Esempio n. 1
0
    /** construct a key and iv (if necessary) suitable for use with a Cipher. */
    public static CipherParameters makePBEParameters(
        PBEKeySpec keySpec, int type, int hash, int keySize, int ivSize) {
      PBEParametersGenerator generator = makePBEGenerator(type, hash);
      byte[] key;
      CipherParameters param;

      if (type == PKCS12) {
        key = PBEParametersGenerator.PKCS12PasswordToBytes(keySpec.getPassword());
      } else {
        key = PBEParametersGenerator.PKCS5PasswordToBytes(keySpec.getPassword());
      }

      generator.init(key, keySpec.getSalt(), keySpec.getIterationCount());

      if (ivSize != 0) {
        param = generator.generateDerivedParameters(keySize, ivSize);
      } else {
        param = generator.generateDerivedParameters(keySize);
      }

      for (int i = 0; i != key.length; i++) {
        key[i] = 0;
      }

      return param;
    }
Esempio n. 2
0
 private static byte[] hash(char[] pin, byte[] salt)
     throws NoSuchAlgorithmException, InvalidKeySpecException {
   PBEKeySpec spec = new PBEKeySpec(pin, salt, ROUNDS, KEY_LEN);
   Arrays.fill(pin, Character.MIN_VALUE);
   try {
     SecretKeyFactory skf = SecretKeyFactory.getInstance(KEY_ALGORITHM);
     return skf.generateSecret(spec).getEncoded();
   } finally {
     spec.clearPassword();
   }
 }
Esempio n. 3
0
    private static byte[] convertPassword(int type, PBEKeySpec keySpec) {
      byte[] key;

      if (type == PKCS12) {
        key = PBEParametersGenerator.PKCS12PasswordToBytes(keySpec.getPassword());
      } else if (type == PKCS5S2_UTF8 || type == PKCS5S1_UTF8) {
        key = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(keySpec.getPassword());
      } else {
        key = PBEParametersGenerator.PKCS5PasswordToBytes(keySpec.getPassword());
      }
      return key;
    }
Esempio n. 4
0
 /**
  * Used to combine the users password and the given salt to encrypt the users information
  *
  * @param inPassword The user defined password
  * @param inSalt The salt that has been randomly generated
  * @return Returns the users password in its hashed form
  * @throws Exception
  */
 public static byte[] hash(String inPassword, byte[] inSalt) throws Exception {
   // Link all the elements together to form a key
   PBEKeySpec spec = new PBEKeySpec(inPassword.toCharArray(), inSalt, 1000, 16);
   try {
     // Generate the secret key
     SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
     return skf.generateSecret(spec).getEncoded();
   } catch (Exception e) {
     System.out.println(e.toString());
     throw new Exception("broken hash system");
   } finally {
     spec.clearPassword();
   }
 }
Esempio n. 5
0
    /**
     * generate a PBE based key suitable for a MAC algorithm, the key size is chosen according the
     * MAC size, or the hashing algorithm, whichever is greater.
     */
    public static CipherParameters makePBEMacParameters(
        PBEKeySpec keySpec, int type, int hash, int keySize) {
      PBEParametersGenerator generator = makePBEGenerator(type, hash);
      byte[] key;
      CipherParameters param;

      key = convertPassword(type, keySpec);

      generator.init(key, keySpec.getSalt(), keySpec.getIterationCount());

      param = generator.generateDerivedMacParameters(keySize);

      for (int i = 0; i != key.length; i++) {
        key[i] = 0;
      }

      return param;
    }
Esempio n. 6
0
 /**
  * Creates a PBE key from a given PBE key specification.
  *
  * @param key the given PBE key specification
  */
 PBEKey(PBEKeySpec keySpec, String keytype) throws InvalidKeySpecException {
   char[] passwd = keySpec.getPassword();
   if (passwd == null) {
     // Should allow an empty password.
     passwd = new char[0];
   }
   // Accept "\0" to signify "zero-length password with no terminator".
   if (!(passwd.length == 1 && passwd[0] == 0)) {
     for (int i = 0; i < passwd.length; i++) {
       if ((passwd[i] < '\u0020') || (passwd[i] > '\u007E')) {
         throw new InvalidKeySpecException("Password is not ASCII");
       }
     }
   }
   this.key = new byte[passwd.length];
   for (int i = 0; i < passwd.length; i++) this.key[i] = (byte) (passwd[i] & 0x7f);
   java.util.Arrays.fill(passwd, ' ');
   type = keytype;
 }