Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/pkix/src/main/java/org/spongycastle/cms/bc/BcPasswordRecipient.java
diff options
context:
space:
mode:
Diffstat (limited to 'pkix/src/main/java/org/spongycastle/cms/bc/BcPasswordRecipient.java')
-rw-r--r--pkix/src/main/java/org/spongycastle/cms/bc/BcPasswordRecipient.java75
1 files changed, 75 insertions, 0 deletions
diff --git a/pkix/src/main/java/org/spongycastle/cms/bc/BcPasswordRecipient.java b/pkix/src/main/java/org/spongycastle/cms/bc/BcPasswordRecipient.java
new file mode 100644
index 00000000..679f4144
--- /dev/null
+++ b/pkix/src/main/java/org/spongycastle/cms/bc/BcPasswordRecipient.java
@@ -0,0 +1,75 @@
+package org.spongycastle.cms.bc;
+
+import org.spongycastle.asn1.ASN1OctetString;
+import org.spongycastle.asn1.pkcs.PBKDF2Params;
+import org.spongycastle.asn1.x509.AlgorithmIdentifier;
+import org.spongycastle.cms.CMSException;
+import org.spongycastle.cms.PasswordRecipient;
+import org.spongycastle.crypto.InvalidCipherTextException;
+import org.spongycastle.crypto.Wrapper;
+import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator;
+import org.spongycastle.crypto.params.KeyParameter;
+import org.spongycastle.crypto.params.ParametersWithIV;
+
+/**
+ * the RecipientInfo class for a recipient who has been sent a message
+ * encrypted using a password.
+ */
+public abstract class BcPasswordRecipient
+ implements PasswordRecipient
+{
+ private int schemeID = PasswordRecipient.PKCS5_SCHEME2_UTF8;
+ private char[] password;
+
+ BcPasswordRecipient(
+ char[] password)
+ {
+ this.password = password;
+ }
+
+ public BcPasswordRecipient setPasswordConversionScheme(int schemeID)
+ {
+ this.schemeID = schemeID;
+
+ return this;
+ }
+
+ protected KeyParameter extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey)
+ throws CMSException
+ {
+ Wrapper keyEncryptionCipher = EnvelopedDataHelper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm());
+
+ keyEncryptionCipher.init(false, new ParametersWithIV(new KeyParameter(derivedKey), ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets()));
+
+ try
+ {
+ return new KeyParameter(keyEncryptionCipher.unwrap(encryptedContentEncryptionKey, 0, encryptedContentEncryptionKey.length));
+ }
+ catch (InvalidCipherTextException e)
+ {
+ throw new CMSException("unable to unwrap key: " + e.getMessage(), e);
+ }
+ }
+
+ public byte[] calculateDerivedKey(byte[] encodedPassword, AlgorithmIdentifier derivationAlgorithm, int keySize)
+ throws CMSException
+ {
+ PBKDF2Params params = PBKDF2Params.getInstance(derivationAlgorithm.getParameters());
+
+ PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator();
+
+ gen.init(encodedPassword, params.getSalt(), params.getIterationCount().intValue());
+
+ return ((KeyParameter)gen.generateDerivedParameters(keySize)).getKey();
+ }
+
+ public int getPasswordConversionScheme()
+ {
+ return schemeID;
+ }
+
+ public char[] getPassword()
+ {
+ return password;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-04 17:10:06 +0300