Search in sources :

Example 1 with RC2CBCParameter

use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project jruby-openssl by jruby.

the class PEMInputOutput method derivePrivateKeyPBES2.

private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, InvalidCipherTextException {
    PBES2Parameters pbeParams = PBES2Parameters.getInstance((ASN1Sequence) algId.getParameters());
    CipherParameters cipherParams = extractPBES2CipherParams(password, pbeParams);
    EncryptionScheme scheme = pbeParams.getEncryptionScheme();
    BufferedBlockCipher cipher;
    if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
        RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme);
        byte[] iv = rc2Params.getIV();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
        cipher.init(false, param);
    } else {
        byte[] iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
        cipher.init(false, param);
    }
    byte[] data = eIn.getEncryptedData();
    byte[] out = new byte[cipher.getOutputSize(data.length)];
    int len = cipher.processBytes(data, 0, data.length, out, 0);
    len += cipher.doFinal(out, len);
    byte[] pkcs8 = new byte[len];
    System.arraycopy(out, 0, pkcs8, 0, len);
    // It seems to work for both RSA and DSA.
    KeyFactory fact = SecurityHelper.getKeyFactory("RSA");
    return fact.generatePrivate(new PKCS8EncodedKeySpec(pkcs8));
}
Also used : PBES2Parameters(org.bouncycastle.asn1.pkcs.PBES2Parameters) EncryptionScheme(org.bouncycastle.asn1.pkcs.EncryptionScheme) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) RC2Engine(org.bouncycastle.crypto.engines.RC2Engine) RC2CBCParameter(org.bouncycastle.asn1.pkcs.RC2CBCParameter) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) DESedeEngine(org.bouncycastle.crypto.engines.DESedeEngine) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyFactory(java.security.KeyFactory)

Example 2 with RC2CBCParameter

use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project LinLong-Java by zhenwei1108.

the class EnvelopedDataHelper method getAlgorithmIdentifier.

public AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier macOID, AlgorithmParameterSpec paramSpec) {
    if (paramSpec instanceof IvParameterSpec) {
        return new AlgorithmIdentifier(macOID, new DEROctetString(((IvParameterSpec) paramSpec).getIV()));
    }
    if (paramSpec instanceof RC2ParameterSpec) {
        RC2ParameterSpec rc2Spec = (RC2ParameterSpec) paramSpec;
        int effKeyBits = ((RC2ParameterSpec) paramSpec).getEffectiveKeyBits();
        if (effKeyBits != -1) {
            int parameterVersion;
            if (effKeyBits < 256) {
                parameterVersion = rc2Table[effKeyBits];
            } else {
                parameterVersion = effKeyBits;
            }
            return new AlgorithmIdentifier(macOID, new RC2CBCParameter(parameterVersion, rc2Spec.getIV()));
        }
        return new AlgorithmIdentifier(macOID, new RC2CBCParameter(rc2Spec.getIV()));
    }
    throw new IllegalStateException("unknown parameter spec: " + paramSpec);
}
Also used : IvParameterSpec(javax.crypto.spec.IvParameterSpec) RC2ParameterSpec(javax.crypto.spec.RC2ParameterSpec) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) RC2CBCParameter(com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 3 with RC2CBCParameter

use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project xwiki-commons by xwiki.

the class BcPBES2Rc2CipherFactory method getInstance.

@Override
protected PasswordBasedCipher getInstance(boolean forEncryption, byte[] password, KeyDerivationFunc kdfParams, EncryptionScheme scheme) {
    KeyDerivationFunction kdf = getKeyDerivationFunction(kdfParams);
    RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme.getParameters());
    return getPasswordBasedCipher(forEncryption, kdf, getRC2CipherParameters(password, rc2Params, kdf));
}
Also used : KeyDerivationFunction(org.xwiki.crypto.password.KeyDerivationFunction) RC2CBCParameter(org.bouncycastle.asn1.pkcs.RC2CBCParameter)

Example 4 with RC2CBCParameter

use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project LinLong-Java by zhenwei1108.

the class CipherFactory method createContentCipher.

