use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.
the class KeyAgreementSpi method engineInit.
protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
if (!(key instanceof DHPrivateKey)) {
throw new InvalidKeyException("DHKeyAgreement requires DHPrivateKey for initialisation");
}
DHPrivateKey privKey = (DHPrivateKey) key;
if (params != null) {
if (// p, g override.
params instanceof DHParameterSpec) {
DHParameterSpec p = (DHParameterSpec) params;
this.p = p.getP();
this.g = p.getG();
this.dheParameters = null;
this.ukmParameters = null;
} else if (params instanceof DHUParameterSpec) {
if (unifiedAgreement == null) {
throw new InvalidAlgorithmParameterException("agreement algorithm not DHU based");
}
this.p = privKey.getParams().getP();
this.g = privKey.getParams().getG();
this.dheParameters = (DHUParameterSpec) params;
this.ukmParameters = ((DHUParameterSpec) params).getUserKeyingMaterial();
if (dheParameters.getEphemeralPublicKey() != null) {
unifiedAgreement.init(new DHUPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(dheParameters.getEphemeralPrivateKey()), generatePublicKeyParameter(dheParameters.getEphemeralPublicKey())));
} else {
unifiedAgreement.init(new DHUPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(dheParameters.getEphemeralPrivateKey())));
}
} else if (params instanceof MQVParameterSpec) {
if (mqvAgreement == null) {
throw new InvalidAlgorithmParameterException("agreement algorithm not MQV based");
}
this.p = privKey.getParams().getP();
this.g = privKey.getParams().getG();
this.mqvParameters = (MQVParameterSpec) params;
this.ukmParameters = ((MQVParameterSpec) params).getUserKeyingMaterial();
if (mqvParameters.getEphemeralPublicKey() != null) {
mqvAgreement.init(new DHMQVPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(mqvParameters.getEphemeralPrivateKey()), generatePublicKeyParameter(mqvParameters.getEphemeralPublicKey())));
} else {
mqvAgreement.init(new DHMQVPrivateParameters(generatePrivateKeyParameter(privKey), generatePrivateKeyParameter(mqvParameters.getEphemeralPrivateKey())));
}
} else if (params instanceof UserKeyingMaterialSpec) {
if (kdf == null) {
throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
}
this.p = privKey.getParams().getP();
this.g = privKey.getParams().getG();
this.dheParameters = null;
this.ukmParameters = ((UserKeyingMaterialSpec) params).getUserKeyingMaterial();
} else {
throw new InvalidAlgorithmParameterException("DHKeyAgreement only accepts DHParameterSpec");
}
} else {
this.p = privKey.getParams().getP();
this.g = privKey.getParams().getG();
}
this.x = privKey.getX();
this.result = bigIntToBytes(x);
}
use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.
the class JceKeyAgreeRecipient method calculateAgreedWrapKey.
private SecretKey calculateAgreedWrapKey(AlgorithmIdentifier keyEncAlg, AlgorithmIdentifier wrapAlg, PublicKey senderPublicKey, ASN1OctetString userKeyingMaterial, PrivateKey receiverPrivateKey, KeyMaterialGenerator kmGen) throws CMSException, GeneralSecurityException, IOException {
receiverPrivateKey = CMSUtils.cleanPrivateKey(receiverPrivateKey);
if (CMSUtils.isMQV(keyEncAlg.getAlgorithm())) {
MQVuserKeyingMaterial ukm = MQVuserKeyingMaterial.getInstance(userKeyingMaterial.getOctets());
SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(getPrivateKeyAlgorithmIdentifier(), ukm.getEphemeralPublicKey().getPublicKey().getBytes());
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
KeyFactory fact = helper.createKeyFactory(keyEncAlg.getAlgorithm());
PublicKey ephemeralKey = fact.generatePublic(pubSpec);
KeyAgreement agreement = helper.createKeyAgreement(keyEncAlg.getAlgorithm());
byte[] ukmKeyingMaterial = (ukm.getAddedukm() != null) ? ukm.getAddedukm().getOctets() : null;
if (kmGen == old_ecc_cms_Generator) {
ukmKeyingMaterial = old_ecc_cms_Generator.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), ukmKeyingMaterial);
}
agreement.init(receiverPrivateKey, new MQVParameterSpec(receiverPrivateKey, ephemeralKey, ukmKeyingMaterial));
agreement.doPhase(senderPublicKey, true);
return agreement.generateSecret(wrapAlg.getAlgorithm().getId());
} else {
KeyAgreement agreement = helper.createKeyAgreement(keyEncAlg.getAlgorithm());
UserKeyingMaterialSpec userKeyingMaterialSpec = null;
if (CMSUtils.isEC(keyEncAlg.getAlgorithm())) {
if (userKeyingMaterial != null) {
byte[] ukmKeyingMaterial = kmGen.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), userKeyingMaterial.getOctets());
userKeyingMaterialSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
} else {
byte[] ukmKeyingMaterial = kmGen.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), null);
userKeyingMaterialSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
}
} else if (CMSUtils.isRFC2631(keyEncAlg.getAlgorithm())) {
if (userKeyingMaterial != null) {
userKeyingMaterialSpec = new UserKeyingMaterialSpec(userKeyingMaterial.getOctets());
}
} else if (CMSUtils.isGOST(keyEncAlg.getAlgorithm())) {
if (userKeyingMaterial != null) {
userKeyingMaterialSpec = new UserKeyingMaterialSpec(userKeyingMaterial.getOctets());
}
} else {
throw new CMSException("Unknown key agreement algorithm: " + keyEncAlg.getAlgorithm());
}
agreement.init(receiverPrivateKey, userKeyingMaterialSpec);
agreement.doPhase(senderPublicKey, true);
return agreement.generateSecret(wrapAlg.getAlgorithm().getId());
}
}
use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.
the class JceKeyTransRecipient method extractSecretKey.
protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey) throws CMSException {
if (CMSUtils.isGOST(keyEncryptionAlgorithm.getAlgorithm())) {
try {
GostR3410KeyTransport transport = GostR3410KeyTransport.getInstance(encryptedEncryptionKey);
GostR3410TransportParameters transParams = transport.getTransportParameters();
KeyFactory keyFactory = helper.createKeyFactory(keyEncryptionAlgorithm.getAlgorithm());
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(transParams.getEphemeralPublicKey().getEncoded()));
KeyAgreement agreement = helper.createKeyAgreement(keyEncryptionAlgorithm.getAlgorithm());
agreement.init(recipientKey, new UserKeyingMaterialSpec(transParams.getUkm()));
agreement.doPhase(pubKey, true);
SecretKey key = agreement.generateSecret(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId());
Cipher keyCipher = helper.createCipher(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap);
keyCipher.init(Cipher.UNWRAP_MODE, key, new GOST28147WrapParameterSpec(transParams.getEncryptionParamSet(), transParams.getUkm()));
Gost2814789EncryptedKey encKey = transport.getSessionEncryptedKey();
return keyCipher.unwrap(Arrays.concatenate(encKey.getEncryptedKey(), encKey.getMacKey()), helper.getBaseCipherName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
} catch (Exception e) {
throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
}
} else {
JceAsymmetricKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey).setMustProduceEncodableUnwrappedKey(unwrappedKeyMustBeEncodable);
if (!extraMappings.isEmpty()) {
for (Iterator it = extraMappings.keySet().iterator(); it.hasNext(); ) {
ASN1ObjectIdentifier algorithm = (ASN1ObjectIdentifier) it.next();
unwrapper.setAlgorithmMapping(algorithm, (String) extraMappings.get(algorithm));
}
}
try {
Key key = helper.getJceKey(encryptedKeyAlgorithm.getAlgorithm(), unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
if (validateKeySize) {
helper.keySizeCheck(encryptedKeyAlgorithm, key);
}
return key;
} catch (OperatorException e) {
throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
}
}
}
use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.
the class KeyAgreementSpi method engineInit.
protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
AsymmetricKeyParameter priv = getLwXDHKeyPrivate(key);
if (priv instanceof X25519PrivateKeyParameters) {
agreement = getAgreement("X25519");
} else if (priv instanceof X448PrivateKeyParameters) {
agreement = getAgreement("X448");
} else {
throw new IllegalStateException("unsupported private key type");
}
ukmParameters = null;
if (params instanceof DHUParameterSpec) {
if (kaAlgorithm.indexOf('U') < 0) {
throw new InvalidAlgorithmParameterException("agreement algorithm not DHU based");
}
dhuSpec = (DHUParameterSpec) params;
ukmParameters = dhuSpec.getUserKeyingMaterial();
agreement.init(new XDHUPrivateParameters(priv, ((BCXDHPrivateKey) dhuSpec.getEphemeralPrivateKey()).engineGetKeyParameters(), ((BCXDHPublicKey) dhuSpec.getEphemeralPublicKey()).engineGetKeyParameters()));
} else {
agreement.init(priv);
if (params instanceof UserKeyingMaterialSpec) {
if (kdf == null) {
throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
}
this.ukmParameters = ((UserKeyingMaterialSpec) params).getUserKeyingMaterial();
} else {
throw new InvalidAlgorithmParameterException("unknown ParameterSpec");
}
}
if (kdf != null && ukmParameters == null) {
ukmParameters = new byte[0];
}
}
use of com.github.zhenwei.provider.jcajce.spec.UserKeyingMaterialSpec in project LinLong-Java by zhenwei1108.
