Search in sources :

Example 1 with MacInputStream

use of com.github.zhenwei.core.crypto.io.MacInputStream in project LinLong-Java by zhenwei1108.

the class BcKeyStoreSpi method engineLoad.

public void engineLoad(InputStream stream, char[] password) throws IOException {
    table.clear();
    if (// just initialising
    stream == null) {
        return;
    }
    DataInputStream dIn = new DataInputStream(stream);
    int version = dIn.readInt();
    if (version != STORE_VERSION) {
        if (version != 0 && version != 1) {
            throw new IOException("Wrong version of key store.");
        }
    }
    int saltLength = dIn.readInt();
    if (saltLength <= 0) {
        throw new IOException("Invalid salt detected");
    }
    byte[] salt = new byte[saltLength];
    dIn.readFully(salt);
    int iterationCount = dIn.readInt();
    // 
    // we only do an integrity check if the password is provided.
    // 
    HMac hMac = new HMac(new SHA1Digest());
    if (password != null && password.length != 0) {
        byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password);
        PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest());
        pbeGen.init(passKey, salt, iterationCount);
        CipherParameters macParams;
        if (version != 2) {
            macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize());
        } else {
            macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize() * 8);
        }
        Arrays.fill(passKey, (byte) 0);
        hMac.init(macParams);
        MacInputStream mIn = new MacInputStream(dIn, hMac);
        loadStore(mIn);
        // Finalise our mac calculation
        byte[] mac = new byte[hMac.getMacSize()];
        hMac.doFinal(mac, 0);
        // TODO Should this actually be reading the remainder of the stream?
        // Read the original mac from the stream
        byte[] oldMac = new byte[hMac.getMacSize()];
        dIn.readFully(oldMac);
        if (!Arrays.constantTimeAreEqual(mac, oldMac)) {
            table.clear();
            throw new IOException("KeyStore integrity check failed.");
        }
    } else {
        loadStore(dIn);
        // TODO Should this actually be reading the remainder of the stream?
        // Parse the original mac from the stream too
        byte[] oldMac = new byte[hMac.getMacSize()];
        dIn.readFully(oldMac);
    }
}
Also used : CipherParameters(com.github.zhenwei.core.crypto.CipherParameters) MacInputStream(com.github.zhenwei.core.crypto.io.MacInputStream) PKCS12ParametersGenerator(com.github.zhenwei.core.crypto.generators.PKCS12ParametersGenerator) HMac(com.github.zhenwei.core.crypto.macs.HMac) SHA1Digest(com.github.zhenwei.core.crypto.digests.SHA1Digest) IOException(java.io.IOException) DataInputStream(java.io.DataInputStream) PBEParametersGenerator(com.github.zhenwei.core.crypto.PBEParametersGenerator)

Aggregations

CipherParameters (com.github.zhenwei.core.crypto.CipherParameters)1 PBEParametersGenerator (com.github.zhenwei.core.crypto.PBEParametersGenerator)1 SHA1Digest (com.github.zhenwei.core.crypto.digests.SHA1Digest)1 PKCS12ParametersGenerator (com.github.zhenwei.core.crypto.generators.PKCS12ParametersGenerator)1 MacInputStream (com.github.zhenwei.core.crypto.io.MacInputStream)1 HMac (com.github.zhenwei.core.crypto.macs.HMac)1 DataInputStream (java.io.DataInputStream)1 IOException (java.io.IOException)1