1
package org.bouncycastle.crypto.generators;
3
import org.bouncycastle.crypto.CipherParameters;
4
import org.bouncycastle.crypto.Digest;
5
import org.bouncycastle.crypto.PBEParametersGenerator;
6
import org.bouncycastle.crypto.digests.MD5Digest;
7
import org.bouncycastle.crypto.params.KeyParameter;
8
import org.bouncycastle.crypto.params.ParametersWithIV;
11
* Generator for PBE derived keys and ivs as usd by OpenSSL.
13
* The scheme is a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an
14
* iteration count of 1.
17
public class OpenSSLPBEParametersGenerator
18
extends PBEParametersGenerator
20
private Digest digest = new MD5Digest();
23
* Construct a OpenSSL Parameters generator.
25
public OpenSSLPBEParametersGenerator()
30
* Initialise - note the iteration count for this algorithm is fixed at 1.
32
* @param password password to use.
33
* @param salt salt to use.
39
super.init(password, salt, 1);
43
* the derived key function, the ith hash of the password and the salt.
45
private byte[] generateDerivedKey(
48
byte[] buf = new byte[digest.getDigestSize()];
49
byte[] key = new byte[bytesNeeded];
54
digest.update(password, 0, password.length);
55
digest.update(salt, 0, salt.length);
57
digest.doFinal(buf, 0);
59
int len = (bytesNeeded > buf.length) ? buf.length : bytesNeeded;
60
System.arraycopy(buf, 0, key, offset, len);
63
// check if we need any more
72
digest.update(buf, 0, buf.length);
79
* Generate a key parameter derived from the password, salt, and iteration
80
* count we are currently initialised with.
82
* @param keySize the size of the key we want (in bits)
83
* @return a KeyParameter object.
84
* @exception IllegalArgumentException if the key length larger than the base hash size.
86
public CipherParameters generateDerivedParameters(
89
keySize = keySize / 8;
91
byte[] dKey = generateDerivedKey(keySize);
93
return new KeyParameter(dKey, 0, keySize);
97
* Generate a key with initialisation vector parameter derived from
98
* the password, salt, and iteration count we are currently initialised
101
* @param keySize the size of the key we want (in bits)
102
* @param ivSize the size of the iv we want (in bits)
103
* @return a ParametersWithIV object.
104
* @exception IllegalArgumentException if keySize + ivSize is larger than the base hash size.
106
public CipherParameters generateDerivedParameters(
110
keySize = keySize / 8;
113
byte[] dKey = generateDerivedKey(keySize + ivSize);
115
return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
119
* Generate a key parameter for use with a MAC derived from the password,
120
* salt, and iteration count we are currently initialised with.
122
* @param keySize the size of the key we want (in bits)
123
* @return a KeyParameter object.
124
* @exception IllegalArgumentException if the key length larger than the base hash size.
126
public CipherParameters generateDerivedMacParameters(
129
return generateDerivedParameters(keySize);