本文整理汇总了Java中org.bouncycastle.crypto.params.HKDFParameters类的典型用法代码示例。如果您正苦于以下问题:Java HKDFParameters类的具体用法?Java HKDFParameters怎么用?Java HKDFParameters使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
HKDFParameters类属于org.bouncycastle.crypto.params包,在下文中一共展示了HKDFParameters类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: init
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
public void init(DerivationParameters param)
{
if (!(param instanceof HKDFParameters))
{
throw new IllegalArgumentException(
"HKDF parameters required for HKDFBytesGenerator");
}
HKDFParameters params = (HKDFParameters)param;
if (params.skipExtract())
{
// use IKM directly as PRK
hMacHash.init(new KeyParameter(params.getIKM()));
}
else
{
hMacHash.init(extract(params.getSalt(), params.getIKM()));
}
info = params.getInfo();
generatedBytes = 0;
currentT = new byte[hashLen];
}
示例2: generateKey
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
/**
* Generate a key from the given data.
*
* @param attribute
* Attribute of the key to generate.
* @param id
* Id of the key to generate.
* @param version
* Version of the key to generate.
* @param length
* Length of the key to generate.
* @return Generated key.
*/
private static byte[] generateKey(byte[] masterSecret, String attribute, String id, int version, int length) {
ByteArrayOutputStream metadata = new ByteArrayOutputStream();
try {
if (attribute != null) {
metadata.write(Ints.toByteArray(attribute.length()));
metadata.write(attribute.getBytes(ENCODING_CHARSET));
}
metadata.write(Ints.toByteArray(version));
metadata.write(Ints.toByteArray(length));
} catch (IOException e) { /* won't be thrown */}
hkdf.init(new HKDFParameters(masterSecret, id.getBytes(ENCODING_CHARSET), metadata.toByteArray()));
byte[] key = new byte[length];
hkdf.generateBytes(key, 0, key.length);
return key;
}
示例3: generateKey
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
/**
* Generate a key from the given data.
*
* @param attribute
* Attribute of the key to generate.
* @param id
* Id of the key to generate.
* @param version
* Version of the key to generate.
* @param length
* Length of the key to generate.
* @return Generated key.
*/
private static byte[] generateKey(String attribute, String id, int version, int length) {
ByteArrayOutputStream metadata = new ByteArrayOutputStream();
try {
if (attribute != null) {
metadata.write(Ints.toByteArray(attribute.length()));
metadata.write(attribute.getBytes(ENCODING_CHARSET));
}
metadata.write(Ints.toByteArray(version));
metadata.write(Ints.toByteArray(length));
} catch (IOException e) { /* won't be thrown */}
hkdf.init(new HKDFParameters(MASTER_SECRET, id.getBytes(ENCODING_CHARSET), metadata.toByteArray()));
byte[] key = new byte[length];
hkdf.generateBytes(key, 0, key.length);
return key;
}
示例4: setPassword
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
@Override
public void setPassword(String pass) throws FailToSyncCipherDataException {
if (salts == null) {
byte[] macSalt = new byte[8];
byte[] encSalt = new byte[8]; // left blank intentionally
rand.nextBytes(macSalt);
salts = new ByteParameterPair(encSalt, macSalt);
try {
Files.write(additSalt.toPath(), salts.toString().getBytes(StandardCharsets.US_ASCII),
StandardOpenOption.WRITE, StandardOpenOption.CREATE);
} catch (IOException e) {
FailToSyncCipherDataException fc = new FailToSyncCipherDataException(
"Cannot write salt to " + additSalt.getAbsolutePath() + " message:" + e.getMessage());
fc.initCause(e);
throw fc;
}
}
masterKey = this.generateKey(pass);
hkdf.init(new HKDFParameters(masterKey, salts.getSecond(), "Mac Key".getBytes()));
byte[] macKey = new byte[this.getMacKeySize() / 8];
hkdf.generateBytes(macKey, 0, macKey.length);
this.initMac(macKey);
}
示例5: decryptData
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
@Override
protected byte[] decryptData(String cData) {
ByteParameterPair pair = ByteParameterPair.valueOf(cData);
int keysize = StreamCipherEncryptors.INSTANCE.getKeySize(algName) / 8;
int ivsize = StreamCipherEncryptors.INSTANCE.getIVSize(algName) / 8;
byte[] keyCombo = new byte[keysize + ivsize];
hkdf.init(new HKDFParameters(masterKey, pair.getFirst(), "Encryption Key".getBytes()));
hkdf.generateBytes(keyCombo, 0, keyCombo.length);
byte[] key = new byte[keysize];
byte[] iv = new byte[ivsize];
System.arraycopy(keyCombo, 0, key, 0, keysize);
System.arraycopy(keyCombo, keysize, iv, 0, ivsize);
StreamCipherEncryptor enc = StreamCipherEncryptors.INSTANCE.getEncryptor(algName);
return enc.decrypt(pair.getSecond(), key, iv);
}
示例6: apply
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
public static final byte[]
apply(byte[] ikm, byte[] salt, byte[] info, Supplier<Digest> digestSupplier, int keyLengthBytes) {
logger.trace("<< apply() - ikm: 0x{} salt: 0x{} info: 0x{} digestSupplier: {} keyLengthBytes: {}",
Hex.toHexString(ikm), Hex.toHexString(salt), Hex.toHexString(info), digestSupplier, keyLengthBytes);
Digest hash = digestSupplier.get();
byte[] okm = new byte[keyLengthBytes];
HKDFParameters params = new HKDFParameters(ikm, salt, info);
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
hkdf.init(params);
hkdf.generateBytes(okm, 0, keyLengthBytes);
logger.trace(">> apply() - output keying material: 0x{}", Hex.toHexString(okm));
return okm;
}
示例7: createUser
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
private HttpResponse createUser(byte[] username, byte[] ltpk, byte[] proof) throws Exception {
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(new SHA512Digest());
hkdf.init(new HKDFParameters(k, "Pair-Setup-Controller-Sign-Salt".getBytes(StandardCharsets.UTF_8),
"Pair-Setup-Controller-Sign-Info".getBytes(StandardCharsets.UTF_8)));
byte[] okm = new byte[32];
hkdf.generateBytes(okm, 0, 32);
byte[] completeData = ByteUtils.joinBytes(okm, username, ltpk);
if (!new EdsaVerifier(ltpk).verify(completeData, proof)) {
throw new Exception("Invalid signature");
}
authInfo.createUser(authInfo.getMac()+new String(username, StandardCharsets.UTF_8), ltpk);
advertiser.setDiscoverable(false);
return createResponse();
}
示例8: generateKey
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
/**
* Generate a key from the given data.
*
* @param attribute
* Attribute of the key to generate.
* @param id
* Id of the key to generate.
* @param version
* Version of the key to generate.
* @param length
* Length of the key to generate.
* @return Generated key.
*/
private byte[] generateKey(String attribute, String id, int version, int length) {
ByteArrayOutputStream metadata = new ByteArrayOutputStream();
try {
metadata.write(id.getBytes(StandardCharsets.UTF_8));
metadata.write(Ints.toByteArray(version));
metadata.write(Ints.toByteArray(length));
} catch (IOException e) { /* won't be thrown */}
byte[] key = new byte[length];
hkdf.init(new HKDFParameters(HKDF_KEY, attribute.getBytes(StandardCharsets.UTF_8), metadata.toByteArray()));
hkdf.generateBytes(key, 0, key.length);
return key;
}
示例9: setPassword
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
/**
* derive the key from the password
*
* @throws FailToSyncCipherDataException
*/
@Override
public void setPassword(String string) throws FailToSyncCipherDataException {
try {
String saltRaw = salts.read(StandardCharsets.US_ASCII);
if (saltRaw.length() > 0) {
saltPair = ByteParameterPair.valueOf(saltRaw);
} else {
byte[] encSalt = new byte[8];
byte[] macSalt = new byte[8];
rand.nextBytes(encSalt);
rand.nextBytes(macSalt);
saltPair = new ByteParameterPair(encSalt, macSalt);
salts.write(saltPair.toString(), StandardCharsets.US_ASCII);
}
} catch (IOException e) {
FailToSyncCipherDataException fc = new FailToSyncCipherDataException(
"Cannot load encryption and mac salt from file");
fc.initCause(e);
throw fc;
}
this.key = generateKey(string);
hkdf.init(new HKDFParameters(key, saltPair.getFirst(), "Encryption Key".getBytes()));
cryptKey = new byte[enc.getKeySize() / 8];
hkdf.generateBytes(cryptKey, 0, cryptKey.length);
byte[] macKey = new byte[getMacKeySize() / 8];
hkdf.init(new HKDFParameters(key, saltPair.getSecond(), "Mac Key".getBytes()));
hkdf.generateBytes(macKey, 0, macKey.length);
initMac(macKey);
}
示例10: hkdfExpand
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
/**
* Convenience method for computing the HMAC Key Derivation Function. The
* real work is offloaded to BouncyCastle.
