use of com.github.zhenwei.core.crypto.params.KeyParameter in project LinLong-Java by zhenwei1108.
the class BcKEKEnvelopedRecipient method getRecipientOperator.
public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey) throws CMSException {
KeyParameter secretKey = (KeyParameter) extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
return new RecipientOperator(new InputDecryptor() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return contentEncryptionAlgorithm;
}
public InputStream getInputStream(InputStream dataOut) {
if (dataCipher instanceof BufferedBlockCipher) {
return new com.github.zhenwei.core.crypto.io.CipherInputStream(dataOut, (BufferedBlockCipher) dataCipher);
} else {
return new com.github.zhenwei.core.crypto.io.CipherInputStream(dataOut, (StreamCipher) dataCipher);
}
}
});
}
use of com.github.zhenwei.core.crypto.params.KeyParameter in project LinLong-Java by zhenwei1108.
the class BcPasswordEnvelopedRecipient method getRecipientOperator.
public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey) throws CMSException {
KeyParameter secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, derivedKey, encryptedContentEncryptionKey);
final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
return new RecipientOperator(new InputDecryptor() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return contentEncryptionAlgorithm;
}
public InputStream getInputStream(InputStream dataOut) {
if (dataCipher instanceof BufferedBlockCipher) {
return new CipherInputStream(dataOut, (BufferedBlockCipher) dataCipher);
} else {
return new CipherInputStream(dataOut, (StreamCipher) dataCipher);
}
}
});
}
use of com.github.zhenwei.core.crypto.params.KeyParameter in project LinLong-Java by zhenwei1108.
the class PEMUtilities method generateSecretKeyForPKCS5Scheme2.
public static KeyParameter generateSecretKeyForPKCS5Scheme2(String algorithm, char[] password, byte[] salt, int iterationCount) {
PBEParametersGenerator paramsGen = new PKCS5S2ParametersGenerator(new SHA1Digest());
paramsGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, iterationCount);
return (KeyParameter) paramsGen.generateDerivedParameters(PEMUtilities.getKeySize(algorithm));
}
use of com.github.zhenwei.core.crypto.params.KeyParameter in project LinLong-Java by zhenwei1108.
the class PEMUtilities method crypt.
static byte[] crypt(boolean encrypt, byte[] bytes, char[] password, String dekAlgName, byte[] iv) throws PEMException {
byte[] ivValue = iv;
String blockMode = "CBC";
BlockCipher engine;
BlockCipherPadding padding = new PKCS7Padding();
KeyParameter sKey;
// Figure out block mode and padding.
if (dekAlgName.endsWith("-CFB")) {
blockMode = "CFB";
padding = null;
}
if (dekAlgName.endsWith("-ECB") || "DES-EDE".equals(dekAlgName) || "DES-EDE3".equals(dekAlgName)) {
// ECB is actually the default (though seldom used) when OpenSSL
// uses DES-EDE (des2) or DES-EDE3 (des3).
blockMode = "ECB";
ivValue = null;
}
if (dekAlgName.endsWith("-OFB")) {
blockMode = "OFB";
padding = null;
}
// Figure out algorithm and key size.
if (dekAlgName.startsWith("DES-EDE")) {
// "DES-EDE" is actually des2 in OpenSSL-speak!
// "DES-EDE3" is des3.
