Example 1 with PBEParametersGenerator
use of com.github.zhenwei.core.crypto.PBEParametersGenerator in project LinLong-Java by zhenwei1108.
the class SCrypt method SingleIterationPBKDF2.
private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen) {
PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA256Digest());
pGen.init(P, S, 1);
KeyParameter key = (KeyParameter) pGen.generateDerivedMacParameters(dkLen * 8);
return key.getKey();
}
Also used :
SHA256Digest(com.github.zhenwei.core.crypto.digests.SHA256Digest)
KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter)
PBEParametersGenerator(com.github.zhenwei.core.crypto.PBEParametersGenerator)
Example 2 with PBEParametersGenerator
use of com.github.zhenwei.core.crypto.PBEParametersGenerator in project LinLong-Java by zhenwei1108.
the class PEMUtilities method getKey.
private static KeyParameter getKey(char[] password, int keyLength, byte[] salt, boolean des2) throws PEMException {
PBEParametersGenerator paramsGen = new OpenSSLPBEParametersGenerator();
paramsGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, 1);
KeyParameter kp = (KeyParameter) paramsGen.generateDerivedParameters(keyLength * 8);
if (des2 && kp.getKey().length == 24) {
// For DES2, we must copy first 8 bytes into the last 8 bytes.
byte[] key = kp.getKey();
System.arraycopy(key, 0, key, 16, 8);
return new KeyParameter(key);
}
return kp;
}
Also used :
KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter)
OpenSSLPBEParametersGenerator(com.github.zhenwei.core.crypto.generators.OpenSSLPBEParametersGenerator)
PBEParametersGenerator(com.github.zhenwei.core.crypto.PBEParametersGenerator)
OpenSSLPBEParametersGenerator(com.github.zhenwei.core.crypto.generators.OpenSSLPBEParametersGenerator)
Example 3 with PBEParametersGenerator
use of com.github.zhenwei.core.crypto.PBEParametersGenerator in project LinLong-Java by zhenwei1108.
the class PEMUtilities method generateSecretKeyForPKCS5Scheme2.
public static KeyParameter generateSecretKeyForPKCS5Scheme2(String algorithm, char[] password, byte[] salt, int iterationCount) {
PBEParametersGenerator paramsGen = new PKCS5S2ParametersGenerator(new SHA1Digest());
paramsGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, iterationCount);
return (KeyParameter) paramsGen.generateDerivedParameters(PEMUtilities.getKeySize(algorithm));
}
Also used :
PKCS5S2ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator)
SHA1Digest(com.github.zhenwei.core.crypto.digests.SHA1Digest)
KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter)
OpenSSLPBEParametersGenerator(com.github.zhenwei.core.crypto.generators.OpenSSLPBEParametersGenerator)
PBEParametersGenerator(com.github.zhenwei.core.crypto.PBEParametersGenerator)
Example 4 with PBEParametersGenerator
use of com.github.zhenwei.core.crypto.PBEParametersGenerator in project LinLong-Java by zhenwei1108.
the class BcKeyStoreSpi method engineStore.
public void engineStore(OutputStream stream, char[] password) throws IOException {
DataOutputStream dOut = new DataOutputStream(stream);
byte[] salt = new byte[STORE_SALT_SIZE];
int iterationCount = MIN_ITERATIONS + (random.nextInt() & 0x3ff);
random.nextBytes(salt);
dOut.writeInt(version);
dOut.writeInt(salt.length);
dOut.write(salt);
dOut.writeInt(iterationCount);
HMac hMac = new HMac(new SHA1Digest());
MacOutputStream mOut = new MacOutputStream(hMac);
PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest());
byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password);
pbeGen.init(passKey, salt, iterationCount);
if (version < 2) {
hMac.init(pbeGen.generateDerivedMacParameters(hMac.getMacSize()));
} else {
hMac.init(pbeGen.generateDerivedMacParameters(hMac.getMacSize() * 8));
}
for (int i = 0; i != passKey.length; i++) {
passKey[i] = 0;
}
saveStore(new TeeOutputStream(dOut, mOut));
byte[] mac = new byte[hMac.getMacSize()];
hMac.doFinal(mac, 0);
dOut.write(mac);
dOut.close();
}
Also used :
TeeOutputStream(com.github.zhenwei.core.util.io.TeeOutputStream)
PKCS12ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS12ParametersGenerator)
DataOutputStream(java.io.DataOutputStream)
HMac(com.github.zhenwei.core.crypto.macs.HMac)
SHA1Digest(com.github.zhenwei.core.crypto.digests.SHA1Digest)
MacOutputStream(com.github.zhenwei.core.crypto.io.MacOutputStream)
PBEParametersGenerator(com.github.zhenwei.core.crypto.PBEParametersGenerator)
Example 5 with PBEParametersGenerator
use of com.github.zhenwei.core.crypto.PBEParametersGenerator in project LinLong-Java by zhenwei1108.