*/
protected static byte[] hkdfExpand(byte[] ikm, byte[] salt, byte[] info, int length) throws InvalidKeyException, NoSuchAlgorithmException {
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(new SHA256Digest());
hkdf.init(new HKDFParameters(ikm, salt, info));
byte[] okm = new byte[length];
hkdf.generateBytes(okm, 0, length);
return okm;
}
示例11: handle
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
public HttpResponse handle(PairSetupRequest req) throws Exception {
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(new SHA512Digest());
hkdf.init(new HKDFParameters(k, "Pair-Setup-Encrypt-Salt".getBytes(StandardCharsets.UTF_8),
"Pair-Setup-Encrypt-Info".getBytes(StandardCharsets.UTF_8)));
byte[] okm = hkdf_enc_key = new byte[32];
hkdf.generateBytes(okm, 0, 32);
return decrypt((Stage3Request) req, okm);
}
示例12: createResponse
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
private HttpResponse createResponse() throws Exception {
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(new SHA512Digest());
hkdf.init(new HKDFParameters(k, "Pair-Setup-Accessory-Sign-Salt".getBytes(StandardCharsets.UTF_8),
"Pair-Setup-Accessory-Sign-Info".getBytes(StandardCharsets.UTF_8)));
byte[] okm = new byte[32];
hkdf.generateBytes(okm, 0, 32);
EdsaSigner signer = new EdsaSigner(authInfo.getPrivateKey());
byte[] material = ByteUtils.joinBytes(okm, authInfo.getMac().getBytes(StandardCharsets.UTF_8), signer.getPublicKey());
byte[] proof = signer.sign(material);
Encoder encoder = TypeLengthValueUtils.getEncoder();
encoder.add(MessageType.USERNAME, authInfo.getMac().getBytes(StandardCharsets.UTF_8));
encoder.add(MessageType.PUBLIC_KEY, signer.getPublicKey());
encoder.add(MessageType.SIGNATURE, proof);
byte[] plaintext = encoder.toByteArray();
ChachaEncoder chacha = new ChachaEncoder(hkdf_enc_key, "PS-Msg06".getBytes(StandardCharsets.UTF_8));
byte[] ciphertext = chacha.encodeCiphertext(plaintext);
encoder = TypeLengthValueUtils.getEncoder();
encoder.add(MessageType.STATE, (short) 6);
encoder.add(MessageType.ENCRYPTED_DATA, ciphertext);
return new PairingResponse(encoder.toByteArray());
}
示例13: stage1
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
private HttpResponse stage1(Stage1Request request) throws Exception {
logger.debug("Starting pair verification for "+registry.getLabel());
clientPublicKey = request.getClientPublicKey();
publicKey = new byte[32];
byte[] privateKey = new byte[32];
getSecureRandom().nextBytes(privateKey);
Curve25519.keygen(publicKey, null, privateKey);
sharedSecret = new byte[32];
Curve25519.curve(sharedSecret, privateKey, clientPublicKey);
byte[] material = ByteUtils.joinBytes(publicKey, authInfo.getMac().getBytes(StandardCharsets.UTF_8),
clientPublicKey);
byte[] proof = new EdsaSigner(authInfo.getPrivateKey()).sign(material);
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(new SHA512Digest());
hkdf.init(new HKDFParameters(sharedSecret, "Pair-Verify-Encrypt-Salt".getBytes(StandardCharsets.UTF_8),
"Pair-Verify-Encrypt-Info".getBytes(StandardCharsets.UTF_8)));
hkdfKey = new byte[32];
hkdf.generateBytes(hkdfKey, 0, 32);
Encoder encoder = TypeLengthValueUtils.getEncoder();
encoder.add(MessageType.USERNAME, authInfo.getMac().getBytes(StandardCharsets.UTF_8));
encoder.add(MessageType.SIGNATURE, proof);
byte[] plaintext = encoder.toByteArray();
ChachaEncoder chacha = new ChachaEncoder(hkdfKey, "PV-Msg02".getBytes(StandardCharsets.UTF_8));
byte[] ciphertext = chacha.encodeCiphertext(plaintext);
encoder = TypeLengthValueUtils.getEncoder();
encoder.add(MessageType.STATE, (short) 2);
encoder.add(MessageType.ENCRYPTED_DATA, ciphertext);
encoder.add(MessageType.PUBLIC_KEY, publicKey);
return new PairingResponse(encoder.toByteArray());
}
示例14: createKey
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
private byte[] createKey(String info) {
HKDFBytesGenerator hkdf = new HKDFBytesGenerator(new SHA512Digest());
hkdf.init(new HKDFParameters(sharedSecret, "Control-Salt".getBytes(StandardCharsets.UTF_8),
info.getBytes(StandardCharsets.UTF_8)));
byte[] key = new byte[32];
hkdf.generateBytes(key, 0, 32);
return key;
}
示例15: encryptData
import org.bouncycastle.crypto.params.HKDFParameters; //导入依赖的package包/类
@Override
protected String encryptData(byte[] bytes) {
byte[] randomSource = new byte[16];
rand.nextBytes(randomSource);
int keysize = StreamCipherEncryptors.INSTANCE.getKeySize(algName) / 8;
int ivsize = StreamCipherEncryptors.INSTANCE.getIVSize(algName) / 8;
byte[] keyCombo = new byte[keysize + ivsize];
hkdf.init(new HKDFParameters(masterKey, randomSource, "Encryption Key".getBytes()));
hkdf.generateBytes(keyCombo, 0, keyCombo.length);
byte[] key = new byte[keysize];
byte[] iv = new byte[ivsize];
System.arraycopy(keyCombo, 0, key, 0, keysize);
System.arraycopy(keyCombo, keysize, iv, 0, ivsize);
StreamCipherEncryptor enc = StreamCipherEncryptors.INSTANCE.getEncryptor(algName);
byte[] ecrypted = enc.encrypt(bytes, key, iv);
ByteParameterPair pair = new ByteParameterPair(randomSource, ecrypted);
return pair.toString();
}