Example 11 with MacData
use of com.github.zhenwei.core.asn1.pkcs.MacData in project LinLong-Java by zhenwei1108.
the class MacDataGenerator method build.
public MacData build(char[] password, byte[] data) throws PKCSException {
MacCalculator macCalculator;
try {
macCalculator = builder.build(password);
OutputStream out = macCalculator.getOutputStream();
out.write(data);
out.close();
} catch (Exception e) {
throw new PKCSException("unable to process data: " + e.getMessage(), e);
}
AlgorithmIdentifier algId = macCalculator.getAlgorithmIdentifier();
DigestInfo dInfo = new DigestInfo(builder.getDigestAlgorithmIdentifier(), macCalculator.getMac());
PKCS12PBEParams params = PKCS12PBEParams.getInstance(algId.getParameters());
return new MacData(dInfo, params.getIV(), params.getIterations().intValue());
}
Also used :
MacData(com.github.zhenwei.core.asn1.pkcs.MacData)
DigestInfo(com.github.zhenwei.core.asn1.x509.DigestInfo)
PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)
OutputStream(java.io.OutputStream)
MacCalculator(com.github.zhenwei.pkix.operator.MacCalculator)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 12 with MacData
use of com.github.zhenwei.core.asn1.pkcs.MacData in project LinLong-Java by zhenwei1108.
the class PKCS12PfxPdu method isMacValid.
/**
* Verify the MacData attached to the PFX is consistent with what is expected.
*
* @param macCalcProviderBuilder provider builder for the calculator for the MAC
* @param password password to use
* @return true if mac data is valid, false otherwise.
* @throws PKCSException if there is a problem evaluating the MAC.
* @throws IllegalStateException if no MAC is actually present
*/
public boolean isMacValid(PKCS12MacCalculatorBuilderProvider macCalcProviderBuilder, char[] password) throws PKCSException {
if (hasMac()) {
MacData pfxmData = pfx.getMacData();
MacDataGenerator mdGen = new MacDataGenerator(macCalcProviderBuilder.get(new AlgorithmIdentifier(pfxmData.getMac().getAlgorithmId().getAlgorithm(), new PKCS12PBEParams(pfxmData.getSalt(), pfxmData.getIterationCount().intValue()))));
try {
MacData mData = mdGen.build(password, ASN1OctetString.getInstance(pfx.getAuthSafe().getContent()).getOctets());
return Arrays.constantTimeAreEqual(mData.getEncoded(), pfx.getMacData().getEncoded());
} catch (IOException e) {
throw new PKCSException("unable to process AuthSafe: " + e.getMessage());
}
}
throw new IllegalStateException("no MAC present on PFX");
}
Also used :
MacData(com.github.zhenwei.core.asn1.pkcs.MacData)
PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)
IOException(java.io.IOException)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Aggregations
IOException (java.io.IOException)9
MacData (com.github.zhenwei.core.asn1.pkcs.MacData)6
KeyStoreException (java.security.KeyStoreException)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6
PrivateKey (java.security.PrivateKey)6
UnrecoverableKeyException (java.security.UnrecoverableKeyException)6
Certificate (java.security.cert.Certificate)6
CertificateEncodingException (java.security.cert.CertificateEncodingException)6
CertificateException (java.security.cert.CertificateException)6
X509Certificate (java.security.cert.X509Certificate)6
Enumeration (java.util.Enumeration)6
Hashtable (java.util.Hashtable)6
DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)5
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)4
ContentInfo (com.github.zhenwei.core.asn1.pkcs.ContentInfo)4
Pfx (com.github.zhenwei.core.asn1.pkcs.Pfx)4
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)4
DigestInfo (com.github.zhenwei.core.asn1.x509.DigestInfo)4
ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)3
AuthenticatedSafe (com.github.zhenwei.core.asn1.pkcs.AuthenticatedSafe)3