the class JceKeyAgreeRecipientInfoGenerator method generateRecipientEncryptedKeys.
public ASN1Sequence generateRecipientEncryptedKeys(AlgorithmIdentifier keyAgreeAlgorithm, AlgorithmIdentifier keyEncryptionAlgorithm, GenericKey contentEncryptionKey) throws CMSException {
if (recipientIDs.isEmpty()) {
throw new CMSException("No recipients associated with generator - use addRecipient()");
}
init(keyAgreeAlgorithm.getAlgorithm());
PrivateKey senderPrivateKey = this.senderPrivateKey;
ASN1ObjectIdentifier keyAgreementOID = keyAgreeAlgorithm.getAlgorithm();
ASN1EncodableVector recipientEncryptedKeys = new ASN1EncodableVector();
for (int i = 0; i != recipientIDs.size(); i++) {
PublicKey recipientPublicKey = (PublicKey) recipientKeys.get(i);
KeyAgreeRecipientIdentifier karId = (KeyAgreeRecipientIdentifier) recipientIDs.get(i);
try {
AlgorithmParameterSpec agreementParamSpec;
ASN1ObjectIdentifier keyEncAlg = keyEncryptionAlgorithm.getAlgorithm();
if (CMSUtils.isMQV(keyAgreementOID)) {
agreementParamSpec = new MQVParameterSpec(ephemeralKP, recipientPublicKey, userKeyingMaterial);
} else if (CMSUtils.isEC(keyAgreementOID)) {
byte[] ukmKeyingMaterial = ecc_cms_Generator.generateKDFMaterial(keyEncryptionAlgorithm, keySizeProvider.getKeySize(keyEncAlg), userKeyingMaterial);
agreementParamSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
} else if (CMSUtils.isRFC2631(keyAgreementOID)) {
if (userKeyingMaterial != null) {
agreementParamSpec = new UserKeyingMaterialSpec(userKeyingMaterial);
} else {
if (keyAgreementOID.equals(PKCSObjectIdentifiers.id_alg_SSDH)) {
throw new CMSException("User keying material must be set for static keys.");
}
agreementParamSpec = null;
}
} else if (CMSUtils.isGOST(keyAgreementOID)) {
if (userKeyingMaterial != null) {
agreementParamSpec = new UserKeyingMaterialSpec(userKeyingMaterial);
} else {
throw new CMSException("User keying material must be set for static keys.");
}
} else {
throw new CMSException("Unknown key agreement algorithm: " + keyAgreementOID);
}
// Use key agreement to choose a wrap key for this recipient
KeyAgreement keyAgreement = helper.createKeyAgreement(keyAgreementOID);
keyAgreement.init(senderPrivateKey, agreementParamSpec, random);
keyAgreement.doPhase(recipientPublicKey, true);
SecretKey keyEncryptionKey = keyAgreement.generateSecret(keyEncAlg.getId());
// Wrap the content encryption key with the agreement key
Cipher keyEncryptionCipher = helper.createCipher(keyEncAlg);
ASN1OctetString encryptedKey;
if (keyEncAlg.equals(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap) || keyEncAlg.equals(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap)) {
keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, new GOST28147WrapParameterSpec(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet, userKeyingMaterial));
byte[] encKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey));
Gost2814789EncryptedKey encKey = new Gost2814789EncryptedKey(Arrays.copyOfRange(encKeyBytes, 0, encKeyBytes.length - 4), Arrays.copyOfRange(encKeyBytes, encKeyBytes.length - 4, encKeyBytes.length));
encryptedKey = new DEROctetString(encKey.getEncoded(ASN1Encoding.DER));
} else {
keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, random);
byte[] encryptedKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey));
encryptedKey = new DEROctetString(encryptedKeyBytes);
}
recipientEncryptedKeys.add(new RecipientEncryptedKey(karId, encryptedKey));
} catch (GeneralSecurityException e) {
throw new CMSException("cannot perform agreement step: " + e.getMessage(), e);
} catch (IOException e) {
throw new CMSException("unable to encode wrapped key: " + e.getMessage(), e);
}
}
return new DERSequence(recipientEncryptedKeys);
}
Aggregations