Search in sources :

Example 1 with GOST28147ParameterSpec

use of com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec in project LinLong-Java by zhenwei1108.

the class PKCS12KeyStoreSpi method createCipher.

private Cipher createCipher(int mode, char[] password, AlgorithmIdentifier algId) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException {
    PBES2Parameters alg = PBES2Parameters.getInstance(algId.getParameters());
    PBKDF2Params func = PBKDF2Params.getInstance(alg.getKeyDerivationFunc().getParameters());
    AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
    SecretKeyFactory keyFact = helper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
    SecretKey key;
    if (func.isDefaultPrf()) {
        key = keyFact.generateSecret(new PBEKeySpec(password, func.getSalt(), validateIterationCount(func.getIterationCount()), keySizeProvider.getKeySize(encScheme)));
    } else {
        key = keyFact.generateSecret(new PBKDF2KeySpec(password, func.getSalt(), validateIterationCount(func.getIterationCount()), keySizeProvider.getKeySize(encScheme), func.getPrf()));
    }
    Cipher cipher = helper.createCipher(alg.getEncryptionScheme().getAlgorithm().getId());
    ASN1Encodable encParams = alg.getEncryptionScheme().getParameters();
    if (encParams instanceof ASN1OctetString) {
        cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
    } else {
        // TODO: at the moment it's just GOST, but...
        GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
        cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
    }
    return cipher;
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) PBES2Parameters(com.github.zhenwei.core.asn1.pkcs.PBES2Parameters) PBEKeySpec(javax.crypto.spec.PBEKeySpec) GOST28147Parameters(com.github.zhenwei.core.asn1.cryptopro.GOST28147Parameters) GOST28147ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec) PBKDF2KeySpec(com.github.zhenwei.provider.jcajce.spec.PBKDF2KeySpec) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) SecretKey(javax.crypto.SecretKey) PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 2 with GOST28147ParameterSpec

use of com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec in project LinLong-Java by zhenwei1108.

the class JceInputDecryptorProviderBuilder method build.

/**
 * Build a decryptor provider which will use the passed in bytes for the symmetric key.
 *
 * @param keyBytes bytes representing the key to use.
 * @return an decryptor provider.
 */
public InputDecryptorProvider build(byte[] keyBytes) {
    final byte[] encKeyBytes = Arrays.clone(keyBytes);
    return new InputDecryptorProvider() {

        private Cipher cipher;

        private AlgorithmIdentifier encryptionAlg;

        public InputDecryptor get(final AlgorithmIdentifier algorithmIdentifier) throws OperatorCreationException {
            encryptionAlg = algorithmIdentifier;
            ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
            try {
                cipher = helper.createCipher(algorithm.getId());
                SecretKey key = new SecretKeySpec(encKeyBytes, algorithm.getId());
                ASN1Encodable encParams = algorithmIdentifier.getParameters();
                if (encParams instanceof ASN1OctetString) {
                    cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
                } else {
                    // TODO: at the moment it's just GOST, but...
                    GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
                    cipher.init(Cipher.DECRYPT_MODE, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
                }
            } catch (Exception e) {
                throw new OperatorCreationException("unable to create InputDecryptor: " + e.getMessage(), e);
            }
            return new InputDecryptor() {

                public AlgorithmIdentifier getAlgorithmIdentifier() {
                    return encryptionAlg;
                }

                public InputStream getInputStream(InputStream input) {
                    return new CipherInputStream(input, cipher);
                }
            };
        }
    };
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream) GOST28147Parameters(com.github.zhenwei.core.asn1.cryptopro.GOST28147Parameters) InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor) CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream) InputStream(java.io.InputStream) GOST28147ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) SecretKey(javax.crypto.SecretKey) InputDecryptorProvider(com.github.zhenwei.pkix.operator.InputDecryptorProvider) SecretKeySpec(javax.crypto.spec.SecretKeySpec) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)

Example 3 with GOST28147ParameterSpec

use of com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec in project LinLong-Java by zhenwei1108.

the class JcePKCSPBEInputDecryptorProviderBuilder method build.

