use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project jruby-openssl by jruby.
the class PEMInputOutput method derivePrivateKeyPBES2.
private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, InvalidCipherTextException {
PBES2Parameters pbeParams = PBES2Parameters.getInstance((ASN1Sequence) algId.getParameters());
CipherParameters cipherParams = extractPBES2CipherParams(password, pbeParams);
EncryptionScheme scheme = pbeParams.getEncryptionScheme();
BufferedBlockCipher cipher;
if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme);
byte[] iv = rc2Params.getIV();
CipherParameters param = new ParametersWithIV(cipherParams, iv);
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
cipher.init(false, param);
} else {
byte[] iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
CipherParameters param = new ParametersWithIV(cipherParams, iv);
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
cipher.init(false, param);
}
byte[] data = eIn.getEncryptedData();
byte[] out = new byte[cipher.getOutputSize(data.length)];
int len = cipher.processBytes(data, 0, data.length, out, 0);
len += cipher.doFinal(out, len);
byte[] pkcs8 = new byte[len];
System.arraycopy(out, 0, pkcs8, 0, len);
// It seems to work for both RSA and DSA.
KeyFactory fact = SecurityHelper.getKeyFactory("RSA");
return fact.generatePrivate(new PKCS8EncodedKeySpec(pkcs8));
}
use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project LinLong-Java by zhenwei1108.
the class EnvelopedDataHelper method getAlgorithmIdentifier.
public AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier macOID, AlgorithmParameterSpec paramSpec) {
if (paramSpec instanceof IvParameterSpec) {
return new AlgorithmIdentifier(macOID, new DEROctetString(((IvParameterSpec) paramSpec).getIV()));
}
if (paramSpec instanceof RC2ParameterSpec) {
RC2ParameterSpec rc2Spec = (RC2ParameterSpec) paramSpec;
int effKeyBits = ((RC2ParameterSpec) paramSpec).getEffectiveKeyBits();
if (effKeyBits != -1) {
int parameterVersion;
if (effKeyBits < 256) {
parameterVersion = rc2Table[effKeyBits];
} else {
parameterVersion = effKeyBits;
}
return new AlgorithmIdentifier(macOID, new RC2CBCParameter(parameterVersion, rc2Spec.getIV()));
}
return new AlgorithmIdentifier(macOID, new RC2CBCParameter(rc2Spec.getIV()));
}
throw new IllegalStateException("unknown parameter spec: " + paramSpec);
}
use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project xwiki-commons by xwiki.
the class BcPBES2Rc2CipherFactory method getInstance.
@Override
protected PasswordBasedCipher getInstance(boolean forEncryption, byte[] password, KeyDerivationFunc kdfParams, EncryptionScheme scheme) {
KeyDerivationFunction kdf = getKeyDerivationFunction(kdfParams);
RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme.getParameters());
return getPasswordBasedCipher(forEncryption, kdf, getRC2CipherParameters(password, rc2Params, kdf));
}
use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project LinLong-Java by zhenwei1108.
the class CipherFactory method createContentCipher.
/**
* Create a content cipher for encrypting bulk data.
*
* @param forEncryption true if the cipher is for encryption, false otherwise.
* @param encKey the basic key to use.
* @param encryptionAlgID identifying algorithm OID and parameters to use.
* @return a StreamCipher or a BufferedBlockCipher depending on the algorithm.
* @throws IllegalArgumentException
*/
public static Object createContentCipher(boolean forEncryption, CipherParameters encKey, AlgorithmIdentifier encryptionAlgID) throws IllegalArgumentException {
ASN1ObjectIdentifier encAlg = encryptionAlgID.getAlgorithm();
if (encAlg.equals(PKCSObjectIdentifiers.rc4)) {
StreamCipher cipher = new RC4Engine();
cipher.init(forEncryption, encKey);
return cipher;
} else if (encAlg.equals(NISTObjectIdentifiers.id_aes128_GCM) || encAlg.equals(NISTObjectIdentifiers.id_aes192_GCM) || encAlg.equals(NISTObjectIdentifiers.id_aes256_GCM)) {
AEADBlockCipher cipher = createAEADCipher(encryptionAlgID.getAlgorithm());
GCMParameters gcmParameters = GCMParameters.getInstance(encryptionAlgID.getParameters());
if (!(encKey instanceof KeyParameter)) {
throw new IllegalArgumentException("key data must be accessible for GCM operation");
}
AEADParameters aeadParameters = new AEADParameters((KeyParameter) encKey, gcmParameters.getIcvLen() * 8, gcmParameters.getNonce());
cipher.init(forEncryption, aeadParameters);
return cipher;
} else if (encAlg.equals(NISTObjectIdentifiers.id_aes128_CCM) || encAlg.equals(NISTObjectIdentifiers.id_aes192_CCM) || encAlg.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
AEADBlockCipher cipher = createAEADCipher(encryptionAlgID.getAlgorithm());
CCMParameters ccmParameters = CCMParameters.getInstance(encryptionAlgID.getParameters());
if (!(encKey instanceof KeyParameter)) {
