BouncyCastleAesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator) { if (ivGenerator.getKeyLength() != 16) { throw new IllegalArgumentException("ivGenerator key length != block size 16"); } this.ivGenerator = ivGenerator; PBEParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(); byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS5PasswordToUTF8Bytes(password.toCharArray()); keyGenerator.init(pkcs12PasswordBytes, Hex.decode(salt), 1024); this.secretKey = (KeyParameter) keyGenerator.generateDerivedParameters(256); } }
BouncyCastleAesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator) { if (ivGenerator.getKeyLength() != 16) { throw new IllegalArgumentException("ivGenerator key length != block size 16"); } this.ivGenerator = ivGenerator; PBEParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(); byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS5PasswordToUTF8Bytes(password.toCharArray()); keyGenerator.init(pkcs12PasswordBytes, Hex.decode(salt), 1024); this.secretKey = (KeyParameter) keyGenerator.generateDerivedParameters(256); } }
/** * Initialise - note the iteration count for this algorithm is fixed at 1. * * @param password password to use. * @param salt salt to use. */ public void init( byte[] password, byte[] salt) { super.init(password, salt, 1); }
/** * Initialise - note the iteration count for this algorithm is fixed at 1. * * @param password password to use. * @param salt salt to use. */ public void init( byte[] password, byte[] salt) { super.init(password, salt, 1); }
private static PBEParametersGenerator getGenerator(final Digest digest, final byte[] pwBytes, final byte[] saltBytes, final int rounds) { final PBEParametersGenerator generator = new PKCS5S2ParametersGenerator(digest); generator.init(pwBytes, saltBytes, rounds); return generator; }
private static byte[] decryptPBKDF2WithBC(char[] password, byte[] data, byte[] salt, byte[] iv) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { PBEParametersGenerator generator = new PKCS5S2ParametersGenerator(); generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password), salt,CryptographicToolBox.CRYPTO_ITERATIONS); KeyParameter params = (KeyParameter)generator.generateDerivedParameters(CryptographicToolBox.KEY_SIZE); byte[] endcoded = params.getKey(); SecretKey key = new SecretKeySpec(endcoded, "AES"); Cipher ciph = Cipher.getInstance("AES/CBC/PKCS5Padding"); ciph.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv); return ciph.doFinal(data); }
byte[] salt = new byte[8]; Arrays.fill(salt, (byte)1); PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA256Digest()); pGen.init(Strings.toByteArray("password"), salt, 2048); KeyParameter key = (KeyParameter)pGen.generateDerivedParameters(256); System.out.println(Hex.toHexString(key.getKey()));
/** {@inheritDoc} */ public byte[] generate(final char[] password, final int size) { if (size < 1) { throw new IllegalArgumentException("Size must be positive integer."); } final PBEParametersGenerator generator = newParamGenerator(); generator.init(toBytes(password), salt, iterationCount); final KeyParameter p = (KeyParameter) generator.generateDerivedParameters( size); return p.getKey(); }
BouncyCastleAesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator) { if (ivGenerator.getKeyLength() != 16) { throw new IllegalArgumentException("ivGenerator key length != block size 16"); } this.ivGenerator = ivGenerator; PBEParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(); byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS5PasswordToUTF8Bytes(password.toCharArray()); keyGenerator.init(pkcs12PasswordBytes, Hex.decode(salt), 1024); this.secretKey = (KeyParameter) keyGenerator.generateDerivedParameters(256); } }
BouncyCastleAesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator) { if (ivGenerator.getKeyLength() != 16) { throw new IllegalArgumentException("ivGenerator key length != block size 16"); } this.ivGenerator = ivGenerator; PBEParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(); byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS5PasswordToUTF8Bytes(password.toCharArray()); keyGenerator.init(pkcs12PasswordBytes, Hex.decode(salt), 1024); this.secretKey = (KeyParameter) keyGenerator.generateDerivedParameters(256); } }
BouncyCastleAesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator) { if (ivGenerator.getKeyLength() != 16) { throw new IllegalArgumentException("ivGenerator key length != block size 16"); } this.ivGenerator = ivGenerator; PBEParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(); byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS5PasswordToUTF8Bytes(password.toCharArray()); keyGenerator.init(pkcs12PasswordBytes, Hex.decode(salt), 1024); this.secretKey = (KeyParameter) keyGenerator.generateDerivedParameters(256); } }
private static byte[] decrypt(final byte[] bytes, final char[] password, final byte[] salt) throws DataLengthException, IllegalStateException, InvalidCipherTextException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException { final PBEParametersGenerator keyGenerator = new PKCS12ParametersGenerator(new SHA256Digest()); keyGenerator.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), salt, 20); final CipherParameters keyParams = keyGenerator.generateDerivedParameters(256, 128); final BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), new PKCS7Padding()); cipher.init(false, keyParams); final byte[] processed = new byte[cipher.getOutputSize(bytes.length)]; int outputLength = cipher.processBytes(bytes, 0, bytes.length, processed, 0); outputLength += cipher.doFinal(processed, outputLength); final byte[] results = new byte[outputLength]; System.arraycopy(processed, 0, results, 0, outputLength); return results; }
/** * generate a PBE based key suitable for a MAC algorithm, the * key size is chosen according the MAC size, or the hashing algorithm, * whichever is greater. */ public static CipherParameters makePBEMacParameters( SecretKey key, int type, int hash, int keySize, PBEParameterSpec pbeSpec) { PBEParametersGenerator generator = makePBEGenerator(type, hash); CipherParameters param; byte[] keyBytes = key.getEncoded(); generator.init(key.getEncoded(), pbeSpec.getSalt(), pbeSpec.getIterationCount()); param = generator.generateDerivedMacParameters(keySize); for (int i = 0; i != keyBytes.length; i++) { keyBytes[i] = 0; } return param; }
private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen) { PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA256Digest()); pGen.init(P, S, 1); KeyParameter key = (KeyParameter)pGen.generateDerivedMacParameters(dkLen * 8); return key.getKey(); }
private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen) { PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA256Digest()); pGen.init(P, S, 1); KeyParameter key = (KeyParameter) pGen.generateDerivedMacParameters(dkLen * 8); return key.getKey(); }
CipherParameters param; generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
public void init( String pwStr, int keySize, byte[] salt, byte[] pwVerification ) throws ZipException { byte[] pwBytes = pwStr.getBytes(); super.saltBytes = salt; PBEParametersGenerator generator = new PKCS5S2ParametersGenerator(); generator.init( pwBytes, salt, ITERATION_COUNT ); cipherParameters = generator.generateDerivedParameters(KEY_SIZE_BIT*2 + 16); byte[] keyBytes = ((KeyParameter)cipherParameters).getKey(); this.cryptoKeyBytes = new byte[ KEY_SIZE_BYTE ]; System.arraycopy( keyBytes, 0, cryptoKeyBytes, 0, KEY_SIZE_BYTE ); this.authenticationCodeBytes = new byte[ KEY_SIZE_BYTE ]; System.arraycopy( keyBytes, KEY_SIZE_BYTE, authenticationCodeBytes, 0, KEY_SIZE_BYTE ); // based on SALT + PASSWORD (password is probably correct) this.pwVerificationBytes = new byte[ 2 ]; System.arraycopy( keyBytes, KEY_SIZE_BYTE*2, this.pwVerificationBytes, 0, 2 ); if( !ByteArrayHelper.isEqual( this.pwVerificationBytes, pwVerification ) ) { throw new ZipException("wrong password - " + ByteArrayHelper.toString(this.pwVerificationBytes) + "/ " + ByteArrayHelper.toString(pwVerification)); } // create the first 16 bytes of the key sequence again (using pw+salt) generator.init( pwBytes, salt, ITERATION_COUNT ); cipherParameters = generator.generateDerivedParameters(KEY_SIZE_BIT); // checksum added to the end of the encrypted data, update on each encryption call this.mac = new HMac( new SHA1Digest() ); mac.init( new KeyParameter(authenticationCodeBytes) ); this.aesCipher = new SICBlockCipher(new AESEngine()); this.blockSize = aesCipher.getBlockSize(); // incremented on each 16 byte block and used as encryption NONCE (ivBytes) nonce = 1; }
/** * generate a PBE based key suitable for a MAC algorithm, the * key size is chosen according the MAC size, or the hashing algorithm, * whichever is greater. */ public static CipherParameters makePBEMacParameters( PBEKeySpec keySpec, int type, int hash, int keySize) { PBEParametersGenerator generator = makePBEGenerator(type, hash); byte[] key; CipherParameters param; key = convertPassword(type, keySpec); generator.init(key, keySpec.getSalt(), keySpec.getIterationCount()); param = generator.generateDerivedMacParameters(keySize); for (int i = 0; i != key.length; i++) { key[i] = 0; } return param; }
/** * generate a PBE based key suitable for a MAC algorithm, the * key size is chosen according the MAC size, or the hashing algorithm, * whichever is greater. */ public static CipherParameters makePBEMacParameters( BCPBEKey pbeKey, AlgorithmParameterSpec spec) { if ((spec == null) || !(spec instanceof PBEParameterSpec)) { throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key."); } PBEParameterSpec pbeParam = (PBEParameterSpec)spec; PBEParametersGenerator generator = makePBEGenerator(pbeKey.getType(), pbeKey.getDigest()); byte[] key = pbeKey.getEncoded(); CipherParameters param; generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount()); param = generator.generateDerivedMacParameters(pbeKey.getKeySize()); return param; }
@Test public void compareModes() { BlockCipher engine = new AESEngine(); int blockSize = engine.getBlockSize(); BlockCipher ref = new SICBlockCipher(engine); // reference implementation BlockCipher uut = new SICSeekableBlockCipher(engine); // unit under test PBEParametersGenerator gen = new PKCS5S2ParametersGenerator(); byte[] salt = new byte[blockSize]; // used as salt and cipher input new SecureRandom().nextBytes(salt); gen.init("secret".getBytes(), salt, 1); ParametersWithIV param = (ParametersWithIV) gen.generateDerivedParameters( blockSize * 8, blockSize * 8); ref.init(true, param); uut.init(true, param); assertModes(ref, uut); ref.init(false, param); uut.init(false, param); assertModes(ref, uut); }