Example 1 with CipherInputStream
use of com.github.zhenwei.provider.jcajce.io.CipherInputStream in project LinLong-Java by zhenwei1108.
the class JceAsymmetricValueDecryptorGenerator method getValueDecryptor.
public InputDecryptor getValueDecryptor(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey) throws CRMFException {
Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
final Cipher dataCipher = helper.createContentCipher(secretKey, contentEncryptionAlgorithm);
return new InputDecryptor() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return contentEncryptionAlgorithm;
}
public InputStream getInputStream(InputStream dataIn) {
return new CipherInputStream(dataIn, dataCipher);
}
};
}
Also used :
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor)
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputStream(java.io.InputStream)
Cipher(javax.crypto.Cipher)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
Example 2 with CipherInputStream
use of com.github.zhenwei.provider.jcajce.io.CipherInputStream in project LinLong-Java by zhenwei1108.
the class JceKEKEnvelopedRecipient method getRecipientOperator.
public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey) throws CMSException {
Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
return new RecipientOperator(new InputDecryptor() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return contentEncryptionAlgorithm;
}
public InputStream getInputStream(InputStream dataOut) {
return new CipherInputStream(dataOut, dataCipher);
}
});
}
Also used :
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor)
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputStream(java.io.InputStream)
RecipientOperator(com.github.zhenwei.pkix.cms.RecipientOperator)
Cipher(javax.crypto.Cipher)
Key(java.security.Key)
SecretKey(javax.crypto.SecretKey)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 3 with CipherInputStream
use of com.github.zhenwei.provider.jcajce.io.CipherInputStream in project LinLong-Java by zhenwei1108.
the class JcePasswordEnvelopedRecipient method getRecipientOperator.
public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey) throws CMSException {
Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, derivedKey, encryptedContentEncryptionKey);
final Cipher dataCipher = helper.createContentCipher(secretKey, contentEncryptionAlgorithm);
return new RecipientOperator(new InputDecryptor() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return contentEncryptionAlgorithm;
}
public InputStream getInputStream(InputStream dataOut) {
return new CipherInputStream(dataOut, dataCipher);
}
});
}
Also used :
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor)
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputStream(java.io.InputStream)
RecipientOperator(com.github.zhenwei.pkix.cms.RecipientOperator)
Cipher(javax.crypto.Cipher)
Key(java.security.Key)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 4 with CipherInputStream
use of com.github.zhenwei.provider.jcajce.io.CipherInputStream in project LinLong-Java by zhenwei1108.
the class JceInputDecryptorProviderBuilder method build.
/**
* Build a decryptor provider which will use the passed in bytes for the symmetric key.
*
* @param keyBytes bytes representing the key to use.
* @return an decryptor provider.
*/
public InputDecryptorProvider build(byte[] keyBytes) {
final byte[] encKeyBytes = Arrays.clone(keyBytes);
return new InputDecryptorProvider() {
private Cipher cipher;
private AlgorithmIdentifier encryptionAlg;
public InputDecryptor get(final AlgorithmIdentifier algorithmIdentifier) throws OperatorCreationException {
encryptionAlg = algorithmIdentifier;
ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
try {
cipher = helper.createCipher(algorithm.getId());
SecretKey key = new SecretKeySpec(encKeyBytes, algorithm.getId());
ASN1Encodable encParams = algorithmIdentifier.getParameters();
if (encParams instanceof ASN1OctetString) {
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
} else {
// TODO: at the moment it's just GOST, but...
GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
cipher.init(Cipher.DECRYPT_MODE, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
}
} catch (Exception e) {
throw new OperatorCreationException("unable to create InputDecryptor: " + e.getMessage(), e);
}
return new InputDecryptor() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return encryptionAlg;
}
public InputStream getInputStream(InputStream input) {
return new CipherInputStream(input, cipher);
}
};
}
};
}
Also used :
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
GOST28147Parameters(com.github.zhenwei.core.asn1.cryptopro.GOST28147Parameters)
InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor)
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputStream(java.io.InputStream)
GOST28147ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
SecretKey(javax.crypto.SecretKey)
InputDecryptorProvider(com.github.zhenwei.pkix.operator.InputDecryptorProvider)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
Example 5 with CipherInputStream
use of com.github.zhenwei.provider.jcajce.io.CipherInputStream in project LinLong-Java by zhenwei1108.
the class JcePKCSPBEInputDecryptorProviderBuilder method build.
