Examples with JceAsymmetricKeyUnwrapper - com.github.zhenwei.pkix.operator.jcajce.JceAsymmetricKeyUnwrapper

Example 1 with JceAsymmetricKeyUnwrapper

use of com.github.zhenwei.pkix.operator.jcajce.JceAsymmetricKeyUnwrapper in project LinLong-Java by zhenwei1108.

the class JceKeyTransRecipient method extractSecretKey.

protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey) throws CMSException {
    if (CMSUtils.isGOST(keyEncryptionAlgorithm.getAlgorithm())) {
        try {
            GostR3410KeyTransport transport = GostR3410KeyTransport.getInstance(encryptedEncryptionKey);
            GostR3410TransportParameters transParams = transport.getTransportParameters();
            KeyFactory keyFactory = helper.createKeyFactory(keyEncryptionAlgorithm.getAlgorithm());
            PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(transParams.getEphemeralPublicKey().getEncoded()));
            KeyAgreement agreement = helper.createKeyAgreement(keyEncryptionAlgorithm.getAlgorithm());
            agreement.init(recipientKey, new UserKeyingMaterialSpec(transParams.getUkm()));
            agreement.doPhase(pubKey, true);
            SecretKey key = agreement.generateSecret(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId());
            Cipher keyCipher = helper.createCipher(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap);
            keyCipher.init(Cipher.UNWRAP_MODE, key, new GOST28147WrapParameterSpec(transParams.getEncryptionParamSet(), transParams.getUkm()));
            Gost2814789EncryptedKey encKey = transport.getSessionEncryptedKey();
            return keyCipher.unwrap(Arrays.concatenate(encKey.getEncryptedKey(), encKey.getMacKey()), helper.getBaseCipherName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
        } catch (Exception e) {
            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
        }
    } else {
        JceAsymmetricKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey).setMustProduceEncodableUnwrappedKey(unwrappedKeyMustBeEncodable);
        if (!extraMappings.isEmpty()) {
            for (Iterator it = extraMappings.keySet().iterator(); it.hasNext(); ) {
                ASN1ObjectIdentifier algorithm = (ASN1ObjectIdentifier) it.next();
                unwrapper.setAlgorithmMapping(algorithm, (String) extraMappings.get(algorithm));
            }
        }
        try {
            Key key = helper.getJceKey(encryptedKeyAlgorithm.getAlgorithm(), unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
            if (validateKeySize) {
                helper.keySizeCheck(encryptedKeyAlgorithm, key);
            }
            return key;
        } catch (OperatorException e) {
            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
        }
    }
}

Also used : JceAsymmetricKeyUnwrapper(com.github.zhenwei.pkix.operator.jcajce.JceAsymmetricKeyUnwrapper) PublicKey(java.security.PublicKey) GOST28147WrapParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147WrapParameterSpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) UserKeyingMaterialSpec(com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec) CMSException(com.github.zhenwei.pkix.cms.CMSException) OperatorException(com.github.zhenwei.pkix.operator.OperatorException) GostR3410KeyTransport(com.github.zhenwei.core.asn1.cryptopro.GostR3410KeyTransport) GostR3410TransportParameters(com.github.zhenwei.core.asn1.cryptopro.GostR3410TransportParameters) Gost2814789EncryptedKey(com.github.zhenwei.core.asn1.cryptopro.Gost2814789EncryptedKey) SecretKey(javax.crypto.SecretKey) Iterator(java.util.Iterator) Cipher(javax.crypto.Cipher) KeyAgreement(javax.crypto.KeyAgreement) KeyFactory(java.security.KeyFactory) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) PublicKey(java.security.PublicKey) Key(java.security.Key) PrivateKey(java.security.PrivateKey) Gost2814789EncryptedKey(com.github.zhenwei.core.asn1.cryptopro.Gost2814789EncryptedKey) SecretKey(javax.crypto.SecretKey) OperatorException(com.github.zhenwei.pkix.operator.OperatorException) CMSException(com.github.zhenwei.pkix.cms.CMSException)

Aggregations

ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)1 Gost2814789EncryptedKey (com.github.zhenwei.core.asn1.cryptopro.Gost2814789EncryptedKey)1 GostR3410KeyTransport (com.github.zhenwei.core.asn1.cryptopro.GostR3410KeyTransport)1 GostR3410TransportParameters (com.github.zhenwei.core.asn1.cryptopro.GostR3410TransportParameters)1 CMSException (com.github.zhenwei.pkix.cms.CMSException)1 OperatorException (com.github.zhenwei.pkix.operator.OperatorException)1 JceAsymmetricKeyUnwrapper (com.github.zhenwei.pkix.operator.jcajce.JceAsymmetricKeyUnwrapper)1 GOST28147WrapParameterSpec (com.github.zhenwei.provider.jcajce.spec.GOST28147WrapParameterSpec)1 UserKeyingMaterialSpec (com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec)1 Key (java.security.Key)1 KeyFactory (java.security.KeyFactory)1 PrivateKey (java.security.PrivateKey)1 PublicKey (java.security.PublicKey)1 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)1 Iterator (java.util.Iterator)1 Cipher (javax.crypto.Cipher)1 KeyAgreement (javax.crypto.KeyAgreement)1 SecretKey (javax.crypto.SecretKey)1