use of org.mozilla.jss.crypto.KeyGenAlgorithm in project jss by dogtagpki.
the class EncryptedContentInfo method decrypt.
/**
* Decrypts the content of an EncryptedContentInfo encrypted with a
* PBE key.
*
* @param pass The password to use in generating the PBE decryption key.
* @param charToByteConverter The converter for converting the password
* characters into bytes. May be null to use the default.
* @return The decrypted contents of the EncryptedContentInfo. The contents
* are first unpadded using the PKCS padding mechanism.
*/
public byte[] decrypt(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) throws IllegalStateException, NotInitializedException, NoSuchAlgorithmException, InvalidBERException, IOException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, IllegalBlockSizeException, BadPaddingException {
if (encryptedContent == null) {
return null;
}
// get the key gen parameters
AlgorithmIdentifier algid = contentEncryptionAlgorithm;
KeyGenAlgorithm kgAlg = KeyGenAlgorithm.fromOID(algid.getOID());
if (!(kgAlg instanceof PBEAlgorithm)) {
throw new NoSuchAlgorithmException("KeyGenAlgorithm is not a" + " PBE algorithm");
}
ASN1Value params = algid.getParameters();
if (params == null) {
throw new InvalidAlgorithmParameterException("PBE algorithms require parameters");
}
PBEParameter pbeParams;
if (params instanceof PBEParameter) {
pbeParams = (PBEParameter) params;
} else {
byte[] encodedParams = ASN1Util.encode(params);
pbeParams = (PBEParameter) ASN1Util.decode(PBEParameter.getTemplate(), encodedParams);
}
PBEKeyGenParams kgp = new PBEKeyGenParams(pass, pbeParams.getSalt(), pbeParams.getIterations());
try {
// compute the key and IV
CryptoToken token = CryptoManager.getInstance().getInternalCryptoToken();
KeyGenerator kg = token.getKeyGenerator(kgAlg);
if (charToByteConverter != null) {
kg.setCharToByteConverter(charToByteConverter);
}
kg.initialize(kgp);
SymmetricKey key = kg.generate();
// compute algorithm parameters
EncryptionAlgorithm encAlg = ((PBEAlgorithm) kgAlg).getEncryptionAlg();
AlgorithmParameterSpec algParams = null;
Class<?>[] paramClasses = encAlg.getParameterClasses();
for (int i = 0; i < paramClasses.length; i++) {
if (paramClasses[i].equals(javax.crypto.spec.IvParameterSpec.class)) {
algParams = new IVParameterSpec(kg.generatePBE_IV());
break;
} else if (paramClasses[i].equals(RC2ParameterSpec.class)) {
algParams = new RC2ParameterSpec(key.getStrength(), kg.generatePBE_IV());
break;
}
}
// perform the decryption
Cipher cipher = token.getCipherContext(encAlg);
cipher.initDecrypt(key, algParams);
return Cipher.unPad(cipher.doFinal(encryptedContent.toByteArray()));
} finally {
kgp.clear();
}
}
use of org.mozilla.jss.crypto.KeyGenAlgorithm in project jss by dogtagpki.
the class EncryptedPrivateKeyInfo method decrypt.
/**
* Decrypts an EncryptedPrivateKeyInfo that was encrypted with a PBE
* algorithm. The algorithm and its parameters are extracted from
* the EncryptedPrivateKeyInfo.
*
* @param pass The password to use to generate the PBE key.
* @param charToByteConverter The converter to change the password
* characters to bytes. If null, the default conversion is used.