public InputDecryptorProvider build(final char[] password) {
return new InputDecryptorProvider() {
private Cipher cipher;
private AlgorithmIdentifier encryptionAlg;
public InputDecryptor get(final AlgorithmIdentifier algorithmIdentifier) throws OperatorCreationException {
SecretKey key;
ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
try {
if (algorithm.on(PKCSObjectIdentifiers.pkcs_12PbeIds)) {
PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
cipher = helper.createCipher(algorithm.getId());
cipher.init(Cipher.DECRYPT_MODE, new PKCS12KeyWithParameters(password, wrongPKCS12Zero, pbeParams.getIV(), pbeParams.getIterations().intValue()));
encryptionAlg = algorithmIdentifier;
} else if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2)) {
PBES2Parameters alg = PBES2Parameters.getInstance(algorithmIdentifier.getParameters());
if (MiscObjectIdentifiers.id_scrypt.equals(alg.getKeyDerivationFunc().getAlgorithm())) {
ScryptParams params = ScryptParams.getInstance(alg.getKeyDerivationFunc().getParameters());
AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
SecretKeyFactory keyFact = helper.createSecretKeyFactory("SCRYPT");
key = keyFact.generateSecret(new ScryptKeySpec(password, params.getSalt(), params.getCostParameter().intValue(), params.getBlockSize().intValue(), params.getParallelizationParameter().intValue(), keySizeProvider.getKeySize(encScheme)));
} else {
SecretKeyFactory keyFact = helper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
PBKDF2Params func = PBKDF2Params.getInstance(alg.getKeyDerivationFunc().getParameters());
AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
if (func.isDefaultPrf()) {
key = keyFact.generateSecret(new PBEKeySpec(password, func.getSalt(), func.getIterationCount().intValue(), keySizeProvider.getKeySize(encScheme)));
} else {
key = keyFact.generateSecret(new PBKDF2KeySpec(password, func.getSalt(), func.getIterationCount().intValue(), keySizeProvider.getKeySize(encScheme), func.getPrf()));
}
}
cipher = helper.createCipher(alg.getEncryptionScheme().getAlgorithm().getId());
encryptionAlg = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
ASN1Encodable encParams = alg.getEncryptionScheme().getParameters();
if (encParams instanceof ASN1OctetString) {
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
} else if (encParams instanceof ASN1Sequence && isCCMorGCM(alg.getEncryptionScheme())) {
AlgorithmParameters params = AlgorithmParameters.getInstance(alg.getEncryptionScheme().getAlgorithm().getId());
params.init(((ASN1Sequence) encParams).getEncoded());
cipher.init(Cipher.DECRYPT_MODE, key, params);
} else if (// absent parameters
encParams == null) {
cipher.init(Cipher.DECRYPT_MODE, key);
} else {
// TODO: at the moment it's just GOST, but...
GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
cipher.init(Cipher.DECRYPT_MODE, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
}
} else if (algorithm.equals(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC) || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC)) {
PBEParameter pbeParams = PBEParameter.getInstance(algorithmIdentifier.getParameters());
cipher = helper.createCipher(algorithm.getId());
cipher.init(Cipher.DECRYPT_MODE, new PBKDF1Key(password, PasswordConverter.ASCII), new PBEParameterSpec(pbeParams.getSalt(), pbeParams.getIterationCount().intValue()));
} else {
throw new OperatorCreationException("unable to create InputDecryptor: algorithm " + algorithm + " unknown.");
}
} catch (Exception e) {
throw new OperatorCreationException("unable to create InputDecryptor: " + e.getMessage(), e);
}
return new InputDecryptor() {
public AlgorithmIdentifier getAlgorithmIdentifier() {
return encryptionAlg;
}
public InputStream getInputStream(InputStream input) {
return new CipherInputStream(input, cipher);
}
};
}
};
}
Also used :
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
GOST28147Parameters(com.github.zhenwei.core.asn1.cryptopro.GOST28147Parameters)
GOST28147ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec)
PBKDF2KeySpec(com.github.zhenwei.provider.jcajce.spec.PBKDF2KeySpec)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
PBKDF1Key(com.github.zhenwei.provider.jcajce.PBKDF1Key)
PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)
ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
ScryptParams(com.github.zhenwei.core.asn1.misc.ScryptParams)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
PKCS12KeyWithParameters(com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
PBEParameter(com.github.zhenwei.core.asn1.pkcs.PBEParameter)
PBES2Parameters(com.github.zhenwei.core.asn1.pkcs.PBES2Parameters)
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor)
CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream)
InputStream(java.io.InputStream)
ScryptKeySpec(com.github.zhenwei.provider.jcajce.spec.ScryptKeySpec)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
SecretKey(javax.crypto.SecretKey)
ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence)
InputDecryptorProvider(com.github.zhenwei.pkix.operator.InputDecryptorProvider)
PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
AlgorithmParameters(java.security.AlgorithmParameters)
Aggregations
CipherInputStream (com.github.zhenwei.provider.jcajce.io.CipherInputStream)10
InputStream (java.io.InputStream)10
Cipher (javax.crypto.Cipher)10
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)9
InputDecryptor (com.github.zhenwei.pkix.operator.InputDecryptor)9
Key (java.security.Key)7
RecipientOperator (com.github.zhenwei.pkix.cms.RecipientOperator)6
PrivateKey (java.security.PrivateKey)5
SecretKey (javax.crypto.SecretKey)4
InputDecryptorProvider (com.github.zhenwei.pkix.operator.InputDecryptorProvider)3
OperatorCreationException (com.github.zhenwei.pkix.operator.OperatorCreationException)3
ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)2
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)2
ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)2
GOST28147Parameters (com.github.zhenwei.core.asn1.cryptopro.GOST28147Parameters)2
PBEParameter (com.github.zhenwei.core.asn1.pkcs.PBEParameter)2
PBES2Parameters (com.github.zhenwei.core.asn1.pkcs.PBES2Parameters)2
PBKDF2Params (com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)2
PKCS12PBEParams (com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)2
PKCS12KeyWithParameters (com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters)2
