Examples with PKCS12PBEParams com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams used on opensource projects

Search in sources :

Example 11 with PKCS12PBEParams

use of com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams in project LinLong-Java by zhenwei1108.

the class PKCS12PBEUtils method createMacCalculator.

static MacCalculator createMacCalculator(final ASN1ObjectIdentifier digestAlgorithm, ExtendedDigest digest, final PKCS12PBEParams pbeParams, final char[] password) {
    PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);
    pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue());
    final KeyParameter keyParam = (KeyParameter) pGen.generateDerivedMacParameters(digest.getDigestSize() * 8);
    final HMac hMac = new HMac(digest);
    hMac.init(keyParam);
    return new MacCalculator() {

        public AlgorithmIdentifier getAlgorithmIdentifier() {
            return new AlgorithmIdentifier(digestAlgorithm, pbeParams);
        }

        public OutputStream getOutputStream() {
            return new MacOutputStream(hMac);
        }

        public byte[] getMac() {
            byte[] res = new byte[hMac.getMacSize()];
            hMac.doFinal(res, 0);
            return res;
        }

        public GenericKey getKey() {
            return new GenericKey(getAlgorithmIdentifier(), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
        }
    };
}
Also used : PKCS12ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS12ParametersGenerator) HMac(com.github.zhenwei.core.crypto.macs.HMac) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) MacOutputStream(com.github.zhenwei.core.crypto.io.MacOutputStream) GenericKey(com.github.zhenwei.pkix.operator.GenericKey) MacCalculator(com.github.zhenwei.pkix.operator.MacCalculator) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 12 with PKCS12PBEParams

use of com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams in project LinLong-Java by zhenwei1108.

the class JcePKCS12MacCalculatorBuilderProvider method get.

public PKCS12MacCalculatorBuilder get(final AlgorithmIdentifier algorithmIdentifier) {
    return new PKCS12MacCalculatorBuilder() {

        public MacCalculator build(final char[] password) throws OperatorCreationException {
            final PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
            try {
                final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
                final Mac mac = helper.createMac(algorithm.getId());
                PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
                final SecretKey key = new PKCS12Key(password);
                mac.init(key, defParams);
                return new MacCalculator() {

                    public AlgorithmIdentifier getAlgorithmIdentifier() {
                        return new AlgorithmIdentifier(algorithm, pbeParams);
                    }

                    public OutputStream getOutputStream() {
                        return new MacOutputStream(mac);
                    }

                    public byte[] getMac() {
                        return mac.doFinal();
                    }

                    public GenericKey getKey() {
                        return new GenericKey(getAlgorithmIdentifier(), key.getEncoded());
                    }
                };
            } catch (Exception e) {
                throw new OperatorCreationException("unable to create MAC calculator: " + e.getMessage(), e);
            }
        }

        public AlgorithmIdentifier getDigestAlgorithmIdentifier() {
            return new AlgorithmIdentifier(algorithmIdentifier.getAlgorithm(), DERNull.INSTANCE);
        }
    };
}
Also used : MacOutputStream(com.github.zhenwei.provider.jcajce.io.MacOutputStream) Mac(javax.crypto.Mac) MacCalculator(com.github.zhenwei.pkix.operator.MacCalculator) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) SecretKey(javax.crypto.SecretKey) PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams) PKCS12MacCalculatorBuilder(com.github.zhenwei.pkix.pkcs.PKCS12MacCalculatorBuilder) PKCS12Key(com.github.zhenwei.provider.jcajce.PKCS12Key) GenericKey(com.github.zhenwei.pkix.operator.GenericKey) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)

Example 13 with PKCS12PBEParams

use of com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams in project XobotOS by xamarin.

the class JDKPKCS12KeyStore method cryptData.

