Search in sources :

Example 16 with KeyDerivationFunc

use of org.bouncycastle.asn1.pkcs.KeyDerivationFunc in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method getEncryptedObjectStoreData.

private EncryptedObjectStoreData getEncryptedObjectStoreData(AlgorithmIdentifier integrityAlgorithm, char[] password) throws IOException, NoSuchAlgorithmException {
    ObjectData[] dataArray = (ObjectData[]) entries.values().toArray(new ObjectData[entries.size()]);
    KeyDerivationFunc pbkdAlgId = generatePkbdAlgorithmIdentifier(hmacPkbdAlgorithm, 256 / 8);
    byte[] keyBytes = generateKey(pbkdAlgId, "STORE_ENCRYPTION", ((password != null) ? password : new char[0]), 256 / 8);
    ObjectStoreData storeData = new ObjectStoreData(integrityAlgorithm, creationDate, lastModifiedDate, new ObjectDataSequence(dataArray), null);
    EncryptedObjectStoreData encStoreData;
    try {
        if (storeEncryptionAlgorithm.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
            Cipher c = createCipher("AES/CCM/NoPadding", keyBytes);
            byte[] encOut = c.doFinal(storeData.getEncoded());
            AlgorithmParameters algorithmParameters = c.getParameters();
            PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_CCM, CCMParameters.getInstance(algorithmParameters.getEncoded())));
            encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
        } else {
            Cipher c = createCipher("AESKWP", keyBytes);
            byte[] encOut = c.doFinal(storeData.getEncoded());
            PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_wrap_pad));
            encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
        }
    } catch (NoSuchPaddingException e) {
        throw new NoSuchAlgorithmException(e.toString());
    } catch (BadPaddingException e) {
        throw new IOException(e.toString());
    } catch (IllegalBlockSizeException e) {
        throw new IOException(e.toString());
    } catch (InvalidKeyException e) {
        throw new IOException(e.toString());
    } catch (NoSuchProviderException e) {
        throw new IOException(e.toString());
    }
    return encStoreData;
}
Also used : PBES2Parameters(com.github.zhenwei.core.asn1.pkcs.PBES2Parameters) EncryptionScheme(com.github.zhenwei.core.asn1.pkcs.EncryptionScheme) ObjectData(com.github.zhenwei.core.asn1.bc.ObjectData) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) EncryptedObjectStoreData(com.github.zhenwei.core.asn1.bc.EncryptedObjectStoreData) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) ObjectDataSequence(com.github.zhenwei.core.asn1.bc.ObjectDataSequence) KeyDerivationFunc(com.github.zhenwei.core.asn1.pkcs.KeyDerivationFunc) Cipher(javax.crypto.Cipher) ObjectStoreData(com.github.zhenwei.core.asn1.bc.ObjectStoreData) EncryptedObjectStoreData(com.github.zhenwei.core.asn1.bc.EncryptedObjectStoreData) NoSuchProviderException(java.security.NoSuchProviderException) AlgorithmParameters(java.security.AlgorithmParameters)

Example 17 with KeyDerivationFunc

use of org.bouncycastle.asn1.pkcs.KeyDerivationFunc in project xwiki-commons by xwiki.

the class BcPBES2Rc2CipherFactory method getInstance.

@Override
protected PasswordBasedCipher getInstance(boolean forEncryption, byte[] password, KeyDerivationFunc kdfParams, EncryptionScheme scheme) {
    KeyDerivationFunction kdf = getKeyDerivationFunction(kdfParams);
    RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme.getParameters());
    return getPasswordBasedCipher(forEncryption, kdf, getRC2CipherParameters(password, rc2Params, kdf));
}
Also used : KeyDerivationFunction(org.xwiki.crypto.password.KeyDerivationFunction) RC2CBCParameter(org.bouncycastle.asn1.pkcs.RC2CBCParameter)

Example 18 with KeyDerivationFunc

use of org.bouncycastle.asn1.pkcs.KeyDerivationFunc in project xwiki-commons by xwiki.

the class BcScryptKeyDerivationFunctionFactory method getInstance.

@Override
public KeyDerivationFunction getInstance(ASN1Encodable parameters) {
    KeyDerivationFunc kdf = KeyDerivationFunc.getInstance(parameters);
    if (!kdf.getAlgorithm().equals(ALG_ID)) {
        throw new IllegalArgumentException("Illegal algorithm identifier for Scrypt: " + kdf.getAlgorithm().getId());
    }
    ScryptKDFParams params = ScryptKDFParams.getInstance(kdf.getParameters());
    return getInstance(new ScryptParameters((params.getKeyLength() != null) ? params.getKeyLength().intValue() : -1, params.getCostParameter().intValue(), params.getParallelizationParameter().intValue(), params.getBlockSize().intValue(), params.getSalt()));
}
Also used : ScryptKDFParams(org.xwiki.crypto.password.internal.kdf.ScryptKDFParams) KeyDerivationFunc(org.bouncycastle.asn1.pkcs.KeyDerivationFunc) ScryptParameters(org.xwiki.crypto.password.params.ScryptParameters)

Aggregations

KeyDerivationFunc (com.github.zhenwei.core.asn1.pkcs.KeyDerivationFunc)8 PBKDF2Params (com.github.zhenwei.core.asn1.pkcs.PBKDF2Params)6 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)6 Cipher (javax.crypto.Cipher)6 KeyDerivationFunc (org.bouncycastle.asn1.pkcs.KeyDerivationFunc)6 EncryptionScheme (com.github.zhenwei.core.asn1.pkcs.EncryptionScheme)5 AlgorithmParameters (java.security.AlgorithmParameters)5 PBES2Parameters (com.github.zhenwei.core.asn1.pkcs.PBES2Parameters)4 IOException (java.io.IOException)4 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)4 ScryptParams (com.github.zhenwei.core.asn1.misc.ScryptParams)3 OperatorCreationException (com.github.zhenwei.pkix.operator.OperatorCreationException)3 PKCS12KeyWithParameters (com.github.zhenwei.provider.jcajce.PKCS12KeyWithParameters)3 GeneralSecurityException (java.security.GeneralSecurityException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 EncryptionScheme (org.bouncycastle.asn1.pkcs.EncryptionScheme)3 ObjectData (com.github.zhenwei.core.asn1.bc.ObjectData)2 PKCS12PBEParams (com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)2 PBKDF2Config (com.github.zhenwei.core.crypto.util.PBKDF2Config)2 ScryptConfig (com.github.zhenwei.core.crypto.util.ScryptConfig)2