Example 6 with PKCS5S2ParametersGenerator
use of org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator in project sentinel-android by Samourai-Wallet.
the class AESUtil method encrypt.
public static String encrypt(String cleartext, CharSequenceX password, int iterations) {
final int AESBlockSize = 4;
if (password == null) {
return null;
}
// Use secure random to generate a 16 byte iv
SecureRandom random = new SecureRandom();
byte[] iv = new byte[AESBlockSize * 4];
random.nextBytes(iv);
byte[] clearbytes = null;
try {
clearbytes = cleartext.getBytes("UTF-8");
} catch (UnsupportedEncodingException uee) {
uee.printStackTrace();
return null;
}
PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
CipherParameters params = new ParametersWithIV(keyParam, iv);
// setup AES cipher in CBC mode with PKCS7 padding
BlockCipherPadding padding = new ISO10126d2Padding();
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
cipher.reset();
cipher.init(true, params);
byte[] outBuf = cipherData(cipher, clearbytes);
// Append to IV to the output
int len1 = iv.length;
int len2 = outBuf.length;
byte[] ivAppended = new byte[len1 + len2];
System.arraycopy(iv, 0, ivAppended, 0, len1);
System.arraycopy(outBuf, 0, ivAppended, len1, len2);
byte[] raw = Base64.encodeBase64(ivAppended);
String ret = new String(raw);
return ret;
}
Also used :
PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
SecureRandom(java.security.SecureRandom)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ISO10126d2Padding(org.bouncycastle.crypto.paddings.ISO10126d2Padding)
CipherParameters(org.bouncycastle.crypto.CipherParameters)
ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)
BlockCipherPadding(org.bouncycastle.crypto.paddings.BlockCipherPadding)
BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher)
PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)
CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)
PBEParametersGenerator(org.bouncycastle.crypto.PBEParametersGenerator)
Example 7 with PKCS5S2ParametersGenerator
use of org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator in project XobotOS by xamarin.
the class PEMUtilities method generateSecretKeyForPKCS5Scheme2.
static SecretKey generateSecretKeyForPKCS5Scheme2(String algorithm, char[] password, byte[] salt, int iterationCount) {
PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
generator.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, iterationCount);
return new SecretKeySpec(((KeyParameter) generator.generateDerivedParameters(PEMUtilities.getKeySize(algorithm))).getKey(), algorithm);
}
Also used :
PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
PBEParametersGenerator(org.bouncycastle.crypto.PBEParametersGenerator)
OpenSSLPBEParametersGenerator(org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator)
Example 8 with PKCS5S2ParametersGenerator
use of org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator in project nifi by apache.
the class PBKDF2CipherProvider method getInitializedCipher.
protected Cipher getInitializedCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, byte[] iv, int keyLength, boolean encryptMode) throws Exception {
if (encryptionMethod == null) {
throw new IllegalArgumentException("The encryption method must be specified");
}
if (!encryptionMethod.isCompatibleWithStrongKDFs()) {
throw new IllegalArgumentException(encryptionMethod.name() + " is not compatible with PBKDF2");
}
String algorithm = encryptionMethod.getAlgorithm();
final String cipherName = CipherUtility.parseCipherFromAlgorithm(algorithm);
if (!CipherUtility.isValidKeyLength(keyLength, cipherName)) {
throw new IllegalArgumentException(String.valueOf(keyLength) + " is not a valid key length for " + cipherName);
}
if (StringUtils.isEmpty(password)) {
throw new IllegalArgumentException("Encryption with an empty password is not supported");
}
if (salt == null || salt.length < DEFAULT_SALT_LENGTH) {
throw new IllegalArgumentException("The salt must be at least " + DEFAULT_SALT_LENGTH + " bytes. To generate a salt, use PBKDF2CipherProvider#generateSalt()");
}
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(this.prf);
gen.init(password.getBytes(StandardCharsets.UTF_8), salt, getIterationCount());
byte[] dk = ((KeyParameter) gen.generateDerivedParameters(keyLength)).getKey();
SecretKey tempKey = new SecretKeySpec(dk, algorithm);
KeyedCipherProvider keyedCipherProvider = new AESKeyedCipherProvider();
return keyedCipherProvider.getCipher(encryptionMethod, tempKey, iv, encryptMode);
}
Also used :
SecretKey(javax.crypto.SecretKey)
PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
Example 9 with PKCS5S2ParametersGenerator
use of org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator in project cxf by apache.
