Search in sources :

Example 1 with UserKeyingMaterialSpec

use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.

the class KeyAgreementSpi method engineInit.

protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
    if (!(key instanceof DHPrivateKey)) {
        throw new InvalidKeyException("DHKeyAgreement requires DHPrivateKey for initialisation");
    }
    DHPrivateKey privKey = (DHPrivateKey) key;
    if (params != null) {
        if (// p, g override.
        params instanceof DHParameterSpec) {
            DHParameterSpec p = (DHParameterSpec) params;
            this.p = p.getP();
            this.g = p.getG();
            this.dheParameters = null;
            this.ukmParameters = null;
        } else if (params instanceof DHUParameterSpec) {
            if (unifiedAgreement == null) {
                throw new InvalidAlgorithmParameterException("agreement algorithm not DHU based");
            }
            this.p = privKey.getParams().getP();
            this.g = privKey.getParams().getG();
            this.dheParameters = (DHUParameterSpec) params;
            this.ukmParameters = ((DHUParameterSpec) params).getUserKeyingMaterial();
            if (dheParameters.getEphemeralPublicKey() != null) {
                unifiedAgreement.init(new DHUPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(dheParameters.getEphemeralPrivateKey()), generatePublicKeyParameter(dheParameters.getEphemeralPublicKey())));
            } else {
                unifiedAgreement.init(new DHUPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(dheParameters.getEphemeralPrivateKey())));
            }
        } else if (params instanceof MQVParameterSpec) {
            if (mqvAgreement == null) {
                throw new InvalidAlgorithmParameterException("agreement algorithm not MQV based");
            }
            this.p = privKey.getParams().getP();
            this.g = privKey.getParams().getG();
            this.mqvParameters = (MQVParameterSpec) params;
            this.ukmParameters = ((MQVParameterSpec) params).getUserKeyingMaterial();
            if (mqvParameters.getEphemeralPublicKey() != null) {
                mqvAgreement.init(new DHMQVPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(mqvParameters.getEphemeralPrivateKey()), generatePublicKeyParameter(mqvParameters.getEphemeralPublicKey())));
            } else {
                mqvAgreement.init(new DHMQVPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(mqvParameters.getEphemeralPrivateKey())));
            }
        } else if (params instanceof UserKeyingMaterialSpec) {
            if (kdf == null) {
                throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
            }
            this.p = privKey.getParams().getP();
            this.g = privKey.getParams().getG();
            this.dheParameters = null;
            this.ukmParameters = ((UserKeyingMaterialSpec) params).getUserKeyingMaterial();
        } else {
            throw new InvalidAlgorithmParameterException("DHKeyAgreement only accepts DHParameterSpec");
        }
    } else {
        this.p = privKey.getParams().getP();
        this.g = privKey.getParams().getG();
    }
    this.x = privKey.getX();
    this.result = bigIntToBytes(x);
}
Also used : DHMQVPrivateParameters(com.github.zhenwei.core.crypto.params.DHMQVPrivateParameters) DHPrivateKey(javax.crypto.interfaces.DHPrivateKey) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) DHUPrivateParameters(com.github.zhenwei.core.crypto.params.DHUPrivateParameters) DHUParameterSpec(com.github.zhenwei.provider.jcajce.spec.DHUParameterSpec) DHParameterSpec(javax.crypto.spec.DHParameterSpec) InvalidKeyException(java.security.InvalidKeyException) MQVParameterSpec(com.github.zhenwei.provider.jcajce.spec.MQVParameterSpec) UserKeyingMaterialSpec(com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec)

Example 2 with UserKeyingMaterialSpec

use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.

the class JceKeyAgreeRecipient method calculateAgreedWrapKey.

