Search in sources :

Example 1 with PBKDF2Parameters

use of org.xwiki.crypto.password.params.PBKDF2Parameters in project xwiki-commons by xwiki.

the class BcPKCS5S2KeyDerivationFunctionFactory method getInstance.

@Override
public KeyDerivationFunction getInstance(KeyDerivationFunctionParameters params) {
    if (!(params instanceof PBKDF2Parameters)) {
        throw new IllegalArgumentException("Invalid parameter used for PKCS5S2 function: " + params.getClass().getName());
    }
    PBKDF2Parameters kdfParams = (PBKDF2Parameters) params;
    PKCS5S2ParametersGenerator generator;
    BcDigestFactory factory = null;
    if (kdfParams.getPseudoRandomFuntionHint() != null) {
        factory = this.getDigestFactory(kdfParams.getPseudoRandomFuntionHint());
        generator = new PKCS5S2ParametersGenerator(factory.getDigestInstance());
    } else {
        generator = new PKCS5S2ParametersGenerator();
    }
    return new AbstractBcPBKDF2(generator, (PBKDF2Parameters) params, (factory != null) ? toHmacAlgId(factory.getAlgorithmIdentifier()) : HMAC_SHA1) {

        @Override
        public KeyDerivationFunc getKeyDerivationFunction() {
            PBKDF2Parameters parameters = (PBKDF2Parameters) getParameters();
            AlgorithmIdentifier algId = getPRFAlgorithmIdentifier();
            return new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, (isKeySizeOverwritten()) ? new PBKDF2Params(parameters.getSalt(), parameters.getIterationCount(), algId) : new PBKDF2Params(parameters.getSalt(), parameters.getIterationCount(), parameters.getKeySize(), algId));
        }
    };
}
Also used : PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator) PBKDF2Parameters(org.xwiki.crypto.password.params.PBKDF2Parameters) KeyDerivationFunc(org.bouncycastle.asn1.pkcs.KeyDerivationFunc) PBKDF2Params(org.xwiki.crypto.password.internal.kdf.PBKDF2Params) AbstractBcDigestFactory(org.xwiki.crypto.internal.digest.factory.AbstractBcDigestFactory) BcDigestFactory(org.xwiki.crypto.internal.digest.factory.BcDigestFactory) AbstractBcPBKDF2(org.xwiki.crypto.password.internal.kdf.AbstractBcPBKDF2) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 2 with PBKDF2Parameters

use of org.xwiki.crypto.password.params.PBKDF2Parameters in project xwiki-commons by xwiki.

the class BcPKCS5S2KeyDerivationFunctionFactory method getInstance.

@Override
public KeyDerivationFunction getInstance(ASN1Encodable parameters) {
    KeyDerivationFunc kdf = KeyDerivationFunc.getInstance(parameters);
    if (!kdf.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2)) {
        throw new IllegalArgumentException("Illegal algorithm identifier for PBKDF2: " + kdf.getAlgorithm().getId());
    }
    PBKDF2Params params = PBKDF2Params.getInstance(kdf.getParameters());
    return getInstance(new PBKDF2Parameters((params.getKeyLength() != null) ? params.getKeyLength().intValue() : -1, params.getIterationCount().intValue(), params.getSalt(), toDigestHint(params.getPseudoRandomFunctionIdentifier())));
}
Also used : PBKDF2Parameters(org.xwiki.crypto.password.params.PBKDF2Parameters) KeyDerivationFunc(org.bouncycastle.asn1.pkcs.KeyDerivationFunc) PBKDF2Params(org.xwiki.crypto.password.internal.kdf.PBKDF2Params)

Example 3 with PBKDF2Parameters

use of org.xwiki.crypto.password.params.PBKDF2Parameters in project xwiki-commons by xwiki.

the class BcPKCS5S2KeyDerivationFunctionFactoryTest method pbkdf2SerializationDeserializationTest.

