List of usage examples for org.bouncycastle.crypto.generators OpenSSLPBEParametersGenerator OpenSSLPBEParametersGenerator
public OpenSSLPBEParametersGenerator()
From source file:com.thecorpora.qbo.androidapk.AESCipher.java
License:Open Source License
private ParametersWithIV getKeyParamWithIv(String keyphrase, byte[] salt) { int iterationCount = 1; //creating generator for PBE derived keys and ivs as used by open ssl PBEParametersGenerator generator = new OpenSSLPBEParametersGenerator(); //intialse the PBE generator with password, salt and iteration count generator.init(PBEParametersGenerator.PKCS5PasswordToBytes(keyphrase.toCharArray()), salt, iterationCount); //Generate a key with initialisation vector parameter derived from the password, salt and iteration count ParametersWithIV paramWithIv = (ParametersWithIV) generator.generateDerivedParameters(256, 128); KeyParameter keyParam = (KeyParameter) paramWithIv.getParameters(); return paramWithIv; }
From source file:edu.vt.middleware.crypt.pbe.OpenSSLKeyGenerator.java
License:Open Source License
/** {@inheritDoc} */ public byte[] generate(final char[] password, final int size) { final OpenSSLPBEParametersGenerator generator = new OpenSSLPBEParametersGenerator(); generator.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt); final KeyParameter p = (KeyParameter) generator.generateDerivedParameters(size); return p.getKey(); }
From source file:edu.vt.middleware.crypt.PbeKeyGenerator.java
License:Open Source License
/** * Generate a key from a text password using a method based ok PKCS#5 version * 2 that is consistent with that performed by the openssl enc operation. * * @param password Raw material used for key generation. * @param keyBitLength Size of generated key in bits. * @param salt Key initialization data. * * @return Secret key based on password. *//* w w w .j av a 2 s. co m*/ public SecretKey generateOpenssl(final char[] password, final int keyBitLength, final byte[] salt) { return generate(new OpenSSLPBEParametersGenerator(), PBEParametersGenerator.PKCS5PasswordToBytes(password), keyBitLength, salt); }
From source file:edu.vt.middleware.crypt.PbeKeyGenerator.java
License:Open Source License
/** * Generate a key/IV pair from a text password using a strategy compatible * with the OpenSSL enc operation. The strategy is based on PKCS#5 version 2, * but uses a MD5 hash instead of SHA1 and an iteration count of 1. For * compatibility with OpenSSL, the IV size should be equal to key size. * * @param password Raw material used for key generation. * @param keyBitLength Size of generated key in bits. * @param ivBitLength Size of generated IV in bits. * @param salt Key initialization data. * * @return Secret key based on password. *//*from www.j ava 2 s . co m*/ public KeyWithIV generateOpenssl(final char[] password, final int keyBitLength, final int ivBitLength, final byte[] salt) { return generate(new OpenSSLPBEParametersGenerator(), PBEParametersGenerator.PKCS5PasswordToBytes(password), keyBitLength, ivBitLength, salt); }
From source file:edu.wisc.doit.tcrypt.BouncyCastleFileEncrypter.java
License:Apache License
protected ParametersWithIV generateParameters() throws InvalidCipherTextException, IOException { //Generate a random password final byte[] passwordBytes = new byte[PASSWORD_LENGTH]; SECURE_RANDOM.nextBytes(passwordBytes); final byte[] passwordBase64Bytes = Base64.encodeBase64(passwordBytes); final String passwordBase64String = new String(passwordBase64Bytes, CHARSET); //Generate a random salt final byte[] saltBytes = new byte[SALT_LENGTH]; SECURE_RANDOM.nextBytes(saltBytes);//from www . j a va 2s . co m //Generate key & iv final OpenSSLPBEParametersGenerator generator = new OpenSSLPBEParametersGenerator(); generator.init(PBEParametersGenerator.PKCS5PasswordToBytes(passwordBase64String.toCharArray()), saltBytes); return (ParametersWithIV) generator.generateDerivedParameters(KEY_LENGTH, IV_LENGTH); }
From source file:org.cryptacular.pbe.OpenSSLEncryptionScheme.java
License:Open Source License
/** * Creates a new instance using the given parameters. * * @param cipher Buffered block cipher algorithm. * @param salt Salt data for key generation function. * @param keyBitLength Size of derived keys in bits. * @param password Password used to derive key. *//* w w w . j a v a 2 s . c o m*/ public OpenSSLEncryptionScheme(final BufferedBlockCipher cipher, final byte[] salt, final int keyBitLength, final char[] password) { final OpenSSLPBEParametersGenerator generator = new OpenSSLPBEParametersGenerator(); generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password), salt); setCipher(cipher); setCipherParameters(generator.generateDerivedParameters(keyBitLength)); }
From source file:org.cryptacular.pbe.OpenSSLEncryptionScheme.java
License:Open Source License
/** * Creates a new instance from an algorithm and salt data. * * @param algorithm OpenSSL key encryption algorithm. * @param iv Explicit IV; first 8 bytes also used for salt in PBE key * generation.//w ww. j a v a2s . c om * @param password Password used to derive key. */ public OpenSSLEncryptionScheme(final OpenSSLAlgorithm algorithm, final byte[] iv, final char[] password) { byte[] salt = iv; if (iv.length > 8) { salt = new byte[8]; System.arraycopy(iv, 0, salt, 0, 8); } final OpenSSLPBEParametersGenerator generator = new OpenSSLPBEParametersGenerator(); generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password), salt); setCipher(algorithm.getCipherSpec().newInstance()); setCipherParameters(new ParametersWithIV( generator.generateDerivedParameters(algorithm.getCipherSpec().getKeyLength()), iv)); }
