1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package org.xwiki.crypto.password.internal.pbe.factory; |
21 |
|
|
22 |
|
import javax.inject.Inject; |
23 |
|
import javax.inject.Named; |
24 |
|
import javax.inject.Singleton; |
25 |
|
|
26 |
|
import org.bouncycastle.asn1.ASN1ObjectIdentifier; |
27 |
|
import org.bouncycastle.asn1.ASN1OctetString; |
28 |
|
import org.bouncycastle.asn1.DEROctetString; |
29 |
|
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; |
30 |
|
import org.bouncycastle.asn1.pkcs.EncryptionScheme; |
31 |
|
import org.bouncycastle.asn1.pkcs.KeyDerivationFunc; |
32 |
|
import org.xwiki.component.annotation.Component; |
33 |
|
import org.xwiki.crypto.cipher.CipherFactory; |
34 |
|
import org.xwiki.crypto.params.cipher.symmetric.KeyWithIVParameters; |
35 |
|
import org.xwiki.crypto.params.cipher.symmetric.SymmetricCipherParameters; |
36 |
|
import org.xwiki.crypto.password.KeyDerivationFunction; |
37 |
|
import org.xwiki.crypto.password.PasswordBasedCipher; |
38 |
|
import org.xwiki.crypto.password.internal.pbe.AbstractBcPBES2Cipher; |
39 |
|
|
40 |
|
|
41 |
|
|
42 |
|
|
43 |
|
@version |
44 |
|
@since |
45 |
|
|
46 |
|
@Component(hints = { "PBES2-AES-CBC-Pad", |
47 |
|
"2.16.840.1.101.3.4.1.2", "2.16.840.1.101.3.4.1.22", "2.16.840.1.101.3.4.1.42", |
48 |
|
|
49 |
|
"2.16.840.1.101.3.4.2", "2.16.840.1.101.3.4.22", "2.16.840.1.101.3.4.42" }) |
50 |
|
@Singleton |
|
|
| 77.1% |
Uncovered Elements: 8 (35) |
Complexity: 12 |
Complexity Density: 0.52 |
|
51 |
|
public class BcPBES2AesCipherFactory extends AbstractBcPBES2CipherFactory |
52 |
|
{ |
53 |
|
@Inject |
54 |
|
@Named("AES/CBC/PKCS7Padding") |
55 |
|
private CipherFactory cipherFactory; |
56 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
57 |
23 |
@Override... |
58 |
|
protected CipherFactory getCipherFactory() |
59 |
|
{ |
60 |
23 |
return this.cipherFactory; |
61 |
|
} |
62 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (3) |
Complexity: 1 |
Complexity Density: 0.33 |
|
63 |
7 |
@Override... |
64 |
|
protected PasswordBasedCipher getInstance(boolean forEncryption, byte[] password, KeyDerivationFunc kdfParams, |
65 |
|
EncryptionScheme scheme) |
66 |
|
{ |
67 |
7 |
KeyDerivationFunction kdf = getKeyDerivationFunction(kdfParams); |
68 |
|
|
69 |
|
|
70 |
7 |
kdf.overrideKeySize(getAESKeySize(scheme.getAlgorithm())); |
71 |
|
|
72 |
7 |
return getPasswordBasedCipher(forEncryption, kdf, new KeyWithIVParameters(kdf.derive(password).getKey(), |
73 |
|
((ASN1OctetString) scheme.getParameters()).getOctets())); |
74 |
|
} |
75 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
76 |
14 |
@Override... |
77 |
|
protected PasswordBasedCipher getPasswordBasedCipher(boolean forEncryption, final KeyDerivationFunction kdf, |
78 |
|
SymmetricCipherParameters params) |
79 |
|
{ |
80 |
|
|
81 |
14 |
kdf.overrideKeySize(kdf.getKeySize()); |
82 |
|
|
83 |
14 |
return new AbstractBcPBES2Cipher(getCipherFactory().getInstance(forEncryption, params), kdf, params) |
84 |
|
{ |
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
85 |
15 |
@Override... |
86 |
|
protected EncryptionScheme getScheme(SymmetricCipherParameters parameters) |
87 |
|
{ |
88 |
15 |
return new EncryptionScheme( |
89 |
|
getAESAlgoritmIdentifier(((KeyWithIVParameters) parameters).getKey().length), |
90 |
|
new DEROctetString(((KeyWithIVParameters) parameters).getIV())); |
91 |
|
} |
92 |
|
}; |
93 |
|
} |
94 |
|
|
|
|
| 69.2% |
Uncovered Elements: 4 (13) |
Complexity: 4 |
Complexity Density: 0.57 |
|
95 |
7 |
private int getAESKeySize(ASN1ObjectIdentifier algId)... |
96 |
|
{ |
97 |
7 |
if (algId.equals(NISTObjectIdentifiers.id_aes128_CBC)) { |
98 |
5 |
return 16; |
99 |
2 |
} else if (algId.equals(NISTObjectIdentifiers.id_aes192_CBC)) { |
100 |
0 |
return 24; |
101 |
2 |
} else if (algId.equals(NISTObjectIdentifiers.id_aes256_CBC)) { |
102 |
2 |
return 32; |
103 |
|
} |
104 |
0 |
throw new IllegalArgumentException("Unexpected algorithm identifier used for PBES2 AES encryption scheme: " |
105 |
|
+ algId.toString()); |
106 |
|
} |
107 |
|
|
|
|
| 55.6% |
Uncovered Elements: 4 (9) |
Complexity: 4 |
Complexity Density: 0.44 |
|
108 |
15 |
private ASN1ObjectIdentifier getAESAlgoritmIdentifier(int keySize)... |
109 |
|
{ |
110 |
15 |
switch (keySize) { |
111 |
13 |
case 16: |
112 |
13 |
return NISTObjectIdentifiers.id_aes128_CBC; |
113 |
0 |
case 24: |
114 |
0 |
return NISTObjectIdentifiers.id_aes192_CBC; |
115 |
2 |
case 32: |
116 |
2 |
return NISTObjectIdentifiers.id_aes256_CBC; |
117 |
0 |
default: |
118 |
0 |
throw new IllegalArgumentException("Unexpected key size used for PBES2 AES encryption scheme: " |
119 |
|
+ keySize); |
120 |
|
} |
121 |
|
} |
122 |
|
} |