Class PseudoRandomFunction


  • final class PseudoRandomFunction
    extends java.lang.Object
    This pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This is used by the TLS RFC to construct/deconstruct an array of bytes into composite secrets. {@link rfc5246}
    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private PseudoRandomFunction()
      Constructor never to be called.
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      private static byte[] concat​(byte[] first, byte[] second)  
      (package private) static byte[] hash​(byte[] secret, byte[] label, byte[] seed, int length, java.lang.String algo)
      Use a single hash function to expand a secret and seed into an arbitrary quantity of output.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • PseudoRandomFunction

        private PseudoRandomFunction()
        Constructor never to be called.
    • Method Detail

      • hash

        static byte[] hash​(byte[] secret,
                           byte[] label,
                           byte[] seed,
                           int length,
                           java.lang.String algo)
        Use a single hash function to expand a secret and seed into an arbitrary quantity of output. P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) + HMAC_hash(secret, A(2) + seed) + HMAC_hash(secret, A(3) + seed) + ... where + indicates concatenation. A() is defined as: A(0) = seed A(i) = HMAC_hash(secret, A(i-1))
        Parameters:
        secret - The starting secret to use for expansion
        label - An ascii string without a length byte or trailing null character.
        seed - The seed of the hash
        length - The number of bytes to return
        algo - the hmac algorithm to use
        Returns:
        The expanded secrets
        Throws:
        java.lang.IllegalArgumentException - if the algo could not be found.
      • concat

        private static byte[] concat​(byte[] first,
                                     byte[] second)