]labeledExtract(byte[] salt, byte[] ikm, java.lang.String ikmLabel, byte[] suiteId)Extracts pseudorandom key fromsaltandikmusing the HPKE-specific valuesikmLabelandsuiteIdto facilitate domain separation and context binding.
-
-
-
Method Detail
-
labeledExtract
byte[] labeledExtract(byte[] salt, byte[] ikm, java.lang.String ikmLabel, byte[] suiteId) throws java.security.GeneralSecurityExceptionExtracts pseudorandom key fromsaltandikmusing the HPKE-specific valuesikmLabelandsuiteIdto facilitate domain separation and context binding.More details available at https://www.rfc-editor.org/rfc/rfc9180.html#section-4-9.
- Parameters:
salt- optional (possibly non-secret) random valueikm- input keying materialikmLabel- label prepended toikmsuiteId- HPKE cipher suite identifier prepended to {ikmLabel||ikm}- Returns:
- pseudorandom key
- Throws:
java.security.GeneralSecurityException
-
labeledExpand
byte[] labeledExpand(byte[] prk, byte[] info, java.lang.String infoLabel, byte[] suiteId, int length) throws java.security.GeneralSecurityExceptionExpands pseudorandom keyprkintolengthpseudorandom bytes usinginfoalong with the HPKE-specific valuesinfoLabelandsuiteIdto facilitate domain separation and context binding.More details available at https://www.rfc-editor.org/rfc/rfc9180.html#section-4-10.
- Parameters:
prk- pseudorandom keyinfo- optional context and application-specific informationinfoLabel- label prepended toinfosuiteId- HPKE cipher suite identifier prepended to {infoLabel||info}length- desired length (in bytes) of pseudorandom output- Returns:
lengthpseudorandom bytes of output keying material- Throws:
java.security.GeneralSecurityException
-
extractAndExpand
byte[] extractAndExpand(byte[] salt, byte[] ikm, java.lang.String ikmLabel, byte[] info, java.lang.String infoLabel, byte[] suiteId, int length) throws java.security.GeneralSecurityExceptionCombineslabeledExtract(byte[], byte[], String, byte[])andlabeledExpand(byte[], byte[], String, byte[], int)into a single method.More details available at https://www.rfc-editor.org/rfc/rfc9180.html#section-4.1-3.
- Parameters:
salt- optional (possibly non-secret) random valueikm- input keying materialikmLabel- label prepended toikminfo- optional context and application-specific informationinfoLabel- label prepended toinfosuiteId- HPKE cipher suite identifier prepended to {ikmLabel||ikm} and {infoLabel||info}length- desired length (in bytes) of pseudorandom output- Returns:
lengthpseudorandom bytes of output keying material- Throws:
java.security.GeneralSecurityException
-
getKdfId
byte[] getKdfId() throws java.security.GeneralSecurityExceptionReturns the HPKE KDF algorithm identifier for the underlying KDF implementation.More details at https://www.rfc-editor.org/rfc/rfc9180.html#name-key-derivation-functions-kd.
- Throws:
java.security.GeneralSecurityException
-
-