/extern/spongycastle/pkix/src/main/java/org/spongycastle/pkcs/bc/BcPKCS12PBEOutputEncryptorBuilder.java

 1package org.spongycastle.pkcs.bc;
 2
 3import java.io.OutputStream;
 4import java.security.SecureRandom;
 5
 6import org.spongycastle.asn1.ASN1ObjectIdentifier;
 7import org.spongycastle.asn1.pkcs.PKCS12PBEParams;
 8import org.spongycastle.asn1.x509.AlgorithmIdentifier;
 9import org.spongycastle.crypto.BlockCipher;
10import org.spongycastle.crypto.BufferedBlockCipher;
11import org.spongycastle.crypto.CipherParameters;
12import org.spongycastle.crypto.ExtendedDigest;
13import org.spongycastle.crypto.digests.SHA1Digest;
14import org.spongycastle.crypto.generators.PKCS12ParametersGenerator;
15import org.spongycastle.crypto.io.CipherOutputStream;
16import org.spongycastle.crypto.paddings.PKCS7Padding;
17import org.spongycastle.crypto.paddings.PaddedBufferedBlockCipher;
18import org.spongycastle.operator.GenericKey;
19import org.spongycastle.operator.OutputEncryptor;
20
21public class BcPKCS12PBEOutputEncryptorBuilder
22{
23    private ExtendedDigest digest;
24
25    private BufferedBlockCipher engine;
26    private ASN1ObjectIdentifier algorithm;
27    private SecureRandom random;
28
29    public BcPKCS12PBEOutputEncryptorBuilder(ASN1ObjectIdentifier algorithm, BlockCipher engine)
30    {
31        this(algorithm, engine, new SHA1Digest());
32    }
33
34    public BcPKCS12PBEOutputEncryptorBuilder(ASN1ObjectIdentifier algorithm, BlockCipher engine, ExtendedDigest pbeDigest)
35    {
36        this.algorithm = algorithm;
37        this.engine = new PaddedBufferedBlockCipher(engine, new PKCS7Padding());
38        this.digest = pbeDigest;
39    }
40
41    public OutputEncryptor build(final char[] password)
42    {
43        if (random == null)
44        {
45            random = new SecureRandom();
46        }
47
48        final byte[] salt = new byte[20];
49        final int    iterationCount = 1024;
50
51        random.nextBytes(salt);
52
53        final PKCS12PBEParams pbeParams = new PKCS12PBEParams(salt, iterationCount);
54
55        CipherParameters params = PKCS12PBEUtils.createCipherParameters(algorithm, digest, engine.getBlockSize(), pbeParams, password);
56
57        engine.init(true, params);
58
59        return new OutputEncryptor()
60        {
61            public AlgorithmIdentifier getAlgorithmIdentifier()
62            {
63                return new AlgorithmIdentifier(algorithm, pbeParams);
64            }
65
66            public OutputStream getOutputStream(OutputStream out)
67            {
68                return new CipherOutputStream(out, engine);
69            }
70
71            public GenericKey getKey()
72            {
73                return new GenericKey(new AlgorithmIdentifier(algorithm, pbeParams), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
74            }
75        };
76    }
77}