public InputDecryptorProvider build(final char[] password) {
    return new InputDecryptorProvider() {

        private Cipher cipher;

        private AlgorithmIdentifier encryptionAlg;

        public InputDecryptor get(final AlgorithmIdentifier algorithmIdentifier) throws OperatorCreationException {
            SecretKey key;
            ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
            try {
                if (algorithm.on(PKCSObjectIdentifiers.pkcs_12PbeIds)) {
                    PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
                    cipher = helper.createCipher(algorithm.getId());
                    cipher.init(Cipher.DECRYPT_MODE, new PKCS12KeyWithParameters(password, wrongPKCS12Zero, pbeParams.getIV(), pbeParams.getIterations().intValue()));
                    encryptionAlg = algorithmIdentifier;
                } else if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2)) {
                    PBES2Parameters alg = PBES2Parameters.getInstance(algorithmIdentifier.getParameters());
                    if (MiscObjectIdentifiers.id_scrypt.equals(alg.getKeyDerivationFunc().getAlgorithm())) {
                        ScryptParams params = ScryptParams.getInstance(alg.getKeyDerivationFunc().getParameters());
                        AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
                        SecretKeyFactory keyFact = helper.createSecretKeyFactory("SCRYPT");
                        key = keyFact.generateSecret(new ScryptKeySpec(password, params.getSalt(), params.getCostParameter().intValue(), params.getBlockSize().intValue(), params.getParallelizationParameter().intValue(), keySizeProvider.getKeySize(encScheme)));
                    } else {
                        SecretKeyFactory keyFact = helper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
                        PBKDF2Params func = PBKDF2Params.getInstance(alg.getKeyDerivationFunc().getParameters());
                        AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
                        if (func.isDefaultPrf()) {
                            key = keyFact.generateSecret(new PBEKeySpec(password, func.getSalt(), func.getIterationCount().intValue(), keySizeProvider.getKeySize(encScheme)));
                        } else {
                            key = keyFact.generateSecret(new PBKDF2KeySpec(password, func.getSalt(), func.getIterationCount().intValue(), keySizeProvider.getKeySize(encScheme), func.getPrf()));
                        }
                    }
                    cipher = helper.createCipher(alg.getEncryptionScheme().getAlgorithm().getId());
                    encryptionAlg = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
                    ASN1Encodable encParams = alg.getEncryptionScheme().getParameters();
                    if (encParams instanceof ASN1OctetString) {
                        cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
                    } else if (encParams instanceof ASN1Sequence && isCCMorGCM(alg.getEncryptionScheme())) {
                        AlgorithmParameters params = AlgorithmParameters.getInstance(alg.getEncryptionScheme().getAlgorithm().getId());
                        params.init(((ASN1Sequence) encParams).getEncoded());
                        cipher.init(Cipher.DECRYPT_MODE, key, params);
                    } else if (// absent parameters
                    encParams == null) {
                        cipher.init(Cipher.DECRYPT_MODE, key);
                    } else {
                        // TODO: at the moment it's just GOST, but...
                        GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
                        cipher.init(Cipher.DECRYPT_MODE, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
                    }
                } else if (algorithm.equals(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC) || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC)) {
                    PBEParameter pbeParams = PBEParameter.getInstance(algorithmIdentifier.getParameters());
                    cipher = helper.createCipher(algorithm.getId());
                    cipher.init(Cipher.DECRYPT_MODE, new PBKDF1Key(password, PasswordConverter.ASCII), new PBEParameterSpec(pbeParams.getSalt(), pbeParams.getIterationCount().intValue()));
                } else {
                    throw new OperatorCreationException("unable to create InputDecryptor: algorithm " + algorithm + " unknown.");
                }
            } catch (Exception e) {
                throw new OperatorCreationException("unable to create InputDecryptor: " + e.getMessage(), e);
            }
            return new InputDecryptor() {

                public AlgorithmIdentifier getAlgorithmIdentifier() {
                    return encryptionAlg;
                }

