Class AbstractTlsSecret

  • All Implemented Interfaces:
    TlsSecret
    Direct Known Subclasses:
    BcTlsSecret, JceTlsSecret

    public abstract class AbstractTlsSecret
    extends java.lang.Object
    implements TlsSecret
    Base class for a TlsSecret implementation which captures common code and fields.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected byte[] data  
    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      protected AbstractTlsSecret​(byte[] data)
      Base constructor.
    • Field Detail

      • data

        protected byte[] data
    • Constructor Detail

      • AbstractTlsSecret

        protected AbstractTlsSecret​(byte[] data)
        Base constructor.
        Parameters:
        data - the byte[] making up the secret value.
    • Method Detail

      • adoptLocalSecret

        protected abstract TlsSecret adoptLocalSecret​(byte[] data)
      • checkAlive

        protected void checkAlive()
      • createCipher

        public TlsCipher createCipher​(TlsCryptoParameters cryptoParams,
                                      int encryptionAlgorithm,
                                      int macAlgorithm)
                               throws java.io.IOException
        Description copied from interface: TlsSecret
        Create a cipher suite that matches the passed in encryption algorithm and mac algorithm.

        See enumeration classes EncryptionAlgorithm, MACAlgorithm for appropriate argument values.

        Specified by:
        createCipher in interface TlsSecret
        Parameters:
        cryptoParams - context specific parameters.
        encryptionAlgorithm - the encryption algorithm to be employed by the cipher suite.
        macAlgorithm - the MAC algorithm to be employed by the cipher suite.
        Returns:
        a TlsCipherSuite supporting the encryption and mac algorithm.
        Throws:
        java.io.IOException
      • destroy

        public void destroy()
        Description copied from interface: TlsSecret
        Destroy the internal state of the secret. After this call, any attempt to use the TlsSecret will result in an IllegalStateException being thrown.
        Specified by:
        destroy in interface TlsSecret
      • encrypt

        public byte[] encrypt​(TlsCertificate certificate)
                       throws java.io.IOException
        Description copied from interface: TlsSecret
        Return the an encrypted copy of the data this secret is based on.
        Specified by:
        encrypt in interface TlsSecret
        Parameters:
        certificate - the certificate containing the public key to use for protecting the internal data.
        Returns:
        an encrypted copy of secret's internal data.
        Throws:
        java.io.IOException
      • extract

        public byte[] extract()
        Description copied from interface: TlsSecret
        Return the internal data from this secret. The TlsSecret does not keep a copy of the data. After this call, any attempt to use the TlsSecret will result in an IllegalStateException being thrown.
        Specified by:
        extract in interface TlsSecret
        Returns:
        the secret's internal data.
      • hkdfExpand

        public TlsSecret hkdfExpand​(short hashAlgorithm,
                                    byte[] info,
                                    int length)
        Description copied from interface: TlsSecret
        RFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk').
        Specified by:
        hkdfExpand in interface TlsSecret
        Parameters:
        hashAlgorithm - the hash algorithm to instantiate HMAC with. See HashAlgorithm for values.
        info - optional context and application specific information (can be zero-length).
        length - length of output keying material in octets.
        Returns:
        output keying material (of 'length' octets).
      • hkdfExtract

        public TlsSecret hkdfExtract​(short hashAlgorithm,
                                     byte[] ikm)
        Description copied from interface: TlsSecret
        RFC 5869 HKDF-Extract function, with this secret's data as the 'salt'. The TlsSecret does not keep a copy of the data. After this call, any attempt to use the TlsSecret will result in an IllegalStateException being thrown.
        Specified by:
        hkdfExtract in interface TlsSecret
        Parameters:
        hashAlgorithm - the hash algorithm to instantiate HMAC with. See HashAlgorithm for values.
        ikm - input keying material.
        Returns:
        a pseudo-random key (of HashLen octets).
      • isAlive

        public boolean isAlive()
        Specified by:
        isAlive in interface TlsSecret