Hkdf (AwsCryptographyDbEncryptionSdkDynamoDb 3.1.1 API)

java.lang.Object
- com.amazonaws.services.dynamodbv2.datamodeling.internal.Hkdf

```
public final class Hkdf
extends java.lang.Object
```
HMAC-based Key Derivation Function.

See Also:

RFC 5869

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`byte[]`	`deriveKey(byte[] info, int length)` Returns a pseudorandom key of `length` bytes.
`void`	`deriveKey(byte[] info, int length, byte[] output, int offset)` Derives a pseudorandom key of `length` bytes and stores the result in `output`.
`byte[]`	`deriveKey(java.lang.String info, int length)` Returns a pseudorandom key of `length` bytes.
`static Hkdf`	`getInstance(java.lang.String algorithm)` Returns an `Hkdf` object using the specified algorithm.
`static Hkdf`	`getInstance(java.lang.String algorithm, java.security.Provider provider)` Returns an `Hkdf` object using the specified algorithm.
`static Hkdf`	`getInstance(java.lang.String algorithm, java.lang.String provider)` Returns an `Hkdf` object using the specified algorithm.
`void`	`init(byte[] ikm)` Initializes this Hkdf with input keying material.
`void`	`init(byte[] ikm, byte[] salt)` Initializes this Hkdf with input keying material and a salt.
`void`	`unsafeInitWithoutKeyExtraction(javax.crypto.SecretKey rawKey)` Initializes this Hkdf to use the provided key directly for creation of new keys.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - getInstance
```
public static Hkdf getInstance(java.lang.String algorithm)
                        throws java.security.NoSuchAlgorithmException
```
    Returns an Hkdf object using the specified algorithm.
    
    Parameters:
    
    algorithm - the standard name of the requested MAC algorithm. See the Mac section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard algorithm names.
    
    Returns:
    
    the new Hkdf object
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if no Provider supports a MacSpi implementation for the specified algorithm.
  - getInstance
```
public static Hkdf getInstance(java.lang.String algorithm,
                               java.lang.String provider)
                        throws java.security.NoSuchAlgorithmException,
                               java.security.NoSuchProviderException
```
    Returns an Hkdf object using the specified algorithm.
    
    Parameters:
    
    algorithm - the standard name of the requested MAC algorithm. See the Mac section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard algorithm names.
    
    provider - the name of the provider
    
    Returns:
    
    the new Hkdf object
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if a MacSpi implementation for the specified algorithm is not available from the specified provider.
    
    java.security.NoSuchProviderException - if the specified provider is not registered in the security provider list.
  - getInstance
```
public static Hkdf getInstance(java.lang.String algorithm,
                               java.security.Provider provider)
                        throws java.security.NoSuchAlgorithmException
```
    Returns an Hkdf object using the specified algorithm.
    
    Parameters:
    
    algorithm - the standard name of the requested MAC algorithm. See the Mac section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard algorithm names.
    
    provider - the provider
    
    Returns:
    
    the new Hkdf object
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if a MacSpi implementation for the specified algorithm is not available from the specified provider.
  - init
```
public void init(byte[] ikm)
```
    Initializes this Hkdf with input keying material. A default salt of HashLen zeros will be used (where HashLen is the length of the return value of the supplied algorithm).
    
    Parameters:
    
    ikm - the Input Keying Material
  - init
```
public void init(byte[] ikm,
                 byte[] salt)
```
    Initializes this Hkdf with input keying material and a salt. If salt is null or of length 0, then a default salt of HashLen zeros will be used (where HashLen is the length of the return value of the supplied algorithm).
    
    Parameters:
    
    salt - the salt used for key extraction (optional)
    
    ikm - the Input Keying Material
  - unsafeInitWithoutKeyExtraction
```
public void unsafeInitWithoutKeyExtraction(javax.crypto.SecretKey rawKey)
                                    throws java.security.InvalidKeyException
```
    Initializes this Hkdf to use the provided key directly for creation of new keys. If rawKey is not securely generated and uniformly distributed over the total key-space, then this will result in an insecure key derivation function (KDF). DO NOT USE THIS UNLESS YOU ARE ABSOLUTELY POSITIVE THIS IS THE CORRECT THING TO DO.
    
    Parameters:
    
    rawKey - the pseudorandom key directly used to derive keys
    
    Throws:
    
    java.security.InvalidKeyException - if the algorithm for rawKey does not match the algorithm this Hkdf was created with
  - deriveKey
```
public byte[] deriveKey(java.lang.String info,
                        int length)
                 throws java.lang.IllegalStateException
```
    Returns a pseudorandom key of length bytes.
    
    Parameters:
    
    info - optional context and application specific information (can be a zero-length string). This will be treated as UTF-8.
    
    length - the length of the output key in bytes
    
    Returns:
    
    a pseudorandom key of length bytes.
    
    Throws:
    
    java.lang.IllegalStateException - if this object has not been initialized
  - deriveKey
```
public byte[] deriveKey(byte[] info,
                        int length)
                 throws java.lang.IllegalStateException
```
    Returns a pseudorandom key of length bytes.
    
    Parameters:
    
    info - optional context and application specific information (can be a zero-length array).
    
    length - the length of the output key in bytes
    
    Returns:
    
    a pseudorandom key of length bytes.
    
    Throws:
    
    java.lang.IllegalStateException - if this object has not been initialized
  - deriveKey
```
public void deriveKey(byte[] info,
                      int length,
                      byte[] output,
                      int offset)
               throws javax.crypto.ShortBufferException,
                      java.lang.IllegalStateException
```
    Derives a pseudorandom key of length bytes and stores the result in output.
    
    Parameters:
    
    info - optional context and application specific information (can be a zero-length array).
    
    length - the length of the output key in bytes
    
    output - the buffer where the pseudorandom key will be stored
    
    offset - the offset in output where the key will be stored
    
    Throws:
    
    javax.crypto.ShortBufferException - if the given output buffer is too small to hold the result
    
    java.lang.IllegalStateException - if this object has not been initialized

Class Hkdf

Method Summary

Methods inherited from class java.lang.Object

Method Detail

getInstance

getInstance

getInstance

init

init

unsafeInitWithoutKeyExtraction

deriveKey

deriveKey

deriveKey