                public InputStream getInputStream(InputStream input) {
                    return new CipherInputStream(input, cipher);
                }
            };
        }
    };
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) PBEKeySpec(javax.crypto.spec.PBEKeySpec) GOST28147Parameters(com.github.zhenwei.core.asn1.cryptopro.GOST28147Parameters) GOST28147ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec) PBKDF2KeySpec(com.github.zhenwei.provider.jcajce.spec.PBKDF2KeySpec) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) PBKDF1Key(com.github.zhenwei.provider.jcajce.PBKDF1Key) PBKDF2Params(com.github.zhenwei.core.asn1.pkcs.PBKDF2Params) ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) ScryptParams(com.github.zhenwei.core.asn1.misc.ScryptParams) SecretKeyFactory(javax.crypto.SecretKeyFactory) PKCS12KeyWithParameters(com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec) PBEParameter(com.github.zhenwei.core.asn1.pkcs.PBEParameter) PBES2Parameters(com.github.zhenwei.core.asn1.pkcs.PBES2Parameters) CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream) InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor) CipherInputStream(com.github.zhenwei.provider.jcajce.io.CipherInputStream) InputStream(java.io.InputStream) ScryptKeySpec(com.github.zhenwei.provider.jcajce.spec.ScryptKeySpec) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) SecretKey(javax.crypto.SecretKey) ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence) InputDecryptorProvider(com.github.zhenwei.pkix.operator.InputDecryptorProvider) PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) AlgorithmParameters(java.security.AlgorithmParameters)

Example 4 with GOST28147ParameterSpec

use of com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec in project LinLong-Java by zhenwei1108.

the class BaseBlockCipher method adjustParameters.

private CipherParameters adjustParameters(AlgorithmParameterSpec params, CipherParameters param) {
    CipherParameters key;
    if (param instanceof ParametersWithIV) {
        key = ((ParametersWithIV) param).getParameters();
        if (params instanceof IvParameterSpec) {
            IvParameterSpec iv = (IvParameterSpec) params;
            ivParam = new ParametersWithIV(key, iv.getIV());
            param = ivParam;
        } else if (params instanceof GOST28147ParameterSpec) {
            // need to pick up IV and SBox.
            GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec) params;
            param = new ParametersWithSBox(param, gost28147Param.getSbox());
            if (gost28147Param.getIV() != null && ivLength != 0) {
                ivParam = new ParametersWithIV(key, gost28147Param.getIV());
                param = ivParam;
            }
        }
    } else {
        if (params instanceof IvParameterSpec) {
            IvParameterSpec iv = (IvParameterSpec) params;
            ivParam = new ParametersWithIV(param, iv.getIV());
            param = ivParam;
        } else if (params instanceof GOST28147ParameterSpec) {
            // need to pick up IV and SBox.
            GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec) params;
            param = new ParametersWithSBox(param, gost28147Param.getSbox());
            if (gost28147Param.getIV() != null && ivLength != 0) {
                param = new ParametersWithIV(param, gost28147Param.getIV());
            }
        }
    }
    return param;
}
Also used : CipherParameters(com.github.zhenwei.core.crypto.CipherParameters) ParametersWithIV(com.github.zhenwei.core.crypto.params.ParametersWithIV) ParametersWithSBox(com.github.zhenwei.core.crypto.params.ParametersWithSBox) GOST28147ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec) IvParameterSpec(javax.crypto.spec.IvParameterSpec)

Example 5 with GOST28147ParameterSpec

use of com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec in project LinLong-Java by zhenwei1108.

the class BaseBlockCipher method engineInit.

