/extern/spongycastle/pkix/src/main/java/org/spongycastle/pkcs/bc/PKCS12PBEUtils.java

https://gitlab.com/vizilo/fdroidclient · Java · 153 lines · 125 code · 28 blank · 0 comment · 7 complexity · f2289dd3114271f32e70af70213da6ec MD5 · raw file

  1. package org.spongycastle.pkcs.bc;
  2. import java.io.OutputStream;
  3. import java.util.HashMap;
  4. import java.util.HashSet;
  5. import java.util.Map;
  6. import java.util.Set;
  7. import org.spongycastle.asn1.ASN1ObjectIdentifier;
  8. import org.spongycastle.asn1.pkcs.PKCS12PBEParams;
  9. import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
  10. import org.spongycastle.asn1.x509.AlgorithmIdentifier;
  11. import org.spongycastle.crypto.BlockCipher;
  12. import org.spongycastle.crypto.CipherParameters;
  13. import org.spongycastle.crypto.ExtendedDigest;
  14. import org.spongycastle.crypto.engines.DESedeEngine;
  15. import org.spongycastle.crypto.engines.RC2Engine;
  16. import org.spongycastle.crypto.generators.PKCS12ParametersGenerator;
  17. import org.spongycastle.crypto.io.MacOutputStream;
  18. import org.spongycastle.crypto.macs.HMac;
  19. import org.spongycastle.crypto.modes.CBCBlockCipher;
  20. import org.spongycastle.crypto.paddings.PKCS7Padding;
  21. import org.spongycastle.crypto.paddings.PaddedBufferedBlockCipher;
  22. import org.spongycastle.crypto.params.DESedeParameters;
  23. import org.spongycastle.crypto.params.KeyParameter;
  24. import org.spongycastle.crypto.params.ParametersWithIV;
  25. import org.spongycastle.operator.GenericKey;
  26. import org.spongycastle.operator.MacCalculator;
  27. import org.spongycastle.util.Integers;
  28. class PKCS12PBEUtils
  29. {
  30. private static Map keySizes = new HashMap();
  31. private static Set noIvAlgs = new HashSet();
  32. private static Set desAlgs = new HashSet();
  33. static
  34. {
  35. keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, Integers.valueOf(128));
  36. keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, Integers.valueOf(40));
  37. keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, Integers.valueOf(192));
  38. keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, Integers.valueOf(128));
  39. keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC, Integers.valueOf(128));
  40. keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, Integers.valueOf(40));
  41. noIvAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4);
  42. noIvAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4);
  43. desAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC);
  44. desAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC);
  45. }
  46. static int getKeySize(ASN1ObjectIdentifier algorithm)
  47. {
  48. return ((Integer)keySizes.get(algorithm)).intValue();
  49. }
  50. static boolean hasNoIv(ASN1ObjectIdentifier algorithm)
  51. {
  52. return noIvAlgs.contains(algorithm);
  53. }
  54. static boolean isDesAlg(ASN1ObjectIdentifier algorithm)
  55. {
  56. return desAlgs.contains(algorithm);
  57. }
  58. static PaddedBufferedBlockCipher getEngine(ASN1ObjectIdentifier algorithm)
  59. {
  60. BlockCipher engine;
  61. if (algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC)
  62. || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC))
  63. {
  64. engine = new DESedeEngine();
  65. }
  66. else if (algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC)
  67. || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC))
  68. {
  69. engine = new RC2Engine();
  70. }
  71. else
  72. {
  73. throw new IllegalStateException("unknown algorithm");
  74. }
  75. return new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new PKCS7Padding());
  76. }
  77. static MacCalculator createMacCalculator(final ASN1ObjectIdentifier digestAlgorithm, ExtendedDigest digest, final PKCS12PBEParams pbeParams, final char[] password)
  78. {
  79. PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);
  80. pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue());
  81. final KeyParameter keyParam = (KeyParameter)pGen.generateDerivedMacParameters(digest.getDigestSize() * 8);
  82. final HMac hMac = new HMac(digest);
  83. hMac.init(keyParam);
  84. return new MacCalculator()
  85. {
  86. public AlgorithmIdentifier getAlgorithmIdentifier()
  87. {
  88. return new AlgorithmIdentifier(digestAlgorithm, pbeParams);
  89. }
  90. public OutputStream getOutputStream()
  91. {
  92. return new MacOutputStream(hMac);
  93. }
  94. public byte[] getMac()
  95. {
  96. byte[] res = new byte[hMac.getMacSize()];
  97. hMac.doFinal(res, 0);
  98. return res;
  99. }
  100. public GenericKey getKey()
  101. {
  102. return new GenericKey(getAlgorithmIdentifier(), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
  103. }
  104. };
  105. }
  106. static CipherParameters createCipherParameters(ASN1ObjectIdentifier algorithm, ExtendedDigest digest, int blockSize, PKCS12PBEParams pbeParams, char[] password)
  107. {
  108. PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);
  109. pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue());
  110. CipherParameters params;
  111. if (PKCS12PBEUtils.hasNoIv(algorithm))
  112. {
  113. params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm));
  114. }
  115. else
  116. {
  117. params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm), blockSize * 8);
  118. if (PKCS12PBEUtils.isDesAlg(algorithm))
  119. {
  120. DESedeParameters.setOddParity(((KeyParameter)((ParametersWithIV)params).getParameters()).getKey());
  121. }
  122. }
  123. return params;
  124. }
  125. }