-
KTSParameterSpec
-
wrappingKeyAlgorithm: String
-
keySizeInBits: int
-
parameterSpec: AlgorithmParameterSpec
-
kdfAlgorithm: AlgorithmIdentifier
-
otherInfo: byte[]
-
Builder
-
algorithmName: String
-
keySizeInBits: int
-
parameterSpec: AlgorithmParameterSpec
-
kdfAlgorithm: AlgorithmIdentifier
-
otherInfo: byte[]
-
Builder(String, int): void
-
Builder(String, int, byte[]): void
-
withParameterSpec(AlgorithmParameterSpec): Builder
-
withKdfAlgorithm(AlgorithmIdentifier): Builder
-
build(): KTSParameterSpec
-
-
KTSParameterSpec(String, int, AlgorithmParameterSpec, AlgorithmIdentifier, byte[]): void
-
getKeyAlgorithmName(): String
-
getKeySize(): int
-
getParameterSpec(): AlgorithmParameterSpec
-
getKdfAlgorithm(): AlgorithmIdentifier
-
getOtherInfo(): byte[]
-
package org.bouncycastle.jcajce.spec;
import java.security.spec.AlgorithmParameterSpec;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.util.Arrays;
Parameter spec for doing KTS based wrapping via the Cipher API.
/**
* Parameter spec for doing KTS based wrapping via the Cipher API.
*/
public class KTSParameterSpec
implements AlgorithmParameterSpec
{
private final String wrappingKeyAlgorithm;
private final int keySizeInBits;
private final AlgorithmParameterSpec parameterSpec;
private final AlgorithmIdentifier kdfAlgorithm;
private byte[] otherInfo;
Builder class for creating a KTSParameterSpec.
/**
* Builder class for creating a KTSParameterSpec.
*/
public static final class Builder
{
private final String algorithmName;
private final int keySizeInBits;
private AlgorithmParameterSpec parameterSpec;
private AlgorithmIdentifier kdfAlgorithm;
private byte[] otherInfo;
Basic builder.
Params: - algorithmName – the algorithm name for the secret key we use for wrapping.
- keySizeInBits – the size of the wrapping key we want to produce in bits.
/**
* Basic builder.
*
* @param algorithmName the algorithm name for the secret key we use for wrapping.
* @param keySizeInBits the size of the wrapping key we want to produce in bits.
*/
public Builder(String algorithmName, int keySizeInBits)
{
this(algorithmName, keySizeInBits, null);
}
Basic builder.
Params: - algorithmName – the algorithm name for the secret key we use for wrapping.
- keySizeInBits – the size of the wrapping key we want to produce in bits.
- otherInfo – the otherInfo/IV encoding to be applied to the KDF.
/**
* Basic builder.
*
* @param algorithmName the algorithm name for the secret key we use for wrapping.
* @param keySizeInBits the size of the wrapping key we want to produce in bits.
* @param otherInfo the otherInfo/IV encoding to be applied to the KDF.
*/
public Builder(String algorithmName, int keySizeInBits, byte[] otherInfo)
{
this.algorithmName = algorithmName;
this.keySizeInBits = keySizeInBits;
this.kdfAlgorithm = new AlgorithmIdentifier(X9ObjectIdentifiers.id_kdf_kdf3, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256));
this.otherInfo = (otherInfo == null) ? new byte[0] : Arrays.clone(otherInfo);
}
Set the algorithm parameter spec to be used with the wrapper.
Params: - parameterSpec – the algorithm parameter spec to be used in wrapping/unwrapping.
Returns: the current Builder instance.
/**
* Set the algorithm parameter spec to be used with the wrapper.
*
* @param parameterSpec the algorithm parameter spec to be used in wrapping/unwrapping.
* @return the current Builder instance.
*/
public Builder withParameterSpec(AlgorithmParameterSpec parameterSpec)
{
this.parameterSpec = parameterSpec;
return this;
}
Set the KDF algorithm and digest algorithm for wrap key generation.
Params: - kdfAlgorithm – the KDF algorithm to apply.
Returns: the current Builder instance.
/**
* Set the KDF algorithm and digest algorithm for wrap key generation.
*
* @param kdfAlgorithm the KDF algorithm to apply.
* @return the current Builder instance.
*/
public Builder withKdfAlgorithm(AlgorithmIdentifier kdfAlgorithm)
{
this.kdfAlgorithm = kdfAlgorithm;
return this;
}
Build the new parameter spec.
Returns: a new parameter spec configured according to the builder state.
/**
* Build the new parameter spec.
*
* @return a new parameter spec configured according to the builder state.
*/
public KTSParameterSpec build()
{
return new KTSParameterSpec(algorithmName, keySizeInBits, parameterSpec, kdfAlgorithm, otherInfo);
}
}
private KTSParameterSpec(
String wrappingKeyAlgorithm, int keySizeInBits,
AlgorithmParameterSpec parameterSpec, AlgorithmIdentifier kdfAlgorithm, byte[] otherInfo)
{
this.wrappingKeyAlgorithm = wrappingKeyAlgorithm;
this.keySizeInBits = keySizeInBits;
this.parameterSpec = parameterSpec;
this.kdfAlgorithm = kdfAlgorithm;
this.otherInfo = otherInfo;
}
Return the name of the algorithm for the wrapping key this key spec should use.
Returns: the key algorithm.
/**
* Return the name of the algorithm for the wrapping key this key spec should use.
*
* @return the key algorithm.
*/
public String getKeyAlgorithmName()
{
return wrappingKeyAlgorithm;
}
Return the size of the key (in bits) for the wrapping key this key spec should use.
Returns: length in bits of the key to be calculated.
/**
* Return the size of the key (in bits) for the wrapping key this key spec should use.
*
* @return length in bits of the key to be calculated.
*/
public int getKeySize()
{
return keySizeInBits;
}
Return the algorithm parameter spec to be applied with the private key when the encapsulation is decrypted.
Returns: the algorithm parameter spec to be used with the private key.
/**
* Return the algorithm parameter spec to be applied with the private key when the encapsulation is decrypted.
*
* @return the algorithm parameter spec to be used with the private key.
*/
public AlgorithmParameterSpec getParameterSpec()
{
return parameterSpec;
}
Return the AlgorithmIdentifier for the KDF to do key derivation after extracting the secret.
Returns: the AlgorithmIdentifier for the SecretKeyFactory's KDF.
/**
* Return the AlgorithmIdentifier for the KDF to do key derivation after extracting the secret.
*
* @return the AlgorithmIdentifier for the SecretKeyFactory's KDF.
*/
public AlgorithmIdentifier getKdfAlgorithm()
{
return kdfAlgorithm;
}
Return the otherInfo data for initialising the KDF.
Returns: the otherInfo data.
/**
* Return the otherInfo data for initialising the KDF.
*
* @return the otherInfo data.
*/
public byte[] getOtherInfo()
{
return Arrays.clone(otherInfo);
}
}