org.bouncycastle.openpgp.AEADUtil Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcpg-jdk14 Show documentation
Show all versions of bcpg-jdk14 Show documentation
The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.4. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.
package org.bouncycastle.openpgp;
import org.bouncycastle.bcpg.AEADUtils;
import org.bouncycastle.bcpg.SymmetricKeyUtils;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.generators.HKDFBytesGenerator;
import org.bouncycastle.crypto.params.HKDFParameters;
class AEADUtil
{
/**
* Derive a message key and IV from the given session key.
* The result is a byte array containing the key bytes followed by the IV.
* To split them, use {@link org.bouncycastle.bcpg.AEADUtils#splitMessageKeyAndIv(byte[], int, int)}.
*
* @param aeadAlgo AEAD algorithm
* @param cipherAlgo symmetric cipher algorithm
* @param sessionKey session key
* @param salt salt
* @param hkdfInfo HKDF info
* @return message key and appended IV
*/
static byte[] deriveMessageKeyAndIv(int aeadAlgo, int cipherAlgo, byte[] sessionKey, byte[] salt, byte[] hkdfInfo)
{
// Is it okay to have this common logic be implemented using BCs lightweight API?
// Should we move it to BcAEADUtil instead and also provide a JCE implementation?
HKDFParameters hkdfParameters = new HKDFParameters(sessionKey, salt, hkdfInfo);
HKDFBytesGenerator hkdfGen = new HKDFBytesGenerator(new SHA256Digest());
hkdfGen.init(hkdfParameters);
int keyLen = SymmetricKeyUtils.getKeyLengthInOctets(cipherAlgo);
int ivLen = AEADUtils.getIVLength(aeadAlgo);
byte[] messageKeyAndIv = new byte[keyLen + ivLen - 8];
hkdfGen.generateBytes(messageKeyAndIv, 0, messageKeyAndIv.length);
return messageKeyAndIv;
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy