PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); gen.init("password".getBytes("UTF-8"), "salt".getBytes(), 4096); byte[] dk = ((KeyParameter) gen.generateDerivedParameters(256)).getKey();
private byte[] generateKey(byte[] salt) throws UnsupportedEncodingException { PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); gen.init(this.passphrase.getBytes("UTF-8"), salt, PBKDF2_ITERATIONS); return ((KeyParameter) gen.generateDerivedParameters(AES_KEY_LENGTH_BITS)).getKey(); } }
private static byte[] generateAes128CtrDerivedKey( byte[] password, byte[] salt, int c, String prf) throws CipherException { if (!prf.equals("hmac-sha256")) { throw new CipherException("Unsupported prf:" + prf); } // Java 8 supports this, but you have to convert the password to a character array, see // http://stackoverflow.com/a/27928435/3211687 PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); gen.init(password, salt, c); return ((KeyParameter) gen.generateDerivedParameters(256)).getKey(); }
/** * Sign a hash with the private key of this key pair. * @param transactionHash the hash to sign * @return An {@link ECDSASignature} of the hash */ public ECDSASignature sign(byte[] transactionHash) { ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())); ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE); signer.init(true, privKey); BigInteger[] components = signer.generateSignature(transactionHash); return new ECDSASignature(components[0], components[1]).toCanonicalised(); }
private Digest resolvePRF(final String prf) { if (StringUtils.isEmpty(prf)) { throw new IllegalArgumentException("Cannot resolve empty PRF"); } String formattedPRF = prf.toLowerCase().replaceAll("[\\W]+", ""); logger.debug("Resolved PRF {} to {}", prf, formattedPRF); switch (formattedPRF) { case "md5": return new MD5Digest(); case "sha1": return new SHA1Digest(); case "sha384": return new SHA384Digest(); case "sha256": return new SHA256Digest(); case "sha512": return new SHA512Digest(); default: logger.warn("Could not resolve PRF {}. Using default PRF {} instead", prf, DEFAULT_PRF); return new SHA512Digest(); } } }
private Digest getHashDigest() { if ("SHA3".equals(hashAlgorithm)) { return new SHA3Digest(); } else { // Default to SHA2 return new SHA256Digest(); } }
byte[] getClientTLSCertificateDigest() { //The digest must be SHA256 over the DER encoded certificate. The PEM has the exact DER sequence in hex encoding around the begin and end markers if (tlsClientCertificatePEMBytes != null && clientTLSCertificateDigest == null) { String pemCert = new String(tlsClientCertificatePEMBytes, UTF_8); byte[] derBytes = Base64.getDecoder().decode( pemCert.replaceAll("-+[ \t]*(BEGIN|END)[ \t]+CERTIFICATE[ \t]*-+", "").replaceAll("\\s", "").trim() ); Digest digest = new SHA256Digest(); clientTLSCertificateDigest = new byte[digest.getDigestSize()]; digest.update(derBytes, 0, derBytes.length); digest.doFinal(clientTLSCertificateDigest, 0); } return clientTLSCertificateDigest; }
PKCS5S2ParametersGenerator generator = new PKCS5S2ParametersGenerator(new SHA256Digest()); generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password), salt, iterations); KeyParameter key = (KeyParameter)generator.generateDerivedMacParameters(keySizeInBits);
private byte[] decryptWithLWCrypto(byte[] cipher, String password, byte[] salt, final int iterationCount) throws Exception { PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(new SHA256Digest()); char[] passwordChars = password.toCharArray(); final byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS12PasswordToBytes(passwordChars); pGen.init(pkcs12PasswordBytes, salt, iterationCount); CBCBlockCipher aesCBC = new CBCBlockCipher(new AESEngine()); ParametersWithIV aesCBCParams = (ParametersWithIV) pGen.generateDerivedParameters(256, 128); aesCBC.init(false, aesCBCParams); PaddedBufferedBlockCipher aesCipher = new PaddedBufferedBlockCipher(aesCBC, new PKCS7Padding()); byte[] plainTemp = new byte[aesCipher.getOutputSize(cipher.length)]; int offset = aesCipher.processBytes(cipher, 0, cipher.length, plainTemp, 0); int last = aesCipher.doFinal(plainTemp, offset); final byte[] plain = new byte[offset + last]; System.arraycopy(plainTemp, 0, plain, 0, plain.length); return plain; }
Digest md = new SHA256Digest() md.reset(); md.update(data, 0, data.length); byte[] hash = new byte[md.getDigestSize()]; md.doFinal(hash, 0);
@Override public Digest create() { return new SHA256Digest(); } });
@Override public Digest getDigestInstance() { return new SHA256Digest(); }
@Override public org.bouncycastle.crypto.Mac create() { return new HMac(new SHA256Digest()); } });
public SM2withSha256() { super(new SM2Engine(new SHA256Digest())); } }
/** * Creates a new DRBG instance based on a SHA-256 digest. * * @param length Length in bits of values to be produced by DRBG instance. * * @return New DRGB instance. */ public static SP80090DRBG newRBG(final int length) { return newRBG(new SHA256Digest(), length); }
private static byte[] generateAes128CtrDerivedKey( byte[] password, byte[] salt, int c, String prf) throws CipherException { if (!prf.equals("hmac-sha256")) { throw new CipherException("Unsupported prf:" + prf); } // Java 8 supports this, but you have to convert the password to a character array, see // http://stackoverflow.com/a/27928435/3211687 PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); gen.init(password, salt, c); return ((KeyParameter) gen.generateDerivedParameters(256)).getKey(); }
private static byte[] generateAes128CtrDerivedKey( byte[] password, byte[] salt, int c, String prf) throws CipherException { if (!prf.equals("hmac-sha256")) { throw new CipherException("Unsupported prf:" + prf); } // Java 8 supports this, but you have to convert the password to a character array, see // http://stackoverflow.com/a/27928435/3211687 PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); gen.init(password, salt, c); return ((KeyParameter) gen.generateDerivedParameters(256)).getKey(); }
static byte[] id(byte[] data) { // SHA256 truncated to 20 bytes. Digest digest = new SHA256Digest(); byte[] out = new byte[digest.getDigestSize()]; digest.update(data, 0, data.length); digest.doFinal(out, 0); return Arrays.copyOf(out, 20); }
/** * Sign a hash with the private key of this key pair. * @param transactionHash the hash to sign * @return An {@link ECDSASignature} of the hash */ public ECDSASignature sign(byte[] transactionHash) { ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())); ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE); signer.init(true, privKey); BigInteger[] components = signer.generateSignature(transactionHash); return new ECDSASignature(components[0], components[1]).toCanonicalised(); }
public static DigestCalculator sha256() { Digest digest = new SHA256Digest(); // The OID for SHA-256: http://www.oid-info.com/get/2.16.840.1.101.3.4.2.1 ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier( "2.16.840.1.101.3.4.2.1").intern(); AlgorithmIdentifier algId = new AlgorithmIdentifier(oid); return new Digester(digest, algId); }