Search in sources :

Example 1 with PKCS5S2ParametersGenerator

use of com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator in project LinLong-Java by zhenwei1108.

the class BcPasswordRecipient method calculateDerivedKey.

public byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize) throws CMSException {
    PBKDF2Params params = PBKDF2Params.getInstance(derivationAlgorithm.getParameters());
    byte[] encodedPassword = (schemeID == PasswordRecipient.PKCS5_SCHEME2) ? PBEParametersGenerator.PKCS5PasswordToBytes(password) : PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password);
    try {
        PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(EnvelopedDataHelper.getPRF(params.getPrf()));
        gen.init(encodedPassword, params.getSalt(), params.getIterationCount().intValue());
        return ((KeyParameter) gen.generateDerivedParameters(keySize)).getKey();
    } catch (Exception e) {
        throw new CMSException("exception creating derived key: " + e.getMessage(), e);
    }
}
Also used : PKCS5S2ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params) CMSException(com.github.zhenwei.pkix.cms.CMSException) InvalidCipherTextException(com.github.zhenwei.core.crypto.InvalidCipherTextException) CMSException(com.github.zhenwei.pkix.cms.CMSException)

Example 2 with PKCS5S2ParametersGenerator

use of com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator in project LinLong-Java by zhenwei1108.

the class BcPasswordRecipientInfoGenerator method calculateDerivedKey.

protected byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize) throws CMSException {
    PBKDF2Params params = PBKDF2Params.getInstance(derivationAlgorithm.getParameters());
    byte[] encodedPassword = (schemeID == PasswordRecipient.PKCS5_SCHEME2) ? PBEParametersGenerator.PKCS5PasswordToBytes(password) : PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password);
    try {
        PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(EnvelopedDataHelper.getPRF(params.getPrf()));
        gen.init(encodedPassword, params.getSalt(), params.getIterationCount().intValue());
        return ((KeyParameter) gen.generateDerivedParameters(keySize)).getKey();
    } catch (Exception e) {
        throw new CMSException("exception creating derived key: " + e.getMessage(), e);
    }
}
Also used : PKCS5S2ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params) CMSException(com.github.zhenwei.pkix.cms.CMSException) CMSException(com.github.zhenwei.pkix.cms.CMSException)

Example 3 with PKCS5S2ParametersGenerator

use of com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator in project LinLong-Java by zhenwei1108.

the class PEMUtilities method generateSecretKeyForPKCS5Scheme2.

public static KeyParameter generateSecretKeyForPKCS5Scheme2(String algorithm, char[] password, byte[] salt, int iterationCount) {
    PBEParametersGenerator paramsGen = new PKCS5S2ParametersGenerator(new SHA1Digest());
    paramsGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, iterationCount);
    return (KeyParameter) paramsGen.generateDerivedParameters(PEMUtilities.getKeySize(algorithm));
}
Also used : PKCS5S2ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator) SHA1Digest(com.github.zhenwei.core.crypto.digests.SHA1Digest) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) OpenSSLPBEParametersGenerator(com.github.zhenwei.core.crypto.generators.OpenSSLPBEParametersGenerator) PBEParametersGenerator(com.github.zhenwei.core.crypto.PBEParametersGenerator)

Example 4 with PKCS5S2ParametersGenerator

use of com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method generateKey.

private byte[] generateKey(KeyDerivationFunc pbkdAlgorithm, String purpose, char[] password, int defKeySize) throws IOException {
    byte[] encPassword = PBEParametersGenerator.PKCS12PasswordToBytes(password);
    byte[] differentiator = PBEParametersGenerator.PKCS12PasswordToBytes(purpose.toCharArray());
    int keySizeInBytes = defKeySize;
    if (MiscObjectIdentifiers.id_scrypt.equals(pbkdAlgorithm.getAlgorithm())) {
        ScryptParams params = ScryptParams.getInstance(pbkdAlgorithm.getParameters());
        if (params.getKeyLength() != null) {
            keySizeInBytes = params.getKeyLength().intValue();
        } else if (keySizeInBytes == -1) {
            throw new IOException("no keyLength found in ScryptParams");
        }
        return SCrypt.generate(Arrays.concatenate(encPassword, differentiator), params.getSalt(), params.getCostParameter().intValue(), params.getBlockSize().intValue(), params.getBlockSize().intValue(), keySizeInBytes);
    } else if (pbkdAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2)) {
        PBKDF2Params pbkdf2Params = PBKDF2Params.getInstance(pbkdAlgorithm.getParameters());
        if (pbkdf2Params.getKeyLength() != null) {
            keySizeInBytes = pbkdf2Params.getKeyLength().intValue();
        } else if (keySizeInBytes == -1) {
            throw new IOException("no keyLength found in PBKDF2Params");
        }
        if (pbkdf2Params.getPrf().getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA512)) {
            PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA512Digest());
            pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
            return ((KeyParameter) pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
        } else if (pbkdf2Params.getPrf().getAlgorithm().equals(NISTObjectIdentifiers.id_hmacWithSHA3_512)) {
            PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA3Digest(512));
            pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
            return ((KeyParameter) pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
        } else {
            throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD PRF: " + pbkdf2Params.getPrf().getAlgorithm());
        }
    } else {
        throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
    }
}
Also used : SHA512Digest(com.github.zhenwei.core.crypto.digests.SHA512Digest) SHA3Digest(com.github.zhenwei.core.crypto.digests.SHA3Digest) PKCS5S2ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params) IOException(java.io.IOException) ScryptParams(com.github.zhenwei.core.asn1.misc.ScryptParams)

Aggregations

PKCS5S2ParametersGenerator (com.github.zhenwei.core.crypto.generators.PKCS5S2ParametersGenerator)4 KeyParameter (com.github.zhenwei.core.crypto.params.KeyParameter)4 PBKDF2Params (com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)3 CMSException (com.github.zhenwei.pkix.cms.CMSException)2 ScryptParams (com.github.zhenwei.core.asn1.misc.ScryptParams)1 InvalidCipherTextException (com.github.zhenwei.core.crypto.InvalidCipherTextException)1 PBEParametersGenerator (com.github.zhenwei.core.crypto.PBEParametersGenerator)1 SHA1Digest (com.github.zhenwei.core.crypto.digests.SHA1Digest)1 SHA3Digest (com.github.zhenwei.core.crypto.digests.SHA3Digest)1 SHA512Digest (com.github.zhenwei.core.crypto.digests.SHA512Digest)1 OpenSSLPBEParametersGenerator (com.github.zhenwei.core.crypto.generators.OpenSSLPBEParametersGenerator)1 IOException (java.io.IOException)1