/**
 * Create a content cipher for encrypting bulk data.
 *
 * @param forEncryption   true if the cipher is for encryption, false otherwise.
 * @param encKey          the basic key to use.
 * @param encryptionAlgID identifying algorithm OID and parameters to use.
 * @return a StreamCipher or a BufferedBlockCipher depending on the algorithm.
 * @throws IllegalArgumentException
 */
public static Object createContentCipher(boolean forEncryption, CipherParameters encKey, AlgorithmIdentifier encryptionAlgID) throws IllegalArgumentException {
    ASN1ObjectIdentifier encAlg = encryptionAlgID.getAlgorithm();
    if (encAlg.equals(PKCSObjectIdentifiers.rc4)) {
        StreamCipher cipher = new RC4Engine();
        cipher.init(forEncryption, encKey);
        return cipher;
    } else if (encAlg.equals(NISTObjectIdentifiers.id_aes128_GCM) || encAlg.equals(NISTObjectIdentifiers.id_aes192_GCM) || encAlg.equals(NISTObjectIdentifiers.id_aes256_GCM)) {
        AEADBlockCipher cipher = createAEADCipher(encryptionAlgID.getAlgorithm());
        GCMParameters gcmParameters = GCMParameters.getInstance(encryptionAlgID.getParameters());
        if (!(encKey instanceof KeyParameter)) {
            throw new IllegalArgumentException("key data must be accessible for GCM operation");
        }
        AEADParameters aeadParameters = new AEADParameters((KeyParameter) encKey, gcmParameters.getIcvLen() * 8, gcmParameters.getNonce());
        cipher.init(forEncryption, aeadParameters);
        return cipher;
    } else if (encAlg.equals(NISTObjectIdentifiers.id_aes128_CCM) || encAlg.equals(NISTObjectIdentifiers.id_aes192_CCM) || encAlg.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
        AEADBlockCipher cipher = createAEADCipher(encryptionAlgID.getAlgorithm());
        CCMParameters ccmParameters = CCMParameters.getInstance(encryptionAlgID.getParameters());
        if (!(encKey instanceof KeyParameter)) {
            throw new IllegalArgumentException("key data must be accessible for GCM operation");
        }
        AEADParameters aeadParameters = new AEADParameters((KeyParameter) encKey, ccmParameters.getIcvLen() * 8, ccmParameters.getNonce());
        cipher.init(forEncryption, aeadParameters);
        return cipher;
    } else {
        BufferedBlockCipher cipher = createCipher(encryptionAlgID.getAlgorithm());
        ASN1Primitive sParams = encryptionAlgID.getParameters().toASN1Primitive();
        if (sParams != null && !(sParams instanceof ASN1Null)) {
            if (encAlg.equals(PKCSObjectIdentifiers.des_EDE3_CBC) || encAlg.equals(AlgorithmIdentifierFactory.IDEA_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes128_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes192_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes256_CBC) || encAlg.equals(NTTObjectIdentifiers.id_camellia128_cbc) || encAlg.equals(NTTObjectIdentifiers.id_camellia192_cbc) || encAlg.equals(NTTObjectIdentifiers.id_camellia256_cbc) || encAlg.equals(KISAObjectIdentifiers.id_seedCBC) || encAlg.equals(OIWObjectIdentifiers.desCBC)) {
                cipher.init(forEncryption, new ParametersWithIV(encKey, ASN1OctetString.getInstance(sParams).getOctets()));
            } else if (encAlg.equals(AlgorithmIdentifierFactory.CAST5_CBC)) {
                CAST5CBCParameters cbcParams = CAST5CBCParameters.getInstance(sParams);
                cipher.init(forEncryption, new ParametersWithIV(encKey, cbcParams.getIV()));
            } else if (encAlg.equals(PKCSObjectIdentifiers.RC2_CBC)) {
                RC2CBCParameter cbcParams = RC2CBCParameter.getInstance(sParams);
                cipher.init(forEncryption, new ParametersWithIV(new RC2Parameters(((KeyParameter) encKey).getKey(), rc2Ekb[cbcParams.getRC2ParameterVersion().intValue()]), cbcParams.getIV()));
            } else {
                throw new IllegalArgumentException("cannot match parameters");
            }
        } else {
            if (encAlg.equals(PKCSObjectIdentifiers.des_EDE3_CBC) || encAlg.equals(AlgorithmIdentifierFactory.IDEA_CBC) || encAlg.equals(AlgorithmIdentifierFactory.CAST5_CBC)) {
                cipher.init(forEncryption, new ParametersWithIV(encKey, new byte[8]));
            } else {
                cipher.init(forEncryption, encKey);
            }
        }
        return cipher;
    }
}
Also used : RC2Parameters(com.github.zhenwei.core.crypto.params.RC2Parameters) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) CAST5CBCParameters(com.github.zhenwei.core.asn1.misc.CAST5CBCParameters) CCMParameters(com.github.zhenwei.core.internal.asn1.cms.CCMParameters) RC2CBCParameter(com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter) ParametersWithIV(com.github.zhenwei.core.crypto.params.ParametersWithIV) GCMParameters(com.github.zhenwei.core.internal.asn1.cms.GCMParameters) AEADParameters(com.github.zhenwei.core.crypto.params.AEADParameters) BufferedBlockCipher(com.github.zhenwei.core.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(com.github.zhenwei.core.crypto.paddings.PaddedBufferedBlockCipher) StreamCipher(com.github.zhenwei.core.crypto.StreamCipher) ASN1Primitive(com.github.zhenwei.core.asn1.ASN1Primitive) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) RC4Engine(com.github.zhenwei.core.crypto.engines.RC4Engine) AEADBlockCipher(com.github.zhenwei.core.crypto.modes.AEADBlockCipher) ASN1Null(com.github.zhenwei.core.asn1.ASN1Null)

Example 5 with RC2CBCParameter

use of com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter in project LinLong-Java by zhenwei1108.

the class AlgorithmIdentifierFactory method generateEncryptionAlgID.

