/*
* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description: 
* This program uses the Bouncy Castle APIs PKCS#12 KDF to generate encryption keys + ivs 
* and mac keys for use with compatibility testing.
*
*/


package com.symbian.security;

import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.PBEParametersGenerator;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;

public class Pkcs12Pbe {
	private PKCS12ParametersGenerator pgen;

	public Pkcs12Pbe() {
		pgen = new PKCS12ParametersGenerator(new SHA1Digest());
	}

	public static void main(String args[]) {
		try {
			if (args.length < 5) {
				usage();
				System.exit(-1);
				
			}
			int keyLength = Integer.parseInt(args[0]);
			int blockSize = Integer.parseInt(args[1]);
			int iterations = Integer.parseInt(args[2]);
			String salt = args[3];
			String password = args[4];		
			byte[] saltBytes = hexToByteArray(salt);
	
			Pkcs12Pbe pbe = new Pkcs12Pbe();
			pbe.getKey(keyLength, blockSize, iterations, password, saltBytes);			
		}
		catch (Exception e) {
			System.exit(-1);
		}
	}
	
	private static byte[] hexToByteArray(String hex) throws Exception {
		if (hex.length() % 2 != 0) {
			throw new Exception("hexToByteArray: odd number of nibbles");
		}
		StringBuffer hexBuffer = new StringBuffer(hex);
		
		byte[] byteBuffer = new byte[hexBuffer.length() / 2];
		for (int i = 0; i < hexBuffer.length(); i+=2) {
			try {
				byteBuffer[i / 2] = (byte) Integer.parseInt(hexBuffer.substring(i, i+2), 16);
			}
			catch (NumberFormatException e) {
				System.err.println("hexToByteArray: invalid hex string: " + hex);
				throw e;
			}
		}
		return byteBuffer;
	}

	private static void usage() {
		System.err
				.println("Usage: pkcs12pbe <key length> <block_size> <iterations> <salt> <password>\n");
	}
	
	private void getKey(int keyLen, int ivLen, int iterCount, String password,
			byte[] salt) {
		System.out.print("key len = " + keyLen + ", iter count = "
				+ iterCount + ", password = \"" + password + "\", salt = ");		
		printUnformattedByteArray(salt);

		char[] pwChars = password.toCharArray();
		byte[] pwBytes = PBEParametersGenerator.PKCS12PasswordToBytes(pwChars);

		pgen.init(pwBytes, salt, iterCount);
		CipherParameters cp = pgen.generateDerivedParameters(keyLen, ivLen);

		ParametersWithIV ivp = (ParametersWithIV) cp;
		KeyParameter kp = (KeyParameter) ivp.getParameters();

		System.out.print("key ");
		printUnformattedByteArray((kp.getKey()));
		System.out.print("iv ");
		printUnformattedByteArray(ivp.getIV());

		kp = (KeyParameter) pgen.generateDerivedMacParameters(160);
		System.out.print("160bit hmac key ");
		printUnformattedByteArray((kp.getKey()));

	}

	// unformatted hex strings that can be passed as arguments to openssl
	private void printUnformattedByteArray(byte[] a) {
		StringBuffer line = new StringBuffer();
		
		for (int i = 0; i < a.length; i++) {
			line.append(hexStr(a[i], 2));
		}
		System.out.println(line);
	}	

	private String hexStr(int val, int width) {
		StringBuffer result = new StringBuffer();
		while (--width >= 0) {
			int bitPos = 4 * width;
			int nybble = (val & (0xf << bitPos)) >> bitPos;
			result.append(Integer.toHexString(nybble));
		}
		return result.toString();
	}
}