Refine search
private static OAEPParameterSpec getOAEPParameterSpec(String algorithm, String oaepHashingAlgorithm) { if (algorithm.contains("OAEPWith")) { //OAEPWith<digest>And<mgf>Padding // String template = "OAEPWith<digest>And<mgf>Padding"; int startDigest = algorithm.indexOf("OAEPWith") + 8; int endDigest = algorithm.indexOf("And"); int startPadding = endDigest + 3; int endPadding = algorithm.indexOf("Padding"); String digest = algorithm.substring(startDigest, endDigest); String padding = algorithm.substring(startPadding, endPadding); if (oaepHashingAlgorithm != null) { return new OAEPParameterSpec(digest, padding, new MGF1ParameterSpec(oaepHashingAlgorithm), PSource.PSpecified.DEFAULT); } else { return new OAEPParameterSpec(digest, padding, new MGF1ParameterSpec(digest), PSource.PSpecified.DEFAULT); } } return null; }
private void readOAEPParameters(OAEPParameterSpec spec) throws InvalidAlgorithmParameterException { String mgfAlgUpper = spec.getMGFAlgorithm().toUpperCase(Locale.US); AlgorithmParameterSpec mgfSpec = spec.getMGFParameters(); if ((!EvpMdRef.MGF1_ALGORITHM_NAME.equals(mgfAlgUpper) && !EvpMdRef.MGF1_OID.equals(mgfAlgUpper)) || !(mgfSpec instanceof MGF1ParameterSpec)) { throw new InvalidAlgorithmParameterException( "Only MGF1 supported as mask generation function"); } MGF1ParameterSpec mgf1spec = (MGF1ParameterSpec) mgfSpec; String oaepAlgUpper = spec.getDigestAlgorithm().toUpperCase(Locale.US); try { oaepMd = EvpMdRef.getEVP_MDByJcaDigestAlgorithmStandardName(oaepAlgUpper); oaepMdSizeBytes = EvpMdRef.getDigestSizeBytesByJcaDigestAlgorithmStandardName(oaepAlgUpper); mgf1Md = EvpMdRef.getEVP_MDByJcaDigestAlgorithmStandardName( mgf1spec.getDigestAlgorithm()); } catch (NoSuchAlgorithmException e) { throw new InvalidAlgorithmParameterException(e); } PSource pSource = spec.getPSource(); if (!"PSpecified".equals(pSource.getAlgorithm()) || !(pSource instanceof PSource.PSpecified)) { throw new InvalidAlgorithmParameterException( "Only PSpecified accepted for PSource"); } label = ((PSource.PSpecified) pSource).getValue(); }
private void initFromSpec( OAEPParameterSpec pSpec) throws NoSuchPaddingException { MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters(); Digest digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm()); if (digest == null) { throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm()); } cipher = new OAEPEncoding(new RSABlindedEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue()); paramSpec = pSpec; }
protected void engineInit( byte[] params) throws IOException { try { RSAESOAEPparams oaepP = RSAESOAEPparams.getInstance(params); if (!oaepP.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1)) { throw new IOException("unknown mask generation function: " + oaepP.getMaskGenAlgorithm().getAlgorithm()); } currentSpec = new OAEPParameterSpec( MessageDigestUtils.getDigestName(oaepP.getHashAlgorithm().getAlgorithm()), OAEPParameterSpec.DEFAULT.getMGFAlgorithm(), new MGF1ParameterSpec(MessageDigestUtils.getDigestName(AlgorithmIdentifier.getInstance(oaepP.getMaskGenAlgorithm().getParameters()).getAlgorithm())), new PSource.PSpecified(ASN1OctetString.getInstance(oaepP.getPSourceAlgorithm().getParameters()).getOctets())); } catch (ClassCastException e) { throw new IOException("Not a valid OAEP Parameter encoding."); } catch (ArrayIndexOutOfBoundsException e) { throw new IOException("Not a valid OAEP Parameter encoding."); } }
OAEPParameterSpec oaepParams = new OAEPParameterSpec( "SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT); cipher.init(Cipher.ENCRYPT_MODE, rsaKey, oaepParams);
cbbRef = NativeCrypto.asn1_write_init(); seqRef = NativeCrypto.asn1_write_sequence(cbbRef); writeHashAndMgfHash(seqRef, spec.getDigestAlgorithm(), (MGF1ParameterSpec) spec.getMGFParameters()); PSource.PSpecified pSource = (PSource.PSpecified) spec.getPSource();
private void initFromSpec( OAEPParameterSpec pSpec) throws NoSuchPaddingException { MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters(); Digest digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm()); if (digest == null) { throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm()); } cipher = new OAEPEncoding(new RSABlindedEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue()); paramSpec = pSpec; }
protected void engineInit( byte[] params) throws IOException { try { RSAESOAEPparams oaepP = RSAESOAEPparams.getInstance(params); if (!oaepP.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1)) { throw new IOException("unknown mask generation function: " + oaepP.getMaskGenAlgorithm().getAlgorithm()); } currentSpec = new OAEPParameterSpec( MessageDigestUtils.getDigestName(oaepP.getHashAlgorithm().getAlgorithm()), OAEPParameterSpec.DEFAULT.getMGFAlgorithm(), new MGF1ParameterSpec(MessageDigestUtils.getDigestName(AlgorithmIdentifier.getInstance(oaepP.getMaskGenAlgorithm().getParameters()).getAlgorithm())), new PSource.PSpecified(ASN1OctetString.getInstance(oaepP.getPSourceAlgorithm().getParameters()).getOctets())); } catch (ClassCastException e) { throw new IOException("Not a valid OAEP Parameter encoding."); } catch (ArrayIndexOutOfBoundsException e) { throw new IOException("Not a valid OAEP Parameter encoding."); } }
public RsaOaep256() { super("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", KeyManagementAlgorithmIdentifiers.RSA_OAEP_256); setAlgorithmParameterSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT)); }
cbbRef = NativeCrypto.asn1_write_init(); seqRef = NativeCrypto.asn1_write_sequence(cbbRef); writeHashAndMgfHash(seqRef, spec.getDigestAlgorithm(), (MGF1ParameterSpec) spec.getMGFParameters()); PSource.PSpecified pSource = (PSource.PSpecified) spec.getPSource();
private void readOAEPParameters(OAEPParameterSpec spec) throws InvalidAlgorithmParameterException { String mgfAlgUpper = spec.getMGFAlgorithm().toUpperCase(Locale.US); AlgorithmParameterSpec mgfSpec = spec.getMGFParameters(); if ((!EvpMdRef.MGF1_ALGORITHM_NAME.equals(mgfAlgUpper) && !EvpMdRef.MGF1_OID.equals(mgfAlgUpper)) || !(mgfSpec instanceof MGF1ParameterSpec)) { throw new InvalidAlgorithmParameterException( "Only MGF1 supported as mask generation function"); } MGF1ParameterSpec mgf1spec = (MGF1ParameterSpec) mgfSpec; String oaepAlgUpper = spec.getDigestAlgorithm().toUpperCase(Locale.US); try { oaepMd = EvpMdRef.getEVP_MDByJcaDigestAlgorithmStandardName(oaepAlgUpper); oaepMdSizeBytes = EvpMdRef.getDigestSizeBytesByJcaDigestAlgorithmStandardName(oaepAlgUpper); mgf1Md = EvpMdRef.getEVP_MDByJcaDigestAlgorithmStandardName( mgf1spec.getDigestAlgorithm()); } catch (NoSuchAlgorithmException e) { throw new InvalidAlgorithmParameterException(e); } PSource pSource = spec.getPSource(); if (!"PSpecified".equals(pSource.getAlgorithm()) || !(pSource instanceof PSource.PSpecified)) { throw new InvalidAlgorithmParameterException( "Only PSpecified accepted for PSource"); } label = ((PSource.PSpecified) pSource).getValue(); }
MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1"); if (XMLCipher.RSA_OAEP_11.equals(encryptionAlgorithm)) { if (EncryptionConstants.MGF1_SHA256.equals(mgfAlgorithm)) { mgfParameterSpec = new MGF1ParameterSpec("SHA-256"); } else if (EncryptionConstants.MGF1_SHA384.equals(mgfAlgorithm)) { mgfParameterSpec = new MGF1ParameterSpec("SHA-384"); } else if (EncryptionConstants.MGF1_SHA512.equals(mgfAlgorithm)) { mgfParameterSpec = new MGF1ParameterSpec("SHA-512"); return new OAEPParameterSpec(jceDigestAlgorithm, "MGF1", mgfParameterSpec, pSource);
private void initFromSpec( OAEPParameterSpec pSpec) throws NoSuchPaddingException { MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters(); Digest digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm()); if (digest == null) { throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm()); } cipher = new OAEPEncoding(new RSABlindedEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue()); paramSpec = pSpec; }
private void initEncodeCipher(Cipher cipher, String alias, KeyStore keyStore) throws PFSecurityException { try { final PublicKey key = keyStore.getCertificate(alias).getPublicKey(); final PublicKey unrestricted = KeyFactory.getInstance(key.getAlgorithm()).generatePublic( new X509EncodedKeySpec(key.getEncoded())); final OAEPParameterSpec spec = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT); cipher.init(Cipher.ENCRYPT_MODE, unrestricted, spec); } catch (KeyStoreException | InvalidKeySpecException | NoSuchAlgorithmException | InvalidKeyException | InvalidAlgorithmParameterException e) { throw new PFSecurityException("Can not initialize Encode Cipher:" + e.getMessage()); } }