throw new IllegalArgumentException("key data must be accessible for GCM operation");
}
AEADParameters aeadParameters = new AEADParameters((KeyParameter) encKey, ccmParameters.getIcvLen() * 8, ccmParameters.getNonce());
cipher.init(forEncryption, aeadParameters);
return cipher;
} else {
BufferedBlockCipher cipher = createCipher(encryptionAlgID.getAlgorithm());
ASN1Primitive sParams = encryptionAlgID.getParameters().toASN1Primitive();
if (sParams != null && !(sParams instanceof ASN1Null)) {
if (encAlg.equals(PKCSObjectIdentifiers.des_EDE3_CBC) || encAlg.equals(AlgorithmIdentifierFactory.IDEA_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes128_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes192_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes256_CBC) || encAlg.equals(NTTObjectIdentifiers.id_camellia128_cbc) || encAlg.equals(NTTObjectIdentifiers.id_camellia192_cbc) || encAlg.equals(NTTObjectIdentifiers.id_camellia256_cbc) || encAlg.equals(KISAObjectIdentifiers.id_seedCBC) || encAlg.equals(OIWObjectIdentifiers.desCBC)) {
cipher.init(forEncryption, new ParametersWithIV(encKey, ASN1OctetString.getInstance(sParams).getOctets()));
} else if (encAlg.equals(AlgorithmIdentifierFactory.CAST5_CBC)) {
CAST5CBCParameters cbcParams = CAST5CBCParameters.getInstance(sParams);
cipher.init(forEncryption, new ParametersWithIV(encKey, cbcParams.getIV()));
} else if (encAlg.equals(PKCSObjectIdentifiers.RC2_CBC)) {
RC2CBCParameter cbcParams = RC2CBCParameter.getInstance(sParams);
cipher.init(forEncryption, new ParametersWithIV(new RC2Parameters(((KeyParameter) encKey).getKey(), rc2Ekb[cbcParams.getRC2ParameterVersion().intValue()]), cbcParams.getIV()));
} else {
throw new IllegalArgumentException("cannot match parameters");
}
} else {
if (encAlg.equals(PKCSObjectIdentifiers.des_EDE3_CBC) || encAlg.equals(AlgorithmIdentifierFactory.IDEA_CBC) || encAlg.equals(AlgorithmIdentifierFactory.CAST5_CBC)) {
cipher.init(forEncryption, new ParametersWithIV(encKey, new byte[8]));
} else {
cipher.init(forEncryption, encKey);
}
}
return cipher;
}
}
use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project LinLong-Java by zhenwei1108.
the class AlgorithmIdentifierFactory method generateEncryptionAlgID.
/**
* Create an AlgorithmIdentifier for the passed in encryption algorithm.
*
* @param encryptionOID OID for the encryption algorithm
* @param keySize key size in bits (-1 if unknown)
* @param random SecureRandom to use for parameter generation.
* @return a full AlgorithmIdentifier including parameters
* @throws IllegalArgumentException if encryptionOID cannot be matched
*/
public static AlgorithmIdentifier generateEncryptionAlgID(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random) throws IllegalArgumentException {
if (encryptionOID.equals(NISTObjectIdentifiers.id_aes128_CBC) || encryptionOID.equals(NISTObjectIdentifiers.id_aes192_CBC) || encryptionOID.equals(NISTObjectIdentifiers.id_aes256_CBC) || encryptionOID.equals(NTTObjectIdentifiers.id_camellia128_cbc) || encryptionOID.equals(NTTObjectIdentifiers.id_camellia192_cbc) || encryptionOID.equals(NTTObjectIdentifiers.id_camellia256_cbc) || encryptionOID.equals(KISAObjectIdentifiers.id_seedCBC)) {
byte[] iv = new byte[16];
random.nextBytes(iv);
return new AlgorithmIdentifier(encryptionOID, new DEROctetString(iv));
} else if (encryptionOID.equals(NISTObjectIdentifiers.id_aes128_GCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes192_GCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes256_GCM)) {
byte[] iv = new byte[12];
random.nextBytes(iv);
return new AlgorithmIdentifier(encryptionOID, new GCMParameters(iv, 16));
} else if (encryptionOID.equals(NISTObjectIdentifiers.id_aes128_CCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes192_CCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
byte[] iv = new byte[8];
random.nextBytes(iv);
return new AlgorithmIdentifier(encryptionOID, new CCMParameters(iv, 16));
} else if (encryptionOID.equals(PKCSObjectIdentifiers.des_EDE3_CBC) || encryptionOID.equals(IDEA_CBC) || encryptionOID.equals(OIWObjectIdentifiers.desCBC)) {
byte[] iv = new byte[8];
random.nextBytes(iv);
return new AlgorithmIdentifier(encryptionOID, new DEROctetString(iv));
} else if (encryptionOID.equals(CAST5_CBC)) {
byte[] iv = new byte[8];
random.nextBytes(iv);
CAST5CBCParameters cbcParams = new CAST5CBCParameters(iv, keySize);
return new AlgorithmIdentifier(encryptionOID, cbcParams);
} else if (encryptionOID.equals(PKCSObjectIdentifiers.rc4)) {
return new AlgorithmIdentifier(encryptionOID, DERNull.INSTANCE);
} else if (encryptionOID.equals(PKCSObjectIdentifiers.RC2_CBC)) {
byte[] iv = new byte[8];
random.nextBytes(iv);
RC2CBCParameter cbcParams = new RC2CBCParameter(rc2Table[128], iv);
return new AlgorithmIdentifier(encryptionOID, cbcParams);
} else {
throw new IllegalArgumentException("unable to match algorithm");
}
}
Aggregations