the class PbesHmacAesWrapKeyEncryptionAlgorithm method createDerivedKey.
static byte[] createDerivedKey(String keyAlgoJwt, int keySize, byte[] password, byte[] saltInput, int pbesCount) {
byte[] saltValue = createSaltValue(keyAlgoJwt, saltInput);
Digest digest = null;
int macSigSize = PBES_HMAC_MAP.get(keyAlgoJwt);
if (macSigSize == 256) {
digest = new SHA256Digest();
} else if (macSigSize == 384) {
digest = new SHA384Digest();
} else {
digest = new SHA512Digest();
}
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(digest);
gen.init(password, saltValue, pbesCount);
return ((KeyParameter) gen.generateDerivedParameters(keySize * 8)).getKey();
}
Also used :
SHA512Digest(org.bouncycastle.crypto.digests.SHA512Digest)
PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)
SHA384Digest(org.bouncycastle.crypto.digests.SHA384Digest)
Digest(org.bouncycastle.crypto.Digest)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
SHA512Digest(org.bouncycastle.crypto.digests.SHA512Digest)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
SHA384Digest(org.bouncycastle.crypto.digests.SHA384Digest)
Example 10 with PKCS5S2ParametersGenerator
use of org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator in project OsmAnd-tools by osmandapp.
the class SigningUtils method pinToKey.
/**
* Step (0) to (3): Converts secret PIN to AES key
* @param pin Secret PIN
* @return AES key for next steps
*/
static byte[] pinToKey(String pin) {
int iterations = 1024;
byte[] pinBytes = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(pin.toCharArray());
byte[] salt = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes("".toCharArray());
PKCS5S2ParametersGenerator generator = new PKCS5S2ParametersGenerator(new SHA256Digest());
generator.init(pinBytes, salt, iterations);
KeyParameter params = (KeyParameter) generator.generateDerivedParameters(128);
byte[] intResult = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(toHex(params.getKey()).toCharArray());
generator = new PKCS5S2ParametersGenerator(new SHA256Digest());
generator.init(intResult, salt, iterations);
params = (KeyParameter) generator.generateDerivedParameters(256);
return params.getKey();
}
Also used :
PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
Aggregations
PKCS5S2ParametersGenerator (org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)13
KeyParameter (org.bouncycastle.crypto.params.KeyParameter)10
PBEParametersGenerator (org.bouncycastle.crypto.PBEParametersGenerator)7
CipherParameters (org.bouncycastle.crypto.CipherParameters)5
BufferedBlockCipher (org.bouncycastle.crypto.BufferedBlockCipher)4
SHA256Digest (org.bouncycastle.crypto.digests.SHA256Digest)4
AESEngine (org.bouncycastle.crypto.engines.AESEngine)4
CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)4
PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)4
ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)4
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
SecureRandom (java.security.SecureRandom)2
SecretKeySpec (javax.crypto.spec.SecretKeySpec)2
BlockCipher (org.bouncycastle.crypto.BlockCipher)2
OpenSSLPBEParametersGenerator (org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator)2
OFBBlockCipher (org.bouncycastle.crypto.modes.OFBBlockCipher)2
BlockCipherPadding (org.bouncycastle.crypto.paddings.BlockCipherPadding)2
ISO10126d2Padding (org.bouncycastle.crypto.paddings.ISO10126d2Padding)2
SecretKey (javax.crypto.SecretKey)1
PBKDF2Params (org.bouncycastle.asn1.pkcs.PBKDF2Params)1
