org.bouncycastle.tls.crypto.impl

Class AbstractTlsSecret

java.lang.Object

org.bouncycastle.tls.crypto.impl.AbstractTlsSecret

All Implemented Interfaces:

TlsSecret

Direct Known Subclasses:

BcTlsSecret, JceTlsSecret

public abstract class AbstractTlsSecret
extends java.lang.Object
implements TlsSecret

Base class for a TlsSecret implementation which captures common code and fields.

Field Summary

Fields

Modifier and Type	Field and Description
protected byte[]	data

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	AbstractTlsSecret(byte[] data) Base constructor.

Method Summary

Modifier and Type	Method and Description
protected abstract TlsSecret	adoptLocalSecret(byte[] data)
protected void	checkAlive()
TlsCipher	createCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm, int macAlgorithm) Create a cipher suite that matches the passed in encryption algorithm and mac algorithm.
void	destroy() Destroy the internal state of the secret.
byte[]	encrypt(TlsCertificate certificate) Return the an encrypted copy of the data this secret is based on.
byte[]	extract() Return the internal data from this secret.
protected abstract AbstractTlsCrypto	getCrypto()
TlsSecret	hkdfExpand(short hashAlgorithm, byte[] info, int length) RFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk').
TlsSecret	hkdfExtract(short hashAlgorithm, byte[] ikm) RFC 5869 HKDF-Extract function, with this secret's data as the 'salt'.
boolean	isAlive()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.bouncycastle.tls.crypto.TlsSecret

deriveUsingPRF

Field Detail

data

protected byte[] data

Constructor Detail

AbstractTlsSecret

protected AbstractTlsSecret(byte[] data)

Base constructor.

Parameters:

data - the byte[] making up the secret value.

Method Detail

adoptLocalSecret

protected abstract TlsSecret adoptLocalSecret(byte[] data)

checkAlive

protected void checkAlive()

getCrypto

protected abstract AbstractTlsCrypto getCrypto()

createCipher

public TlsCipher createCipher(TlsCryptoParameters cryptoParams,
                              int encryptionAlgorithm,
                              int macAlgorithm)
                       throws java.io.IOException

Description copied from interface: TlsSecret

Create a cipher suite that matches the passed in encryption algorithm and mac algorithm.

See enumeration classes EncryptionAlgorithm, MACAlgorithm for appropriate argument values.

Specified by:

createCipher in interface TlsSecret

Parameters:

cryptoParams - context specific parameters.

encryptionAlgorithm - the encryption algorithm to be employed by the cipher suite.

macAlgorithm - the MAC algorithm to be employed by the cipher suite.

Returns:

a TlsCipherSuite supporting the encryption and mac algorithm.

Throws:

java.io.IOException

destroy

public void destroy()

Description copied from interface: TlsSecret

Destroy the internal state of the secret. After this call, any attempt to use the TlsSecret will result in an IllegalStateException being thrown.

Specified by:

destroy in interface TlsSecret

encrypt

public byte[] encrypt(TlsCertificate certificate)
               throws java.io.IOException

Description copied from interface: TlsSecret

Return the an encrypted copy of the data this secret is based on.

Specified by:

encrypt in interface TlsSecret

Parameters:

certificate - the certificate containing the public key to use for protecting the internal data.

Returns:

an encrypted copy of secret's internal data.

Throws:

java.io.IOException

extract

public byte[] extract()

Description copied from interface: TlsSecret

Return the internal data from this secret. The TlsSecret does not keep a copy of the data. After this call, any attempt to use the TlsSecret will result in an IllegalStateException being thrown.

Specified by:

extract in interface TlsSecret

Returns:

the secret's internal data.

hkdfExpand

public TlsSecret hkdfExpand(short hashAlgorithm,
                            byte[] info,
                            int length)

Description copied from interface: TlsSecret

RFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk').

Specified by:

hkdfExpand in interface TlsSecret

Parameters:

hashAlgorithm - the hash algorithm to instantiate HMAC with. See HashAlgorithm for values.

info - optional context and application specific information (can be zero-length).

length - length of output keying material in octets.

Returns:

output keying material (of 'length' octets).

hkdfExtract

public TlsSecret hkdfExtract(short hashAlgorithm,
                             byte[] ikm)

Description copied from interface: TlsSecret

RFC 5869 HKDF-Extract function, with this secret's data as the 'salt'. The TlsSecret does not keep a copy of the data. After this call, any attempt to use the TlsSecret will result in an IllegalStateException being thrown.

Specified by:

hkdfExtract in interface TlsSecret

Parameters:

hashAlgorithm - the hash algorithm to instantiate HMAC with. See HashAlgorithm for values.

ikm - input keying material.

Returns:

a pseudo-random key (of HashLen octets).

isAlive

public boolean isAlive()

Specified by:

isAlive in interface TlsSecret