001: package org.bouncycastle.jce.provider;
002:
003: import java.lang.reflect.Constructor;
004: import java.security.InvalidKeyException;
005: import java.security.spec.InvalidKeySpecException;
006: import java.security.spec.KeySpec;
007:
008: import javax.crypto.SecretKey;
009: import javax.crypto.SecretKeyFactorySpi;
010: import javax.crypto.spec.DESKeySpec;
011: import javax.crypto.spec.DESedeKeySpec;
012: import javax.crypto.spec.PBEKeySpec;
013: import javax.crypto.spec.SecretKeySpec;
014:
015: import org.bouncycastle.asn1.DERObjectIdentifier;
016: import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
017: import org.bouncycastle.crypto.CipherParameters;
018: import org.bouncycastle.crypto.params.DESParameters;
019: import org.bouncycastle.crypto.params.KeyParameter;
020: import org.bouncycastle.crypto.params.ParametersWithIV;
021:
022: public class JCESecretKeyFactory extends SecretKeyFactorySpi implements
023: PBE {
024: protected String algName;
025: protected DERObjectIdentifier algOid;
026:
027: protected JCESecretKeyFactory(String algName,
028: DERObjectIdentifier algOid) {
029: this .algName = algName;
030: this .algOid = algOid;
031: }
032:
033: protected SecretKey engineGenerateSecret(KeySpec keySpec)
034: throws InvalidKeySpecException {
035: if (keySpec instanceof SecretKeySpec) {
036: return (SecretKey) keySpec;
037: }
038:
039: throw new InvalidKeySpecException("Invalid KeySpec");
040: }
041:
042: protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec)
043: throws InvalidKeySpecException {
044: if (keySpec == null) {
045: throw new InvalidKeySpecException(
046: "keySpec parameter is null");
047: }
048: if (key == null) {
049: throw new InvalidKeySpecException("key parameter is null");
050: }
051:
052: if (SecretKeySpec.class.isAssignableFrom(keySpec)) {
053: return new SecretKeySpec(key.getEncoded(), algName);
054: }
055:
056: try {
057: Class[] parameters = { byte[].class };
058:
059: Constructor c = keySpec.getConstructor(parameters);
060: Object[] p = new Object[1];
061:
062: p[0] = key.getEncoded();
063:
064: return (KeySpec) c.newInstance(p);
065: } catch (Exception e) {
066: throw new InvalidKeySpecException(e.toString());
067: }
068: }
069:
070: protected SecretKey engineTranslateKey(SecretKey key)
071: throws InvalidKeyException {
072: if (key == null) {
073: throw new InvalidKeyException("key parameter is null");
074: }
075:
076: if (!key.getAlgorithm().equalsIgnoreCase(algName)) {
077: throw new InvalidKeyException("Key not of type " + algName
078: + ".");
079: }
080:
081: return new SecretKeySpec(key.getEncoded(), algName);
082: }
083:
084: /*
085: * classes that inherit from us
086: */
087:
088: static public class PBEKeyFactory extends JCESecretKeyFactory {
089: private boolean forCipher;
090: private int scheme;
091: private int digest;
092: private int keySize;
093: private int ivSize;
094:
095: public PBEKeyFactory(String algorithm, DERObjectIdentifier oid,
096: boolean forCipher, int scheme, int digest, int keySize,
097: int ivSize) {
098: super (algorithm, oid);
099:
100: this .forCipher = forCipher;
101: this .scheme = scheme;
102: this .digest = digest;
103: this .keySize = keySize;
104: this .ivSize = ivSize;
105: }
106:
107: protected SecretKey engineGenerateSecret(KeySpec keySpec)
108: throws InvalidKeySpecException {
109: if (keySpec instanceof PBEKeySpec) {
110: PBEKeySpec pbeSpec = (PBEKeySpec) keySpec;
111: CipherParameters param;
112:
113: if (pbeSpec.getSalt() == null) {
114: return new JCEPBEKey(this .algName, this .algOid,
