org.bouncycastle.crypto.params
Class KDFCounterParameters

java.lang.Object
  org.bouncycastle.crypto.params.KDFCounterParameters

All Implemented Interfaces:

DerivationParameters

public final class KDFCounterParameters
extends java.lang.Object
implements DerivationParameters

This KDF has been defined by the publicly available NIST SP 800-108 specification. NIST SP800-108 allows for alternative orderings of the input fields, meaning that the input can be formated in multiple ways. There are 3 supported formats: - Below [i]_2 is a counter of r-bits length concatenated to the fixedInputData.

• 1: K(i) := PRF( KI, [i]_2 || Label || 0x00 || Context || [L]_2 ) with the counter at the very beginning of the fixedInputData (The default implementation has this format)
• 2: K(i) := PRF( KI, Label || 0x00 || Context || [L]_2 || [i]_2 ) with the counter at the very end of the fixedInputData
• 3a: K(i) := PRF( KI, Label || 0x00 || [i]_2 || Context || [L]_2 ) OR:
• 3b: K(i) := PRF( KI, Label || 0x00 || [i]_2 || [L]_2 || Context ) OR:
• 3c: K(i) := PRF( KI, Label || [i]_2 || 0x00 || Context || [L]_2 ) etc... with the counter somewhere in the 'middle' of the fixedInputData.

This function must be called with the following KDFCounterParameters(): - KI
- The part of the fixedInputData that comes BEFORE the counter OR null
- the part of the fixedInputData that comes AFTER the counter OR null
- the length of the counter in bits (not bytes)

Resulting function calls assuming an 8 bit counter.

• 1. KDFCounterParameters(ki, null, "Label || 0x00 || Context || [L]_2]", 8);
• 2. KDFCounterParameters(ki, "Label || 0x00 || Context || [L]_2]", null, 8);
• 3a. KDFCounterParameters(ki, "Label || 0x00", "Context || [L]_2]", 8);
• 3b. KDFCounterParameters(ki, "Label || 0x00", "[L]_2] || Context", 8);
• 3c. KDFCounterParameters(ki, "Label", "0x00 || Context || [L]_2]", 8);

Constructor Summary

KDFCounterParameters(byte[] ki, byte[] fixedInputDataCounterPrefix, byte[] fixedInputDataCounterSuffix, int r)
Base constructor - prefix and suffix fixed input data.

KDFCounterParameters(byte[] ki, byte[] fixedInputDataCounterSuffix, int r)
Base constructor - suffix fixed input data only.

Method Summary

byte[]	getFixedInputData()
byte[]	getFixedInputDataCounterPrefix()
byte[]	getFixedInputDataCounterSuffix()
byte[]	getKI()
int	getR()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

KDFCounterParameters

public KDFCounterParameters(byte[] ki,
                            byte[] fixedInputDataCounterSuffix,
                            int r)

Base constructor - suffix fixed input data only.

Parameters:

ki - the KDF seed

fixedInputDataCounterSuffix - fixed input data to follow counter.

r - length of the counter in bits.

KDFCounterParameters

public KDFCounterParameters(byte[] ki,
                            byte[] fixedInputDataCounterPrefix,
                            byte[] fixedInputDataCounterSuffix,
                            int r)

Base constructor - prefix and suffix fixed input data.

Parameters:

ki - the KDF seed

fixedInputDataCounterPrefix - fixed input data to precede counter

fixedInputDataCounterSuffix - fixed input data to follow counter.

r - length of the counter in bits.

Method Detail

getKI

public byte[] getKI()

getFixedInputData

public byte[] getFixedInputData()

getFixedInputDataCounterPrefix

public byte[] getFixedInputDataCounterPrefix()

getFixedInputDataCounterSuffix

public byte[] getFixedInputDataCounterSuffix()

getR

public int getR()