| public GenerateDerivedParameters ( int keySize ) : ICipherParameters | ||
| keySize | int | |
| return | ICipherParameters | |
internal override KeyParameter GetEncoded(
string algorithmOid)
{
Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator();
gen.Init(
PbeParametersGenerator.Pkcs5PasswordToBytes(this.Password),
this.Salt,
this.IterationCount);
return (KeyParameter) gen.GenerateDerivedParameters(
algorithmOid,
CmsEnvelopedHelper.Instance.GetKeySize(algorithmOid));
}
/// <summary>
/// Generates a key from a password and salt and IV
/// </summary>
/// <param name="password"></param>
/// <param name="saltBytes"></param>
/// <param name="ivBytes"></param>
/// <returns></returns>
private static ParametersWithIV GenerateKey(string password, byte[] saltBytes, byte[] ivBytes)
{
var passBytes = PbeParametersGenerator.Pkcs5PasswordToUtf8Bytes(password.ToCharArray());
//create key generator
var generator = new Pkcs5S2ParametersGenerator();
//initialize
generator.Init(passBytes, saltBytes, KEY_DERIVATION_ITERATION);
//generate with a 256bit key, and a 128bit IV
var kp = new ParametersWithIV(generator.GenerateDerivedParameters(ALGORITHM_NAME, KEY_SIZE), ivBytes);
return kp;
}
public override void PerformTest()
{
char[] password = "******".ToCharArray();
PbeParametersGenerator generator = new Pkcs5S2ParametersGenerator();
EncryptedPrivateKeyInfo info = null;
try
{
info = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(sample));
}
catch (System.Exception e)
{
Fail("failed construction - exception " + e.ToString(), e);
}
PbeS2Parameters alg = PbeS2Parameters.GetInstance(info.EncryptionAlgorithm.Parameters);
Pbkdf2Params func = Pbkdf2Params.GetInstance(alg.KeyDerivationFunc.Parameters);
EncryptionScheme scheme = alg.EncryptionScheme;
if (func.KeyLength != null)
{
keySize = func.KeyLength.IntValue * 8;
}
int iterationCount = func.IterationCount.IntValue;
byte[] salt = func.GetSalt();
generator.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt, iterationCount);
DerObjectIdentifier algOid = scheme.Algorithm;
byte[] iv;
if (algOid.Equals(PkcsObjectIdentifiers.RC2Cbc))
{
RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(scheme.Asn1Object);
iv = rc2Params.GetIV();
}
else
{
iv = ((Asn1OctetString) scheme.Asn1Object).GetOctets();
}
ICipherParameters param = new ParametersWithIV(
generator.GenerateDerivedParameters(algOid.Id, keySize), iv);
cipher.Init(false, param);
byte[] data = info.GetEncryptedData();
byte[] outBytes = new byte[cipher.GetOutputSize(data.Length)];
int len = cipher.ProcessBytes(data, 0, data.Length, outBytes, 0);
try
{
len += cipher.DoFinal(outBytes, len);
}
catch (Exception e)
{
Fail("failed DoFinal - exception " + e.ToString());
}
if (result.Length != len)
{
Fail("failed length");
}
for (int i = 0; i != len; i++)
{
if (outBytes[i] != result[i])
{
Fail("failed comparison");
}
}
}
public override void PerformTest()
{
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEngine()));
SimpleTest test = new PbeTest(this, 0, cipher, sample1, 64);
test.PerformTest();
cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine()));
test = new PbeTest(this, 1, cipher, sample2, 192);
test.PerformTest();
cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine()));
test = new PbeTest(this, 2, cipher, sample3, 0);
test.PerformTest();
//
// RFC 3211 tests
//
char[] password = "******".ToCharArray();
PbeParametersGenerator generator = new Pkcs5S2ParametersGenerator();
byte[] salt = Hex.Decode("1234567878563412");
generator.Init(
PbeParametersGenerator.Pkcs5PasswordToBytes(password),
salt,
5);
if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DES", 64)).GetKey(),
Hex.Decode("d1daa78615f287e6")))
{
Fail("64 test failed");
}
password = "******".ToCharArray();
generator.Init(
PbeParametersGenerator.Pkcs5PasswordToBytes(password),
salt,
500);
if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DESEDE", 192)).GetKey(),
Hex.Decode("6a8970bf68c92caea84a8df28510858607126380cc47ab2d")))
{
Fail("192 test failed");
}
generator.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt, 60000);
if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DESEDE", 192)).GetKey(),
Hex.Decode("29aaef810c12ecd2236bbcfb55407f9852b5573dc1c095bb")))
{
Fail("192 (60000) test failed");
}
}
