iaik.security.spec

Class PBES2ParameterSpec

java.lang.Object

javax.crypto.spec.PBEParameterSpec

iaik.security.spec.PBES2ParameterSpec

All Implemented Interfaces:

java.security.spec.AlgorithmParameterSpec

public class PBES2ParameterSpec
extends javax.crypto.spec.PBEParameterSpec

The parameter specifications for PBES2 contains the password-based key derivation function, which shall be PBKDF2 (RFC8018 Section 5.2) for this version of PKCS #5, with an underlying encryption scheme (see Appendix B.2 for examples). The key length and any other parameters for the underlying encryption scheme depend on the scheme.

Since:

9.0

Constructor Summary

Constructors

Constructor and Description
PBES2ParameterSpec(AlgorithmID kdf, AlgorithmID prf, AlgorithmID enc) The parameter specifications for PBES2 contains the password-based key derivation function indicated with the PBKDF2 PRF and the specified encryption scheme will be used.
PBES2ParameterSpec(byte[] salt, int iterationCount, AlgorithmID kdf, AlgorithmID prf, AlgorithmID enc, byte[] iv) Specify the parameter specifications for the PBES2 scheme.
PBES2ParameterSpec(int iterationCount) When only the iteration count is provided, default PBKDF2 and the PBKDF2 PRF HmacSHA256 and the default encryption scheme AES-256-CBC will be used.
PBES2ParameterSpec(javax.crypto.spec.PBEParameterSpec param_spec, java.lang.String algorithmName)

Method Summary

Modifier and Type	Method and Description
AlgorithmID	getEnc() Return the encryption scheme for the PBES2 parameter specifications.
byte[]	getIV() Return the IV byte array for the encryption scheme.
AlgorithmID	getKDF() Return the password-based key derivation function.
AlgorithmID	getPRF() Return the pseudo-random-function for the password-based key derivation.
ASN1Object	toASN1Object() Return the ASN1 representation of the PBES2 parameter specifications.

Methods inherited from class javax.crypto.spec.PBEParameterSpec

getIterationCount, getParameterSpec, getSalt

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PBES2ParameterSpec

public PBES2ParameterSpec(int iterationCount)

When only the iteration count is provided, default PBKDF2 and the PBKDF2 PRF HmacSHA256 and the default encryption scheme AES-256-CBC will be used. The other parameters salt and iv will be generated for the underlying encryption scheme.

salt - default to eight octets (64 bits) long.

iteration count - default to 10,000 and a minimum of 1,000 is recommended.

Parameters:

iterationCount - the iteration count to the password-based key derivation

PBES2ParameterSpec

public PBES2ParameterSpec(AlgorithmID kdf,
                          AlgorithmID prf,
                          AlgorithmID enc)

The parameter specifications for PBES2 contains the password-based key derivation function indicated with the PBKDF2 PRF and the specified encryption scheme will be used. The other parameters salt and iv will be generated for the underlying encryption scheme. *

salt - default to eight octets (64 bits) long.

iteration count - default to 10,000 and a minimum of 1,000 is recommended.

Parameters:

kdf - the password-based key derivation function

prf - the pseudo-random function for the key derivation function

enc - the encryption scheme

PBES2ParameterSpec

public PBES2ParameterSpec(byte[] salt,
                          int iterationCount,
                          AlgorithmID kdf,
                          AlgorithmID prf,
                          AlgorithmID enc,
                          byte[] iv)

Specify the parameter specifications for the PBES2 scheme.

salt - it should be at least eight octets (64 bits) long.

iteration count - a minimum of 1,000 is recommended.

Key Derivation Function - PBKDF2 is recommended for new application.

Pseudo-random Functions - include HMAC with SHA-1, SHA-224, SHA-256, SHA-384, SHA512, SHA-512/224 and SHA-512/256.

Encryption Schemes - an underlying encryption scheme Encryption Schemes such as AES-CBC-Pad.

iv - Iv parameter specification for the encryption cipher must match the cipher block size.

Parameters:

salt - the salt to the password-based key derivation

iterationCount - the iteration count to the password-based key derivation

kdf - the password-based key derivation function

prf - the pseudo-random function for the key derivation function

enc - the encryption scheme

iv - the IV for the encryption scheme

PBES2ParameterSpec

public PBES2ParameterSpec(javax.crypto.spec.PBEParameterSpec param_spec,
                          java.lang.String algorithmName)

Method Detail

toASN1Object

public ASN1Object toASN1Object()

Return the ASN1 representation of the PBES2 parameter specifications.

Returns:

ASN1Object

getKDF

public final AlgorithmID getKDF()

Return the password-based key derivation function.

Returns:

AlgorithmID

getPRF

public final AlgorithmID getPRF()

Return the pseudo-random-function for the password-based key derivation.

Returns:

AlgorithmID

getEnc

public final AlgorithmID getEnc()

Return the encryption scheme for the PBES2 parameter specifications.

Returns:

AlgorithmID

getIV

public final byte[] getIV()

Return the IV byte array for the encryption scheme.

Returns:

byte array