From 9d86fa64cab222f265c18994eab1d7a5db786da7 Mon Sep 17 00:00:00 2001 From: David Hook Date: Sat, 1 Jun 2013 09:08:23 +1000 Subject: other jdk import --- .../cert/crmf/jcajce/JceCRMFEncryptorBuilder.java | 135 +++++++++++++++++ .../bouncycastle/cert/jcajce/JcaAttrCertStore.java | 72 +++++++++ .../cms/bc/BcCMSContentEncryptorBuilder.java | 124 ++++++++++++++++ .../cms/jcajce/JceCMSContentEncryptorBuilder.java | 161 +++++++++++++++++++++ .../cms/jcajce/JceCMSMacCalculatorBuilder.java | 155 ++++++++++++++++++++ 5 files changed, 647 insertions(+) create mode 100644 pkix/src/main/jdk1.2/org/bouncycastle/cert/crmf/jcajce/JceCRMFEncryptorBuilder.java create mode 100644 pkix/src/main/jdk1.2/org/bouncycastle/cert/jcajce/JcaAttrCertStore.java create mode 100644 pkix/src/main/jdk1.2/org/bouncycastle/cms/bc/BcCMSContentEncryptorBuilder.java create mode 100644 pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java create mode 100644 pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java (limited to 'pkix/src/main/jdk1.2/org/bouncycastle') diff --git a/pkix/src/main/jdk1.2/org/bouncycastle/cert/crmf/jcajce/JceCRMFEncryptorBuilder.java b/pkix/src/main/jdk1.2/org/bouncycastle/cert/crmf/jcajce/JceCRMFEncryptorBuilder.java new file mode 100644 index 00000000..6face4cc --- /dev/null +++ b/pkix/src/main/jdk1.2/org/bouncycastle/cert/crmf/jcajce/JceCRMFEncryptorBuilder.java @@ -0,0 +1,135 @@ +package org.bouncycastle.cert.crmf.jcajce; + +import java.io.OutputStream; +import java.security.AlgorithmParameters; +import java.security.GeneralSecurityException; +import java.security.Provider; +import java.security.SecureRandom; + +import javax.crypto.Cipher; +import javax.crypto.CipherOutputStream; +import javax.crypto.KeyGenerator; +import javax.crypto.SecretKey; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cert.crmf.CRMFException; +import org.bouncycastle.jcajce.DefaultJcaJceHelper; +import org.bouncycastle.jcajce.NamedJcaJceHelper; +import org.bouncycastle.jcajce.ProviderJcaJceHelper; +import org.bouncycastle.operator.GenericKey; +import org.bouncycastle.operator.OutputEncryptor; + +public class JceCRMFEncryptorBuilder +{ + private ASN1ObjectIdentifier encryptionOID; + private int keySize; + + private CRMFHelper helper = new CRMFHelper(new DefaultJcaJceHelper()); + private SecureRandom random; + + public JceCRMFEncryptorBuilder(ASN1ObjectIdentifier encryptionOID) + { + this(encryptionOID, -1); + } + + public JceCRMFEncryptorBuilder(ASN1ObjectIdentifier encryptionOID, int keySize) + { + this.encryptionOID = encryptionOID; + this.keySize = keySize; + } + + public JceCRMFEncryptorBuilder setProvider(Provider provider) + { + this.helper = new CRMFHelper(new ProviderJcaJceHelper(provider)); + + return this; + } + + public JceCRMFEncryptorBuilder setProvider(String providerName) + { + this.helper = new CRMFHelper(new NamedJcaJceHelper(providerName)); + + return this; + } + + public JceCRMFEncryptorBuilder setSecureRandom(SecureRandom random) + { + this.random = random; + + return this; + } + + public OutputEncryptor build() + throws CRMFException + { + return new CRMFOutputEncryptor(encryptionOID, keySize, random); + } + + private class CRMFOutputEncryptor + implements OutputEncryptor + { + private SecretKey encKey; + private AlgorithmIdentifier algorithmIdentifier; + private Cipher cipher; + + CRMFOutputEncryptor(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random) + throws CRMFException + { + KeyGenerator keyGen = helper.createKeyGenerator(encryptionOID); + + if (random == null) + { + random = new SecureRandom(); + } + + if (keySize < 0) + { + keyGen.init(random); + } + else + { + keyGen.init(keySize, random); + } + + cipher = helper.createCipher(encryptionOID); + encKey = keyGen.generateKey(); + AlgorithmParameters params = helper.generateParameters(encryptionOID, encKey, random); + + try + { + cipher.init(Cipher.ENCRYPT_MODE, encKey, params, random); + } + catch (GeneralSecurityException e) + { + throw new CRMFException("unable to initialize cipher: " + e.getMessage(), e); + } + + // + // If params are null we try and second guess on them as some providers don't provide + // algorithm parameter generation explicity but instead generate them under the hood. + // + if (params == null) + { + params = cipher.getParameters(); + } + + algorithmIdentifier = helper.getAlgorithmIdentifier(encryptionOID, params); + } + + public AlgorithmIdentifier getAlgorithmIdentifier() + { + return algorithmIdentifier; + } + + public