Example 1 with KdfEngine
use of com.keepassdroid.crypto.keyDerivation.KdfEngine in project KeePassDX by Kunzisoft.
the class PwDbV4Output method setIVs.
@Override
protected SecureRandom setIVs(PwDbHeader header) throws PwDbOutputException {
SecureRandom random = super.setIVs(header);
PwDbHeaderV4 h = (PwDbHeaderV4) header;
random.nextBytes(h.masterSeed);
int ivLength = engine.ivLength();
if (ivLength != h.encryptionIV.length) {
h.encryptionIV = new byte[ivLength];
}
random.nextBytes(h.encryptionIV);
UUID kdfUUID = mPM.kdfParameters.kdfUUID;
KdfEngine kdf = KdfFactory.get(kdfUUID);
kdf.randomize(mPM.kdfParameters);
if (h.version < PwDbHeaderV4.FILE_VERSION_32_4) {
h.innerRandomStream = CrsAlgorithm.Salsa20;
h.innerRandomStreamKey = new byte[32];
} else {
h.innerRandomStream = CrsAlgorithm.ChaCha20;
h.innerRandomStreamKey = new byte[64];
}
random.nextBytes(h.innerRandomStreamKey);
randomStream = PwStreamCipherFactory.getInstance(h.innerRandomStream, h.innerRandomStreamKey);
if (randomStream == null) {
throw new PwDbOutputException("Invalid random cipher");
}
if (h.version < PwDbHeaderV4.FILE_VERSION_32_4) {
random.nextBytes(h.streamStartBytes);
}
return random;
}
Also used :
PwDbOutputException(com.keepassdroid.database.exception.PwDbOutputException)
KdfEngine(com.keepassdroid.crypto.keyDerivation.KdfEngine)
PwDbHeaderV4(com.keepassdroid.database.PwDbHeaderV4)
SecureRandom(java.security.SecureRandom)
UUID(java.util.UUID)
Example 2 with KdfEngine
use of com.keepassdroid.crypto.keyDerivation.KdfEngine in project KeePassDX by Kunzisoft.
the class PwDatabaseV4 method makeFinalKey.
public void makeFinalKey(byte[] masterSeed, KdfParameters kdfP, long roundsFix) throws IOException {
KdfEngine kdfEngine = KdfFactory.get(kdfP.kdfUUID);
if (kdfEngine == null) {
throw new IOException("Unknown key derivation function");
}
// Set to 6000 rounds to open corrupted database
if (roundsFix > 0 && kdfP.kdfUUID.equals(AesKdf.CIPHER_UUID)) {
kdfP.setUInt32(AesKdf.ParamRounds, roundsFix);
numKeyEncRounds = roundsFix;
}
byte[] transformedMasterKey = kdfEngine.transform(masterKey, kdfP);
if (transformedMasterKey.length != 32) {
transformedMasterKey = CryptoUtil.hashSha256(transformedMasterKey);
}
byte[] cmpKey = new byte[65];
System.arraycopy(masterSeed, 0, cmpKey, 0, 32);
System.arraycopy(transformedMasterKey, 0, cmpKey, 32, 32);
finalKey = CryptoUtil.resizeKey(cmpKey, 0, 64, dataEngine.keyLength());
MessageDigest md;
try {
md = MessageDigest.getInstance("SHA-512");
cmpKey[64] = 1;
hmacKey = md.digest(cmpKey);
} catch (NoSuchAlgorithmException e) {
throw new IOException("No SHA-512 implementation");
} finally {
Arrays.fill(cmpKey, (byte) 0);
}
}
Also used :
KdfEngine(com.keepassdroid.crypto.keyDerivation.KdfEngine)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
MessageDigest(java.security.MessageDigest)
Aggregations
KdfEngine (com.keepassdroid.crypto.keyDerivation.KdfEngine)2
PwDbHeaderV4 (com.keepassdroid.database.PwDbHeaderV4)1
PwDbOutputException (com.keepassdroid.database.exception.PwDbOutputException)1
IOException (java.io.IOException)1
MessageDigest (java.security.MessageDigest)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
SecureRandom (java.security.SecureRandom)1
UUID (java.util.UUID)1
