private static void runTest(String alg, byte[] plaintext, char[] password, Provider p) throws Exception { Cipher cipher = Cipher.getInstance(alg, p); PBEKeySpec pbeKeySpec = new PBEKeySpec(password); SecretKeyFactory keyFac = SecretKeyFactory.getInstance("PBE", p); AlgorithmParameters pbeParams = null; SecretKey key = keyFac.generateSecret(pbeKeySpec); cipher.init(Cipher.ENCRYPT_MODE, key, pbeParams); byte[] enc1 = cipher.doFinal(plaintext); byte[] enc2 = cipher.doFinal(plaintext); if (Arrays.equals(enc1, enc2) == false) { throw new Exception("Re-encryption test failed"); } pbeParams = cipher.getParameters(); cipher.init(Cipher.DECRYPT_MODE, key, pbeParams); byte[] dec = cipher.doFinal(enc1); if (Arrays.equals(plaintext, dec) == false) { throw new Exception("decryption test for " + alg + " failed"); } PBEParameterSpec spec = (PBEParameterSpec) pbeParams.getParameterSpec(PBEParameterSpec.class); PBEKey key2 = new MyPBEKey(password, spec.getSalt(), spec.getIterationCount()); cipher.init(Cipher.DECRYPT_MODE, key2, pbeParams); byte[] dec2 = cipher.doFinal(enc1); if (Arrays.equals(dec2, dec) == false) { throw new Exception("Re-decryption test#1 failed"); } cipher.init(Cipher.DECRYPT_MODE, key2, (AlgorithmParameters) null); byte[] dec3 = cipher.doFinal(enc1); if (Arrays.equals(dec3, dec) == false) { throw new Exception("Re-decryption test#2 failed"); } System.out.println("passed: " + alg); }
private static SecretKey createPBEKey(byte[] salt, String password) throws NoSuchAlgorithmException, InvalidKeySpecException { if (password == null || password.length() == 0) { throw new IllegalArgumentException(L10nUtil.getMessage(MessageCodes.PBE_PASSWORD_ZERO_LENGTH_ERROR, DefaultMessages.PBE_PASSWORD_ZERO_LENGTH_ERROR)); } SecretKeyFactory factory = SecretKeyFactory.getInstance(PBE_KEY_ALGORITHM); PBEKey pbeKey = (PBEKey) factory.generateSecret(new PBEKeySpec(password.toCharArray(), salt, PBE_KEY_ITERATIONS, SYMMETRIC_KEY_LENGTH)); // int rounds = PBE_KEY_ITERATIONS; // PBEKey pbeKey = (PBEKey) factory.generateSecret(new PBEKeySpec(password.toCharArray(), salt, rounds, SYMMETRIC_KEY_LENGTH)); // if ((rounds = Settings.getInt(SettingCodes.PBE_KEY_ITERATIONS, Bundle.SETTINGS, DefaultSettings.PBE_KEY_ITERATIONS)) > 1) { // factory.generateSecret(new PBEKeySpec(password.toCharArray(), salt, rounds - 1, SYMMETRIC_KEY_LENGTH)); // } return new SecretKeySpec(pbeKey.getEncoded(), SYMMETRIC_ALGORITHM); }
protected void engineInit(int opmode, Key key, SecureRandom random) throws InvalidKeyException { if (! (key instanceof PBEKey)) throw new InvalidKeyException("not a PBE key"); super.engineInit(opmode, genkey((PBEKey) key), random); }
protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException { if (! (key instanceof PBEKey)) throw new InvalidKeyException("not a PBE key"); super.engineInit(opmode, genkey((PBEKey) key), params, random); }
protected void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException { if (! (key instanceof PBEKey)) throw new InvalidKeyException("not a PBE key"); super.engineInit(opmode, genkey((PBEKey) key), params, random); }
private SecretKeySpec genkey(PBEKey key) throws InvalidKeyException { IRandom kdf = PRNGFactory.getInstance("PBKDF2-" + macName); if (kdf == null) throw new IllegalArgumentException("no such KDF: PBKDF2-" + macName); HashMap attrib = new HashMap(); attrib.put(IPBE.ITERATION_COUNT, Integer.valueOf(key.getIterationCount())); attrib.put(IPBE.PASSWORD, key.getPassword()); attrib.put(IPBE.SALT, key.getSalt()); try { kdf.init(attrib); } catch (IllegalArgumentException iae) { throw new InvalidKeyException(iae.toString()); } byte[] dk = new byte[mode.defaultKeySize()]; try { kdf.nextBytes(dk, 0, dk.length); } catch (LimitReachedException shouldNotHappen) { throw new Error(String.valueOf(shouldNotHappen)); } return new SecretKeySpec(dk, cipher.name()); }