protected void engineInit(int opmode, Key key, final AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
    CipherParameters param;
    this.pbeSpec = null;
    this.pbeAlgorithm = null;
    this.engineParams = null;
    this.aeadParams = null;
    // 
    if (!(key instanceof SecretKey)) {
        throw new InvalidKeyException("Key for algorithm " + ((key != null) ? key.getAlgorithm() : null) + " not suitable for symmetric enryption.");
    }
    // 
    if (params == null && (baseEngine != null && baseEngine.getAlgorithmName().startsWith("RC5-64"))) {
        throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in.");
    }
    // 
    if (scheme == PKCS12 || key instanceof PKCS12Key) {
        SecretKey k;
        try {
            k = (SecretKey) key;
        } catch (Exception e) {
            throw new InvalidKeyException("PKCS12 requires a SecretKey/PBEKey");
        }
        if (params instanceof PBEParameterSpec) {
            pbeSpec = (PBEParameterSpec) params;
        }
        if (k instanceof PBEKey && pbeSpec == null) {
            PBEKey pbeKey = (PBEKey) k;
            if (pbeKey.getSalt() == null) {
                throw new InvalidAlgorithmParameterException("PBEKey requires parameters to specify salt");
            }
            pbeSpec = new PBEParameterSpec(pbeKey.getSalt(), pbeKey.getIterationCount());
        }
        if (pbeSpec == null && !(k instanceof PBEKey)) {
            throw new InvalidKeyException("Algorithm requires a PBE key");
        }
        if (key instanceof BCPBEKey) {
            // PKCS#12 sets an IV, if we get a key that doesn't have ParametersWithIV we need to reject it. If the
            // key has no parameters it means it's an old-school JCE PBE Key - we use getEncoded() on it.
            CipherParameters pbeKeyParam = ((BCPBEKey) key).getParam();
            if (pbeKeyParam instanceof ParametersWithIV) {
                param = pbeKeyParam;
            } else if (pbeKeyParam == null) {
                param = Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
            } else {
                throw new InvalidKeyException("Algorithm requires a PBE key suitable for PKCS12");
            }
        } else {
            param = Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
        }
        if (param instanceof ParametersWithIV) {
            ivParam = (ParametersWithIV) param;
        }
    } else if (key instanceof PBKDF1Key) {
        PBKDF1Key k = (PBKDF1Key) key;
        if (params instanceof PBEParameterSpec) {
            pbeSpec = (PBEParameterSpec) params;
        }
        if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null) {
            pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters) k).getSalt(), ((PBKDF1KeyWithParameters) k).getIterationCount());
        }
        param = Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
        if (param instanceof ParametersWithIV) {
            ivParam = (ParametersWithIV) param;
        }
    } else if (key instanceof BCPBEKey) {
        BCPBEKey k = (BCPBEKey) key;
        if (k.getOID() != null) {
            pbeAlgorithm = k.getOID().getId();
        } else {
            pbeAlgorithm = k.getAlgorithm();
        }
        if (k.getParam() != null) {
            param = adjustParameters(params, k.getParam());
        } else if (params instanceof PBEParameterSpec) {
            pbeSpec = (PBEParameterSpec) params;
            param = Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName());
        } else {
            throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
        }
        if (param instanceof ParametersWithIV) {
            ivParam = (ParametersWithIV) param;
        }
    } else if (key instanceof PBEKey) {
        PBEKey k = (PBEKey) key;
        pbeSpec = (PBEParameterSpec) params;
        if (k instanceof PKCS12KeyWithParameters && pbeSpec == null) {
            pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());
        }
        param = Util.makePBEParameters(k.getEncoded(), scheme, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
        if (param instanceof ParametersWithIV) {
            ivParam = (ParametersWithIV) param;
        }
    } else if (!(key instanceof RepeatedSecretKeySpec)) {
        if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8 || scheme == PKCS5S2 || scheme == PKCS5S2_UTF8) {
            throw new InvalidKeyException("Algorithm requires a PBE key");
        }
        param = new KeyParameter(key.getEncoded());
    } else {
        param = null;
    }
    if (params instanceof AEADParameterSpec) {
        if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) {
            throw new InvalidAlgorithmParameterException("AEADParameterSpec can only be used with AEAD modes.");
        }
        AEADParameterSpec aeadSpec = (AEADParameterSpec) params;
        KeyParameter keyParam;
        if (param instanceof ParametersWithIV) {
            keyParam = (KeyParameter) ((ParametersWithIV) param).getParameters();
        } else {
            keyParam = (KeyParameter) param;
        }
        param = aeadParams = new AEADParameters(keyParam, aeadSpec.getMacSizeInBits(), aeadSpec.getNonce(), aeadSpec.getAssociatedData());
    } else if (params instanceof IvParameterSpec) {
        if (ivLength != 0) {
            IvParameterSpec p = (IvParameterSpec) params;
            if (p.getIV().length != ivLength && !(cipher instanceof AEADGenericBlockCipher) && fixedIv) {
                throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long.");
            }
            if (param instanceof ParametersWithIV) {
                param = new ParametersWithIV(((ParametersWithIV) param).getParameters(), p.getIV());
            } else {
                param = new ParametersWithIV(param, p.getIV());
            }
            ivParam = (ParametersWithIV) param;
        } else {
            if (modeName != null && modeName.equals("ECB")) {
                throw new InvalidAlgorithmParameterException("ECB mode does not use an IV");
            }
        }
    } else if (params instanceof GOST28147ParameterSpec) {
        GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec) params;
        param = new ParametersWithSBox(new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec) params).getSbox());
        if (gost28147Param.getIV() != null && ivLength != 0) {
            if (param instanceof ParametersWithIV) {
                param = new ParametersWithIV(((ParametersWithIV) param).getParameters(), gost28147Param.getIV());
            } else {
                param = new ParametersWithIV(param, gost28147Param.getIV());
            }
            ivParam = (ParametersWithIV) param;
        }
    } else if (params instanceof RC2ParameterSpec) {
