use of com.github.zhenwei.pkix.operator.GenericKey in project LinLong-Java by zhenwei1108.
the class PKMACBuilder method genCalculator.
private MacCalculator genCalculator(final PBMParameter params, char[] password) throws CRMFException {
// From RFC 4211
//
// 1. Generate a random salt value S
//
// 2. Append the salt to the pw. K = pw || salt.
//
// 3. Hash the value of K. K = HASH(K)
//
// 4. Iter = Iter - 1. If Iter is greater than zero. Goto step 3.
//
// 5. Compute an HMAC as documented in [HMAC].
//
// MAC = HASH( K XOR opad, HASH( K XOR ipad, data) )
//
// Where opad and ipad are defined in [HMAC].
byte[] pw = Strings.toUTF8ByteArray(password);
byte[] salt = params.getSalt().getOctets();
byte[] K = new byte[pw.length + salt.length];
System.arraycopy(pw, 0, K, 0, pw.length);
System.arraycopy(salt, 0, K, pw.length, salt.length);
calculator.setup(params.getOwf(), params.getMac());
int iter = params.getIterationCount().intValueExact();
do {
K = calculator.calculateDigest(K);
} while (--iter > 0);
final byte[] key = K;
return new MacCalculator() {
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
public AlgorithmIdentifier getAlgorithmIdentifier() {
return new AlgorithmIdentifier(CMPObjectIdentifiers.passwordBasedMac, params);
}
public GenericKey getKey() {
return new GenericKey(getAlgorithmIdentifier(), key);
}
public OutputStream getOutputStream() {
return bOut;
}
public byte[] getMac() {
try {
return calculator.calculateMac(key, bOut.toByteArray());
} catch (CRMFException e) {
throw new RuntimeOperatorException("exception calculating mac: " + e.getMessage(), e);
}
}
};
}
use of com.github.zhenwei.pkix.operator.GenericKey in project LinLong-Java by zhenwei1108.
the class JcePKCS12MacCalculatorBuilder method build.
public MacCalculator build(final char[] password) throws OperatorCreationException {
if (random == null) {
random = new SecureRandom();
}
try {
final Mac mac = helper.createMac(algorithm.getId());
saltLength = mac.getMacLength();
final byte[] salt = new byte[saltLength];
random.nextBytes(salt);
PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount);
final SecretKey key = new PKCS12Key(password);
mac.init(key, defParams);
return new MacCalculator() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return new AlgorithmIdentifier(algorithm, new PKCS12PBEParams(salt, iterationCount));
}
public OutputStream getOutputStream() {
return new MacOutputStream(mac);
}
public byte[] getMac() {
return mac.doFinal();
}
public GenericKey getKey() {
return new GenericKey(getAlgorithmIdentifier(), key.getEncoded());
}
};
} catch (Exception e) {
throw new OperatorCreationException("unable to create MAC calculator: " + e.getMessage(), e);
}
}
use of com.github.zhenwei.pkix.operator.GenericKey in project LinLong-Java by zhenwei1108.
the class PKCS12PBEUtils method createMacCalculator.
static MacCalculator createMacCalculator(final ASN1ObjectIdentifier digestAlgorithm, ExtendedDigest digest, final PKCS12PBEParams pbeParams, final char[] password) {
PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);
pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue());
final KeyParameter keyParam = (KeyParameter) pGen.generateDerivedMacParameters(digest.getDigestSize() * 8);
final HMac hMac = new HMac(digest);
hMac.init(keyParam);
return new MacCalculator() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return new AlgorithmIdentifier(digestAlgorithm, pbeParams);
}
public OutputStream getOutputStream() {
return new MacOutputStream(hMac);
}
public byte[] getMac() {
byte[] res = new byte[hMac.getMacSize()];
hMac.doFinal(res, 0);
return res;
}
public GenericKey getKey() {
return new GenericKey(getAlgorithmIdentifier(), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
}
};
}
use of com.github.zhenwei.pkix.operator.GenericKey in project LinLong-Java by zhenwei1108.
the class JcePKCS12MacCalculatorBuilderProvider method get.
public PKCS12MacCalculatorBuilder get(final AlgorithmIdentifier algorithmIdentifier) {
return new PKCS12MacCalculatorBuilder() {
public MacCalculator build(final char[] password) throws OperatorCreationException {
final PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
try {
final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
final Mac mac = helper.createMac(algorithm.getId());
PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
final SecretKey key = new PKCS12Key(password);
mac.init(key, defParams);
return new MacCalculator() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return new AlgorithmIdentifier(algorithm, pbeParams);
}
public OutputStream getOutputStream() {
return new MacOutputStream(mac);
}
public byte[] getMac() {
return mac.doFinal();
}
public GenericKey getKey() {
return new GenericKey(getAlgorithmIdentifier(), key.getEncoded());
}
};
} catch (Exception e) {
throw new OperatorCreationException("unable to create MAC calculator: " + e.getMessage(), e);
}
}
public AlgorithmIdentifier getDigestAlgorithmIdentifier() {
return new AlgorithmIdentifier(algorithmIdentifier.getAlgorithm(), DERNull.INSTANCE);
}
};
}
use of com.github.zhenwei.pkix.operator.GenericKey in project LinLong-Java by zhenwei1108.
the class JceAsymmetricKeyUnwrapper method generateUnwrappedKey.
public GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedKey) throws OperatorException {
try {
Key sKey = null;
Cipher keyCipher = helper.createAsymmetricWrapper(this.getAlgorithmIdentifier().getAlgorithm(), extraMappings);
AlgorithmParameters algParams = helper.createAlgorithmParameters(this.getAlgorithmIdentifier());
try {
if (algParams != null) {
keyCipher.init(Cipher.UNWRAP_MODE, privKey, algParams);
} else {
keyCipher.init(Cipher.UNWRAP_MODE, privKey);
}
sKey = keyCipher.unwrap(encryptedKey, helper.getKeyAlgorithmName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
// check key will work with a software provider.
if (unwrappedKeyMustBeEncodable) {
try {
byte[] keyBytes = sKey.getEncoded();
if (keyBytes == null || keyBytes.length == 0) {
sKey = null;
}
} catch (Exception e) {
// try doing a decrypt
sKey = null;
}
}
} catch (GeneralSecurityException e) {
// try decrypt
} catch (IllegalStateException e) {
// try decrypt
} catch (UnsupportedOperationException e) {
// try decrypt
} catch (ProviderException e) {
// try decrypt
}
// some providers do not support UNWRAP (this appears to be only for asymmetric algorithms)
if (sKey == null) {
keyCipher.init(Cipher.DECRYPT_MODE, privKey);
sKey = new SecretKeySpec(keyCipher.doFinal(encryptedKey), encryptedKeyAlgorithm.getAlgorithm().getId());
}
return new JceGenericKey(encryptedKeyAlgorithm, sKey);
} catch (InvalidKeyException e) {
throw new OperatorException("key invalid: " + e.getMessage(), e);
} catch (IllegalBlockSizeException e) {
throw new OperatorException("illegal blocksize: " + e.getMessage(), e);
} catch (BadPaddingException e) {
throw new OperatorException("bad padding: " + e.getMessage(), e);
}
}
Aggregations