MCL/sf/os/security: crypto/weakcryptospi/source/pkcs12kdf/Pkcs12Pbe.java@3b7dafebba42 (annotated)

19 cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	1	/*
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	2	* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	3	* All rights reserved.
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	4	* This component and the accompanying materials are made available
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	5	* under the terms of the License "Eclipse Public License v1.0"
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	6	* which accompanies this distribution, and is available
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	8	*
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	9	* Initial Contributors:
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	10	* Nokia Corporation - initial contribution.
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	11	*
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	12	* Contributors:
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	13	*
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	14	* Description:
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	15	* This program uses the Bouncy Castle APIs PKCS#12 KDF to generate encryption keys + ivs
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	16	* and mac keys for use with compatibility testing.
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	17	*
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	18	*/
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	19
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	20
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	21	package com.symbian.security;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	22
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	23	import java.math.BigInteger;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	24	import java.security.SecureRandom;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	25	import org.bouncycastle.crypto.PBEParametersGenerator;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	26	import org.bouncycastle.crypto.digests.SHA1Digest;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	27	import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	28	import org.bouncycastle.crypto.CipherParameters;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	29	import org.bouncycastle.crypto.params.KeyParameter;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	30	import org.bouncycastle.crypto.params.ParametersWithIV;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	31
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	32	public class Pkcs12Pbe {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	33	private PKCS12ParametersGenerator pgen;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	34
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	35	public Pkcs12Pbe() {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	36	pgen = new PKCS12ParametersGenerator(new SHA1Digest());
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	37	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	38
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	39	public static void main(String args[]) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	40	try {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	41	if (args.length < 5) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	42	usage();
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	43	System.exit(-1);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	44
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	45	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	46	int keyLength = Integer.parseInt(args[0]);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	47	int blockSize = Integer.parseInt(args[1]);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	48	int iterations = Integer.parseInt(args[2]);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	49	String salt = args[3];
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	50	String password = args[4];
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	51	byte[] saltBytes = hexToByteArray(salt);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	52
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	53	Pkcs12Pbe pbe = new Pkcs12Pbe();
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	54	pbe.getKey(keyLength, blockSize, iterations, password, saltBytes);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	55	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	56	catch (Exception e) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	57	System.exit(-1);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	58	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	59	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	60
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	61	private static byte[] hexToByteArray(String hex) throws Exception {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	62	if (hex.length() % 2 != 0) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	63	throw new Exception("hexToByteArray: odd number of nibbles");
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	64	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	65	StringBuffer hexBuffer = new StringBuffer(hex);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	66
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	67	byte[] byteBuffer = new byte[hexBuffer.length() / 2];
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	68	for (int i = 0; i < hexBuffer.length(); i+=2) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	69	try {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	70	byteBuffer[i / 2] = (byte) Integer.parseInt(hexBuffer.substring(i, i+2), 16);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	71	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	72	catch (NumberFormatException e) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	73	System.err.println("hexToByteArray: invalid hex string: " + hex);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	74	throw e;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	75	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	76	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	77	return byteBuffer;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	78	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	79
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	80	private static void usage() {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	81	System.err
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	82	.println("Usage: pkcs12pbe <key length> <block_size> <iterations> <salt> <password>\n");
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	83	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	84
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	85	private void getKey(int keyLen, int ivLen, int iterCount, String password,
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	86	byte[] salt) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	87	System.out.print("key len = " + keyLen + ", iter count = "
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	88	+ iterCount + ", password = \"" + password + "\", salt = ");
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	89	printUnformattedByteArray(salt);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	90
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	91	char[] pwChars = password.toCharArray();
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	92	byte[] pwBytes = PBEParametersGenerator.PKCS12PasswordToBytes(pwChars);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	93
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	94	pgen.init(pwBytes, salt, iterCount);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	95	CipherParameters cp = pgen.generateDerivedParameters(keyLen, ivLen);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	96
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	97	ParametersWithIV ivp = (ParametersWithIV) cp;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	98	KeyParameter kp = (KeyParameter) ivp.getParameters();
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	99
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	100	System.out.print("key ");
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	101	printUnformattedByteArray((kp.getKey()));
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	102	System.out.print("iv ");
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	103	printUnformattedByteArray(ivp.getIV());
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	104
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	105	kp = (KeyParameter) pgen.generateDerivedMacParameters(160);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	106	System.out.print("160bit hmac key ");
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	107	printUnformattedByteArray((kp.getKey()));
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	108
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	109	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	110
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	111	// unformatted hex strings that can be passed as arguments to openssl
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	112	private void printUnformattedByteArray(byte[] a) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	113	StringBuffer line = new StringBuffer();
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	114
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	115	for (int i = 0; i < a.length; i++) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	116	line.append(hexStr(a[i], 2));
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	117	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	118	System.out.println(line);
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	119	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	120
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	121	private String hexStr(int val, int width) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	122	StringBuffer result = new StringBuffer();
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	123	while (--width >= 0) {
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	124	int bitPos = 4 * width;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	125	int nybble = (val & (0xf << bitPos)) >> bitPos;
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	126	result.append(Integer.toHexString(nybble));
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	127	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	128	return result.toString();
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	129	}
cd501b96611d Revision: 200945 Mikko Sunikka <mikko.sunikka@nokia.com> parents: diff changeset	130	}

author	Santosh V Patil <santosh.v.patil@nokia.com>
	Tue, 08 Jun 2010 10:20:14 +0530
changeset 51	3b7dafebba42
parent 19	cd501b96611d
permissions	-rw-r--r--