/extern/spongycastle/pkix/src/main/java/org/spongycastle/pkcs/bc/PKCS12PBEUtils.java
Java | 153 lines | 125 code | 28 blank | 0 comment | 7 complexity | f2289dd3114271f32e70af70213da6ec MD5 | raw file
1package org.spongycastle.pkcs.bc; 2 3import java.io.OutputStream; 4import java.util.HashMap; 5import java.util.HashSet; 6import java.util.Map; 7import java.util.Set; 8 9import org.spongycastle.asn1.ASN1ObjectIdentifier; 10import org.spongycastle.asn1.pkcs.PKCS12PBEParams; 11import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers; 12import org.spongycastle.asn1.x509.AlgorithmIdentifier; 13import org.spongycastle.crypto.BlockCipher; 14import org.spongycastle.crypto.CipherParameters; 15import org.spongycastle.crypto.ExtendedDigest; 16import org.spongycastle.crypto.engines.DESedeEngine; 17import org.spongycastle.crypto.engines.RC2Engine; 18import org.spongycastle.crypto.generators.PKCS12ParametersGenerator; 19import org.spongycastle.crypto.io.MacOutputStream; 20import org.spongycastle.crypto.macs.HMac; 21import org.spongycastle.crypto.modes.CBCBlockCipher; 22import org.spongycastle.crypto.paddings.PKCS7Padding; 23import org.spongycastle.crypto.paddings.PaddedBufferedBlockCipher; 24import org.spongycastle.crypto.params.DESedeParameters; 25import org.spongycastle.crypto.params.KeyParameter; 26import org.spongycastle.crypto.params.ParametersWithIV; 27import org.spongycastle.operator.GenericKey; 28import org.spongycastle.operator.MacCalculator; 29import org.spongycastle.util.Integers; 30 31class PKCS12PBEUtils 32{ 33 private static Map keySizes = new HashMap(); 34 private static Set noIvAlgs = new HashSet(); 35 private static Set desAlgs = new HashSet(); 36 37 static 38 { 39 keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, Integers.valueOf(128)); 40 keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, Integers.valueOf(40)); 41 keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, Integers.valueOf(192)); 42 keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, Integers.valueOf(128)); 43 keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC, Integers.valueOf(128)); 44 keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, Integers.valueOf(40)); 45 46 noIvAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4); 47 noIvAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4); 48 49 desAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC); 50 desAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC); 51 } 52 53 static int getKeySize(ASN1ObjectIdentifier algorithm) 54 { 55 return ((Integer)keySizes.get(algorithm)).intValue(); 56 } 57 58 static boolean hasNoIv(ASN1ObjectIdentifier algorithm) 59 { 60 return noIvAlgs.contains(algorithm); 61 } 62 63 static boolean isDesAlg(ASN1ObjectIdentifier algorithm) 64 { 65 return desAlgs.contains(algorithm); 66 } 67 68 static PaddedBufferedBlockCipher getEngine(ASN1ObjectIdentifier algorithm) 69 { 70 BlockCipher engine; 71 72 if (algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC) 73 || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC)) 74 { 75 engine = new DESedeEngine(); 76 } 77 else if (algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC) 78 || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC)) 79 { 80 engine = new RC2Engine(); 81 } 82 else 83 { 84 throw new IllegalStateException("unknown algorithm"); 85 } 86 87 return new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new PKCS7Padding()); 88 } 89 90 static MacCalculator createMacCalculator(final ASN1ObjectIdentifier digestAlgorithm, ExtendedDigest digest, final PKCS12PBEParams pbeParams, final char[] password) 91 { 92 PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest); 93 94 pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue()); 95 96 final KeyParameter keyParam = (KeyParameter)pGen.generateDerivedMacParameters(digest.getDigestSize() * 8); 97 98 final HMac hMac = new HMac(digest); 99 100 hMac.init(keyParam); 101 102 return new MacCalculator() 103 { 104 public AlgorithmIdentifier getAlgorithmIdentifier() 105 { 106 return new AlgorithmIdentifier(digestAlgorithm, pbeParams); 107 } 108 109 public OutputStream getOutputStream() 110 { 111 return new MacOutputStream(hMac); 112 } 113 114 public byte[] getMac() 115 { 116 byte[] res = new byte[hMac.getMacSize()]; 117 118 hMac.doFinal(res, 0); 119 120 return res; 121 } 122 123 public GenericKey getKey() 124 { 125 return new GenericKey(getAlgorithmIdentifier(), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password)); 126 } 127 }; 128 } 129 130 static CipherParameters createCipherParameters(ASN1ObjectIdentifier algorithm, ExtendedDigest digest, int blockSize, PKCS12PBEParams pbeParams, char[] password) 131 { 132 PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest); 133 134 pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue()); 135 136 CipherParameters params; 137 138 if (PKCS12PBEUtils.hasNoIv(algorithm)) 139 { 140 params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm)); 141 } 142 else 143 { 144 params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm), blockSize * 8); 145 146 if (PKCS12PBEUtils.isDesAlg(algorithm)) 147 { 148 DESedeParameters.setOddParity(((KeyParameter)((ParametersWithIV)params).getParameters()).getKey()); 149 } 150 } 151 return params; 152 } 153}