Package org.opensaml.xmlsec.agreement.impl

Class AbstractKeyAgreementProcessor

java.lang.Object

org.opensaml.xmlsec.agreement.impl.AbstractKeyAgreementProcessor

All Implemented Interfaces:

KeyAgreementProcessor

Direct Known Subclasses:

AbstractDerivationKeyAgreementProcessor, DHWithLegacyKDFKeyAgreementProcessor

public abstract class AbstractKeyAgreementProcessor
extends Object
implements KeyAgreementProcessor

Abstract base class for KeyAgreementProcessor implementations.

Field Summary

Fields

Modifier and Type	Field	Description
private final org.slf4j.Logger	log	Logger.

Constructor Summary

Constructors

Constructor	Description
AbstractKeyAgreementProcessor()

Method Summary

Modifier and Type	Method	Description
protected KeyAgreementCredential	buildKeyAgreementCredential(SecretKey derivedKey, Credential publicCredential, Credential privateCredential, KeyAgreementParameters parameters)	Build the final KeyAgreementCredential from the given inputs.
protected abstract SecretKey	deriveSecretKey(byte[] secret, String keyAlgorithm, KeyAgreementParameters parameters)	Derive a SecretKey from a given secret.
KeyAgreementCredential	execute(Credential publicCredential, String keyAlgorithm, KeyAgreementParameters inputParameters)	Perform the key agreement operation and return a new credential representing the results.
protected abstract byte[]	generateAgreementSecret(Credential publicCredential, Credential privateCredential, KeyAgreementParameters parameters)	Generate the agreement secret according to the key algorithm and using the supplied public and private credentials.
protected Credential	obtainPrivateCredential(Credential publicCredential, KeyAgreementParameters parameters)	Obtain the private credential which is compatible with the given public credential.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.opensaml.xmlsec.agreement.KeyAgreementProcessor

getAlgorithm

Field Details

log

private final org.slf4j.Logger log

Logger.

Constructor Details

AbstractKeyAgreementProcessor

public AbstractKeyAgreementProcessor()

Method Details

execute

@Nonnull
public KeyAgreementCredential execute(@Nonnull
 Credential publicCredential,
 @Nonnull
 String keyAlgorithm,
 @Nonnull
 KeyAgreementParameters inputParameters)
                               throws KeyAgreementException

Perform the key agreement operation and return a new credential representing the results.

Specified by:

execute in interface KeyAgreementProcessor

Parameters:

publicCredential - the public credential, which will belong either to the recipient or originator party, depending on whether encryption or decryption is being performed, respectively

keyAlgorithm - the algorithm URI for which the derived key will be used

inputParameters - parameters to the agreement operation. Internally a copy will be created so this input instance will not be modified.

Returns:

the agreement credential

Throws:

KeyAgreementException - if the key agreement operation is not completed successfully

obtainPrivateCredential

@Nonnull
protected Credential obtainPrivateCredential(@Nonnull
 Credential publicCredential,
 @Nonnull
 KeyAgreementParameters parameters)
                                      throws KeyAgreementException

Obtain the private credential which is compatible with the given public credential.

Parameters:

publicCredential - the public credential

parameters - the key agreement parameters

Returns:

the obtained private credential

Throws:

KeyAgreementException - if private credential can not be obtained

generateAgreementSecret

@Nonnull
protected abstract byte[] generateAgreementSecret(@Nonnull
 Credential publicCredential,
 @Nonnull
 Credential privateCredential,
 @Nonnull
 KeyAgreementParameters parameters)
                                           throws KeyAgreementException

Generate the agreement secret according to the key algorithm and using the supplied public and private credentials.

Parameters:

publicCredential - the public credential

privateCredential - the private credential

parameters - the key agreement parameters

Returns:

the secret produced by the key agreement operation

Throws:

KeyAgreementException - if secret generation fails

deriveSecretKey

@Nonnull
protected abstract SecretKey deriveSecretKey(@Nonnull
 byte[] secret,
 @Nonnull
 String keyAlgorithm,
 @Nonnull
 KeyAgreementParameters parameters)
                                      throws KeyAgreementException

Derive a SecretKey from a given secret.

Parameters:

secret - the input secret

keyAlgorithm - the JCA key algorithm for the derived key

parameters - the key agreement parameters

Returns:

the derived secret key

Throws:

KeyAgreementException - if key derivation operation does not complete successfully

buildKeyAgreementCredential

@Nonnull
protected KeyAgreementCredential buildKeyAgreementCredential(@Nonnull
 SecretKey derivedKey,
 @Nonnull
 Credential publicCredential,
 @Nonnull
 Credential privateCredential,
 @Nonnull
 KeyAgreementParameters parameters)
                                                      throws KeyAgreementException

Build the final KeyAgreementCredential from the given inputs.

Parameters:

derivedKey - the derived secret key

publicCredential - the public credential

privateCredential - the private credential

parameters - the key agreement parameters

Returns:

the new key agreement credential

Throws:

KeyAgreementException - if credential can not be successfully constructed