Package org.opensaml.security.crypto.dh

Class DHSupport

java.lang.Object

org.opensaml.security.crypto.dh.DHSupport

public final class DHSupport
extends Object

Cryptography support related to Elliptic Curve.

Field Summary

Fields

Modifier and Type	Field	Description
private static org.slf4j.Logger	LOG	Logger.

Constructor Summary

Constructors

Modifier	Constructor	Description
private	DHSupport()	Constructor.

Method Summary

Modifier and Type	Method	Description
static KeyPair	generateCompatibleKeyPair(DHPublicKey publicKey, String provider)	Generate a key pair whose parameters are compatible with those of the specified DH public key.
static BigInteger	getPrimeQDomainParameter(DHPublicKey publicKey)	Obtain the prime Q domain parameter from the specified DH public key.
static byte[]	performKeyAgreement(DHPublicKey publicKey, DHPrivateKey privateKey, String provider)	Perform DH key agreement between the given public and private keys.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOG

private static final org.slf4j.Logger LOG

Logger.

Constructor Detail

DHSupport

private DHSupport()

Constructor.

Method Detail

performKeyAgreement

@Nonnull
public static byte[] performKeyAgreement(@Nonnull
                                         DHPublicKey publicKey,
                                         @Nonnull
                                         DHPrivateKey privateKey,
                                         @Nullable
                                         String provider)
                                  throws NoSuchAlgorithmException,
                                         NoSuchProviderException,
                                         InvalidKeyException

Perform DH key agreement between the given public and private keys.

Parameters:

publicKey - the public key

privateKey - the private key

provider - the optional security provider to use

Returns:

the secret produced by key agreement

Throws:

NoSuchAlgorithmException - if algorithm is unknown

NoSuchProviderException - if provider is unknown

InvalidKeyException - if supplied key is invalid

generateCompatibleKeyPair

@Nonnull
public static KeyPair generateCompatibleKeyPair(@Nonnull
                                                DHPublicKey publicKey,
                                                @Nullable
                                                String provider)
                                         throws NoSuchAlgorithmException,
                                                NoSuchProviderException,
                                                InvalidAlgorithmParameterException

Generate a key pair whose parameters are compatible with those of the specified DH public key.

Parameters:

publicKey - the public key

provider - the optional security provider to use

Returns:

the generated key pair

Throws:

NoSuchAlgorithmException - if algorithm is unknown

NoSuchProviderException - if provider is unknown

InvalidAlgorithmParameterException - if the public key's DHParameterSpec is not supported

getPrimeQDomainParameter

@Nullable
public static BigInteger getPrimeQDomainParameter(@Nonnull
                                                  DHPublicKey publicKey)

Obtain the prime Q domain parameter from the specified DH public key.

Java's interface for DH domain parameters DHParameterSpec doesn't expose the prime Q parameter, but in some contexts it is required, e.g XML Encryption DHKeyValue element. The approach here is to parse the ASN.1 encoding of the key directly.

Parameters:

publicKey - the public key

Returns:

the prime Q domain parameter, or null if could not be processed