protected byte[] cryptData(boolean forEncryption, AlgorithmIdentifier algId, char[] password, boolean wrongPKCS12Zero, byte[] data) throws IOException {
    String algorithm = algId.getObjectId().getId();
    PKCS12PBEParams pbeParams = new PKCS12PBEParams((ASN1Sequence) algId.getParameters());
    PBEKeySpec pbeSpec = new PBEKeySpec(password);
    try {
        SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm, bcProvider);
        PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
        JCEPBEKey key = (JCEPBEKey) keyFact.generateSecret(pbeSpec);
        key.setTryWrongPKCS12Zero(wrongPKCS12Zero);
        Cipher cipher = Cipher.getInstance(algorithm, bcProvider);
        int mode = forEncryption ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE;
        cipher.init(mode, key, defParams);
        return cipher.doFinal(data);
    } catch (Exception e) {
        throw new IOException("exception decrypting data - " + e.toString());
    }
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) PKCS12PBEParams(org.bouncycastle.asn1.pkcs.PKCS12PBEParams) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) Cipher(javax.crypto.Cipher) IOException(java.io.IOException) SecretKeyFactory(javax.crypto.SecretKeyFactory) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CertificateEncodingException(java.security.cert.CertificateEncodingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 14 with PKCS12PBEParams

use of com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams in project LinLong-Java by zhenwei1108.

the class JcePKCSPBEOutputEncryptorBuilder method build.

public OutputEncryptor build(final char[] password) throws OperatorCreationException {
    final Cipher cipher;
    SecretKey key;
    if (random == null) {
        random = new SecureRandom();
    }
    final AlgorithmIdentifier encryptionAlg;
    try {
        if (isPKCS12(algorithm)) {
            byte[] salt = new byte[20];
            random.nextBytes(salt);
            cipher = helper.createCipher(algorithm.getId());
            cipher.init(Cipher.ENCRYPT_MODE, new PKCS12KeyWithParameters(password, salt, iterationCount));
            encryptionAlg = new AlgorithmIdentifier(algorithm, new PKCS12PBEParams(salt, iterationCount));
        } else if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2)) {
            PBKDFConfig pbkDef = (pbkdf == null) ? pbkdfBuilder.build() : pbkdf;
            if (MiscObjectIdentifiers.id_scrypt.equals(pbkDef.getAlgorithm())) {
                ScryptConfig skdf = (ScryptConfig) pbkDef;
                byte[] salt = new byte[skdf.getSaltLength()];
                random.nextBytes(salt);
                ScryptParams params = new ScryptParams(salt, skdf.getCostParameter(), skdf.getBlockSize(), skdf.getParallelizationParameter());
                SecretKeyFactory keyFact = helper.createSecretKeyFactory("SCRYPT");
                key = keyFact.generateSecret(new ScryptKeySpec(password, salt, skdf.getCostParameter(), skdf.getBlockSize(), skdf.getParallelizationParameter(), keySizeProvider.getKeySize(new AlgorithmIdentifier(keyEncAlgorithm))));
                cipher = helper.createCipher(keyEncAlgorithm.getId());
                cipher.init(Cipher.ENCRYPT_MODE, simplifyPbeKey(key), random);
                AlgorithmParameters algP = cipher.getParameters();
                PBES2Parameters algParams;
                if (algP != null) {
                    algParams = new PBES2Parameters(new KeyDerivationFunc(MiscObjectIdentifiers.id_scrypt, params), new EncryptionScheme(keyEncAlgorithm, ASN1Primitive.fromByteArray(cipher.getParameters().getEncoded())));
                } else {
                    algParams = new PBES2Parameters(new KeyDerivationFunc(MiscObjectIdentifiers.id_scrypt, params), new EncryptionScheme(keyEncAlgorithm));
                }
                encryptionAlg = new AlgorithmIdentifier(algorithm, algParams);
            } else {
                PBKDF2Config pkdf = (PBKDF2Config) pbkDef;
                byte[] salt = new byte[pkdf.getSaltLength()];
                random.nextBytes(salt);
                SecretKeyFactory keyFact = helper.createSecretKeyFactory(JceUtils.getAlgorithm(pkdf.getPRF().getAlgorithm()));
                key = keyFact.generateSecret(new PBEKeySpec(password, salt, pkdf.getIterationCount(), keySizeProvider.getKeySize(new AlgorithmIdentifier(keyEncAlgorithm))));
                cipher = helper.createCipher(keyEncAlgorithm.getId());
                cipher.init(Cipher.ENCRYPT_MODE, simplifyPbeKey(key), random);
                AlgorithmParameters algP = cipher.getParameters();
                PBES2Parameters algParams;
                if (algP != null) {
                    algParams = new PBES2Parameters(new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, pkdf.getIterationCount(), pkdf.getPRF())), new EncryptionScheme(keyEncAlgorithm, ASN1Primitive.fromByteArray(cipher.getParameters().getEncoded())));
                } else {
                    algParams = new PBES2Parameters(new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, pkdf.getIterationCount(), pkdf.getPRF())), new EncryptionScheme(keyEncAlgorithm));
                }
                encryptionAlg = new AlgorithmIdentifier(algorithm, algParams);
            }
        } else {
            throw new OperatorCreationException("unrecognised algorithm");
        }
        return new OutputEncryptor() {