115: scheme, digest, keySize, ivSize, pbeSpec,
116: null);
117: }
118:
119: if (forCipher) {
120: param = Util.makePBEParameters(pbeSpec, scheme,
121: digest, keySize, ivSize);
122: } else {
123: param = Util.makePBEMacParameters(pbeSpec, scheme,
124: digest, keySize);
125: }
126:
127: return new JCEPBEKey(this .algName, this .algOid, scheme,
128: digest, keySize, ivSize, pbeSpec, param);
129: }
130:
131: throw new InvalidKeySpecException("Invalid KeySpec");
132: }
133: }
134:
135: static public class DESPBEKeyFactory extends JCESecretKeyFactory {
136: private boolean forCipher;
137: private int scheme;
138: private int digest;
139: private int keySize;
140: private int ivSize;
141:
142: public DESPBEKeyFactory(String algorithm,
143: DERObjectIdentifier oid, boolean forCipher, int scheme,
144: int digest, int keySize, int ivSize) {
145: super (algorithm, oid);
146:
147: this .forCipher = forCipher;
148: this .scheme = scheme;
149: this .digest = digest;
150: this .keySize = keySize;
151: this .ivSize = ivSize;
152: }
153:
154: protected SecretKey engineGenerateSecret(KeySpec keySpec)
155: throws InvalidKeySpecException {
156: if (keySpec instanceof PBEKeySpec) {
157: PBEKeySpec pbeSpec = (PBEKeySpec) keySpec;
158: CipherParameters param;
159:
160: if (pbeSpec.getSalt() == null) {
161: return new JCEPBEKey(this .algName, this .algOid,
162: scheme, digest, keySize, ivSize, pbeSpec,
163: null);
164: }
165:
166: if (forCipher) {
167: param = Util.makePBEParameters(pbeSpec, scheme,
168: digest, keySize, ivSize);
169: } else {
170: param = Util.makePBEMacParameters(pbeSpec, scheme,
171: digest, keySize);
172: }
173:
174: if (param instanceof ParametersWithIV) {
175: KeyParameter kParam = (KeyParameter) ((ParametersWithIV) param)
176: .getParameters();
177:
178: DESParameters.setOddParity(kParam.getKey());
179: } else {
180: KeyParameter kParam = (KeyParameter) param;
181:
182: DESParameters.setOddParity(kParam.getKey());
183: }
184:
185: return new JCEPBEKey(this .algName, this .algOid, scheme,
186: digest, keySize, ivSize, pbeSpec, param);
187: }
188:
189: throw new InvalidKeySpecException("Invalid KeySpec");
190: }
191: }
192:
193: static public class DES extends JCESecretKeyFactory {
194: public DES() {
195: super ("DES", null);
196: }
197:
198: protected SecretKey engineGenerateSecret(KeySpec keySpec)
199: throws InvalidKeySpecException {
200: if (keySpec instanceof DESKeySpec) {
201: DESKeySpec desKeySpec = (DESKeySpec) keySpec;
202: return new SecretKeySpec(desKeySpec.getKey(), "DES");
203: }
204:
205: return super .engineGenerateSecret(keySpec);
206: }
207: }
208:
209: static public class DESede extends JCESecretKeyFactory {
210: public DESede() {
211: super ("DESede", null);
212: }
213:
214: protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec)
215: throws InvalidKeySpecException {
216: if (keySpec == null) {
217: throw new InvalidKeySpecException(
218: "keySpec parameter is null");
219: }
220: if (key == null) {
221: throw new InvalidKeySpecException(
222: "key parameter is null");
223: }
224:
225: if (SecretKeySpec.class.isAssignableFrom(keySpec)) {
226: return new SecretKeySpec(key.getEncoded(), algName);
227: } else if (DESedeKeySpec.class.isAssignableFrom(keySpec)) {
228: byte[] bytes = key.getEncoded();
229:
230: try {
231: if (bytes.length == 16) {
232: byte[] longKey = new byte[24];
233:
234: System.arraycopy(bytes, 0, longKey, 0, 16);
235: System.arraycopy(bytes, 0, longKey, 16, 8);
236:
237: return new DESedeKeySpec(longKey);
238: } else {
239: return new DESedeKeySpec(bytes);
240: }
