public override IBufferedCipher createCipher(bool encrypt)
{
PbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(
PbeParametersGenerator.Pkcs5PasswordToBytes(pbe.Password),
pbe.Salt,
pbe.Iterations);
ParametersWithIV parameters = (ParametersWithIV)
pGen.GenerateDerivedParameters(pbe.BaseAlgorithm, pbe.KeySize, pbe.IvSize);
KeyParameter encKey = (KeyParameter) parameters.Parameters;
IBufferedCipher c;
if (pbe.BaseAlgorithm.Equals(Kpbe.Algorithms.RC4))
{
c = CipherUtilities.GetCipher(pbe.BaseAlgorithm);
c.Init(encrypt, encKey);
}
else
{
c = CipherUtilities.GetCipher(pbe.BaseAlgorithm + "/"+pbe.Mode+"/"+pbe.Padding);
c.Init(encrypt, parameters);
}
return c;
}
public override void PerformTest()
{
byte[] salt = new byte[16];
int iCount = 100;
for (int i = 0; i != salt.Length; i++)
{
salt[i] = (byte)i;
}
PbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(
PbeParametersGenerator.Pkcs5PasswordToBytes(password),
salt,
iCount);
ParametersWithIV parameters = (ParametersWithIV)
pGen.GenerateDerivedParameters(baseAlgorithm, keySize, ivSize);
KeyParameter encKey = (KeyParameter) parameters.Parameters;
IBufferedCipher c;
if (baseAlgorithm.Equals("RC4"))
{
c = CipherUtilities.GetCipher(baseAlgorithm);
c.Init(true, encKey);
}
else
{
c = CipherUtilities.GetCipher(baseAlgorithm + "/CBC/PKCS7Padding");
c.Init(true, parameters);
}
byte[] enc = c.DoFinal(salt);
c = CipherUtilities.GetCipher(algorithm);
// PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount);
// SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm);
//
// c.Init(false, fact.generateSecret(keySpec));
Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
algorithm, salt, iCount);
ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
algorithm, password, algParams);
c.Init(false, cipherParams);
byte[] dec = c.DoFinal(enc);
if (!AreEqual(salt, dec))
{
Fail("" + algorithm + "failed encryption/decryption test");
}
}
static PbeParametersGenerator MakePbeGenerator(
string type,
IDigest digest,
byte[] key,
byte[] salt,
int iterationCount)
{
PbeParametersGenerator generator;
if (type.Equals(Pkcs5S1))
{
generator = new Pkcs5S1ParametersGenerator(digest);
}
else if (type.Equals(Pkcs5S2))
{
generator = new Pkcs5S2ParametersGenerator();
}
else if (type.Equals(Pkcs12))
{
generator = new Pkcs12ParametersGenerator(digest);
}
else if (type.Equals(OpenSsl))
{
generator = new OpenSslPbeParametersGenerator();
}
else
{
throw new ArgumentException("Unknown PBE type: " + type, "type");
}
generator.Init(key, salt, iterationCount);
return generator;
}
private static ICipherParameters GetCipherParameters(
char[] password,
PemBaseAlg baseAlg,
byte[] salt)
{
string algorithm;
int keyBits;
switch (baseAlg)
{
case PemBaseAlg.AES_128: keyBits = 128; algorithm = "AES128"; break;
case PemBaseAlg.AES_192: keyBits = 192; algorithm = "AES192"; break;
case PemBaseAlg.AES_256: keyBits = 256; algorithm = "AES256"; break;
case PemBaseAlg.BF: keyBits = 128; algorithm = "BLOWFISH"; break;
case PemBaseAlg.DES: keyBits = 64; algorithm = "DES"; break;
case PemBaseAlg.DES_EDE: keyBits = 128; algorithm = "DESEDE"; break;
case PemBaseAlg.DES_EDE3: keyBits = 192; algorithm = "DESEDE3"; break;
case PemBaseAlg.RC2: keyBits = 128; algorithm = "RC2"; break;
case PemBaseAlg.RC2_40: keyBits = 40; algorithm = "RC2"; break;
case PemBaseAlg.RC2_64: keyBits = 64; algorithm = "RC2"; break;
default:
return null;
}
OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);
return pGen.GenerateDerivedParameters(algorithm, keyBits);
}
private static ICipherParameters GetCipherParameters(
char[] password,
string baseAlg,
byte[] salt)
{
string algorithm;
int keyBits;
switch (baseAlg)
{
case "AES-128": keyBits = 128; algorithm = "AES128"; break;
case "AES-192": keyBits = 192; algorithm = "AES192"; break;
case "AES-256": keyBits = 256; algorithm = "AES256"; break;
case "BF": keyBits = 128; algorithm = "BLOWFISH"; break;
case "DES": keyBits = 64; algorithm = "DES"; break;
case "DES-EDE": keyBits = 128; algorithm = "DESEDE"; break;
case "DES-EDE3": keyBits = 192; algorithm = "DESEDE3"; break;
case "RC2": keyBits = 128; algorithm = "RC2"; break;
case "RC2-40": keyBits = 40; algorithm = "RC2"; break;
case "RC2-64": keyBits = 64; algorithm = "RC2"; break;
default:
return null;
}
OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);
return pGen.GenerateDerivedParameters(algorithm, keyBits);
}