/**
 * Create an AlgorithmIdentifier for the passed in encryption algorithm.
 *
 * @param encryptionOID OID for the encryption algorithm
 * @param keySize       key size in bits (-1 if unknown)
 * @param random        SecureRandom to use for parameter generation.
 * @return a full AlgorithmIdentifier including parameters
 * @throws IllegalArgumentException if encryptionOID cannot be matched
 */
public static AlgorithmIdentifier generateEncryptionAlgID(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random) throws IllegalArgumentException {
    if (encryptionOID.equals(NISTObjectIdentifiers.id_aes128_CBC) || encryptionOID.equals(NISTObjectIdentifiers.id_aes192_CBC) || encryptionOID.equals(NISTObjectIdentifiers.id_aes256_CBC) || encryptionOID.equals(NTTObjectIdentifiers.id_camellia128_cbc) || encryptionOID.equals(NTTObjectIdentifiers.id_camellia192_cbc) || encryptionOID.equals(NTTObjectIdentifiers.id_camellia256_cbc) || encryptionOID.equals(KISAObjectIdentifiers.id_seedCBC)) {
        byte[] iv = new byte[16];
        random.nextBytes(iv);
        return new AlgorithmIdentifier(encryptionOID, new DEROctetString(iv));
    } else if (encryptionOID.equals(NISTObjectIdentifiers.id_aes128_GCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes192_GCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes256_GCM)) {
        byte[] iv = new byte[12];
        random.nextBytes(iv);
        return new AlgorithmIdentifier(encryptionOID, new GCMParameters(iv, 16));
    } else if (encryptionOID.equals(NISTObjectIdentifiers.id_aes128_CCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes192_CCM) || encryptionOID.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
        byte[] iv = new byte[8];
        random.nextBytes(iv);
        return new AlgorithmIdentifier(encryptionOID, new CCMParameters(iv, 16));
    } else if (encryptionOID.equals(PKCSObjectIdentifiers.des_EDE3_CBC) || encryptionOID.equals(IDEA_CBC) || encryptionOID.equals(OIWObjectIdentifiers.desCBC)) {
        byte[] iv = new byte[8];
        random.nextBytes(iv);
        return new AlgorithmIdentifier(encryptionOID, new DEROctetString(iv));
    } else if (encryptionOID.equals(CAST5_CBC)) {
        byte[] iv = new byte[8];
        random.nextBytes(iv);
        CAST5CBCParameters cbcParams = new CAST5CBCParameters(iv, keySize);
        return new AlgorithmIdentifier(encryptionOID, cbcParams);
    } else if (encryptionOID.equals(PKCSObjectIdentifiers.rc4)) {
        return new AlgorithmIdentifier(encryptionOID, DERNull.INSTANCE);
    } else if (encryptionOID.equals(PKCSObjectIdentifiers.RC2_CBC)) {
        byte[] iv = new byte[8];
        random.nextBytes(iv);
        RC2CBCParameter cbcParams = new RC2CBCParameter(rc2Table[128], iv);
        return new AlgorithmIdentifier(encryptionOID, cbcParams);
    } else {
        throw new IllegalArgumentException("unable to match algorithm");
    }
}
Also used : GCMParameters(com.github.zhenwei.core.internal.asn1.cms.GCMParameters) CAST5CBCParameters(com.github.zhenwei.core.asn1.misc.CAST5CBCParameters) CCMParameters(com.github.zhenwei.core.internal.asn1.cms.CCMParameters) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) RC2CBCParameter(com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Aggregations

RC2CBCParameter (com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter)3 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)2 CAST5CBCParameters (com.github.zhenwei.core.asn1.misc.CAST5CBCParameters)2 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)2 CCMParameters (com.github.zhenwei.core.internal.asn1.cms.CCMParameters)2 GCMParameters (com.github.zhenwei.core.internal.asn1.cms.GCMParameters)2 RC2CBCParameter (org.bouncycastle.asn1.pkcs.RC2CBCParameter)2 ASN1Null (com.github.zhenwei.core.asn1.ASN1Null)1 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)1 ASN1Primitive (com.github.zhenwei.core.asn1.ASN1Primitive)1 BufferedBlockCipher (com.github.zhenwei.core.crypto.BufferedBlockCipher)1 StreamCipher (com.github.zhenwei.core.crypto.StreamCipher)1 RC4Engine (com.github.zhenwei.core.crypto.engines.RC4Engine)1 AEADBlockCipher (com.github.zhenwei.core.crypto.modes.AEADBlockCipher)1 PaddedBufferedBlockCipher (com.github.zhenwei.core.crypto.paddings.PaddedBufferedBlockCipher)1 AEADParameters (com.github.zhenwei.core.crypto.params.AEADParameters)1 KeyParameter (com.github.zhenwei.core.crypto.params.KeyParameter)1 ParametersWithIV (com.github.zhenwei.core.crypto.params.ParametersWithIV)1 RC2Parameters (com.github.zhenwei.core.crypto.params.RC2Parameters)1 KeyFactory (java.security.KeyFactory)1