*/
public PrivateKeyInfo decrypt(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) throws NotInitializedException, NoSuchAlgorithmException, InvalidBERException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, IllegalBlockSizeException, BadPaddingException, CharConversionException {
// get the key gen parameters
AlgorithmIdentifier algid = encryptionAlgorithm;
KeyGenAlgorithm kgAlg = KeyGenAlgorithm.fromOID(algid.getOID());
if (!(kgAlg instanceof PBEAlgorithm)) {
throw new NoSuchAlgorithmException("KeyGenAlgorithm is not a " + "PBE algorithm");
}
ASN1Value params = algid.getParameters();
if (params == null) {
throw new InvalidAlgorithmParameterException("PBE algorithms require parameters");
}
PBEParameter pbeParams;
if (params instanceof PBEParameter) {
pbeParams = (PBEParameter) params;
} else {
byte[] encodedParams = ASN1Util.encode(params);
pbeParams = (PBEParameter) ASN1Util.decode(PBEParameter.getTemplate(), encodedParams);
}
PBEKeyGenParams kgp = new PBEKeyGenParams(pass, pbeParams.getSalt(), pbeParams.getIterations());
// compute the key and IV
CryptoToken token = CryptoManager.getInstance().getInternalCryptoToken();
KeyGenerator kg = token.getKeyGenerator(kgAlg);
if (charToByteConverter != null) {
kg.setCharToByteConverter(charToByteConverter);
}
kg.initialize(kgp);
SymmetricKey key = kg.generate();
// compute algorithm parameters
EncryptionAlgorithm encAlg = ((PBEAlgorithm) kgAlg).getEncryptionAlg();
AlgorithmParameterSpec algParams = null;
Class<?>[] paramClasses = encAlg.getParameterClasses();
for (int i = 0; i < paramClasses.length; i++) {
if (paramClasses[i].equals(javax.crypto.spec.IvParameterSpec.class)) {
algParams = new IVParameterSpec(kg.generatePBE_IV());
break;
}
}
// perform the decryption
Cipher cipher = token.getCipherContext(encAlg);
cipher.initDecrypt(key, algParams);
byte[] decrypted = Cipher.unPad(cipher.doFinal(encryptedData.toByteArray()));
return (PrivateKeyInfo) ASN1Util.decode(PrivateKeyInfo.getTemplate(), decrypted);
}
use of org.mozilla.jss.crypto.KeyGenAlgorithm in project jss by dogtagpki.
the class EncryptedContentInfo method decrypt.
/**
* Decrypts the content of an EncryptedContentInfo encrypted with a
* PBE key.
*
* @param pass The password to use in generating the PBE decryption key.
* @param charToByteConverter The converter for converting the password
* characters into bytes. May be null to use the default.
* @return The decrypted contents of the EncryptedContentInfo. The contents
* are first unpadded using the PKCS padding mechanism.
*/
public byte[] decrypt(Password pass, KeyGenerator.CharToByteConverter charToByteConverter) throws IllegalStateException, NotInitializedException, NoSuchAlgorithmException, InvalidBERException, IOException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, IllegalBlockSizeException, BadPaddingException {
if (encryptedContent == null) {
return null;
}
// get the key gen parameters
AlgorithmIdentifier algid = contentEncryptionAlgorithm;
KeyGenAlgorithm kgAlg = KeyGenAlgorithm.fromOID(algid.getOID());
if (!(kgAlg instanceof PBEAlgorithm)) {
throw new NoSuchAlgorithmException("KeyGenAlgorithm is not a" + " PBE algorithm");
}
ASN1Value params = algid.getParameters();
if (params == null) {
throw new InvalidAlgorithmParameterException("PBE algorithms require parameters");
}
PBEParameter pbeParams;
if (params instanceof PBEParameter) {
pbeParams = (PBEParameter) params;
} else {
byte[] encodedParams = ASN1Util.encode(params);
pbeParams = (PBEParameter) ASN1Util.decode(PBEParameter.getTemplate(), encodedParams);
}
PBEKeyGenParams kgp = new PBEKeyGenParams(pass, pbeParams.getSalt(), pbeParams.getIterations());
// compute the key and IV
CryptoToken token = CryptoManager.getInstance().getInternalCryptoToken();
KeyGenerator kg = token.getKeyGenerator(kgAlg);
if (charToByteConverter != null) {
kg.setCharToByteConverter(charToByteConverter);
}
kg.initialize(kgp);
SymmetricKey key = kg.generate();
// compute algorithm parameters
EncryptionAlgorithm encAlg = ((PBEAlgorithm) kgAlg).getEncryptionAlg();
AlgorithmParameterSpec algParams = null;
Class<?>[] paramClasses = encAlg.getParameterClasses();
for (int i = 0; i < paramClasses.length; i++) {
if (paramClasses[i].equals(javax.crypto.spec.IvParameterSpec.class)) {
algParams = new IVParameterSpec(kg.generatePBE_IV());
break;
}
}
// perform the decryption
Cipher cipher = token.getCipherContext(encAlg);
cipher.initDecrypt(key, algParams);
return Cipher.unPad(cipher.doFinal(encryptedContent.toByteArray()));
}
Aggregations