boolean des2 = !dekAlgName.startsWith("DES-EDE3");
sKey = getKey(password, 24, iv, des2);
engine = new DESedeEngine();
} else if (dekAlgName.startsWith("DES-")) {
sKey = getKey(password, 8, iv);
engine = new DESEngine();
} else if (dekAlgName.startsWith("BF-")) {
sKey = getKey(password, 16, iv);
engine = new BlowfishEngine();
} else if (dekAlgName.startsWith("RC2-")) {
int keyBits = 128;
if (dekAlgName.startsWith("RC2-40-")) {
keyBits = 40;
} else if (dekAlgName.startsWith("RC2-64-")) {
keyBits = 64;
}
sKey = new RC2Parameters(getKey(password, keyBits / 8, iv).getKey(), keyBits);
;
engine = new RC2Engine();
} else if (dekAlgName.startsWith("AES-")) {
byte[] salt = iv;
if (salt.length > 8) {
salt = new byte[8];
System.arraycopy(iv, 0, salt, 0, 8);
}
int keyBits;
if (dekAlgName.startsWith("AES-128-")) {
keyBits = 128;
} else if (dekAlgName.startsWith("AES-192-")) {
keyBits = 192;
} else if (dekAlgName.startsWith("AES-256-")) {
keyBits = 256;
} else {
throw new EncryptionException("unknown AES encryption with private key: " + dekAlgName);
}
sKey = getKey(password, keyBits / 8, salt);
engine = new AESEngine();
} else {
throw new EncryptionException("unknown encryption with private key: " + dekAlgName);
}
if (blockMode.equals("CBC")) {
engine = new CBCBlockCipher(engine);
} else if (blockMode.equals("CFB")) {
engine = new CFBBlockCipher(engine, engine.getBlockSize() * 8);
} else if (blockMode.equals("OFB")) {
engine = new OFBBlockCipher(engine, engine.getBlockSize() * 8);
}
try {
BufferedBlockCipher c;
if (padding == null) {
c = new BufferedBlockCipher(engine);
} else {
c = new PaddedBufferedBlockCipher(engine, padding);
}
if (// ECB block mode
ivValue == null) {
c.init(encrypt, sKey);
} else {
c.init(encrypt, new ParametersWithIV(sKey, ivValue));
}
byte[] out = new byte[c.getOutputSize(bytes.length)];
int procLen = c.processBytes(bytes, 0, bytes.length, out, 0);
procLen += c.doFinal(out, procLen);
if (procLen == out.length) {
return out;
} else {
byte[] rv = new byte[procLen];
System.arraycopy(out, 0, rv, 0, procLen);
return rv;
}
} catch (Exception e) {
throw new EncryptionException("exception using cipher - please check password and data.", e);
}
}
use of com.github.zhenwei.core.crypto.params.KeyParameter in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method generateKey.
private byte[] generateKey(KeyDerivationFunc pbkdAlgorithm, String purpose, char[] password, int defKeySize) throws IOException {
byte[] encPassword = PBEParametersGenerator.PKCS12PasswordToBytes(password);
byte[] differentiator = PBEParametersGenerator.PKCS12PasswordToBytes(purpose.toCharArray());
int keySizeInBytes = defKeySize;
if (MiscObjectIdentifiers.id_scrypt.equals(pbkdAlgorithm.getAlgorithm())) {
ScryptParams params = ScryptParams.getInstance(pbkdAlgorithm.getParameters());
if (params.getKeyLength() != null) {
keySizeInBytes = params.getKeyLength().intValue();
} else if (keySizeInBytes == -1) {
throw new IOException("no keyLength found in ScryptParams");
}
return SCrypt.generate(Arrays.concatenate(encPassword, differentiator), params.getSalt(), params.getCostParameter().intValue(), params.getBlockSize().intValue(), params.getBlockSize().intValue(), keySizeInBytes);
} else if (pbkdAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2)) {
PBKDF2Params pbkdf2Params = PBKDF2Params.getInstance(pbkdAlgorithm.getParameters());
if (pbkdf2Params.getKeyLength() != null) {
keySizeInBytes = pbkdf2Params.getKeyLength().intValue();
} else if (keySizeInBytes == -1) {
throw new IOException("no keyLength found in PBKDF2Params");
}
if (pbkdf2Params.getPrf().getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA512)) {
PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA512Digest());
pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
return ((KeyParameter) pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
} else if (pbkdf2Params.getPrf().getAlgorithm().equals(NISTObjectIdentifiers.id_hmacWithSHA3_512)) {
PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA3Digest(512));
pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
return ((KeyParameter) pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
} else {
throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD PRF: " + pbkdf2Params.getPrf().getAlgorithm());
}
} else {
throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
}
}
Aggregations