Class AbstractDH

  • Direct Known Subclasses:
    DHG, ECDH

    public abstract class AbstractDH
    extends Object
    Base class for the Diffie-Hellman key agreement.
    • Constructor Detail

      • AbstractDH

        protected AbstractDH()
    • Method Detail

      • setF

        public abstract void setF​(byte[] f)
      • isPublicDataAvailable

        public boolean isPublicDataAvailable()
      • calculateE

        protected abstract byte[] calculateE()
                                      throws Exception
        Lazy-called by getE() if the public key data has not been generated yet.
        Returns:
        The calculated public key data
        Throws:
        Exception - If failed to generate the relevant data
      • getE

        public byte[] getE()
                    throws Exception
        Returns:
        The local public key data
        Throws:
        Exception - If failed to calculate it
      • isSharedSecretAvailable

        public boolean isSharedSecretAvailable()
      • calculateK

        protected abstract byte[] calculateK()
                                      throws Exception
        Lazy-called by getK() if the shared secret data has not been calculated yet
        Returns:
        The shared secret data
        Throws:
        Exception - If failed to calculate it
      • getK

        public byte[] getK()
                    throws Exception
        Returns:
        The shared secret key
        Throws:
        Exception - If failed to calculate it
      • checkKeyAgreementNecessity

        protected void checkKeyAgreementNecessity()
        Called after either public or private parts have been calculated in order to check if the key-agreement mediator is still required. By default, if both public and private parts have been calculated then key-agreement mediator is null-ified to enable GC for it.
        See Also:
        getE(), getK()
      • stripLeadingZeroes

        public static byte[] stripLeadingZeroes​(byte[] x)
        The shared secret returned by KeyAgreement.generateSecret() is a byte array, which can (by chance, roughly 1 out of 256 times) begin with zero byte (some JCE providers might strip this, though). In SSH, the shared secret is an integer, so we need to strip the leading zero(es).
        Parameters:
        x - The original array
        Returns:
        An (possibly) sub-array guaranteed to start with a non-zero byte
        Throws:
        IllegalArgumentException - If all zeroes array
        See Also:
        SSHD-330