        RC2ParameterSpec rc2Param = (RC2ParameterSpec) params;
        param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec) params).getEffectiveKeyBits());
        if (rc2Param.getIV() != null && ivLength != 0) {
            if (param instanceof ParametersWithIV) {
                param = new ParametersWithIV(((ParametersWithIV) param).getParameters(), rc2Param.getIV());
            } else {
                param = new ParametersWithIV(param, rc2Param.getIV());
            }
            ivParam = (ParametersWithIV) param;
        }
    } else if (params instanceof RC5ParameterSpec) {
        RC5ParameterSpec rc5Param = (RC5ParameterSpec) params;
        param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec) params).getRounds());
        if (baseEngine.getAlgorithmName().startsWith("RC5")) {
            if (baseEngine.getAlgorithmName().equals("RC5-32")) {
                if (rc5Param.getWordSize() != 32) {
                    throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
                }
            } else if (baseEngine.getAlgorithmName().equals("RC5-64")) {
                if (rc5Param.getWordSize() != 64) {
                    throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
                }
            }
        } else {
            throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
        }
        if ((rc5Param.getIV() != null) && (ivLength != 0)) {
            if (param instanceof ParametersWithIV) {
                param = new ParametersWithIV(((ParametersWithIV) param).getParameters(), rc5Param.getIV());
            } else {
                param = new ParametersWithIV(param, rc5Param.getIV());
            }
            ivParam = (ParametersWithIV) param;
        }
    } else if (params instanceof FPEParameterSpec) {
        FPEParameterSpec spec = (FPEParameterSpec) params;
        param = new FPEParameters((KeyParameter) param, spec.getRadix(), spec.getTweak(), spec.isUsingInverseFunction());
    } else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) {
        if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) {
            throw new InvalidAlgorithmParameterException("GCMParameterSpec can only be used with AEAD modes.");
        }
        final KeyParameter keyParam;
        if (param instanceof ParametersWithIV) {
            keyParam = (KeyParameter) ((ParametersWithIV) param).getParameters();
        } else {
            keyParam = (KeyParameter) param;
        }
        param = aeadParams = GcmSpecUtil.extractAeadParameters(keyParam, params);
    } else if (params != null && !(params instanceof PBEParameterSpec)) {
        throw new InvalidAlgorithmParameterException("unknown parameter type.");
    }
    if ((ivLength != 0) && !(param instanceof ParametersWithIV) && !(param instanceof AEADParameters)) {
        SecureRandom ivRandom = random;
        if (ivRandom == null) {
            ivRandom = CryptoServicesRegistrar.getSecureRandom();
        }
        if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE)) {
            byte[] iv = new byte[ivLength];
            ivRandom.nextBytes(iv);
            param = new ParametersWithIV(param, iv);
            ivParam = (ParametersWithIV) param;
        } else if (cipher.getUnderlyingCipher().getAlgorithmName().indexOf("PGPCFB") < 0) {
            throw new InvalidAlgorithmParameterException("no IV set when one expected");
        }
    }
    if (random != null && padded) {
        param = new ParametersWithRandom(param, random);
    }
    try {
        switch(opmode) {
            case Cipher.ENCRYPT_MODE:
            case Cipher.WRAP_MODE:
                cipher.init(true, param);
                break;
            case Cipher.DECRYPT_MODE:
            case Cipher.UNWRAP_MODE:
                cipher.init(false, param);
                break;
            default:
                throw new InvalidParameterException("unknown opmode " + opmode + " passed");
        }
        if (cipher instanceof AEADGenericBlockCipher && aeadParams == null) {
            AEADCipher aeadCipher = ((AEADGenericBlockCipher) cipher).cipher;
            aeadParams = new AEADParameters((KeyParameter) ivParam.getParameters(), aeadCipher.getMac().length * 8, ivParam.getIV());
        }
    } catch (IllegalArgumentException e) {
        throw new InvalidAlgorithmParameterException(e.getMessage(), e);
    } catch (Exception e) {
        throw new InvalidKeyOrParametersException(e.getMessage(), e);
    }
}
Also used : RepeatedSecretKeySpec(com.github.zhenwei.provider.jcajce.spec.RepeatedSecretKeySpec) PBKDF1KeyWithParameters(com.github.zhenwei.provider.jcajce.PBKDF1KeyWithParameters) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) GOST28147ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec) PBEKey(javax.crypto.interfaces.PBEKey) AEADCipher(com.github.zhenwei.core.crypto.modes.AEADCipher) RC5ParameterSpec(javax.crypto.spec.RC5ParameterSpec) InvalidParameterException(java.security.InvalidParameterException) PBKDF1Key(com.github.zhenwei.provider.jcajce.PBKDF1Key) RC5Parameters(com.github.zhenwei.core.crypto.params.RC5Parameters) RC2ParameterSpec(javax.crypto.spec.RC2ParameterSpec) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec) PKCS12KeyWithParameters(com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters) FPEParameters(com.github.zhenwei.core.crypto.params.FPEParameters) RC2Parameters(com.github.zhenwei.core.crypto.params.RC2Parameters) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) SecureRandom(java.security.SecureRandom) ParametersWithRandom(com.github.zhenwei.core.crypto.params.ParametersWithRandom) InvalidKeyException(java.security.InvalidKeyException) OutputLengthException(com.github.zhenwei.core.crypto.OutputLengthException) InvalidParameterException(java.security.InvalidParameterException) InvalidCipherTextException(com.github.zhenwei.core.crypto.InvalidCipherTextException) ShortBufferException(javax.crypto.ShortBufferException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) BadPaddingException(javax.crypto.BadPaddingException) DataLengthException(com.github.zhenwei.core.crypto.DataLengthException) AEADParameterSpec(com.github.zhenwei.provider.jcajce.spec.AEADParameterSpec) CipherParameters(com.github.zhenwei.core.crypto.CipherParameters) ParametersWithIV(com.github.zhenwei.core.crypto.params.ParametersWithIV) SecretKey(javax.crypto.SecretKey) AEADParameters(com.github.zhenwei.core.crypto.params.AEADParameters) FPEParameterSpec(com.github.zhenwei.provider.jcajce.spec.FPEParameterSpec) ParametersWithSBox(com.github.zhenwei.core.crypto.params.ParametersWithSBox) IvParameterSpec(javax.crypto.spec.IvParameterSpec) PKCS12Key(com.github.zhenwei.provider.jcajce.PKCS12Key)

