com.entrust.toolkit.security.spec

Class PasswordBasedMacParameterSpec

java.lang.Object

com.entrust.toolkit.security.spec.PasswordBasedMacParameterSpec

All Implemented Interfaces:

ASN1Type, java.security.spec.AlgorithmParameterSpec

public class PasswordBasedMacParameterSpec
extends java.lang.Object
implements java.security.spec.AlgorithmParameterSpec, ASN1Type

This class implements the PBMParameter structure as defined in the CRMF specification.

 PBMParameter ::= SEQUENCE {
     salt              OCTET STRING,
     owf               AlgorithmIdentifier,
     -- AlgId for a One-Way Function (SHA-1 recommended)
     iterationCount    INTEGER,
     -- number of times the OWF is applied
     mac               AlgorithmIdentifier
     -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
     -- or HMAC [RFC2104, RFC2202])
 }
 

The process of using a PBMParameter to compute a password-based MAC consists of two stages. The first stage uses shared secret information (Entrust authentication code) to produce a MAC key. The second stage MACs the data in question using this MAC key to produce a MAC value.

Initialization of the first stage of the algorithm assumes the existence of a shared secret (Entrust authentication code) in a trusted fashion between CA/RA and end-entity. The salt value is appended to the shared secret and the one way function (owf) is applied iterationCount times, where the salted salted secret is the input to the first iteration and, for each successive iteration, the input is set to be the output of the previous iteration, yielding a key K.

In the second stage, K and the data are inputs to a MAC routine, which produces the MAC value.

Since:

7.0

Constructor Summary

Constructors

Constructor and Description
PasswordBasedMacParameterSpec(ASN1Object obj) Creates a PasswordBasedMacParameterSpec object from an ASN1Object.
PasswordBasedMacParameterSpec(byte[] salt, AlgorithmID owf, int iterationCount, AlgorithmID mac) Creates a new PasswordBasedMacParameterSpec object with the specified components.

Method Summary

Methods

Modifier and Type	Method and Description
void	decode(ASN1Object obj) Decodes a PasswordBasedMacParameterSpec object from an ASN1Object.
int	getIterationCount() Returns the number of times to apply the owf.
AlgorithmID	getMac() Returns the mac algorithm.
AlgorithmID	getOwf() Returns the one-way function algorithm.
byte[]	getSalt() Returns the salt value.
void	setIterationCount(int iterationCount) Sets the number of times to apply the owf.
void	setMac(AlgorithmID mac) Sets the mac algorithm.
void	setOwf(AlgorithmID owf) Sets the one-way function algorithm.
void	setSalt(byte[] salt) Sets the salt value.
ASN1Object	toASN1Object() Encodes this PasswordBasedMacParameterSpec object as an ASN1Object.
java.lang.String	toString() Creates a text representation of the ASN.1 structure of this PasswordBasedMacParameterSpec object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

PasswordBasedMacParameterSpec

public PasswordBasedMacParameterSpec(byte[] salt,
                             AlgorithmID owf,
                             int iterationCount,
                             AlgorithmID mac)

Creates a new PasswordBasedMacParameterSpec object with the specified components.

Parameters:

salt - the salt value

owf - the one-way function algorithm

iterationCount - the number of times to apply the owf

mac - the mac algorithm

PasswordBasedMacParameterSpec

public PasswordBasedMacParameterSpec(ASN1Object obj)
                              throws CodingException

Creates a PasswordBasedMacParameterSpec object from an ASN1Object.

The ASN1Object must be a PasswordBasedMacParameterSpec structure.

Parameters:

obj - the ASN.1 representation of a PBMParameter structure

Throws:

CodingException - thrown if an errors occurs while decoding the ANS1Object

Method Detail

getSalt

public byte[] getSalt()

Returns the salt value.

Returns:

the salt component

getOwf

public AlgorithmID getOwf()

Returns the one-way function algorithm.

Returns:

the owf component

getIterationCount

public int getIterationCount()

Returns the number of times to apply the owf.

Returns:

the iterationCount component

getMac

public AlgorithmID getMac()

Returns the mac algorithm.

Returns:

the mac component

setSalt

public void setSalt(byte[] salt)

Sets the salt value.

Parameters:

salt - the salt component

setOwf

public void setOwf(AlgorithmID owf)

Sets the one-way function algorithm.

Parameters:

owf - the owf component

setIterationCount

public void setIterationCount(int iterationCount)

Sets the number of times to apply the owf.

Parameters:

iterationCount - the iterationCount component

setMac

public void setMac(AlgorithmID mac)

Sets the mac algorithm.

Parameters:

mac - the mac component

decode

public void decode(ASN1Object obj)
            throws CodingException

Decodes a PasswordBasedMacParameterSpec object from an ASN1Object.

The ASN1Object must be a PasswordBasedMacParameterSpec structure.

Specified by:

decode in interface ASN1Type

Parameters:

obj - an ASN.1 representation of a PBMParameter structure

Throws:

CodingException - thrown if an errors occurs while decoding the ANS1Object

toASN1Object

public ASN1Object toASN1Object()

Encodes this PasswordBasedMacParameterSpec object as an ASN1Object.

Specified by:

toASN1Object in interface ASN1Type

Returns:

an ASN.1 representation of this object

toString

public java.lang.String toString()

Creates a text representation of the ASN.1 structure of this PasswordBasedMacParameterSpec object.

Overrides:

toString in class java.lang.Object

Returns:

a text representation of the ASN.1 structure of this object