Package org.bouncycastle.crypto.params

Class KDFCounterParameters

  • All Implemented Interfaces:
    DerivationParameters
    public final class KDFCounterParameters
extends java.lang.Object
implements DerivationParameters
    This KDF has been defined by the publicly available NIST SP 800-108 specification. NIST SP800-108 allows for alternative orderings of the input fields, meaning that the input can be formated in multiple ways. There are 3 supported formats: - Below [i]_2 is a counter of r-bits length concatenated to the fixedInputData.
    • 1: K(i) := PRF( KI, [i]_2 || Label || 0x00 || Context || [L]_2 ) with the counter at the very beginning of the fixedInputData (The default implementation has this format)
    • 2: K(i) := PRF( KI, Label || 0x00 || Context || [L]_2 || [i]_2 ) with the counter at the very end of the fixedInputData
    • 3a: K(i) := PRF( KI, Label || 0x00 || [i]_2 || Context || [L]_2 ) OR:
    • 3b: K(i) := PRF( KI, Label || 0x00 || [i]_2 || [L]_2 || Context ) OR:
    • 3c: K(i) := PRF( KI, Label || [i]_2 || 0x00 || Context || [L]_2 ) etc... with the counter somewhere in the 'middle' of the fixedInputData.
    This function must be called with the following KDFCounterParameters():
    • KI
    • The part of the fixedInputData that comes BEFORE the counter OR null
    • the part of the fixedInputData that comes AFTER the counter OR null
    • the length of the counter in bits (not bytes)
    Resulting function calls assuming an 8 bit counter.
    • 1. KDFCounterParameters(ki, null, "Label || 0x00 || Context || [L]_2]", 8);
    • 2. KDFCounterParameters(ki, "Label || 0x00 || Context || [L]_2]", null, 8);
    • 3a. KDFCounterParameters(ki, "Label || 0x00", "Context || [L]_2]", 8);
    • 3b. KDFCounterParameters(ki, "Label || 0x00", "[L]_2] || Context", 8);
    • 3c. KDFCounterParameters(ki, "Label", "0x00 || Context || [L]_2]", 8);

    • Constructor Detail

      • KDFCounterParameters

        public KDFCounterParameters​(byte[] ki,
                            byte[] fixedInputDataCounterSuffix,
                            int r)
        Base constructor - suffix fixed input data only.
        Parameters:
        ki - the KDF seed
        fixedInputDataCounterSuffix - fixed input data to follow counter.
        r - length of the counter in bits.

      • KDFCounterParameters

        public KDFCounterParameters​(byte[] ki,
                            byte[] fixedInputDataCounterPrefix,
                            byte[] fixedInputDataCounterSuffix,
                            int r)
        Base constructor - prefix and suffix fixed input data.
        Parameters:
        ki - the KDF seed
        fixedInputDataCounterPrefix - fixed input data to precede counter
        fixedInputDataCounterSuffix - fixed input data to follow counter.
        r - length of the counter in bits.

    • Method Detail

      • getKI

        public byte[] getKI()

      • getFixedInputData

        public byte[] getFixedInputData()

      • getFixedInputDataCounterPrefix

        public byte[] getFixedInputDataCounterPrefix()

      • getFixedInputDataCounterSuffix

        public byte[] getFixedInputDataCounterSuffix()

      • getR

        public int getR()