1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
|
package org.bouncycastle.crypto;
import org.bouncycastle.util.Strings;
/**
* super class for all Password Based Encryption (PBE) parameter generator classes.
*/
public abstract class PBEParametersGenerator
{
protected byte[] password;
protected byte[] salt;
protected int iterationCount;
/**
* base constructor.
*/
protected PBEParametersGenerator()
{
}
/**
* initialise the PBE generator.
*
* @param password the password converted into bytes (see below).
* @param salt the salt to be mixed with the password.
* @param iterationCount the number of iterations the "mixing" function
* is to be applied for.
*/
public void init(
byte[] password,
byte[] salt,
int iterationCount)
{
this.password = password;
this.salt = salt;
this.iterationCount = iterationCount;
}
/**
* return the password byte array.
*
* @return the password byte array.
*/
public byte[] getPassword()
{
return password;
}
/**
* return the salt byte array.
*
* @return the salt byte array.
*/
public byte[] getSalt()
{
return salt;
}
/**
* return the iteration count.
*
* @return the iteration count.
*/
public int getIterationCount()
{
return iterationCount;
}
/**
* generate derived parameters for a key of length keySize.
*
* @param keySize the length, in bits, of the key required.
* @return a parameters object representing a key.
*/
public abstract CipherParameters generateDerivedParameters(int keySize);
/**
* generate derived parameters for a key of length keySize, and
* an initialisation vector (IV) of length ivSize.
*
* @param keySize the length, in bits, of the key required.
* @param ivSize the length, in bits, of the iv required.
* @return a parameters object representing a key and an IV.
*/
public abstract CipherParameters generateDerivedParameters(int keySize, int ivSize);
/**
* generate derived parameters for a key of length keySize, specifically
* for use with a MAC.
*
* @param keySize the length, in bits, of the key required.
* @return a parameters object representing a key.
*/
public abstract CipherParameters generateDerivedMacParameters(int keySize);
/**
* converts a password to a byte array according to the scheme in
* PKCS5 (ascii, no padding)
*
* @param password a character array representing the password.
* @return a byte array representing the password.
*/
public static byte[] PKCS5PasswordToBytes(
char[] password)
{
if (password != null)
{
byte[] bytes = new byte[password.length];
for (int i = 0; i != bytes.length; i++)
{
bytes[i] = (byte)password[i];
}
return bytes;
}
else
{
return new byte[0];
}
}
/**
* converts a password to a byte array according to the scheme in
* PKCS5 (UTF-8, no padding)
*
* @param password a character array representing the password.
* @return a byte array representing the password.
*/
public static byte[] PKCS5PasswordToUTF8Bytes(
char[] password)
{
if (password != null)
{
return Strings.toUTF8ByteArray(password);
}
else
{
return new byte[0];
}
}
/**
* converts a password to a byte array according to the scheme in
* PKCS12 (unicode, big endian, 2 zero pad bytes at the end).
*
* @param password a character array representing the password.
* @return a byte array representing the password.
*/
public static byte[] PKCS12PasswordToBytes(
char[] password)
{
if (password != null && password.length > 0)
{
// +1 for extra 2 pad bytes.
byte[] bytes = new byte[(password.length + 1) * 2];
for (int i = 0; i != password.length; i ++)
{
bytes[i * 2] = (byte)(password[i] >>> 8);
bytes[i * 2 + 1] = (byte)password[i];
}
return bytes;
}
else
{
return new byte[0];
}
}
}
|