private SecretKey calculateAgreedWrapKey(AlgorithmIdentifier keyEncAlg, AlgorithmIdentifier wrapAlg, PublicKey senderPublicKey, ASN1OctetString userKeyingMaterial, PrivateKey receiverPrivateKey, KeyMaterialGenerator kmGen) throws CMSException, GeneralSecurityException, IOException {
    receiverPrivateKey = CMSUtils.cleanPrivateKey(receiverPrivateKey);
    if (CMSUtils.isMQV(keyEncAlg.getAlgorithm())) {
        MQVuserKeyingMaterial ukm = MQVuserKeyingMaterial.getInstance(userKeyingMaterial.getOctets());
        SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(getPrivateKeyAlgorithmIdentifier(), ukm.getEphemeralPublicKey().getPublicKey().getBytes());
        X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
        KeyFactory fact = helper.createKeyFactory(keyEncAlg.getAlgorithm());
        PublicKey ephemeralKey = fact.generatePublic(pubSpec);
        KeyAgreement agreement = helper.createKeyAgreement(keyEncAlg.getAlgorithm());
        byte[] ukmKeyingMaterial = (ukm.getAddedukm() != null) ? ukm.getAddedukm().getOctets() : null;
        if (kmGen == old_ecc_cms_Generator) {
            ukmKeyingMaterial = old_ecc_cms_Generator.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), ukmKeyingMaterial);
        }
        agreement.init(receiverPrivateKey, new MQVParameterSpec(receiverPrivateKey, ephemeralKey, ukmKeyingMaterial));
        agreement.doPhase(senderPublicKey, true);
        return agreement.generateSecret(wrapAlg.getAlgorithm().getId());
    } else {
        KeyAgreement agreement = helper.createKeyAgreement(keyEncAlg.getAlgorithm());
        UserKeyingMaterialSpec userKeyingMaterialSpec = null;
        if (CMSUtils.isEC(keyEncAlg.getAlgorithm())) {
            if (userKeyingMaterial != null) {
                byte[] ukmKeyingMaterial = kmGen.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), userKeyingMaterial.getOctets());
                userKeyingMaterialSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
            } else {
                byte[] ukmKeyingMaterial = kmGen.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), null);
                userKeyingMaterialSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
            }
        } else if (CMSUtils.isRFC2631(keyEncAlg.getAlgorithm())) {
            if (userKeyingMaterial != null) {
                userKeyingMaterialSpec = new UserKeyingMaterialSpec(userKeyingMaterial.getOctets());
            }
        } else if (CMSUtils.isGOST(keyEncAlg.getAlgorithm())) {
            if (userKeyingMaterial != null) {
                userKeyingMaterialSpec = new UserKeyingMaterialSpec(userKeyingMaterial.getOctets());
            }
        } else {
            throw new CMSException("Unknown key agreement algorithm: " + keyEncAlg.getAlgorithm());
        }
        agreement.init(receiverPrivateKey, userKeyingMaterialSpec);
        agreement.doPhase(senderPublicKey, true);
        return agreement.generateSecret(wrapAlg.getAlgorithm().getId());
    }
}
Also used : MQVuserKeyingMaterial(com.github.zhenwei.pkix.util.asn1.cms.ecc.MQVuserKeyingMaterial) PublicKey(java.security.PublicKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) KeyAgreement(javax.crypto.KeyAgreement) SubjectPublicKeyInfo(com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo) MQVParameterSpec(com.github.zhenwei.provider.jcajce.spec.MQVParameterSpec) KeyFactory(java.security.KeyFactory) UserKeyingMaterialSpec(com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec) CMSException(com.github.zhenwei.pkix.cms.CMSException)

Example 3 with UserKeyingMaterialSpec

use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.

the class JceKeyTransRecipient method extractSecretKey.

protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey) throws CMSException {
    if (CMSUtils.isGOST(keyEncryptionAlgorithm.getAlgorithm())) {
        try {
            GostR3410KeyTransport transport = GostR3410KeyTransport.getInstance(encryptedEncryptionKey);
            GostR3410TransportParameters transParams = transport.getTransportParameters();
            KeyFactory keyFactory = helper.createKeyFactory(keyEncryptionAlgorithm.getAlgorithm());
            PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(transParams.getEphemeralPublicKey().getEncoded()));
            KeyAgreement agreement = helper.createKeyAgreement(keyEncryptionAlgorithm.getAlgorithm());
            agreement.init(recipientKey, new UserKeyingMaterialSpec(transParams.getUkm()));
            agreement.doPhase(pubKey, true);
            SecretKey key = agreement.generateSecret(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId());
            Cipher keyCipher = helper.createCipher(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap);
            keyCipher.init(Cipher.UNWRAP_MODE, key, new GOST28147WrapParameterSpec(transParams.getEncryptionParamSet(), transParams.getUkm()));
            Gost2814789EncryptedKey encKey = transport.getSessionEncryptedKey();
            return keyCipher.unwrap(Arrays.concatenate(encKey.getEncryptedKey(), encKey.getMacKey()), helper.getBaseCipherName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
        } catch (Exception e) {
            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
        }
    } else {
        JceAsymmetricKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey).setMustProduceEncodableUnwrappedKey(unwrappedKeyMustBeEncodable);
        if (!extraMappings.isEmpty()) {
            for (Iterator it = extraMappings.keySet().iterator(); it.hasNext(); ) {
                ASN1ObjectIdentifier algorithm = (ASN1ObjectIdentifier) it.next();
                unwrapper.setAlgorithmMapping(algorithm, (String) extraMappings.get(algorithm));
            }
        }
        try {
            Key key = helper.getJceKey(encryptedKeyAlgorithm.getAlgorithm(), unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
            if (validateKeySize) {
                helper.keySizeCheck(encryptedKeyAlgorithm, key);
            }
            return key;
        } catch (OperatorException e) {
            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
        }
    }
}
Also used : JceAsymmetricKeyUnwrapper(com.github.zhenwei.pkix.operator.jcajce.JceAsymmetricKeyUnwrapper) PublicKey(java.security.PublicKey) GOST28147WrapParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147WrapParameterSpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) UserKeyingMaterialSpec(com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec) CMSException(com.github.zhenwei.pkix.cms.CMSException) OperatorException(com.github.zhenwei.pkix.operator.OperatorException) GostR3410KeyTransport(com.github.zhenwei.core.asn1.cryptopro.GostR3410KeyTransport) GostR3410TransportParameters(com.github.zhenwei.core.asn1.cryptopro.GostR3410TransportParameters) Gost2814789EncryptedKey(com.github.zhenwei.core.asn1.cryptopro.Gost2814789EncryptedKey) SecretKey(javax.crypto.SecretKey) Iterator(java.util.Iterator) Cipher(javax.crypto.Cipher) KeyAgreement(javax.crypto.KeyAgreement) KeyFactory(java.security.KeyFactory) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) PublicKey(java.security.PublicKey) Key(java.security.Key) PrivateKey(java.security.PrivateKey) Gost2814789EncryptedKey(com.github.zhenwei.core.asn1.cryptopro.Gost2814789EncryptedKey) SecretKey(javax.crypto.SecretKey) OperatorException(com.github.zhenwei.pkix.operator.OperatorException) CMSException(com.github.zhenwei.pkix.cms.CMSException)

Example 4 with UserKeyingMaterialSpec

use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.

the class KeyAgreementSpi method engineInit.

protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
    AsymmetricKeyParameter priv = getLwXDHKeyPrivate(key);
    if (priv instanceof X25519PrivateKeyParameters) {
        agreement = getAgreement("X25519");
    } else if (priv instanceof X448PrivateKeyParameters) {
        agreement = getAgreement("X448");
    } else {
        throw new IllegalStateException("unsupported private key type");
    }
    ukmParameters = null;
    if (params instanceof DHUParameterSpec) {
        if (kaAlgorithm.indexOf('U') < 0) {
            throw new InvalidAlgorithmParameterException("agreement algorithm not DHU based");
        }
        dhuSpec = (DHUParameterSpec) params;
        ukmParameters = dhuSpec.getUserKeyingMaterial();
        agreement.init(new XDHUPrivateParameters(priv, ((BCXDHPrivateKey) dhuSpec.getEphemeralPrivateKey()).engineGetKeyParameters(), ((BCXDHPublicKey) dhuSpec.getEphemeralPublicKey()).engineGetKeyParameters()));
    } else {
        agreement.init(priv);
        if (params instanceof UserKeyingMaterialSpec) {
            if (kdf == null) {
                throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
            }
            this.ukmParameters = ((UserKeyingMaterialSpec) params).getUserKeyingMaterial();
        } else {
            throw new InvalidAlgorithmParameterException("unknown ParameterSpec");
        }
    }
    if (kdf != null && ukmParameters == null) {
        ukmParameters = new byte[0];
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) AsymmetricKeyParameter(com.github.zhenwei.core.crypto.params.AsymmetricKeyParameter) DHUParameterSpec(com.github.zhenwei.provider.jcajce.spec.DHUParameterSpec) X25519PrivateKeyParameters(com.github.zhenwei.core.crypto.params.X25519PrivateKeyParameters) X448PrivateKeyParameters(com.github.zhenwei.core.crypto.params.X448PrivateKeyParameters) XDHUPrivateParameters(com.github.zhenwei.core.crypto.params.XDHUPrivateParameters) UserKeyingMaterialSpec(com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec)

Example 5 with UserKeyingMaterialSpec

use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.

the class JceKeyAgreeRecipientInfoGenerator method generateRecipientEncryptedKeys.

public ASN1Sequence generateRecipientEncryptedKeys(AlgorithmIdentifier keyAgreeAlgorithm, AlgorithmIdentifier keyEncryptionAlgorithm, GenericKey contentEncryptionKey) throws CMSException {
    if (recipientIDs.isEmpty()) {
        throw new CMSException("No recipients associated with generator - use addRecipient()");
    }
    init(keyAgreeAlgorithm.getAlgorithm());
    PrivateKey senderPrivateKey = this.senderPrivateKey;
    ASN1ObjectIdentifier keyAgreementOID = keyAgreeAlgorithm.getAlgorithm();
    ASN1EncodableVector recipientEncryptedKeys = new ASN1EncodableVector();
    for (int i = 0; i != recipientIDs.size(); i++) {
        PublicKey recipientPublicKey = (PublicKey) recipientKeys.get(i);
        KeyAgreeRecipientIdentifier karId = (KeyAgreeRecipientIdentifier) recipientIDs.get(i);
        try {
            AlgorithmParameterSpec agreementParamSpec;
            ASN1ObjectIdentifier keyEncAlg = keyEncryptionAlgorithm.getAlgorithm();
            if (CMSUtils.isMQV(keyAgreementOID)) {
                agreementParamSpec = new MQVParameterSpec(ephemeralKP, recipientPublicKey, userKeyingMaterial);
            } else if (CMSUtils.isEC(keyAgreementOID)) {
                byte[] ukmKeyingMaterial = ecc_cms_Generator.generateKDFMaterial(keyEncryptionAlgorithm, keySizeProvider.getKeySize(keyEncAlg), userKeyingMaterial);
                agreementParamSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
            } else if (CMSUtils.isRFC2631(keyAgreementOID)) {
                if (userKeyingMaterial != null) {
                    agreementParamSpec = new UserKeyingMaterialSpec(userKeyingMaterial);
                } else {
                    if (keyAgreementOID.equals(PKCSObjectIdentifiers.id_alg_SSDH)) {
                        throw new CMSException("User keying material must be set for static keys.");
                    }
                    agreementParamSpec = null;
                }
            } else if (CMSUtils.isGOST(keyAgreementOID)) {
                if (userKeyingMaterial != null) {
                    agreementParamSpec = new UserKeyingMaterialSpec(userKeyingMaterial);
                } else {
                    throw new CMSException("User keying material must be set for static keys.");
                }
            } else {
                throw new CMSException("Unknown key agreement algorithm: " + keyAgreementOID);
            }
            // Use key agreement to choose a wrap key for this recipient
            KeyAgreement keyAgreement = helper.createKeyAgreement(keyAgreementOID);
            keyAgreement.init(senderPrivateKey, agreementParamSpec, random);
            keyAgreement.doPhase(recipientPublicKey, true);
            SecretKey keyEncryptionKey = keyAgreement.generateSecret(keyEncAlg.getId());
            // Wrap the content encryption key with the agreement key
            Cipher keyEncryptionCipher = helper.createCipher(keyEncAlg);
            ASN1OctetString encryptedKey;
            if (keyEncAlg.equals(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap) || keyEncAlg.equals(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap)) {
                keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, new GOST28147WrapParameterSpec(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet, userKeyingMaterial));
                byte[] encKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey));
                Gost2814789EncryptedKey encKey = new Gost2814789EncryptedKey(Arrays.copyOfRange(encKeyBytes, 0, encKeyBytes.length - 4), Arrays.copyOfRange(encKeyBytes, encKeyBytes.length - 4, encKeyBytes.length));
                encryptedKey = new DEROctetString(encKey.getEncoded(ASN1Encoding.DER));
            } else {
                keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, random);
                byte[] encryptedKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey));
                encryptedKey = new DEROctetString(encryptedKeyBytes);
            }
            recipientEncryptedKeys.add(new RecipientEncryptedKey(karId, encryptedKey));
        } catch (GeneralSecurityException e) {
            throw new CMSException("cannot perform agreement step: " + e.getMessage(), e);
        } catch (IOException e) {
            throw new CMSException("unable to encode wrapped key: " + e.getMessage(), e);
        }
    }
    return new DERSequence(recipientEncryptedKeys);
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) PrivateKey(java.security.PrivateKey) OriginatorPublicKey(com.github.zhenwei.pkix.util.asn1.cms.OriginatorPublicKey) PublicKey(java.security.PublicKey) GOST28147WrapParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST28147WrapParameterSpec) RecipientEncryptedKey(com.github.zhenwei.pkix.util.asn1.cms.RecipientEncryptedKey) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) UserKeyingMaterialSpec(com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) Gost2814789EncryptedKey(com.github.zhenwei.core.asn1.cryptopro.Gost2814789EncryptedKey) SecretKey(javax.crypto.SecretKey) DERSequence(com.github.zhenwei.core.asn1.DERSequence) ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector) Cipher(javax.crypto.Cipher) KeyAgreement(javax.crypto.KeyAgreement) AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec) MQVParameterSpec(com.github.zhenwei.provider.jcajce.spec.MQVParameterSpec) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) CMSException(com.github.zhenwei.pkix.cms.CMSException) KeyAgreeRecipientIdentifier(com.github.zhenwei.pkix.util.asn1.cms.KeyAgreeRecipientIdentifier)