241: } catch (Exception e) {
242: throw new InvalidKeySpecException(e.toString());
243: }
244: }
245:
246: throw new InvalidKeySpecException("Invalid KeySpec");
247: }
248:
249: protected SecretKey engineGenerateSecret(KeySpec keySpec)
250: throws InvalidKeySpecException {
251: if (keySpec instanceof DESedeKeySpec) {
252: DESedeKeySpec desKeySpec = (DESedeKeySpec) keySpec;
253: return new SecretKeySpec(desKeySpec.getKey(), "DESede");
254: }
255:
256: return super .engineGenerateSecret(keySpec);
257: }
258: }
259:
260: /**
261: * PBEWithMD5AndDES
262: */
263: static public class PBEWithMD5AndDES extends DESPBEKeyFactory {
264: public PBEWithMD5AndDES() {
265: super ("PBEwithMD5andDES", null, true, PKCS5S1, MD5, 64, 64);
266: }
267: }
268:
269: /**
270: * PBEWithMD5AndRC2
271: */
272: static public class PBEWithMD5AndRC2 extends PBEKeyFactory {
273: public PBEWithMD5AndRC2() {
274: super ("PBEwithMD5andRC2", null, true, PKCS5S1, MD5, 64, 64);
275: }
276: }
277:
278: /**
279: * PBEWithSHA1AndDES
280: */
281: static public class PBEWithSHA1AndDES extends PBEKeyFactory {
282: public PBEWithSHA1AndDES() {
283: super ("PBEwithSHA1andDES", null, true, PKCS5S1, SHA1, 64,
284: 64);
285: }
286: }
287:
288: /**
289: * PBEWithSHA1AndRC2
290: */
291: static public class PBEWithSHA1AndRC2 extends PBEKeyFactory {
292: public PBEWithSHA1AndRC2() {
293: super ("PBEwithSHA1andRC2", null, true, PKCS5S1, SHA1, 64,
294: 64);
295: }
296: }
297:
298: /**
299: * PBEWithSHAAnd3-KeyTripleDES-CBC
300: */
301: static public class PBEWithSHAAndDES3Key extends PBEKeyFactory {
302: public PBEWithSHAAndDES3Key() {
303: super (
304: "PBEwithSHAandDES3Key-CBC",
305: PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC,
306: true, PKCS12, SHA1, 192, 64);
307: }
308: }
309:
310: /**
311: * PBEWithSHAAnd2-KeyTripleDES-CBC
312: */
313: static public class PBEWithSHAAndDES2Key extends PBEKeyFactory {
314: public PBEWithSHAAndDES2Key() {
315: super (
316: "PBEwithSHAandDES2Key-CBC",
317: PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC,
318: true, PKCS12, SHA1, 128, 64);
319: }
320: }
321:
322: /**
323: * PBEWithSHAAnd128BitRC2-CBC
324: */
325: static public class PBEWithSHAAnd128BitRC2 extends PBEKeyFactory {
326: public PBEWithSHAAnd128BitRC2() {
327: super ("PBEwithSHAand128BitRC2-CBC",
328: PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC,
329: true, PKCS12, SHA1, 128, 64);
330: }
331: }
332:
333: /**
334: * PBEWithSHAAnd40BitRC2-CBC
335: */
336: static public class PBEWithSHAAnd40BitRC2 extends PBEKeyFactory {
337: public PBEWithSHAAnd40BitRC2() {
338: super ("PBEwithSHAand40BitRC2-CBC",
339: PKCSObjectIdentifiers.pbewithSHAAnd40BitRC2_CBC,
340: true, PKCS12, SHA1, 40, 64);
341: }
342: }
343:
344: /**
345: * PBEWithSHAAndTwofish-CBC
346: */
347: static public class PBEWithSHAAndTwofish extends PBEKeyFactory {
348: public PBEWithSHAAndTwofish() {
349: super ("PBEwithSHAandTwofish-CBC", null, true, PKCS12, SHA1,
350: 256, 128);
351: }
352: }
353:
354: /**
355: * PBEWithSHAAndIDEA-CBC
356: */
357: static public class PBEWithSHAAndIDEA extends PBEKeyFactory {
358: public PBEWithSHAAndIDEA() {
359: super ("PBEwithSHAandIDEA-CBC", null, true, PKCS12, SHA1,
360: 128, 64);
361: }
362: }
363:
364: /**
365: * PBEWithSHAAnd128BitRC4
366: */
367: static public class PBEWithSHAAnd128BitRC4 extends PBEKeyFactory {
368: public PBEWithSHAAnd128BitRC4() {
369: super ("PBEWithSHAAnd128BitRC4",
370: PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, true,
371: PKCS12, SHA1, 128, 0);
372: }
373: }
374:
375: /**
376: * PBEWithSHAAnd40BitRC4
