MCL/sf/os/security: comparison crypto/weakcryptospi/source/pkcs12kdf/Pkcs12Pbe.java

equal deleted inserted replaced

-:da2ae96f639b
+:cd501b96611d
+/*
+* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* This program uses the Bouncy Castle APIs PKCS#12 KDF to generate encryption keys + ivs
+* and mac keys for use with compatibility testing.
+*
+*/
+package com.symbian.security;
+import java.math.BigInteger;
+import java.security.SecureRandom;
+import org.bouncycastle.crypto.PBEParametersGenerator;
+import org.bouncycastle.crypto.digests.SHA1Digest;
+import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
+import org.bouncycastle.crypto.CipherParameters;
+import org.bouncycastle.crypto.params.KeyParameter;
+import org.bouncycastle.crypto.params.ParametersWithIV;
+public class Pkcs12Pbe {
+	private PKCS12ParametersGenerator pgen;
+	public Pkcs12Pbe() {
+		pgen = new PKCS12ParametersGenerator(new SHA1Digest());
+	}
+	public static void main(String args[]) {
+		try {
+			if (args.length < 5) {
+				usage();
+				System.exit(-1);
+			}
+			int keyLength = Integer.parseInt(args[0]);
+			int blockSize = Integer.parseInt(args[1]);
+			int iterations = Integer.parseInt(args[2]);
+			String salt = args[3];
+			String password = args[4];
+			byte[] saltBytes = hexToByteArray(salt);
+			Pkcs12Pbe pbe = new Pkcs12Pbe();
+			pbe.getKey(keyLength, blockSize, iterations, password, saltBytes);
+		}
+		catch (Exception e) {
+			System.exit(-1);
+		}
+	}
+	private static byte[] hexToByteArray(String hex) throws Exception {
+		if (hex.length() % 2 != 0) {
+			throw new Exception("hexToByteArray: odd number of nibbles");
+		}
+		StringBuffer hexBuffer = new StringBuffer(hex);
+		byte[] byteBuffer = new byte[hexBuffer.length() / 2];
+		for (int i = 0; i < hexBuffer.length(); i+=2) {
+			try {
+				byteBuffer[i / 2] = (byte) Integer.parseInt(hexBuffer.substring(i, i+2), 16);
+			}
+			catch (NumberFormatException e) {
+				System.err.println("hexToByteArray: invalid hex string: " + hex);
+				throw e;
+			}
+		}
+		return byteBuffer;
+	}
+	private static void usage() {
+		System.err
+				.println("Usage: pkcs12pbe <key length> <block_size> <iterations> <salt> <password>\n");
+	}
+	private void getKey(int keyLen, int ivLen, int iterCount, String password,
+			byte[] salt) {
+		System.out.print("key len = " + keyLen + ", iter count = "
+				+ iterCount + ", password = \"" + password + "\", salt = ");
+		printUnformattedByteArray(salt);
+		char[] pwChars = password.toCharArray();
+		byte[] pwBytes = PBEParametersGenerator.PKCS12PasswordToBytes(pwChars);
+		pgen.init(pwBytes, salt, iterCount);
+		CipherParameters cp = pgen.generateDerivedParameters(keyLen, ivLen);
+		ParametersWithIV ivp = (ParametersWithIV) cp;
+		KeyParameter kp = (KeyParameter) ivp.getParameters();
+		System.out.print("key ");
+		printUnformattedByteArray((kp.getKey()));
+		System.out.print("iv ");
+		printUnformattedByteArray(ivp.getIV());
+		kp = (KeyParameter) pgen.generateDerivedMacParameters(160);
+		System.out.print("160bit hmac key ");
+		printUnformattedByteArray((kp.getKey()));
+	}
+	// unformatted hex strings that can be passed as arguments to openssl
+	private void printUnformattedByteArray(byte[] a) {
+		StringBuffer line = new StringBuffer();
+		for (int i = 0; i < a.length; i++) {
+			line.append(hexStr(a[i], 2));
+		}
+		System.out.println(line);
+	}
+	private String hexStr(int val, int width) {
+		StringBuffer result = new StringBuffer();
+		while (--width >= 0) {
+			int bitPos = 4 * width;
+			int nybble = (val & (0xf << bitPos)) >> bitPos;
+			result.append(Integer.toHexString(nybble));
+		}
+		return result.toString();
+	}
+}