private static int roundsFromPassword(final Digest digest, final byte[] pwBytes, final byte[] saltBytes, final int pwRoundBytes) { final PBEParametersGenerator generator = getGenerator(digest, pwBytes, saltBytes, 1); // limit key to 31 bits, we don't want negative numbers final CipherParameters cp = generator.generateDerivedMacParameters(Math.min(pwRoundBytes * 8, 31)); if (cp instanceof KeyParameter) { KeyParameter kp = (KeyParameter) cp; // get derived key portion final String key = asHex(kp.getKey()); return Integer.valueOf(key, 16).intValue(); } throw new RuntimeCryptoException("Invalid CipherParameter: " + cp); }
/** * generate a PBE based key suitable for a MAC algorithm, the * key size is chosen according the MAC size, or the hashing algorithm, * whichever is greater. */ public static CipherParameters makePBEMacParameters( SecretKey key, int type, int hash, int keySize, PBEParameterSpec pbeSpec) { PBEParametersGenerator generator = makePBEGenerator(type, hash); CipherParameters param; byte[] keyBytes = key.getEncoded(); generator.init(key.getEncoded(), pbeSpec.getSalt(), pbeSpec.getIterationCount()); param = generator.generateDerivedMacParameters(keySize); for (int i = 0; i != keyBytes.length; i++) { keyBytes[i] = 0; } return param; }
private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen) { PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA256Digest()); pGen.init(P, S, 1); KeyParameter key = (KeyParameter)pGen.generateDerivedMacParameters(dkLen * 8); return key.getKey(); }
private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen) { PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA256Digest()); pGen.init(P, S, 1); KeyParameter key = (KeyParameter) pGen.generateDerivedMacParameters(dkLen * 8); return key.getKey(); }
param = generator.generateDerivedMacParameters(keySize);
hMac.init(pbeGen.generateDerivedMacParameters(hMac.getMacSize())); hMac.init(pbeGen.generateDerivedMacParameters(hMac.getMacSize() * 8));
macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize()); macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize() * 8);
/** * generate a PBE based key suitable for a MAC algorithm, the * key size is chosen according the MAC size, or the hashing algorithm, * whichever is greater. */ public static CipherParameters makePBEMacParameters( PBEKeySpec keySpec, int type, int hash, int keySize) { PBEParametersGenerator generator = makePBEGenerator(type, hash); byte[] key; CipherParameters param; key = convertPassword(type, keySpec); generator.init(key, keySpec.getSalt(), keySpec.getIterationCount()); param = generator.generateDerivedMacParameters(keySize); for (int i = 0; i != key.length; i++) { key[i] = 0; } return param; }
/** * generate a PBE based key suitable for a MAC algorithm, the * key size is chosen according the MAC size, or the hashing algorithm, * whichever is greater. */ public static CipherParameters makePBEMacParameters( BCPBEKey pbeKey, AlgorithmParameterSpec spec) { if ((spec == null) || !(spec instanceof PBEParameterSpec)) { throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key."); } PBEParameterSpec pbeParam = (PBEParameterSpec)spec; PBEParametersGenerator generator = makePBEGenerator(pbeKey.getType(), pbeKey.getDigest()); byte[] key = pbeKey.getEncoded(); CipherParameters param; generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount()); param = generator.generateDerivedMacParameters(pbeKey.getKeySize()); return param; }
private static String hashPassword(String password, String salt, int roundOffset) { final byte[] passwordBytes = stringToUTF8Bytes(password); final byte[] saltBytes = salt == null ? new byte[0] : stringToUTF8Bytes(salt); Digest digest = new SHA512Digest(); int pwRounds = roundsFromPassword(digest, passwordBytes, saltBytes, PW_ROUNDBYTES); final int totalRounds = roundOffset + pwRounds; final PBEParametersGenerator generator = getGenerator(digest, passwordBytes, saltBytes, totalRounds); final CipherParameters cp = generator.generateDerivedMacParameters(digest.getDigestSize() * 8); if (cp instanceof KeyParameter) { KeyParameter kp = (KeyParameter) cp; return asHex(kp.getKey()); } throw new RuntimeCryptoException("Invalid CipherParameter: " + cp); }
aesCtrParam = (ParametersWithIV) gen.generateDerivedParameters( keyStrengthBits, AES_BLOCK_SIZE_BITS); sha256MacParam = (KeyParameter) gen.generateDerivedMacParameters( keyStrengthBits); paranoidWipe(pass);
keyStrengthBits, AES_BLOCK_SIZE_BITS); final CipherParameters sha256HMmacParam = gen.generateDerivedMacParameters(keyStrengthBits); paranoidWipe(pwdBytes);