Example 6 with ScryptParams
use of com.github.zhenwei.core.asn1.misc.ScryptParams in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method generateKey.
private byte[] generateKey(KeyDerivationFunc pbkdAlgorithm, String purpose, char[] password, int defKeySize) throws IOException {
byte[] encPassword = PBEParametersGenerator.PKCS12PasswordToBytes(password);
byte[] differentiator = PBEParametersGenerator.PKCS12PasswordToBytes(purpose.toCharArray());
int keySizeInBytes = defKeySize;
if (MiscObjectIdentifiers.id_scrypt.equals(pbkdAlgorithm.getAlgorithm())) {
ScryptParams params = ScryptParams.getInstance(pbkdAlgorithm.getParameters());
if (params.getKeyLength() != null) {
keySizeInBytes = params.getKeyLength().intValue();
} else if (keySizeInBytes == -1) {
throw new IOException("no keyLength found in ScryptParams");
}
return SCrypt.generate(Arrays.concatenate(encPassword, differentiator), params.getSalt(), params.getCostParameter().intValue(), params.getBlockSize().intValue(), params.getBlockSize().intValue(), keySizeInBytes);
} else if (pbkdAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2)) {
PBKDF2Params pbkdf2Params = PBKDF2Params.getInstance(pbkdAlgorithm.getParameters());
if (pbkdf2Params.getKeyLength() != null) {
keySizeInBytes = pbkdf2Params.getKeyLength().intValue();
} else if (keySizeInBytes == -1) {
throw new IOException("no keyLength found in PBKDF2Params");
}
if (pbkdf2Params.getPrf().getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA512)) {
PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA512Digest());
pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
return ((KeyParameter) pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
} else if (pbkdf2Params.getPrf().getAlgorithm().equals(NISTObjectIdentifiers.id_hmacWithSHA3_512)) {
PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA3Digest(512));
pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
return ((KeyParameter) pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
} else {
throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD PRF: " + pbkdf2Params.getPrf().getAlgorithm());
}
} else {
throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
}
}
Also used :
SHA512Digest(com.github.zhenwei.core.crypto.digests.SHA512Digest)
SHA3Digest(com.github.zhenwei.core.crypto.digests.SHA3Digest)
PKCS5S2ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator)
KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter)
PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)
IOException(java.io.IOException)
ScryptParams(com.github.zhenwei.core.asn1.misc.ScryptParams)
Example 7 with ScryptParams
use of com.github.zhenwei.core.asn1.misc.ScryptParams in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method isSimilarHmacPbkd.
private boolean isSimilarHmacPbkd(PBKDFConfig storePBKDFConfig, KeyDerivationFunc hmacPkbdAlgorithm) {
if (!storePBKDFConfig.getAlgorithm().equals(hmacPkbdAlgorithm.getAlgorithm())) {
return false;
}
if (MiscObjectIdentifiers.id_scrypt.equals(hmacPkbdAlgorithm.getAlgorithm())) {
if (!(storePBKDFConfig instanceof ScryptConfig)) {
return false;
}
ScryptConfig scryptConfig = (ScryptConfig) storePBKDFConfig;
ScryptParams sParams = ScryptParams.getInstance(hmacPkbdAlgorithm.getParameters());
if (scryptConfig.getSaltLength() != sParams.getSalt().length || scryptConfig.getBlockSize() != sParams.getBlockSize().intValue() || scryptConfig.getCostParameter() != sParams.getCostParameter().intValue() || scryptConfig.getParallelizationParameter() != sParams.getParallelizationParameter().intValue()) {
return false;
}
} else {
if (!(storePBKDFConfig instanceof PBKDF2Config)) {
return false;
}
PBKDF2Config pbkdf2Config = (PBKDF2Config) storePBKDFConfig;
PBKDF2Params pbkdf2Params = PBKDF2Params.getInstance(hmacPkbdAlgorithm.getParameters());
if (pbkdf2Config.getSaltLength() != pbkdf2Params.getSalt().length || pbkdf2Config.getIterationCount() != pbkdf2Params.getIterationCount().intValue()) {
return false;
}
}
return true;
}
Also used :
PBKDF2Config(com.github.zhenwei.core.crypto.util.PBKDF2Config)
PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)
ScryptConfig(com.github.zhenwei.core.crypto.util.ScryptConfig)
ScryptParams(com.github.zhenwei.core.asn1.misc.ScryptParams)
Aggregations
ScryptParams (com.github.zhenwei.core.asn1.misc.ScryptParams)7
PBKDF2Params (com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)7
KeyDerivationFunc (com.github.zhenwei.core.asn1.pkcs.KeyDerivationFunc)3
PBKDF2Config (com.github.zhenwei.core.crypto.util.PBKDF2Config)3
ScryptConfig (com.github.zhenwei.core.crypto.util.ScryptConfig)3
PBES2Parameters (com.github.zhenwei.core.asn1.pkcs.PBES2Parameters)2
PKCS12PBEParams (com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)2
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)2
OperatorCreationException (com.github.zhenwei.pkix.operator.OperatorCreationException)2
PKCS12KeyWithParameters (com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters)2
ScryptKeySpec (com.github.zhenwei.provider.jcajce.spec.ScryptKeySpec)2
IOException (java.io.IOException)2
AlgorithmParameters (java.security.AlgorithmParameters)2
Cipher (javax.crypto.Cipher)2
SecretKey (javax.crypto.SecretKey)2
SecretKeyFactory (javax.crypto.SecretKeyFactory)2
PBEKeySpec (javax.crypto.spec.PBEKeySpec)2
ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)1
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)1
ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)1