            public AlgorithmIdentifier getAlgorithmIdentifier() {
                return encryptionAlg;
            }

            public OutputStream getOutputStream(OutputStream out) {
                return new CipherOutputStream(out, cipher);
            }

            public GenericKey getKey() {
                if (isPKCS12(encryptionAlg.getAlgorithm())) {
                    return new GenericKey(encryptionAlg, PKCS12PasswordToBytes(password));
                } else {
                    return new GenericKey(encryptionAlg, PKCS5PasswordToBytes(password));
                }
            }
        };
    } catch (Exception e) {
        throw new OperatorCreationException("unable to create OutputEncryptor: " + e.getMessage(), e);
    }
}
Also used : PBKDF2Config(com.github.zhenwei.core.crypto.util.PBKDF2Config) PBEKeySpec(javax.crypto.spec.PBEKeySpec) EncryptionScheme(com.github.zhenwei.core.asn1.pkcs.EncryptionScheme) CipherOutputStream(com.github.zhenwei.provider.jcajce.io.CipherOutputStream) OutputStream(java.io.OutputStream) CipherOutputStream(com.github.zhenwei.provider.jcajce.io.CipherOutputStream) ScryptConfig(com.github.zhenwei.core.crypto.util.ScryptConfig) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) KeyDerivationFunc(com.github.zhenwei.core.asn1.pkcs.KeyDerivationFunc) PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params) GenericKey(com.github.zhenwei.pkix.operator.GenericKey) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) ScryptParams(com.github.zhenwei.core.asn1.misc.ScryptParams) SecretKeyFactory(javax.crypto.SecretKeyFactory) PKCS12KeyWithParameters(com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters) PBKDFConfig(com.github.zhenwei.core.crypto.util.PBKDFConfig) PBES2Parameters(com.github.zhenwei.core.asn1.pkcs.PBES2Parameters) SecureRandom(java.security.SecureRandom) ScryptKeySpec(com.github.zhenwei.provider.jcajce.spec.ScryptKeySpec) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) SecretKey(javax.crypto.SecretKey) PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams) Cipher(javax.crypto.Cipher) OutputEncryptor(com.github.zhenwei.pkix.operator.OutputEncryptor) AlgorithmParameters(java.security.AlgorithmParameters)

Example 15 with PKCS12PBEParams

use of com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams in project LinLong-Java by zhenwei1108.

the class BcPKCS12MacCalculatorBuilder method build.

public MacCalculator build(final char[] password) {
    if (random == null) {
        random = new SecureRandom();
    }
    byte[] salt = new byte[saltLength];
    random.nextBytes(salt);
    return PKCS12PBEUtils.createMacCalculator(algorithmIdentifier.getAlgorithm(), digest, new PKCS12PBEParams(salt, iterationCount), password);
}
Also used : PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams) SecureRandom(java.security.SecureRandom)

Aggregations

PKCS12PBEParams (com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)13 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)11 IOException (java.io.IOException)11 Cipher (javax.crypto.Cipher)10 PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)10 KeyStoreException (java.security.KeyStoreException)9 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9 UnrecoverableKeyException (java.security.UnrecoverableKeyException)9 CertificateEncodingException (java.security.cert.CertificateEncodingException)9 CertificateException (java.security.cert.CertificateException)9 SecretKey (javax.crypto.SecretKey)7 SecretKeyFactory (javax.crypto.SecretKeyFactory)7 PBEKeySpec (javax.crypto.spec.PBEKeySpec)7 GenericKey (com.github.zhenwei.pkix.operator.GenericKey)6 PKCS12PBEParams (org.bouncycastle.asn1.pkcs.PKCS12PBEParams)6 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)5 OperatorCreationException (com.github.zhenwei.pkix.operator.OperatorCreationException)5 PrivateKey (java.security.PrivateKey)5 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)5 DEROctetString (org.bouncycastle.asn1.DEROctetString)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial