/**
* generate a PBE based key suitable for a MAC algorithm, the key size is chosen according the
* MAC size, or the hashing algorithm, whichever is greater.
*/
public static CipherParameters makePBEMacParameters(
BCPBEKey pbeKey, AlgorithmParameterSpec spec) {
if ((spec == null) || !(spec instanceof PBEParameterSpec)) {
throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key.");
}
PBEParameterSpec pbeParam = (PBEParameterSpec) spec;
PBEParametersGenerator generator = makePBEGenerator(pbeKey.getType(), pbeKey.getDigest());
byte[] key = pbeKey.getEncoded();
CipherParameters param;
if (pbeKey.shouldTryWrongPKCS12()) {
key = new byte[2];
}
generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
param = generator.generateDerivedMacParameters(pbeKey.getKeySize());
for (int i = 0; i != key.length; i++) {
key[i] = 0;
}
return param;
}
protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException {
CipherParameters param;
if (key instanceof BCPBEKey) {
BCPBEKey k = (BCPBEKey) key;
if (params instanceof PBEParameterSpec) {
param = PBE.Util.makePBEParameters(k, params, wrapEngine.getAlgorithmName());
} else if (k.getParam() != null) {
param = k.getParam();
} else {
throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
}
} else {
param = new KeyParameter(key.getEncoded());
}
if (params instanceof IvParameterSpec) {
IvParameterSpec iv = (IvParameterSpec) params;
param = new ParametersWithIV(param, iv.getIV());
}
if (param instanceof KeyParameter && ivSize != 0) {
iv = new byte[ivSize];
random.nextBytes(iv);
param = new ParametersWithIV(param, iv);
}
switch (opmode) {
case Cipher.WRAP_MODE:
wrapEngine.init(true, param);
break;
case Cipher.UNWRAP_MODE:
wrapEngine.init(false, param);
break;
case Cipher.ENCRYPT_MODE:
case Cipher.DECRYPT_MODE:
throw new IllegalArgumentException("engine only valid for wrapping");
default:
System.out.println("eeek!");
}
}
/** construct a key and iv (if necessary) suitable for use with a Cipher. */
public static CipherParameters makePBEParameters(
BCPBEKey pbeKey, AlgorithmParameterSpec spec, String targetAlgorithm) {
if ((spec == null) || !(spec instanceof PBEParameterSpec)) {
throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key.");
}
PBEParameterSpec pbeParam = (PBEParameterSpec) spec;
PBEParametersGenerator generator = makePBEGenerator(pbeKey.getType(), pbeKey.getDigest());
byte[] key = pbeKey.getEncoded();
CipherParameters param;
if (pbeKey.shouldTryWrongPKCS12()) {
key = new byte[2];
}
generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
if (pbeKey.getIvSize() != 0) {
param = generator.generateDerivedParameters(pbeKey.getKeySize(), pbeKey.getIvSize());
} else {
param = generator.generateDerivedParameters(pbeKey.getKeySize());
}
if (targetAlgorithm.startsWith("DES")) {
if (param instanceof ParametersWithIV) {
KeyParameter kParam = (KeyParameter) ((ParametersWithIV) param).getParameters();
DESParameters.setOddParity(kParam.getKey());
} else {
KeyParameter kParam = (KeyParameter) param;
DESParameters.setOddParity(kParam.getKey());
}
}
for (int i = 0; i != key.length; i++) {
key[i] = 0;
}
return param;
}