the class BcKeyStoreSpi method engineLoad.
public void engineLoad(InputStream stream, char[] password) throws IOException {
table.clear();
if (// just initialising
stream == null) {
return;
}
DataInputStream dIn = new DataInputStream(stream);
int version = dIn.readInt();
if (version != STORE_VERSION) {
if (version != 0 && version != 1) {
throw new IOException("Wrong version of key store.");
}
}
int saltLength = dIn.readInt();
if (saltLength <= 0) {
throw new IOException("Invalid salt detected");
}
byte[] salt = new byte[saltLength];
dIn.readFully(salt);
int iterationCount = dIn.readInt();
//
// we only do an integrity check if the password is provided.
//
HMac hMac = new HMac(new SHA1Digest());
if (password != null && password.length != 0) {
byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password);
PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest());
pbeGen.init(passKey, salt, iterationCount);
CipherParameters macParams;
if (version != 2) {
macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize());
} else {
macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize() * 8);
}
Arrays.fill(passKey, (byte) 0);
hMac.init(macParams);
MacInputStream mIn = new MacInputStream(dIn, hMac);
loadStore(mIn);
// Finalise our mac calculation
byte[] mac = new byte[hMac.getMacSize()];
hMac.doFinal(mac, 0);
// TODO Should this actually be reading the remainder of the stream?
// Read the original mac from the stream
byte[] oldMac = new byte[hMac.getMacSize()];
dIn.readFully(oldMac);
if (!Arrays.constantTimeAreEqual(mac, oldMac)) {
table.clear();
throw new IOException("KeyStore integrity check failed.");
}
} else {
loadStore(dIn);
// TODO Should this actually be reading the remainder of the stream?
// Parse the original mac from the stream too
byte[] oldMac = new byte[hMac.getMacSize()];
dIn.readFully(oldMac);
}
}
Also used :
CipherParameters(com.github.zhenwei.core.crypto.CipherParameters)
MacInputStream(com.github.zhenwei.core.crypto.io.MacInputStream)
PKCS12ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS12ParametersGenerator)
HMac(com.github.zhenwei.core.crypto.macs.HMac)
SHA1Digest(com.github.zhenwei.core.crypto.digests.SHA1Digest)
IOException(java.io.IOException)
DataInputStream(java.io.DataInputStream)
PBEParametersGenerator(com.github.zhenwei.core.crypto.PBEParametersGenerator)
Aggregations
PBEParametersGenerator (com.github.zhenwei.core.crypto.PBEParametersGenerator)5
SHA1Digest (com.github.zhenwei.core.crypto.digests.SHA1Digest)3
KeyParameter (com.github.zhenwei.core.crypto.params.KeyParameter)3
OpenSSLPBEParametersGenerator (com.github.zhenwei.core.crypto.generators.OpenSSLPBEParametersGenerator)2
PKCS12ParametersGenerator (com.github.zhenwei.core.crypto.generators.PKCS12ParametersGenerator)2
HMac (com.github.zhenwei.core.crypto.macs.HMac)2
CipherParameters (com.github.zhenwei.core.crypto.CipherParameters)1
SHA256Digest (com.github.zhenwei.core.crypto.digests.SHA256Digest)1
PKCS5S2ParametersGenerator (com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator)1
MacInputStream (com.github.zhenwei.core.crypto.io.MacInputStream)1
MacOutputStream (com.github.zhenwei.core.crypto.io.MacOutputStream)1
TeeOutputStream (com.github.zhenwei.core.util.io.TeeOutputStream)1
DataInputStream (java.io.DataInputStream)1
DataOutputStream (java.io.DataOutputStream)1
IOException (java.io.IOException)1