OutputStream getOutputStream(OutputStream dOut) + { + return new CipherOutputStream(dOut, cipher); + } + + public GenericKey getKey() + { + return new GenericKey(encKey); + } + } +} diff --git a/pkix/src/main/jdk1.2/org/bouncycastle/cert/jcajce/JcaAttrCertStore.java b/pkix/src/main/jdk1.2/org/bouncycastle/cert/jcajce/JcaAttrCertStore.java new file mode 100644 index 00000000..e3158c03 --- /dev/null +++ b/pkix/src/main/jdk1.2/org/bouncycastle/cert/jcajce/JcaAttrCertStore.java @@ -0,0 +1,72 @@ +package org.bouncycastle.cert.jcajce; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.Iterator; +import java.util.List; + +import org.bouncycastle.util.CollectionStore; +import org.bouncycastle.x509.X509AttributeCertificate; + +/** + * Class for storing Attribute Certificates for later lookup. + *

+ * The class will convert X509AttributeCertificate objects into X509AttributeCertificateHolder objects. + *

+ */ +public class JcaAttrCertStore + extends CollectionStore +{ + /** + * Basic constructor. + * + * @param collection - initial contents for the store, this is copied. + */ + public JcaAttrCertStore(Collection collection) + throws IOException + { + super(convertCerts(collection)); + } + + public JcaAttrCertStore(X509AttributeCertificate attrCert) + throws IOException + { + this(convertCert(attrCert)); + } + + private static Collection convertCert(X509AttributeCertificate attrCert) + throws IOException + { + List tmp = new ArrayList(); + + tmp.add(attrCert); + + return convertCerts(tmp); + } + + private static Collection convertCerts(Collection collection) + throws IOException + { + List list = new ArrayList(collection.size()); + + for (Iterator it = collection.iterator(); it.hasNext();) + { + Object o = it.next(); + + if (o instanceof X509AttributeCertificate) + { + X509AttributeCertificate cert = (X509AttributeCertificate)o; + + list.add(new JcaX509AttributeCertificateHolder(cert)); + } + else + { + list.add(o); + } + } + + return list; + } +} diff --git a/pkix/src/main/jdk1.2/org/bouncycastle/cms/bc/BcCMSContentEncryptorBuilder.java b/pkix/src/main/jdk1.2/org/bouncycastle/cms/bc/BcCMSContentEncryptorBuilder.java new file mode 100644 index 00000000..5d1a2a66 --- /dev/null +++ b/pkix/src/main/jdk1.2/org/bouncycastle/cms/bc/BcCMSContentEncryptorBuilder.java @@ -0,0 +1,124 @@ +package org.bouncycastle.cms.bc; + +import java.io.OutputStream; +import java.security.SecureRandom; +import java.util.HashMap; +import java.util.Map; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cms.CMSAlgorithm; +import org.bouncycastle.cms.CMSException; +import org.bouncycastle.crypto.BufferedBlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.StreamCipher; +import org.bouncycastle.crypto.io.CipherOutputStream; +import org.bouncycastle.crypto.params.KeyParameter; +import org.bouncycastle.operator.GenericKey; +import org.bouncycastle.operator.OutputEncryptor; +import org.bouncycastle.util.Integers; + +public class BcCMSContentEncryptorBuilder +{ + private static Map keySizes = new HashMap(); + + static + { + keySizes.put(CMSAlgorithm.AES128_CBC, Integers.valueOf(128)); + keySizes.put(CMSAlgorithm.AES192_CBC, Integers.valueOf(192)); + keySizes.put(CMSAlgorithm.AES256_CBC, Integers.valueOf(256)); + + keySizes.put(CMSAlgorithm.CAMELLIA128_CBC, Integers.valueOf(128)); + keySizes.put(CMSAlgorithm.CAMELLIA192_CBC, Integers.valueOf(192)); + keySizes.put(CMSAlgorithm.CAMELLIA256_CBC, Integers.valueOf(256)); + } + + private static int getKeySize(ASN1ObjectIdentifier oid) + { + Integer size = (Integer)keySizes.get(oid); + + if (size != null) + { + return size.intValue(); + } + + return -1; + } + + private ASN1ObjectIdentifier encryptionOID; + private int keySize; + + private EnvelopedDataHelper helper = new EnvelopedDataHelper(); + private SecureRandom random; + + public BcCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID) + { + this(encryptionOID, getKeySize(encryptionOID)); + } + + public BcCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID, int keySize) + { + this.encryptionOID = encryptionOID; + this.keySize = keySize; + } + + public BcCMSContentEncryptorBuilder setSecureRandom(SecureRandom random) + { + this.random = random; + + return this; + } + + public OutputEncryptor build() + throws CMSException + { + return new CMSOutputEncryptor(encryptionOID, keySize, random); + } + + private class CMSOutputEncryptor + implements OutputEncryptor + { + private KeyParameter encKey; + private