Пример #1
0
  Cipher createAsymmetricWrapper(ASN1ObjectIdentifier algorithm, Map extraAlgNames)
      throws OperatorCreationException {
    try {
      String cipherName = null;

      if (!extraAlgNames.isEmpty()) {
        cipherName = (String) extraAlgNames.get(algorithm);
      }

      if (cipherName == null) {
        cipherName = (String) asymmetricWrapperAlgNames.get(algorithm);
      }

      if (cipherName != null) {
        try {
          // this is reversed as the Sun policy files now allow unlimited strength RSA
          return helper.createCipher(cipherName);
        } catch (NoSuchAlgorithmException e) {
          // try alternate for RSA
          if (cipherName.equals("RSA/ECB/PKCS1Padding")) {
            try {
              return helper.createCipher("RSA/NONE/PKCS1Padding");
            } catch (NoSuchAlgorithmException ex) {
              // Ignore
            }
          }
          // Ignore
        }
      }

      return helper.createCipher(algorithm.getId());
    } catch (GeneralSecurityException e) {
      throw new OperatorCreationException("cannot create cipher: " + e.getMessage(), e);
    }
  }
Пример #2
0
  Cipher createSymmetricWrapper(ASN1ObjectIdentifier algorithm) throws OperatorCreationException {
    try {
      String cipherName = (String) symmetricWrapperAlgNames.get(algorithm);

      if (cipherName != null) {
        try {
          // this is reversed as the Sun policy files now allow unlimited strength RSA
          return helper.createCipher(cipherName);
        } catch (NoSuchAlgorithmException e) {
          // Ignore
        }
      }
      return helper.createCipher(algorithm.getId());
    } catch (GeneralSecurityException e) {
      throw new OperatorCreationException("cannot create cipher: " + e.getMessage(), e);
    }
  }
  public OutputEncryptor build() throws OperatorCreationException {
    final AlgorithmIdentifier algID;

    salt = new byte[20];

    if (random == null) {
      random = new SecureRandom();
    }

    random.nextBytes(salt);

    try {
      this.cipher = helper.createCipher(algOID.getId());

      if (PEMUtilities.isPKCS5Scheme2(algOID)) {
        this.paramGen = helper.createAlgorithmParameterGenerator(algOID.getId());
      } else {
        this.secKeyFact = helper.createSecretKeyFactory(algOID.getId());
      }
    } catch (GeneralSecurityException e) {
      throw new OperatorCreationException(algOID + " not available: " + e.getMessage(), e);
    }

    if (PEMUtilities.isPKCS5Scheme2(algOID)) {
      params = paramGen.generateParameters();

      try {
        KeyDerivationFunc scheme =
            new KeyDerivationFunc(algOID, ASN1Primitive.fromByteArray(params.getEncoded()));
        KeyDerivationFunc func =
            new KeyDerivationFunc(
                PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, iterationCount));

        ASN1EncodableVector v = new ASN1EncodableVector();

        v.add(func);
        v.add(scheme);

        algID =
            new AlgorithmIdentifier(
                PKCSObjectIdentifiers.id_PBES2, PBES2Parameters.getInstance(new DERSequence(v)));
      } catch (IOException e) {
        throw new OperatorCreationException(e.getMessage(), e);
      }

      key =
          PEMUtilities.generateSecretKeyForPKCS5Scheme2(
              algOID.getId(), password, salt, iterationCount);

      try {
        cipher.init(Cipher.ENCRYPT_MODE, key, params);
      } catch (GeneralSecurityException e) {
        throw new OperatorCreationException(e.getMessage(), e);
      }
    } else if (PEMUtilities.isPKCS12(algOID)) {
      ASN1EncodableVector v = new ASN1EncodableVector();

      v.add(new DEROctetString(salt));
      v.add(new ASN1Integer(iterationCount));

      algID = new AlgorithmIdentifier(algOID, PKCS12PBEParams.getInstance(new DERSequence(v)));

      try {
        PBEKeySpec pbeSpec = new PBEKeySpec(password);
        PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount);

        key = secKeyFact.generateSecret(pbeSpec);

        cipher.init(Cipher.ENCRYPT_MODE, key, defParams);
      } catch (GeneralSecurityException e) {
        throw new OperatorCreationException(e.getMessage(), e);
      }
    } else {
      throw new OperatorCreationException("unknown algorithm: " + algOID, null);
    }

    return new OutputEncryptor() {
      public AlgorithmIdentifier getAlgorithmIdentifier() {
        return algID;
      }

      public OutputStream getOutputStream(OutputStream encOut) {
        return new CipherOutputStream(encOut, cipher);
      }

      public GenericKey getKey() {
        return new JceGenericKey(algID, key);
      }
    };
  }