Aggregations

GOST28147ParameterSpec (com.github.zhenwei.provider.jcajce.spec.GOST28147ParameterSpec)5 IvParameterSpec (javax.crypto.spec.IvParameterSpec)5 SecretKey (javax.crypto.SecretKey)4 ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)3 ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)3 GOST28147Parameters (com.github.zhenwei.core.asn1.cryptopro.GOST28147Parameters)3 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)3 Cipher (javax.crypto.Cipher)3 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)2 PBES2Parameters (com.github.zhenwei.core.asn1.pkcs.PBES2Parameters)2 PBKDF2Params (com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)2 CipherParameters (com.github.zhenwei.core.crypto.CipherParameters)2 ParametersWithIV (com.github.zhenwei.core.crypto.params.ParametersWithIV)2 ParametersWithSBox (com.github.zhenwei.core.crypto.params.ParametersWithSBox)2 InputDecryptor (com.github.zhenwei.pkix.operator.InputDecryptor)2 InputDecryptorProvider (com.github.zhenwei.pkix.operator.InputDecryptorProvider)2 OperatorCreationException (com.github.zhenwei.pkix.operator.OperatorCreationException)2 PBKDF1Key (com.github.zhenwei.provider.jcajce.PBKDF1Key)2 PKCS12KeyWithParameters (com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters)2 CipherInputStream (com.github.zhenwei.provider.jcajce.io.CipherInputStream)2