use of org.bouncycastle.asn1.pkcs.KeyDerivationFunc in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method getEncryptedObjectStoreData.
private EncryptedObjectStoreData getEncryptedObjectStoreData(AlgorithmIdentifier integrityAlgorithm, char[] password) throws IOException, NoSuchAlgorithmException {
ObjectData[] dataArray = (ObjectData[]) entries.values().toArray(new ObjectData[entries.size()]);
KeyDerivationFunc pbkdAlgId = generatePkbdAlgorithmIdentifier(hmacPkbdAlgorithm, 256 / 8);
byte[] keyBytes = generateKey(pbkdAlgId, "STORE_ENCRYPTION", ((password != null) ? password : new char[0]), 256 / 8);
ObjectStoreData storeData = new ObjectStoreData(integrityAlgorithm, creationDate, lastModifiedDate, new ObjectDataSequence(dataArray), null);
EncryptedObjectStoreData encStoreData;
try {
if (storeEncryptionAlgorithm.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
Cipher c = createCipher("AES/CCM/NoPadding", keyBytes);
byte[] encOut = c.doFinal(storeData.getEncoded());
AlgorithmParameters algorithmParameters = c.getParameters();
PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_CCM, CCMParameters.getInstance(algorithmParameters.getEncoded())));
encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
} else {
Cipher c = createCipher("AESKWP", keyBytes);
byte[] encOut = c.doFinal(storeData.getEncoded());
PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_wrap_pad));
encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
}
} catch (NoSuchPaddingException e) {
throw new NoSuchAlgorithmException(e.toString());
} catch (BadPaddingException e) {
throw new IOException(e.toString());
} catch (IllegalBlockSizeException e) {
throw new IOException(e.toString());
} catch (InvalidKeyException e) {
throw new IOException(e.toString());
} catch (NoSuchProviderException e) {
throw new IOException(e.toString());
}
return encStoreData;
}
use of org.bouncycastle.asn1.pkcs.KeyDerivationFunc in project xwiki-commons by xwiki.
the class BcPBES2Rc2CipherFactory method getInstance.
@Override
protected PasswordBasedCipher getInstance(boolean forEncryption, byte[] password, KeyDerivationFunc kdfParams, EncryptionScheme scheme) {
KeyDerivationFunction kdf = getKeyDerivationFunction(kdfParams);
RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme.getParameters());
return getPasswordBasedCipher(forEncryption, kdf, getRC2CipherParameters(password, rc2Params, kdf));
}
use of org.bouncycastle.asn1.pkcs.KeyDerivationFunc in project xwiki-commons by xwiki.
the class BcScryptKeyDerivationFunctionFactory method getInstance.
@Override
public KeyDerivationFunction getInstance(ASN1Encodable parameters) {
KeyDerivationFunc kdf = KeyDerivationFunc.getInstance(parameters);
if (!kdf.getAlgorithm().equals(ALG_ID)) {
throw new IllegalArgumentException("Illegal algorithm identifier for Scrypt: " + kdf.getAlgorithm().getId());
}
ScryptKDFParams params = ScryptKDFParams.getInstance(kdf.getParameters());
return getInstance(new ScryptParameters((params.getKeyLength() != null) ? params.getKeyLength().intValue() : -1, params.getCostParameter().intValue(), params.getParallelizationParameter().intValue(), params.getBlockSize().intValue(), params.getSalt()));
}
Aggregations