Package dk.hyperdivision.multisig_hmac

Class DeriveKey

java.lang.Object
dk.hyperdivision.multisig_hmac.IndexKey
dk.hyperdivision.multisig_hmac.DeriveKey
public class DeriveKey
extends IndexKey
DeriveKey represents a pair of index + cryptographically random key. Used for the key management method where a single master seed is stored and used to derive keys ad hoc.
Author:
Amalie Due Jensen

  • Constructor Summary

    Constructors 
    Constructor Description
    DeriveKey​(byte[] MasterSeed, int index, String Algorithm)
    Constructs and initializes a pair of index + a new cryptographically random key

  • Method Summary

    Modifier and Type Method Description
    static byte[] derivekey​(byte[] MasterSeed, int index, String Algorithm)
    Derives a new sub key from a master seed.
    static byte[] intToLittleEndian​(int index)
    Converts an integer into a little endian byte array
    static byte[] SeedGen​(int KEYBYTES)
    Generates a new cryptographically random master seed

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • DeriveKey

      public DeriveKey​(byte[] MasterSeed, int index, String Algorithm) throws InvalidKeyException, NoSuchAlgorithmException
      Constructs and initializes a pair of index + a new cryptographically random key
      Parameters:
      MasterSeed - - master seed used to derive keys
      index - - index of the key
      Algorithm - - algorithm used for HMAC
      Throws:
      InvalidKeyException - - if the given key is inappropriate for initializing this HMAC
      NoSuchAlgorithmException - - if the specified algorithm is not available

  • Method Details

    • derivekey

      public static byte[] derivekey​(byte[] MasterSeed, int index, String Algorithm) throws InvalidKeyException, NoSuchAlgorithmException
      Derives a new sub key from a master seed. Note that index should be counted from 0. The bitfield used with the signature has as many bits as the largest index, hence in practice you want to keep the indexes low. Keys are derived using a KDF based on HMAC: b[0...BYTES] = HMAC(Key = MasterSeed, data = "derived" || U32LE(index) || 0x00) b[BYTES...] = HMAC(Key = MasterSeed, b[0...BYTES] || 0x01)
      Parameters:
      MasterSeed - - master seed in bytes of length KEYBYTES used to derive keys
      index - - index of the key
      Algorithm - - algorithm used for HMAC
      Returns:
      the derived key in bytes of length KEYBYTES
      Throws:
      InvalidKeyException - - if the given key is inappropriate for initializing this HMAC
      NoSuchAlgorithmException - - if the specified algorithm is not available

    • SeedGen

      public static byte[] SeedGen​(int KEYBYTES)
      Generates a new cryptographically random master seed
      Parameters:
      KEYBYTES - - length of the master seed
      Returns:
      master seed

    • intToLittleEndian

      public static byte[] intToLittleEndian​(int index)
      Converts an integer into a little endian byte array
      Parameters:
      index - - integer which should be converted
      Returns:
      little endian byte array