private static AlgorithmIdentifier extractFromSpec(AlgorithmParameterSpec algorithmParameterSpec) { if (algorithmParameterSpec instanceof OAEPParameterSpec) { OAEPParameterSpec oaepSpec = (OAEPParameterSpec)algorithmParameterSpec; if (oaepSpec.getMGFAlgorithm().equals(OAEPParameterSpec.DEFAULT.getMGFAlgorithm())) { if (oaepSpec.getPSource() instanceof PSource.PSpecified) { return new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new RSAESOAEPparams(getDigest(oaepSpec.getDigestAlgorithm()), new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, getDigest(((MGF1ParameterSpec)oaepSpec.getMGFParameters()).getDigestAlgorithm())), new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(((PSource.PSpecified)oaepSpec.getPSource()).getValue())))); } else { throw new IllegalArgumentException("unknown PSource: " + oaepSpec.getPSource().getAlgorithm()); } } else { throw new IllegalArgumentException("unknown MGF: " + oaepSpec.getMGFAlgorithm()); } } throw new IllegalArgumentException("unknown spec: " + algorithmParameterSpec.getClass().getName()); }
MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1"); if (XMLCipher.RSA_OAEP_11.equals(encryptionAlgorithm)) { if (EncryptionConstants.MGF1_SHA256.equals(mgfAlgorithm)) { mgfParameterSpec = new MGF1ParameterSpec("SHA-256"); } else if (EncryptionConstants.MGF1_SHA384.equals(mgfAlgorithm)) { mgfParameterSpec = new MGF1ParameterSpec("SHA-384"); } else if (EncryptionConstants.MGF1_SHA512.equals(mgfAlgorithm)) { mgfParameterSpec = new MGF1ParameterSpec("SHA-512"); return new OAEPParameterSpec(jceDigestAlgorithm, "MGF1", mgfParameterSpec, pSource);
private void initFromSpec( OAEPParameterSpec pSpec) throws NoSuchPaddingException { MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters(); Digest digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm()); if (digest == null) { throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm()); } cipher = new OAEPEncoding(new ElGamalEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue()); paramSpec = pSpec; }
/** * Encrypts the specified Content Encryption Key (CEK). * * @param pub The public RSA key. Must not be {@code null}. * @param cek The Content Encryption Key (CEK) to encrypt. Must not be {@code null}. * * @return The encrypted Content Encryption Key (CEK). * * @throws RuntimeException If encryption failed. */ public static byte[] encryptCEK(final RSAPublicKey pub, final SecretKey cek) { try { AlgorithmParameters algp = AlgorithmParameters.getInstance("OAEP", new BouncyCastleProvider()); AlgorithmParameterSpec paramSpec = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT); algp.init(paramSpec); Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", new BouncyCastleProvider()); cipher.init(Cipher.ENCRYPT_MODE, pub, algp); return cipher.doFinal(cek.getEncoded()); } catch (Exception e) { // java.security.NoSuchAlgorithmException // java.security.NoSuchPaddingException // java.security.InvalidKeyException // javax.crypto.IllegalBlockSizeException // javax.crypto.BadPaddingException throw new RuntimeException(e.getMessage(), e); } }
/** * Return the PKCS#1 ASN.1 structure RSAES-OAEP-params. */ protected byte[] engineGetEncoded() { AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( DigestFactory.getOID(currentSpec.getDigestAlgorithm()), DERNull.INSTANCE); MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)currentSpec.getMGFParameters(); AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE)); PSource.PSpecified pSource = (PSource.PSpecified)currentSpec.getPSource(); AlgorithmIdentifier pSourceAlgorithm = new AlgorithmIdentifier( PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(pSource.getValue())); RSAESOAEPparams oaepP = new RSAESOAEPparams(hashAlgorithm, maskGenAlgorithm, pSourceAlgorithm); try { return oaepP.getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new RuntimeException("Error encoding OAEPParameters"); } }
/** * Decrypts the given data using the key given. * * @param encrypted Encrypted data * @return Decrypted bytes */ public byte[] decrypt(byte[] encrypted) throws Exception { if (this.keyStoreProvider.privateKeyName() == null) { throw new CryptoProviderMissingPrivateKeyException("Asymmetric key cryptographic providers require a non-null, empty private key be configured for the alias: " + this.alias); } Cipher cipher = Cipher.getInstance(CRYPTO_ALG); OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-1", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT); cipher.init(Cipher.DECRYPT_MODE, getPrivateKey(this.keyStoreProvider.privateKeyName()), oaepParams); return cipher.doFinal(encrypted); }