String getBaseCipherName(ASN1ObjectIdentifier algorithm) {
    String name = (String) BASE_CIPHER_NAMES.get(algorithm);

    if (name == null) {
      return algorithm.getId();
    }

    return name;
  }
  AlgorithmParameters createAlgorithmParameters(ASN1ObjectIdentifier algorithm)
      throws NoSuchAlgorithmException, NoSuchProviderException {
    String algorithmName = (String) BASE_CIPHER_NAMES.get(algorithm);

    if (algorithmName != null) {
      try {
        // this is reversed as the Sun policy files now allow unlimited strength RSA
        return helper.createAlgorithmParameters(algorithmName);
      } catch (NoSuchAlgorithmException e) {
        // Ignore
      }
    }
    return helper.createAlgorithmParameters(algorithm.getId());
  }
Пример #3
0
  public GOST3410ParameterSpec(
      String keyParamSetID, String digestParamSetOID, String encryptionParamSetOID) {
    GOST3410ParamSetParameters ecP = null;

    try {
      ecP = GOST3410NamedParameters.getByOID(new ASN1ObjectIdentifier(keyParamSetID));
    } catch (IllegalArgumentException e) {
      ASN1ObjectIdentifier oid = GOST3410NamedParameters.getOID(keyParamSetID);
      if (oid != null) {
        keyParamSetID = oid.getId();
        ecP = GOST3410NamedParameters.getByOID(oid);
      }
    }

    if (ecP == null) {
      throw new IllegalArgumentException("no key parameter set for passed in name/OID.");
    }

    this.keyParameters = new GOST3410PublicKeyParameterSetSpec(ecP.getP(), ecP.getQ(), ecP.getA());

    this.keyParamSetOID = keyParamSetID;
    this.digestParamSetOID = digestParamSetOID;
    this.encryptionParamSetOID = encryptionParamSetOID;
  }
  public KeyFactory createKeyFactory(ASN1ObjectIdentifier algorithm) throws CMSException {
    try {
      String cipherName = (String) BASE_CIPHER_NAMES.get(algorithm);

      if (cipherName != null) {
        try {
          // this is reversed as the Sun policy files now allow unlimited strength RSA
          return helper.createKeyFactory(cipherName);
        } catch (NoSuchAlgorithmException e) {
          // Ignore
        }
      }
      return helper.createKeyFactory(algorithm.getId());
    } catch (GeneralSecurityException e) {
      throw new CMSException("cannot create key factory: " + e.getMessage(), e);
    }
  }
  Mac createMac(ASN1ObjectIdentifier algorithm) throws CMSException {
    try {
      String macName = (String) MAC_ALG_NAMES.get(algorithm);

      if (macName != null) {
        try {
          // this is reversed as the Sun policy files now allow unlimited strength RSA
          return helper.createMac(macName);
        } catch (NoSuchAlgorithmException e) {
          // Ignore
        }
      }
      return helper.createMac(algorithm.getId());
    } catch (GeneralSecurityException e) {
      throw new CMSException("cannot create mac: " + e.getMessage(), e);
    }
  }
  AlgorithmParameters generateParameters(
      ASN1ObjectIdentifier encryptionOID, SecretKey encKey, SecureRandom rand) throws CMSException {
    try {
      AlgorithmParameterGenerator pGen = createAlgorithmParameterGenerator(encryptionOID);

      if (encryptionOID.equals(CMSAlgorithm.RC2_CBC)) {
        byte[] iv = new byte[8];

        rand.nextBytes(iv);

        try {
          pGen.init(new RC2ParameterSpec(encKey.getEncoded().length * 8, iv), rand);
        } catch (InvalidAlgorithmParameterException e) {
          throw new CMSException("parameters generation error: " + e, e);
        }
      }

      return pGen.generateParameters();
    } catch (NoSuchAlgorithmException e) {
      return null;
    } catch (GeneralSecurityException e) {
      throw new CMSException("exception creating algorithm parameter generator: " + e, e);
    }
  }
  public OutputEncryptor build() throws OperatorCreationException {
    final AlgorithmIdentifier algID;

    salt = new byte[20];

    if (random == null) {
      random = new SecureRandom();
    }

    random.nextBytes(salt);

    try {
      this.cipher = helper.createCipher(algOID.getId());

      if (PEMUtilities.isPKCS5Scheme2(algOID)) {
        this.paramGen = helper.createAlgorithmParameterGenerator(algOID.getId());
      } else {
        this.secKeyFact = helper.createSecretKeyFactory(algOID.getId());
      }
    } catch (GeneralSecurityException e) {
      throw new OperatorCreationException(algOID + " not available: " + e.getMessage(), e);
    }

    if (PEMUtilities.isPKCS5Scheme2(algOID)) {
      params = paramGen.generateParameters();

      try {
        KeyDerivationFunc scheme =
            new KeyDerivationFunc(algOID, ASN1Primitive.fromByteArray(params.getEncoded()));
        KeyDerivationFunc func =
            new KeyDerivationFunc(
                PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, iterationCount));

        ASN1EncodableVector v = new ASN1EncodableVector();

        v.add(func);
        v.add(scheme);

        algID =
            new AlgorithmIdentifier(
                PKCSObjectIdentifiers.id_PBES2, PBES2Parameters.getInstance(new DERSequence(v)));
      } catch (IOException e) {
        throw new OperatorCreationException(e.getMessage(), e);
      }

      key =
          PEMUtilities.generateSecretKeyForPKCS5Scheme2(
              algOID.getId(), password, salt, iterationCount);

      try {
        cipher.init(Cipher.ENCRYPT_MODE, key, params);
      } catch (GeneralSecurityException e) {
        throw new OperatorCreationException(e.getMessage(), e);
      }
    } else if (PEMUtilities.isPKCS12(algOID)) {
      ASN1EncodableVector v = new ASN1EncodableVector();

      v.add(new DEROctetString(salt));
      v.add(new ASN1Integer(iterationCount));

      algID = new AlgorithmIdentifier(algOID, PKCS12PBEParams.getInstance(new DERSequence(v)));

      try {
        PBEKeySpec pbeSpec = new PBEKeySpec(password);
        PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount);

        key = secKeyFact.generateSecret(pbeSpec);

        cipher.init(Cipher.ENCRYPT_MODE, key, defParams);
      } catch (GeneralSecurityException e) {
        throw new OperatorCreationException(e.getMessage(), e);
      }
    } else {
      throw new OperatorCreationException("unknown algorithm: " + algOID, null);
    }

    return new OutputEncryptor() {
      public AlgorithmIdentifier getAlgorithmIdentifier() {
        return algID;
      }

      public OutputStream getOutputStream(OutputStream encOut) {
        return new CipherOutputStream(encOut, cipher);
      }

      public GenericKey getKey() {
        return new JceGenericKey(algID, key);
      }
    };
  }