Package javacardx.security.derivation
Interface KDFCounterModeSpec
-
- All Superinterfaces:
AlgorithmParameterSpec
public interface KDFCounterModeSpec extends AlgorithmParameterSpec
This interface specifies the set of parameters used to instantiate aDerivationFunction
implementing KDF in Counter Mode defined in NIST SP 800-108 (Recommendation for Key Derivation Using Pseudorandom Functions).This interface is bound to the constant
DerivationFunction.ALG_KDF_COUNTER_MODE
.NIST SP800-108 allows for alternative orderings of the counter location and fixed input data. The supported format is as follow: K(i) := PRF (KI, {fixedDataBeforeCounter} || [i]2 || {fixedDataAfterCounter}) as referred in NIST SP 800-108 Validation System (KBKDFVS).
- Since:
- 3.1
- See Also:
DerivationFunction
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description byte
getAlgorithm()
Returns the Pseudo Random Function (PRF) algorithm associated with the derivation function.short
getCounterLength()
Returns the bytes length of the binary representation of the counter (c.f chapter 5.1 of the NIST specification).byte[]
getInputDataAfterCounter()
Gets the fixed input data after the counter.byte[]
getInputDataBeforeCounter()
Gets the fixed input data before the counter.short
getOutputLength()
Returns the KDF output length in bytes.SecretKey
getSecret()
Gets the secret value for the key derivation function.
-
-
-
Method Detail
-
getAlgorithm
byte getAlgorithm()
Returns the Pseudo Random Function (PRF) algorithm associated with the derivation function.- Returns:
- the PRF algorithm associated with the derivation function
- See Also:
Signature.ALG_HMAC_SHA1
,Signature.ALG_HMAC_SHA_256
,Signature.ALG_AES_CMAC_128
-
getSecret
SecretKey getSecret()
Gets the secret value for the key derivation function. The key type must match the one involved in the PRF algorithm.- Returns:
- the secret value
-
getInputDataBeforeCounter
byte[] getInputDataBeforeCounter()
Gets the fixed input data before the counter.It may be an array view. It may be null.
- Returns:
- the fixed input data part before the counter value.
-
getInputDataAfterCounter
byte[] getInputDataAfterCounter()
Gets the fixed input data after the counter.It may be an array view. It may be null.
- Returns:
- the fixed input data part after the counter value.
-
getOutputLength
short getOutputLength()
Returns the KDF output length in bytes. It specifies the total length of data that can be generated using subsequent calls toDerivationFunction.nextBytes(byte[], short, short)
orDerivationFunction.nextBytes(javacard.security.SecretKey)
.- Returns:
- the output length
-
getCounterLength
short getCounterLength()
Returns the bytes length of the binary representation of the counter (c.f chapter 5.1 of the NIST specification). Must be 1, 2, 3 or 4.- Returns:
- the length of the binary representation of the counter.
-
-