use of com.github.zhenwei.core.asn1.cryptopro.Gost2814789KeyWrapParameters in project LinLong-Java by zhenwei1108.
the class JceKeyAgreeRecipient method extractSecretKey.
protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, SubjectPublicKeyInfo senderKey, ASN1OctetString userKeyingMaterial, byte[] encryptedContentEncryptionKey) throws CMSException {
try {
AlgorithmIdentifier wrapAlg = AlgorithmIdentifier.getInstance(keyEncryptionAlgorithm.getParameters());
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(senderKey.getEncoded());
KeyFactory fact = helper.createKeyFactory(senderKey.getAlgorithm().getAlgorithm());
PublicKey senderPublicKey = fact.generatePublic(pubSpec);
try {
SecretKey agreedWrapKey = calculateAgreedWrapKey(keyEncryptionAlgorithm, wrapAlg, senderPublicKey, userKeyingMaterial, recipientKey, ecc_cms_Generator);
if (wrapAlg.getAlgorithm().equals(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap) || wrapAlg.getAlgorithm().equals(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap)) {
Gost2814789EncryptedKey encKey = Gost2814789EncryptedKey.getInstance(encryptedContentEncryptionKey);
Gost2814789KeyWrapParameters wrapParams = Gost2814789KeyWrapParameters.getInstance(wrapAlg.getParameters());
Cipher keyCipher = helper.createCipher(wrapAlg.getAlgorithm());
keyCipher.init(Cipher.UNWRAP_MODE, agreedWrapKey, new GOST28147WrapParameterSpec(wrapParams.getEncryptionParamSet(), userKeyingMaterial.getOctets()));
return keyCipher.unwrap(Arrays.concatenate(encKey.getEncryptedKey(), encKey.getMacKey()), helper.getBaseCipherName(contentEncryptionAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
}
return unwrapSessionKey(wrapAlg.getAlgorithm(), agreedWrapKey, contentEncryptionAlgorithm.getAlgorithm(), encryptedContentEncryptionKey);
} catch (InvalidKeyException e) {
// might be a pre-RFC 5753 message
if (possibleOldMessages.contains(keyEncryptionAlgorithm.getAlgorithm())) {
SecretKey agreedWrapKey = calculateAgreedWrapKey(keyEncryptionAlgorithm, wrapAlg, senderPublicKey, userKeyingMaterial, recipientKey, old_ecc_cms_Generator);
return unwrapSessionKey(wrapAlg.getAlgorithm(), agreedWrapKey, contentEncryptionAlgorithm.getAlgorithm(), encryptedContentEncryptionKey);
}
// one last try - people do actually do this it turns out
if (userKeyingMaterial != null) {
try {
SecretKey agreedWrapKey = calculateAgreedWrapKey(keyEncryptionAlgorithm, wrapAlg, senderPublicKey, userKeyingMaterial, recipientKey, simple_ecc_cmsGenerator);
return unwrapSessionKey(wrapAlg.getAlgorithm(), agreedWrapKey, contentEncryptionAlgorithm.getAlgorithm(), encryptedContentEncryptionKey);
} catch (InvalidKeyException ex) {
// we'll throw the original exception
throw e;
}
}
throw e;
}
} catch (NoSuchAlgorithmException e) {
throw new CMSException("can't find algorithm.", e);
} catch (InvalidKeyException e) {
throw new CMSException("key invalid in message.", e);
} catch (InvalidKeySpecException e) {
throw new CMSException("originator key spec invalid.", e);
} catch (NoSuchPaddingException e) {
throw new CMSException("required padding not supported.", e);
} catch (Exception e) {
throw new CMSException("originator key invalid.", e);
}
}
use of com.github.zhenwei.core.asn1.cryptopro.Gost2814789KeyWrapParameters in project LinLong-Java by zhenwei1108.
the class KeyAgreeRecipientInfoGenerator method generate.
public RecipientInfo generate(GenericKey contentEncryptionKey) throws CMSException {
OriginatorIdentifierOrKey originator = new OriginatorIdentifierOrKey(createOriginatorPublicKey(originatorKeyInfo));
AlgorithmIdentifier keyEncAlg;
if (CMSUtils.isDES(keyEncryptionOID.getId()) || keyEncryptionOID.equals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap)) {
keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, DERNull.INSTANCE);
} else if (CMSUtils.isGOST(keyAgreementOID)) {
keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, new Gost2814789KeyWrapParameters(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet));
} else {
keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID);
}
AlgorithmIdentifier keyAgreeAlg = new AlgorithmIdentifier(keyAgreementOID, keyEncAlg);
ASN1Sequence recipients = generateRecipientEncryptedKeys(keyAgreeAlg, keyEncAlg, contentEncryptionKey);
byte[] userKeyingMaterial = getUserKeyingMaterial(keyAgreeAlg);
if (userKeyingMaterial != null) {
return new RecipientInfo(new KeyAgreeRecipientInfo(originator, new DEROctetString(userKeyingMaterial), keyAgreeAlg, recipients));
} else {
return new RecipientInfo(new KeyAgreeRecipientInfo(originator, null, keyAgreeAlg, recipients));
}
}
Aggregations