com.google.crypto.tink.hybrid.internal

Interface HpkeKdf

@Immutable
public interface HpkeKdf

Interface for Hybrid Public Key Encryption (HPKE) key derivation function (KDF).

HPKE RFC is available at https://www.rfc-editor.org/rfc/rfc9180.html.

Method Summary

Modifier and Type	Method and Description
byte[]	extractAndExpand(byte[] salt, byte[] ikm, String ikmLabel, byte[] info, String infoLabel, byte[] suiteId, int length) Combines labeledExtract(byte[], byte[], String, byte[]) and labeledExpand(byte[], byte[], String, byte[], int) into a single method.
byte[]	getKdfId() Returns the HPKE KDF algorithm identifier for the underlying KDF implementation.
byte[]	labeledExpand(byte[] prk, byte[] info, String infoLabel, byte[] suiteId, int length) Expands pseudorandom key prk into length pseudorandom bytes using info along with the HPKE-specific values infoLabel and suiteId to facilitate domain separation and context binding.
byte[]	labeledExtract(byte[] salt, byte[] ikm, String ikmLabel, byte[] suiteId) Extracts pseudorandom key from salt and ikm using the HPKE-specific values ikmLabel and suiteId to facilitate domain separation and context binding.

Method Detail

labeledExtract

byte[] labeledExtract(byte[] salt,
                      byte[] ikm,
                      String ikmLabel,
                      byte[] suiteId)
               throws GeneralSecurityException

Extracts pseudorandom key from salt and ikm using the HPKE-specific values ikmLabel and suiteId to facilitate domain separation and context binding.

More details available at https://www.rfc-editor.org/rfc/rfc9180.html#section-4-9.

Parameters:

salt - optional (possibly non-secret) random value

ikm - input keying material

ikmLabel - label prepended to ikm

suiteId - HPKE cipher suite identifier prepended to { ikmLabel || ikm }

Returns:

pseudorandom key

Throws:

GeneralSecurityException

labeledExpand

byte[] labeledExpand(byte[] prk,
                     byte[] info,
                     String infoLabel,
                     byte[] suiteId,
                     int length)
              throws GeneralSecurityException

Expands pseudorandom key prk into length pseudorandom bytes using info along with the HPKE-specific values infoLabel and suiteId to facilitate domain separation and context binding.

More details available at https://www.rfc-editor.org/rfc/rfc9180.html#section-4-10.

Parameters:

prk - pseudorandom key

info - optional context and application-specific information

infoLabel - label prepended to info

suiteId - HPKE cipher suite identifier prepended to { infoLabel || info }

length - desired length (in bytes) of pseudorandom output

Returns:

length pseudorandom bytes of output keying material

Throws:

GeneralSecurityException

extractAndExpand

byte[] extractAndExpand(byte[] salt,
                        byte[] ikm,
                        String ikmLabel,
                        byte[] info,
                        String infoLabel,
                        byte[] suiteId,
                        int length)
                 throws GeneralSecurityException

Combines labeledExtract(byte[], byte[], String, byte[]) and labeledExpand(byte[], byte[], String, byte[], int) into a single method.

More details available at https://www.rfc-editor.org/rfc/rfc9180.html#section-4.1-3.

Parameters:

salt - optional (possibly non-secret) random value

ikm - input keying material

ikmLabel - label prepended to ikm

info - optional context and application-specific information

infoLabel - label prepended to info

suiteId - HPKE cipher suite identifier prepended to { ikmLabel || ikm } and { infoLabel || info }

length - desired length (in bytes) of pseudorandom output

Returns:

length pseudorandom bytes of output keying material

Throws:

GeneralSecurityException

getKdfId

byte[] getKdfId()
         throws GeneralSecurityException

Returns the HPKE KDF algorithm identifier for the underlying KDF implementation.

More details at https://www.rfc-editor.org/rfc/rfc9180.html#name-key-derivation-functions-kd.

Throws:

GeneralSecurityException