Hkdf - perform HKDF key derivation operations per RFC 5869.
Instances should be instantiated using the standard JCA name for the required HMAC.
Each invocation of expand or extract uses a new Mac instance and so instances
of Hkdf are thread-safe.
public Hkdf(String hmacName) throws java.security.NoSuchAlgorithmException
Creates an Hkdf instance which will use hmacName as the name for the underlying
HMAC algorithm, which will be located using normal JCA precedence rules.
| Parameters |
| hmacName |
the name of the HMAC algorithm to use |
| Throws |
| NoSuchAlgorithmException |
if hmacName is not a valid HMAC name |
extract
public byte[] extract(byte[] salt, byte[] ikm) throws java.security.InvalidKeyException, java.security.NoSuchAlgorithmException
Performs an HKDF extract operation as specified in RFC 5869.
| Parameters |
| salt |
the salt to use |
| ikm |
initial keying material |
| Returns |
| byte[] |
a pseudorandom key suitable for use in expand operations |
| Throws |
| InvalidKeyException |
if the salt is not suitable for use as an HMAC key |
| NoSuchAlgorithmException |
if the Mac algorithm is no longer available |
expand
public byte[] expand(byte[] prk, byte[] info, int length) throws java.security.InvalidKeyException, java.security.NoSuchAlgorithmException
Performs an HKDF expand operation as specified in RFC 5869.
| Parameters |
| prk |
a pseudorandom key of at least HashLen octets, usually the output from the
extract step. Where HashLen is the key size of the underlying Mac |
| info |
optional context and application specific information, can be zero length |
| length |
length of output keying material in bytes (
<
= 255*HashLen) |
| Returns |
| byte[] |
output of keying material of length bytes |
| Throws |
| InvalidKeyException |
if prk is not suitable for use as an HMAC key |
| IllegalArgumentException |
if length is out of the allowed range |
| NoSuchAlgorithmException |
if the Mac algorithm is no longer available |