AlgorithmParameters implGetParameters() {
AlgorithmParameters params = null;
if (salt == null) {
// Cipher is not initialized with parameters;
// follow the recommendation in PKCS12 v1.0
// section B.4 to generate salt and iCount.
salt = new byte[DEFAULT_SALT_LENGTH];
SunJCE.getRandom().nextBytes(salt);
iCount = DEFAULT_COUNT;
}
PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, iCount);
try {
params = AlgorithmParameters.getInstance(pbeAlgo, "SunJCE");
} catch (GeneralSecurityException gse) {
// should never happen
throw new RuntimeException("SunJCE provider is not configured properly");
}
try {
params.init(pbeSpec);
} catch (InvalidParameterSpecException ipse) {
// should never happen
throw new RuntimeException("PBEParameterSpec not supported");
}
return params;
}
/** Parse the key. Called by X509Key. */
protected void parseKeyBits() throws InvalidKeyException {
try {
AlgorithmParameters algParams = this.algid.getParameters();
params = algParams.getParameterSpec(ECParameterSpec.class);
w = ECParameters.decodePoint(key, params.getCurve());
} catch (IOException e) {
throw new InvalidKeyException("Invalid EC key", e);
} catch (InvalidParameterSpecException e) {
throw new InvalidKeyException("Invalid EC key", e);
}
}
/*
* Generate PBE Algorithm Parameters
*/
private AlgorithmParameters getAlgorithmParameters(String algorithm) throws IOException {
AlgorithmParameters algParams = null;
// create PBE parameters from salt and iteration count
PBEParameterSpec paramSpec = new PBEParameterSpec(getSalt(), iterationCount);
try {
algParams = AlgorithmParameters.getInstance(algorithm);
algParams.init(paramSpec);
} catch (Exception e) {
IOException ioe = new IOException("getAlgorithmParameters failed: " + e.getMessage());
ioe.initCause(e);
throw ioe;
}
return algParams;
}
private AlgorithmParameters getParameters() throws NoSuchAlgorithmException {
AlgorithmParameters ap = AlgorithmParameters.getInstance(this.getAlgName());
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
try {
dOut.writeObject(infoObj.getEncryptionAlgorithm().getParameters());
dOut.close();
ap.init(bOut.toByteArray());
} catch (IOException e) {
throw new NoSuchAlgorithmException("unable to parse parameters");
}
return ap;
}
// see JCE spec
protected AlgorithmParameters engineGetParameters() {
if (iv == null) {
return null;
}
IvParameterSpec ivSpec = new IvParameterSpec(iv);
try {
AlgorithmParameters params =
AlgorithmParameters.getInstance(keyAlgorithm, P11Util.getSunJceProvider());
params.init(ivSpec);
return params;
} catch (GeneralSecurityException e) {
// NoSuchAlgorithmException, NoSuchProviderException
// InvalidParameterSpecException
throw new ProviderException("Could not encode parameters", e);
}
}
void implInit(
int opmode, Key key, AlgorithmParameters params, SecureRandom random, CipherSpi cipherImpl)
throws InvalidKeyException, InvalidAlgorithmParameterException {
AlgorithmParameterSpec paramSpec = null;
if (params != null) {
try {
paramSpec = params.getParameterSpec(PBEParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
throw new InvalidAlgorithmParameterException("requires PBE parameters");
}
}
implInit(opmode, key, paramSpec, random, cipherImpl);
}
/*
* parse Algorithm Parameters
*/
private AlgorithmParameters parseAlgParameters(DerInputStream in) throws IOException {
AlgorithmParameters algParams = null;
try {
DerValue params;
if (in.available() == 0) {
params = null;
} else {
params = in.getDerValue();
if (params.tag == DerValue.tag_Null) {
params = null;
}
}
if (params != null) {
algParams = AlgorithmParameters.getInstance("PBE");
algParams.init(params.toByteArray());
}
} catch (Exception e) {
IOException ioe = new IOException("parseAlgParameters failed: " + e.getMessage());
ioe.initCause(e);
throw ioe;
}
return algParams;
}
/**
* Constructs an <code>EncryptedPrivateKeyInfo</code> from the encryption algorithm parameters and
* the encrypted data.
*
* <p>Note: the <code>encrypedData</code> is cloned when constructing this object.
*
* @param algParams the algorithm parameters for the encryption algorithm. <code>
* algParams.getEncoded()</code> should return the ASN.1 encoded bytes of the <code>parameters
* </code> field of the <code>AlgorithmIdentifer</code> component of the <code>
* EncryptedPrivateKeyInfo</code> type.
* @param encryptedData encrypted data.
* @exception NullPointerException if <code>algParams</code> or <code>encryptedData</code> is
* null.
* @exception IllegalArgumentException if <code>encryptedData</code> is empty, i.e. 0-length.
* @exception NoSuchAlgorithmException if the specified algName of the specified <code>algParams
* </code> parameter is not supported.
*/
public EncryptedPrivateKeyInfo(AlgorithmParameters algParams, byte[] encryptedData)
throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException {
if (algParams == null || encryptedData == null) {
throw new NullPointerException("parameters null");
}
org.bouncycastle.asn1.x509.AlgorithmIdentifier kAlgId = null;
try {
ByteArrayInputStream bIn = new ByteArrayInputStream(algParams.getEncoded());
ASN1InputStream dIn = new ASN1InputStream(bIn);
kAlgId =
new AlgorithmIdentifier(
new DERObjectIdentifier(algParams.getAlgorithm()), dIn.readObject());
} catch (IOException e) {
throw new IllegalArgumentException("error in encoding: " + e.toString());
}
infoObj =
new org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo(
kAlgId, (byte[]) encryptedData.clone());
algP = this.getParameters();
}
// see JCE spec
protected void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException {
byte[] ivValue;
if (params != null) {
try {
IvParameterSpec ivSpec = (IvParameterSpec) params.getParameterSpec(IvParameterSpec.class);
ivValue = ivSpec.getIV();
} catch (InvalidParameterSpecException e) {
throw new InvalidAlgorithmParameterException("Could not decode IV", e);
}
} else {
ivValue = null;
}
implInit(opmode, key, ivValue, random);
}