AlgorithmIdentifier algorithmIdentifier; + private Object cipher; + + CMSOutputEncryptor(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random) + throws CMSException + { + if (random == null) + { + random = new SecureRandom(); + } + + CipherKeyGenerator keyGen = helper.createKeyGenerator(encryptionOID, random); + + encKey = new KeyParameter(keyGen.generateKey()); + + algorithmIdentifier = helper.generateAlgorithmIdentifier(encryptionOID, encKey, random); + + cipher = helper.createContentCipher(true, encKey, algorithmIdentifier); + } + + public AlgorithmIdentifier getAlgorithmIdentifier() + { + return algorithmIdentifier; + } + + public OutputStream getOutputStream(OutputStream dOut) + { + if (cipher instanceof BufferedBlockCipher) + { + return new CipherOutputStream(dOut, (BufferedBlockCipher)cipher); + } + else + { + return new CipherOutputStream(dOut, (StreamCipher)cipher); + } + } + + public GenericKey getKey() + { + return new GenericKey(algorithmIdentifier, encKey.getKey()); + } + } +} diff --git a/pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java b/pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java new file mode 100644 index 00000000..44318935 --- /dev/null +++ b/pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java @@ -0,0 +1,161 @@ +package org.bouncycastle.cms.jcajce; + +import java.io.OutputStream; +import java.security.AlgorithmParameters; +import java.security.GeneralSecurityException; +import java.security.Provider; +import java.security.SecureRandom; +import java.util.HashMap; +import java.util.Map; + +import javax.crypto.Cipher; +import javax.crypto.CipherOutputStream; +import javax.crypto.KeyGenerator; +import javax.crypto.SecretKey; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cms.CMSAlgorithm; +import org.bouncycastle.cms.CMSException; +import org.bouncycastle.operator.GenericKey; +import org.bouncycastle.operator.OutputEncryptor; +import org.bouncycastle.util.Integers; + +public class JceCMSContentEncryptorBuilder +{ + private static Map keySizes = new HashMap(); + + static + { + keySizes.put(CMSAlgorithm.AES128_CBC, Integers.valueOf(128)); + keySizes.put(CMSAlgorithm.AES192_CBC, Integers.valueOf(192)); + keySizes.put(CMSAlgorithm.AES256_CBC, Integers.valueOf(256)); + + keySizes.put(CMSAlgorithm.CAMELLIA128_CBC, Integers.valueOf(128)); + keySizes.put(CMSAlgorithm.CAMELLIA192_CBC, Integers.valueOf(192)); + keySizes.put(CMSAlgorithm.CAMELLIA256_CBC, Integers.valueOf(256)); + } + + private static int getKeySize(ASN1ObjectIdentifier oid) + { + Integer size = (Integer)keySizes.get(oid); + + if (size != null) + { + return size.intValue(); + } + + return -1; + } + + private ASN1ObjectIdentifier encryptionOID; + private int keySize; + + private EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper()); + private SecureRandom random; + + public JceCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID) + { + this(encryptionOID, getKeySize(encryptionOID)); + } + + public JceCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID, int keySize) + { + this.encryptionOID = encryptionOID; + this.keySize = keySize; + } + + public JceCMSContentEncryptorBuilder setProvider(Provider provider) + { + this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider)); + + return this; + } + + public JceCMSContentEncryptorBuilder setProvider(String providerName) + { + this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName)); + + return this; + } + + public JceCMSContentEncryptorBuilder setSecureRandom(SecureRandom random) + { + this.random = random; + + return this; + } + + public OutputEncryptor build() + throws CMSException + { + return new CMSOutputEncryptor(encryptionOID, keySize, random); + } + + private class CMSOutputEncryptor + implements OutputEncryptor + { + private SecretKey encKey; + private AlgorithmIdentifier algorithmIdentifier; + private Cipher cipher; + + CMSOutputEncryptor(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random) + throws CMSException + { + KeyGenerator keyGen = helper.createKeyGenerator(encryptionOID); + + if (random == null) + { + random = new SecureRandom(); + } + + if (keySize < 0) + { + keyGen.init(random); + } + else + { + keyGen.init(keySize, random); + } + + cipher = helper.createCipher(encryptionOID); + encKey = keyGen.generateKey(); + AlgorithmParameters params = helper.generateParameters(encryptionOID, encKey, random); + + try + { + cipher.init(Cipher.ENCRYPT_MODE, encKey, params, random); + } + catch (GeneralSecurityException e) + { + throw new CMSException("unable to initialize cipher: " + e.getMessage(), e); + } + + // + // If params are null we try and second guess on them as some providers don't provide + // algorithm parameter generation explicity but instead generate them under the hood. + // + if (params == null) + { + params = cipher.getParameters(); + } + + algorithmIdentifier = helper.getAlgorithmIdentifier(encryptionOID, params); + } + + public AlgorithmIdentifier getAlgorithmIdentifier() + { + return algorithmIdentifier; + } + + public OutputStream getOutputStream(OutputStream dOut) + { + return new CipherOutputStream(dOut, cipher); + } + + public GenericKey getKey() + { + return new GenericKey(encKey); + } + } +} diff --git a/pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java b/pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java new file mode 100644 index 00000000..247afd1a --- /dev/null +++ b/pkix/src/main/jdk1.2/org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java @@ -0,0 +1,155 @@ +package org.bouncycastle.cms.jcajce; + +import java.io.OutputStream; +import java.security.AlgorithmParameterGenerator; +import java.security.AlgorithmParameters; +import java.security.GeneralSecurityException; +import java.security.Provider; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.KeyGenerator; +import javax.crypto.Mac; +import javax.crypto.SecretKey; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.RC2ParameterSpec; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cms.CMSException; +import org.bouncycastle.jcajce.io.MacOutputStream; +import org.bouncycastle.operator.GenericKey; +import org.bouncycastle.operator.MacCalculator; + +public class JceCMSMacCalculatorBuilder +{ + private ASN1ObjectIdentifier macOID; + private int keySize; + + private EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper()); + private SecureRandom random; + private MacOutputStream macOutputStream; + + public JceCMSMacCalculatorBuilder(ASN1ObjectIdentifier macOID) + { + this(macOID, -1); + } + + public JceCMSMacCalculatorBuilder(ASN1ObjectIdentifier macOID, int keySize) + { + this.macOID = macOID; + this.keySize = keySize; + } + + public JceCMSMacCalculatorBuilder setProvider(Provider provider) + { + this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider)); + + return this; + } + + public JceCMSMacCalculatorBuilder setProvider(String providerName) + { + this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName)); + + return this; + } + + public JceCMSMacCalculatorBuilder setSecureRandom(SecureRandom random) + { + this.random = random; + + return this; + } + + public MacCalculator build() + throws CMSException + { + return new CMSOutputEncryptor(macOID, keySize, random); + } + + private class CMSOutputEncryptor + implements MacCalculator + { + private SecretKey encKey; + private AlgorithmIdentifier algorithmIdentifier; + private Mac mac; + private SecureRandom random; + + CMSOutputEncryptor(ASN1ObjectIdentifier macOID, int keySize, SecureRandom random) + throws CMSException + { + KeyGenerator keyGen = helper.createKeyGenerator(macOID); + + if (random == null) + { + random = new SecureRandom(); + } + + this.random = random; + + if (keySize < 0) + { + keyGen.init(random); + } + else + { + keyGen.init(keySize, random); + } + + encKey = keyGen.generateKey(); + + AlgorithmParameterSpec paramSpec = generateParameterSpec(macOID, encKey); + + algorithmIdentifier = helper.getAlgorithmIdentifier(macOID, paramSpec); + mac = helper.createContentMac(encKey, algorithmIdentifier); + } + + public AlgorithmIdentifier getAlgorithmIdentifier() + { + return algorithmIdentifier; + } + + public OutputStream getOutputStream() + { + return new MacOutputStream(mac); + } + + public byte[] getMac() + { + return mac.doFinal(); + } + + public GenericKey getKey() + { + return new GenericKey(encKey); + } + + protected AlgorithmParameterSpec generateParameterSpec(ASN1ObjectIdentifier macOID, SecretKey encKey) + throws CMSException + { + try + { + if (macOID.equals(PKCSObjectIdentifiers.RC2_CBC)) + { + byte[] iv = new byte[8]; + + random.nextBytes(iv); + + return new RC2ParameterSpec(encKey.getEncoded().length * 8, iv); + } + + AlgorithmParameterGenerator pGen = helper.createAlgorithmParameterGenerator(macOID); + + AlgorithmParameters p = pGen.generateParameters(); + + return p.getParameterSpec(IvParameterSpec.class); + } + catch (GeneralSecurityException e) + { + return null; + } + } + } +} -- cgit v1.2.3