@Test
public void pbkdf2SerializationDeserializationTest() throws Exception {
    byte[] password = PasswordToByteConverter.convert("password");
    KeyDerivationFunction kdf = getKDFInstance(new PBKDF2Parameters(32, 1000));
    KeyWithIVParameters params = kdf.derive(password, 8);
    KeyDerivationFunction kdf2 = factory.getInstance(kdf.getEncoded());
    KeyWithIVParameters params2 = kdf2.derive(password, 8);
    assertThat(params.getKey(), equalTo(params2.getKey()));
    assertThat(params2.getIV(), equalTo(params2.getIV()));
}
Also used : KeyDerivationFunction(org.xwiki.crypto.password.KeyDerivationFunction) PBKDF2Parameters(org.xwiki.crypto.password.params.PBKDF2Parameters) KeyWithIVParameters(org.xwiki.crypto.params.cipher.symmetric.KeyWithIVParameters) Test(org.junit.Test)

Example 4 with PBKDF2Parameters

use of org.xwiki.crypto.password.params.PBKDF2Parameters in project xwiki-commons by xwiki.

the class BcPKCS5S2KeyDerivationFunctionFactoryTest method pbkdf2KeyWithRandomSaltAndIterationCount.

@Test
public void pbkdf2KeyWithRandomSaltAndIterationCount() throws Exception {
    byte[] password = PasswordToByteConverter.convert("password");
    PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(16);
    KeyParameter params1 = getKDFInstance(kdfParam1).derive(password);
    PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(16);
    KeyParameter params2 = getKDFInstance(kdfParam2).derive(password);
    assertThat(params1.getKey(), not(equalTo(params2.getKey())));
    assertThat(params1.getKey().length, equalTo(16));
    assertThat(kdfParam1.getSalt(), not(equalTo(kdfParam2.getSalt())));
    assertThat(kdfParam1.getIterationCount(), not(equalTo(kdfParam2.getIterationCount())));
}
Also used : PBKDF2Parameters(org.xwiki.crypto.password.params.PBKDF2Parameters) KeyParameter(org.xwiki.crypto.params.cipher.symmetric.KeyParameter) Test(org.junit.Test)

Example 5 with PBKDF2Parameters

use of org.xwiki.crypto.password.params.PBKDF2Parameters in project xwiki-commons by xwiki.

the class BcPKCS5S2KeyDerivationFunctionFactoryTest method pbkdf2KeyWithIVWithRandomSalt.

@Test
public void pbkdf2KeyWithIVWithRandomSalt() throws Exception {
    byte[] password = PasswordToByteConverter.convert("password");
    PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(32, 5);
    KeyWithIVParameters params1 = getKDFInstance(kdfParam1).derive(password, 16);
    PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(32, 5);
    KeyWithIVParameters params2 = getKDFInstance(kdfParam2).derive(password, 16);
    assertThat(params1.getKey(), not(equalTo(params2.getKey())));
    assertThat(params1.getKey().length, equalTo(32));
    assertThat(params1.getIV().length, equalTo(16));
    assertThat(kdfParam1.getIterationCount(), equalTo(kdfParam2.getIterationCount()));
    assertThat(kdfParam1.getSalt(), not(equalTo(kdfParam2.getSalt())));
}
Also used : PBKDF2Parameters(org.xwiki.crypto.password.params.PBKDF2Parameters) KeyWithIVParameters(org.xwiki.crypto.params.cipher.symmetric.KeyWithIVParameters) Test(org.junit.Test)

Aggregations

PBKDF2Parameters (org.xwiki.crypto.password.params.PBKDF2Parameters)13 Test (org.junit.Test)9 KeyWithIVParameters (org.xwiki.crypto.params.cipher.symmetric.KeyWithIVParameters)8 KeyParameter (org.xwiki.crypto.params.cipher.symmetric.KeyParameter)3 KeyDerivationFunc (org.bouncycastle.asn1.pkcs.KeyDerivationFunc)2 KeyDerivationFunction (org.xwiki.crypto.password.KeyDerivationFunction)2 PBKDF2Params (org.xwiki.crypto.password.internal.kdf.PBKDF2Params)2 EncryptedPrivateKeyInfo (javax.crypto.EncryptedPrivateKeyInfo)1 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)1 PKCS5S2ParametersGenerator (org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)1 AbstractBcDigestFactory (org.xwiki.crypto.internal.digest.factory.AbstractBcDigestFactory)1 BcDigestFactory (org.xwiki.crypto.internal.digest.factory.BcDigestFactory)1 PasswordBasedCipher (org.xwiki.crypto.password.PasswordBasedCipher)1 PasswordBasedCipherFactory (org.xwiki.crypto.password.PasswordBasedCipherFactory)1 AbstractBcPBKDF2 (org.xwiki.crypto.password.internal.kdf.AbstractBcPBKDF2)1