Aggregations

UserKeyingMaterialSpec (com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec)7 MQVParameterSpec (com.github.zhenwei.provider.jcajce.spec.MQVParameterSpec)4 KeyAgreement (javax.crypto.KeyAgreement)4 Gost2814789EncryptedKey (com.github.zhenwei.core.asn1.cryptopro.Gost2814789EncryptedKey)3 CMSException (com.github.zhenwei.pkix.cms.CMSException)3 DHUParameterSpec (com.github.zhenwei.provider.jcajce.spec.DHUParameterSpec)3 GOST28147WrapParameterSpec (com.github.zhenwei.provider.jcajce.spec.GOST28147WrapParameterSpec)3 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3 InvalidKeyException (java.security.InvalidKeyException)3 PrivateKey (java.security.PrivateKey)3 PublicKey (java.security.PublicKey)3 Cipher (javax.crypto.Cipher)3 SecretKey (javax.crypto.SecretKey)3 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)2 GostR3410KeyTransport (com.github.zhenwei.core.asn1.cryptopro.GostR3410KeyTransport)2 GostR3410TransportParameters (com.github.zhenwei.core.asn1.cryptopro.GostR3410TransportParameters)2 SubjectPublicKeyInfo (com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)2 OperatorException (com.github.zhenwei.pkix.operator.OperatorException)2 GeneralSecurityException (java.security.GeneralSecurityException)2 KeyFactory (java.security.KeyFactory)2