Cipher createCipher(String cipherName) throws PGPException { try { return helper.createCipher(cipherName); } catch (NoSuchAlgorithmException e) { throw new PGPException("cannot create cipher: " + e.getMessage(), e); } catch (NoSuchPaddingException e) { throw new PGPException("cannot create cipher: " + e.getMessage(), e); } catch (NoSuchProviderException e) { throw new PGPException("cannot create cipher: " + e.getMessage(), e); } }
Cipher createKeyWrapper(int encAlgorithm) throws PGPException { try { switch (encAlgorithm) { case SymmetricKeyAlgorithmTags.AES_128: case SymmetricKeyAlgorithmTags.AES_192: case SymmetricKeyAlgorithmTags.AES_256: return helper.createCipher("AESWrap"); case SymmetricKeyAlgorithmTags.CAMELLIA_128: case SymmetricKeyAlgorithmTags.CAMELLIA_192: case SymmetricKeyAlgorithmTags.CAMELLIA_256: return helper.createCipher("CamelliaWrap"); default: throw new PGPException("unknown wrap algorithm: " + encAlgorithm); } } catch (NoSuchAlgorithmException e) { throw new PGPException("cannot create cipher: " + e.getMessage(), e); } catch (NoSuchPaddingException e) { throw new PGPException("cannot create cipher: " + e.getMessage(), e); } catch (NoSuchProviderException e) { throw new PGPException("cannot create cipher: " + e.getMessage(), e); } }
public OutputEncryptor build(final char[] password) throws OperatorCreationException { final Cipher cipher; SecretKey key; if (random == null) { random = new SecureRandom(); } final AlgorithmIdentifier encryptionAlg; final byte[] salt = new byte[20]; final int iterationCount = 1024; random.nextBytes(salt); try { if (algorithm.on(PKCSObjectIdentifiers.pkcs_12PbeIds)) { PBEKeySpec pbeSpec = new PBEKeySpec(password); SecretKeyFactory keyFact = helper.createSecretKeyFactory(algorithm.getId()); PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount); key = keyFact.generateSecret(pbeSpec); cipher = helper.createCipher(algorithm.getId()); cipher.init(Cipher.ENCRYPT_MODE, key, defParams); encryptionAlg = new AlgorithmIdentifier(algorithm, new PKCS12PBEParams(salt, iterationCount)); } else if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2)) { SecretKeyFactory keyFact = helper.createSecretKeyFactory(PKCSObjectIdentifiers.id_PBKDF2.getId()); key = keyFact.generateSecret( new PBEKeySpec( password, salt, iterationCount, keySizeProvider.getKeySize(new AlgorithmIdentifier(keyEncAlgorithm)))); cipher = helper.createCipher(keyEncAlgorithm.getId()); cipher.init(Cipher.ENCRYPT_MODE, key, random); PBES2Parameters algParams = new PBES2Parameters( new KeyDerivationFunc( PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, iterationCount)), new EncryptionScheme( keyEncAlgorithm, ASN1Primitive.fromByteArray(cipher.getParameters().getEncoded()))); encryptionAlg = new AlgorithmIdentifier(algorithm, algParams); } else { throw new OperatorCreationException("unrecognised algorithm"); } return new OutputEncryptor() { public AlgorithmIdentifier getAlgorithmIdentifier() { return encryptionAlg; } public OutputStream getOutputStream(OutputStream out) { return new CipherOutputStream(out, cipher); } public GenericKey getKey() { if (isPKCS12(encryptionAlg.getAlgorithm())) { return new GenericKey( encryptionAlg, PBEParametersGenerator.PKCS5PasswordToBytes(password)); } else { return new GenericKey( encryptionAlg, PBEParametersGenerator.PKCS12PasswordToBytes(password)); } } }; } catch (Exception e) { throw new OperatorCreationException("unable to create OutputEncryptor: " + e.getMessage(), e); } }