From source file:org.jruby.ext.openssl.impl.pem.PEMUtilities.java
License:Open Source License
private static SecretKey getKey(char[] password, String algorithm, int keyLength, byte[] salt, boolean des2) { OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator(); pGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt); KeyParameter keyParam;//from w ww . j a va 2 s .c o m keyParam = (KeyParameter) pGen.generateDerivedParameters(keyLength * 8); byte[] key = keyParam.getKey(); if (des2 && key.length >= 24) { // For DES2, we must copy first 8 bytes into the last 8 bytes. System.arraycopy(key, 0, key, 16, 8); } return new SecretKeySpec(key, algorithm); }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
@Override public void writeDSAPrivateKey(Writer _out, DSAPrivateKey obj, String algo, char[] f) throws IOException { BufferedWriter out = makeBuffered(_out); ByteArrayInputStream bIn = new ByteArrayInputStream(getEncoded(obj)); ASN1InputStream aIn = new ASN1InputStream(bIn); PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) aIn.readObject()); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream aOut = new ASN1OutputStream(bOut); DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERInteger(0)); v.add(new DERInteger(p.getP())); v.add(new DERInteger(p.getQ())); v.add(new DERInteger(p.getG())); BigInteger x = obj.getX();/* ww w. ja v a2s .c o m*/ BigInteger y = p.getG().modPow(x, p.getP()); v.add(new DERInteger(y)); v.add(new DERInteger(x)); aOut.writeObject(new DERSequence(v)); byte[] encoding = bOut.toByteArray(); if (algo != null && f != null) { byte[] salt = new byte[8]; byte[] encData = null; random.nextBytes(salt); OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator(); pGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(f), salt); SecretKey secretKey = null; if (algo.equalsIgnoreCase("DESede/CBC/PKCS5Padding")) { // generate key int keyLength = 24; KeyParameter param = (KeyParameter) pGen.generateDerivedParameters(keyLength * 8); secretKey = new SecretKeySpec(param.getKey(), "DESede"); } else { throw new IOException("unknown algorithm in write_DSAPrivateKey: " + algo); } // cipher try { Cipher c = Cipher.getInstance("DESede/CBC/PKCS5Padding"); c.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(salt)); encData = c.doFinal(encoding); } catch (Exception e) { throw new IOException("exception using cipher: " + e.toString()); } // write the data out.write(BEF_G + PEM_STRING_DSA + AFT); out.newLine(); out.write("Proc-Type: 4,ENCRYPTED"); out.newLine(); out.write("DEK-Info: DES-EDE3-CBC,"); writeHexEncoded(out, salt); out.newLine(); out.newLine(); writeEncoded(out, encData); out.write(BEF_E + PEM_STRING_DSA + AFT); out.flush(); } else { out.write(BEF_G + PEM_STRING_DSA + AFT); out.newLine(); writeEncoded(out, encoding); out.write(BEF_E + PEM_STRING_DSA + AFT); out.newLine(); out.flush(); } }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
@Override public void writeRSAPrivateKey(Writer _out, RSAPrivateCrtKey obj, String algo, char[] f) throws IOException { assert (obj != null); BufferedWriter out = makeBuffered(_out); RSAPrivateKeyStructure keyStruct = new RSAPrivateKeyStructure(obj.getModulus(), obj.getPublicExponent(), obj.getPrivateExponent(), obj.getPrimeP(), obj.getPrimeQ(), obj.getPrimeExponentP(), obj.getPrimeExponentQ(), obj.getCrtCoefficient()); // convert to bytearray ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream aOut = new ASN1OutputStream(bOut); aOut.writeObject(keyStruct);//from w ww .ja v a2s .c o m aOut.close(); byte[] encoding = bOut.toByteArray(); if (algo != null && f != null) { byte[] salt = new byte[8]; byte[] encData = null; random.nextBytes(salt); OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator(); pGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(f), salt); SecretKey secretKey = null; if (algo.startsWith("DES")) { // generate key int keyLength = 24; if (algo.equalsIgnoreCase("DESEDE")) { algo = "DESede/CBC/PKCS5Padding"; } KeyParameter param = (KeyParameter) pGen.generateDerivedParameters(keyLength * 8); secretKey = new SecretKeySpec(param.getKey(), algo.split("/")[0]); } else { throw new IOException("unknown algorithm `" + algo + "' in write_DSAPrivateKey"); } // cipher try { Cipher c = Cipher.getInstance(algo); c.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(salt)); encData = c.doFinal(encoding); } catch (Exception e) { throw new IOException("exception using cipher: " + e.toString()); } // write the data out.write(BEF_G + PEM_STRING_RSA + AFT); out.newLine(); out.write("Proc-Type: 4,ENCRYPTED"); out.newLine(); out.write("DEK-Info: DES-EDE3-CBC,"); writeHexEncoded(out, salt); out.newLine(); out.newLine(); writeEncoded(out, encData); out.write(BEF_E + PEM_STRING_RSA + AFT); out.flush(); } else { out.write(BEF_G + PEM_STRING_RSA + AFT); out.newLine(); writeEncoded(out, encoding); out.write(BEF_E + PEM_STRING_RSA + AFT); out.newLine(); out.flush(); } }