377: */
378: static public class PBEWithSHAAnd40BitRC4 extends PBEKeyFactory {
379: public PBEWithSHAAnd40BitRC4() {
380: super ("PBEWithSHAAnd128BitRC4",
381: PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, true,
382: PKCS12, SHA1, 40, 0);
383: }
384: }
385:
386: /**
387: * PBEWithHmacRIPEMD160
388: */
389: public static class PBEWithRIPEMD160 extends PBEKeyFactory {
390: public PBEWithRIPEMD160() {
391: super ("PBEwithHmacRIPEMD160", null, false, PKCS12,
392: RIPEMD160, 160, 0);
393: }
394: }
395:
396: /**
397: * PBEWithHmacSHA
398: */
399: public static class PBEWithSHA extends PBEKeyFactory {
400: public PBEWithSHA() {
401: super ("PBEwithHmacSHA", null, false, PKCS12, SHA1, 160, 0);
402: }
403: }
404:
405: /**
406: * PBEWithHmacTiger
407: */
408: public static class PBEWithTiger extends PBEKeyFactory {
409: public PBEWithTiger() {
410: super ("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192,
411: 0);
412: }
413: }
414:
415: /**
416: * PBEWithSHA1And128BitAES-BC
417: */
418: static public class PBEWithSHAAnd128BitAESBC extends PBEKeyFactory {
419: public PBEWithSHAAnd128BitAESBC() {
420: super ("PBEWithSHA1And128BitAES-CBC-BC", null, true, PKCS12,
421: SHA1, 128, 128);
422: }
423: }
424:
425: /**
426: * PBEWithSHA1And192BitAES-BC
427: */
428: static public class PBEWithSHAAnd192BitAESBC extends PBEKeyFactory {
429: public PBEWithSHAAnd192BitAESBC() {
430: super ("PBEWithSHA1And192BitAES-CBC-BC", null, true, PKCS12,
431: SHA1, 192, 128);
432: }
433: }
434:
435: /**
436: * PBEWithSHA1And256BitAES-BC
437: */
438: static public class PBEWithSHAAnd256BitAESBC extends PBEKeyFactory {
439: public PBEWithSHAAnd256BitAESBC() {
440: super ("PBEWithSHA1And256BitAES-CBC-BC", null, true, PKCS12,
441: SHA1, 256, 128);
442: }
443: }
444:
445: /**
446: * PBEWithSHA256And128BitAES-BC
447: */
448: static public class PBEWithSHA256And128BitAESBC extends
449: PBEKeyFactory {
450: public PBEWithSHA256And128BitAESBC() {
451: super ("PBEWithSHA256And128BitAES-CBC-BC", null, true,
452: PKCS12, SHA256, 128, 128);
453: }
454: }
455:
456: /**
457: * PBEWithSHA256And192BitAES-BC
458: */
459: static public class PBEWithSHA256And192BitAESBC extends
460: PBEKeyFactory {
461: public PBEWithSHA256And192BitAESBC() {
462: super ("PBEWithSHA256And192BitAES-CBC-BC", null, true,
463: PKCS12, SHA256, 192, 128);
464: }
465: }
466:
467: /**
468: * PBEWithSHA256And256BitAES-BC
469: */
470: static public class PBEWithSHA256And256BitAESBC extends
471: PBEKeyFactory {
472: public PBEWithSHA256And256BitAESBC() {
473: super ("PBEWithSHA256And256BitAES-CBC-BC", null, true,
474: PKCS12, SHA256, 256, 128);
475: }
476: }
477:
478: /**
479: * PBEWithMD5And128BitAES-OpenSSL
480: */
481: static public class PBEWithMD5And128BitAESCBCOpenSSL extends
482: PBEKeyFactory {
483: public PBEWithMD5And128BitAESCBCOpenSSL() {
484: super ("PBEWithMD5And128BitAES-CBC-OpenSSL", null, true,
485: OPENSSL, MD5, 128, 128);
486: }
487: }
488:
489: /**
490: * PBEWithMD5And192BitAES-OpenSSL
491: */
492: static public class PBEWithMD5And192BitAESCBCOpenSSL extends
493: PBEKeyFactory {
494: public PBEWithMD5And192BitAESCBCOpenSSL() {
495: super ("PBEWithMD5And192BitAES-CBC-OpenSSL", null, true,
496: OPENSSL, MD5, 192, 128);
497: }
498: }
499:
500: /**
501: * PBEWithMD5And256BitAES-OpenSSL
502: */
503: static public class PBEWithMD5And256BitAESCBCOpenSSL extends
504: PBEKeyFactory {
505: public PBEWithMD5And256BitAESCBCOpenSSL() {
506: super ("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true,
507: OPENSSL, MD5, 256, 128);
508: }
509: }
510: }
|