1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.crypto.password.internal.pbe.factory

File BcPBES2AesCipherFactory.java

 

Coverage histogram

../../../../../../../img/srcFileCovDistChart8.png
54% of files have more coverage

Code metrics

6
23
6
1
122
83
12
0.52
3.83
6
2

Classes

Class Line # Actions
BcPBES2AesCipherFactory 51 23 0% 12 8
0.771428677.1%
 

Contributing tests

This file is covered by 7 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.crypto.password.internal.pbe.factory;
21   
22    import javax.inject.Inject;
23    import javax.inject.Named;
24    import javax.inject.Singleton;
25   
26    import org.bouncycastle.asn1.ASN1ObjectIdentifier;
27    import org.bouncycastle.asn1.ASN1OctetString;
28    import org.bouncycastle.asn1.DEROctetString;
29    import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
30    import org.bouncycastle.asn1.pkcs.EncryptionScheme;
31    import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
32    import org.xwiki.component.annotation.Component;
33    import org.xwiki.crypto.cipher.CipherFactory;
34    import org.xwiki.crypto.params.cipher.symmetric.KeyWithIVParameters;
35    import org.xwiki.crypto.params.cipher.symmetric.SymmetricCipherParameters;
36    import org.xwiki.crypto.password.KeyDerivationFunction;
37    import org.xwiki.crypto.password.PasswordBasedCipher;
38    import org.xwiki.crypto.password.internal.pbe.AbstractBcPBES2Cipher;
39   
40    /**
41    * Implement PBES2 encryption scheme with AES encryption according to PKCS #5 v2.1 draft.
42    *
43    * @version $Id: 8cd0650191da3543abeced616a43ae27f4b96ed6 $
44    * @since 5.4M1
45    */
46    @Component(hints = { "PBES2-AES-CBC-Pad",
47    "2.16.840.1.101.3.4.1.2", "2.16.840.1.101.3.4.1.22", "2.16.840.1.101.3.4.1.42",
48    // Add wrong OID that may be existing due to typos in earlier publication.
49    "2.16.840.1.101.3.4.2", "2.16.840.1.101.3.4.22", "2.16.840.1.101.3.4.42" })
50    @Singleton
 
51    public class BcPBES2AesCipherFactory extends AbstractBcPBES2CipherFactory
52    {
53    @Inject
54    @Named("AES/CBC/PKCS7Padding")
55    private CipherFactory cipherFactory;
56   
 
57  23 toggle @Override
58    protected CipherFactory getCipherFactory()
59    {
60  23 return this.cipherFactory;
61    }
62   
 
63  7 toggle @Override
64    protected PasswordBasedCipher getInstance(boolean forEncryption, byte[] password, KeyDerivationFunc kdfParams,
65    EncryptionScheme scheme)
66    {
67  7 KeyDerivationFunction kdf = getKeyDerivationFunction(kdfParams);
68   
69    // Set key size according to the encryption scheme algorithm used.
70  7 kdf.overrideKeySize(getAESKeySize(scheme.getAlgorithm()));
71   
72  7 return getPasswordBasedCipher(forEncryption, kdf, new KeyWithIVParameters(kdf.derive(password).getKey(),
73    ((ASN1OctetString) scheme.getParameters()).getOctets()));
74    }
75   
 
76  14 toggle @Override
77    protected PasswordBasedCipher getPasswordBasedCipher(boolean forEncryption, final KeyDerivationFunction kdf,
78    SymmetricCipherParameters params)
79    {
80    /** Overwrite the key length with itself, since the key length will be encoded in the algorithm identifier */
81  14 kdf.overrideKeySize(kdf.getKeySize());
82   
83  14 return new AbstractBcPBES2Cipher(getCipherFactory().getInstance(forEncryption, params), kdf, params)
84    {
 
85  15 toggle @Override
86    protected EncryptionScheme getScheme(SymmetricCipherParameters parameters)
87    {
88  15 return new EncryptionScheme(
89    getAESAlgoritmIdentifier(((KeyWithIVParameters) parameters).getKey().length),
90    new DEROctetString(((KeyWithIVParameters) parameters).getIV()));
91    }
92    };
93    }
94   
 
95  7 toggle private int getAESKeySize(ASN1ObjectIdentifier algId)
96    {
97  7 if (algId.equals(NISTObjectIdentifiers.id_aes128_CBC)) {
98  5 return 16;
99  2 } else if (algId.equals(NISTObjectIdentifiers.id_aes192_CBC)) {
100  0 return 24;
101  2 } else if (algId.equals(NISTObjectIdentifiers.id_aes256_CBC)) {
102  2 return 32;
103    }
104  0 throw new IllegalArgumentException("Unexpected algorithm identifier used for PBES2 AES encryption scheme: "
105    + algId.toString());
106    }
107   
 
108  15 toggle private ASN1ObjectIdentifier getAESAlgoritmIdentifier(int keySize)
109    {
110  15 switch (keySize) {
111  13 case 16:
112  13 return NISTObjectIdentifiers.id_aes128_CBC;
113  0 case 24:
114  0 return NISTObjectIdentifiers.id_aes192_CBC;
115  2 case 32:
116  2 return NISTObjectIdentifiers.id_aes256_CBC;
117  0 default:
118  0 throw new IllegalArgumentException("Unexpected key size used for PBES2 AES encryption scheme: "
119    + keySize);
120    }
121    }
122    }