Example 1 with HKDFBytesGenerator
use of org.bouncycastle.crypto.generators.HKDFBytesGenerator in project habot by ghys.
the class HttpEce method hkdfExpand.
/**
* Convenience method for computing the HMAC Key Derivation Function. The
* real work is offloaded to BouncyCastle.
*/
protected static byte[] hkdfExpand(byte[] ikm, byte[] salt, byte[] info, int length) throws InvalidKeyException, NoSuchAlgorithmException {
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(new SHA256Digest());
hkdf.init(new HKDFParameters(ikm, salt, info));
byte[] okm = new byte[length];
hkdf.generateBytes(okm, 0, length);
return okm;
}
Also used :
HKDFBytesGenerator(org.bouncycastle.crypto.generators.HKDFBytesGenerator)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
HKDFParameters(org.bouncycastle.crypto.params.HKDFParameters)
Example 2 with HKDFBytesGenerator
use of org.bouncycastle.crypto.generators.HKDFBytesGenerator in project nem2-sdk-java by nemtech.
the class Hashes method sha256ForSharedKey.
/**
* Hasher used for shared keys
*
* @param sharedSecret the shared secret
* @return the shared key hash.
*/
public static byte[] sha256ForSharedKey(byte[] sharedSecret) {
Digest hash = new SHA256Digest();
byte[] info = "catapult".getBytes();
int length = 32;
byte[] sharedKey = new byte[length];
HKDFParameters params = new HKDFParameters(sharedSecret, null, info);
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
hkdf.init(params);
hkdf.generateBytes(sharedKey, 0, length);
return sharedKey;
}
Also used :
HKDFBytesGenerator(org.bouncycastle.crypto.generators.HKDFBytesGenerator)
MessageDigest(java.security.MessageDigest)
Digest(org.bouncycastle.crypto.Digest)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
HKDFParameters(org.bouncycastle.crypto.params.HKDFParameters)
Example 3 with HKDFBytesGenerator
use of org.bouncycastle.crypto.generators.HKDFBytesGenerator in project syncany by syncany.
the class CipherUtil method createDerivedKey.
/**
* Creates a derived key from the given input key material (raw byte array) and an input salt
* and wraps the key in a {@link SecretKeySpec} using the given output key algorithm and output
* key size.
*
* <p>The algorithm used to derive the new key from the input key material (IKM) is the
* <b>HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</b> (see
* <a href="http://tools.ietf.org/html/rfc5869">RFC 5869</a>)
*
* @param inputKeyMaterial The input key material as raw data bytes, e.g. determined from {@link SecretKey#getEncoded()}
* @param inputSalt Input salt used to generate the new key (a non-secret random value!)
* @param outputKeyAlgorithm Defines the algorithm of the new output key (for {@link SecretKeySpec#getAlgorithm()})
* @param outputKeySize Defines the key size of the new output key
* @return Returns a new pseudorandom key derived from the input key material using HKDF
* @see <a href="http://tools.ietf.org/html/rfc5869">RFC 5869</a>
*/
public static SaltedSecretKey createDerivedKey(byte[] inputKeyMaterial, byte[] inputSalt, String outputKeyAlgorithm, int outputKeySize) throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(KEY_DERIVATION_DIGEST);
hkdf.init(new HKDFParameters(inputKeyMaterial, inputSalt, KEY_DERIVATION_INFO));
byte[] derivedKey = new byte[outputKeySize / 8];
hkdf.generateBytes(derivedKey, 0, derivedKey.length);
return toSaltedSecretKey(derivedKey, inputSalt, outputKeyAlgorithm);
}
Also used :
HKDFBytesGenerator(org.bouncycastle.crypto.generators.HKDFBytesGenerator)
HKDFParameters(org.bouncycastle.crypto.params.HKDFParameters)
Aggregations
HKDFBytesGenerator (org.bouncycastle.crypto.generators.HKDFBytesGenerator)3
HKDFParameters (org.bouncycastle.crypto.params.HKDFParameters)3
SHA256Digest (org.bouncycastle.crypto.digests.SHA256Digest)2
MessageDigest (java.security.MessageDigest)1
Digest (org.bouncycastle.crypto.Digest)1
