Symaptic: os/security/crypto/weakcrypto/source/pkcs12kdf/GenTestDKs.java@260cb5ec6c19 (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	* This program generates keys with Bouncy Castle for compatibility testing.
sl@0	16	*
sl@0	17	*/
sl@0	18
sl@0	19
sl@0	20	import java.security.SecureRandom;
sl@0	21	import org.bouncycastle.crypto.PBEParametersGenerator;
sl@0	22	import org.bouncycastle.crypto.digests.SHA1Digest;
sl@0	23	import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
sl@0	24	import org.bouncycastle.crypto.params.KeyParameter;
sl@0	25
sl@0	26	public class GenTestDKs
sl@0	27	{
sl@0	28	public static void main(String[] args)
sl@0	29	{
sl@0	30	PKCS12ParametersGenerator pgen = new PKCS12ParametersGenerator(new SHA1Digest());
sl@0	31
sl@0	32	// SB.4: key lengths for defined OIDs
sl@0	33	// (168 for triple DES will first exercise chaining.)
sl@0	34	final int[] keyLens = {40, 128, 168, 368};
sl@0	35
sl@0	36	// SB.4 iteration count is recommended to be 1024 or more
sl@0	37	final int[] iterCounts = {1, 2, 4, 8, 128, 1024, 1536, 2048};
sl@0	38
sl@0	39	// SB.4 salt should be same length as hash function output
sl@0	40	// (=160 bits for SHA1.)
sl@0	41	byte[][] salts = new byte[3][];
sl@0	42	salts[0] = new byte[] {'S', 'A', 'L', 'T'};
sl@0	43	System.out.println("4 byte salt");
sl@0	44	printByteArray(salts[0]);
sl@0	45
sl@0	46	// calls to nextBytes() are only executed once
sl@0	47	/* SecureRandom sr;
sl@0	48	try { sr = SecureRandom.getInstance("SHA1PRNG", "SUN"); }
sl@0	49	catch (Exception e)
sl@0	50	{
sl@0	51	System.err.println("UNABLE TO GET RANDOM SOURCE");
sl@0	52	return;
sl@0	53	}
sl@0	54	*/
sl@0	55	// salts[1] = new byte[160 / 8];
sl@0	56	// sr.nextBytes(salts[1]);
sl@0	57	salts[1] = new byte[]
sl@0	58	{
sl@0	59	(byte) 0x1d, (byte) 0x56, (byte) 0x50, (byte) 0x78,
sl@0	60	(byte) 0xc3, (byte) 0x50, (byte) 0x6f, (byte) 0x89,
sl@0	61	(byte) 0xbd, (byte) 0xa7, (byte) 0x3b, (byte) 0xb6,
sl@0	62	(byte) 0xe3, (byte) 0xe5, (byte) 0xb8, (byte) 0xa3,
sl@0	63	(byte) 0x68, (byte) 0x3d, (byte) 0xd3, (byte) 0x62
sl@0	64	};
sl@0	65	System.out.println("20 byte salt (same size as SHA1 output)");
sl@0	66	printByteArray(salts[1]);
sl@0	67
sl@0	68	// salts[2] = new byte[200 / 8];
sl@0	69	// sr.nextBytes(salts[2]);
sl@0	70	salts[2] = new byte[]
sl@0	71	{
sl@0	72	(byte) 0xe2, (byte) 0x2c, (byte) 0x7b, (byte) 0x03,
sl@0	73	(byte) 0x16, (byte) 0x3a, (byte) 0xe5, (byte) 0x47,
sl@0	74	(byte) 0xf8, (byte) 0x23, (byte) 0x9d, (byte) 0xa4,
sl@0	75	(byte) 0x0d, (byte) 0x6f, (byte) 0x46, (byte) 0xd7,
sl@0	76	(byte) 0x9e, (byte) 0xa3, (byte) 0xc6, (byte) 0xff,
sl@0	77	(byte) 0xb3, (byte) 0xf0, (byte) 0x4e, (byte) 0xbe,
sl@0	78	(byte) 0x61
sl@0	79	};
sl@0	80	System.out.println("25 byte salt");
sl@0	81	printByteArray(salts[2]);
sl@0	82
sl@0	83	final String passwds[] = {"0000", "0001", "PSWD", "password", "abcdefghijklmnopqrstuvwxyz"};
sl@0	84
sl@0	85	for (int keyLenIdx = 0; keyLenIdx < keyLens.length; ++keyLenIdx)
sl@0	86	{
sl@0	87	for (int iterIdx = 0; iterIdx < iterCounts.length; ++iterIdx)
sl@0	88	{
sl@0	89	for (int saltIdx = 0; saltIdx < salts.length; ++saltIdx)
sl@0	90	{
sl@0	91	for (int pwdIdx = 0; pwdIdx < passwds.length; ++pwdIdx)
sl@0	92	{
sl@0	93	testKey(pgen, keyLens[keyLenIdx], iterCounts[iterIdx], passwds[pwdIdx], salts[saltIdx]);
sl@0	94	} // for (int pwdIdx = 0; pwdIdx < passwds.length; ++pwdIdx)
sl@0	95	} // for (int saltIdx = 0; saltIdx < salts.length; ++saltIdx)
sl@0	96	} // for (int iterIdx = 0; iterIdx < iterCounts.length; ++iterIdx)
sl@0	97	} // for (int keyLenIdx = 0; keyLenIdx < keyLens.length; ++keyLenIdx)
sl@0	98	}
sl@0	99
sl@0	100	private static void testKey(
sl@0	101	PKCS12ParametersGenerator pgen,
sl@0	102	int keyLen, int iterCount, String password, byte[] salt)
sl@0	103	{
sl@0	104	System.out.println(
sl@0	105	"key len = " + keyLen + ", iter count = " + iterCount
sl@0	106	+ ", password = \"" + password + "\", salt len = " + salt.length);
sl@0	107
sl@0	108	char[] pwChars = password.toCharArray();
sl@0	109	byte[] pwBytes = PBEParametersGenerator.PKCS12PasswordToBytes(pwChars);
sl@0	110
sl@0	111	pgen.init(pwBytes, salt, iterCount);
sl@0	112	KeyParameter kp = (KeyParameter) pgen.generateDerivedParameters(keyLen);
sl@0	113	printByteArray(kp.getKey());
sl@0	114	}
sl@0	115
sl@0	116	private static void printByteArray(byte[] a)
sl@0	117	{
sl@0	118	final int BLOCK_SIZE = 16;
sl@0	119	int keyLen = a.length;
sl@0	120	int rowCount = keyLen / BLOCK_SIZE;
sl@0	121	if ((keyLen % BLOCK_SIZE) != 0)
sl@0	122	++rowCount;
sl@0	123
sl@0	124	for (int row = 0; row < rowCount; ++row)
sl@0	125	{
sl@0	126	int start = row * BLOCK_SIZE;
sl@0	127	int end = Math.min(start + BLOCK_SIZE, keyLen);
sl@0	128
sl@0	129	StringBuffer line = new StringBuffer("[" + hexStr(start, 4) + "]");
sl@0	130
sl@0	131	for (int i = start; i < end; ++i)
sl@0	132	line.append(" " + hexStr(a[i], 2));
sl@0	133	System.out.println(line);
sl@0	134	}
sl@0	135	System.out.println();
sl@0	136	}
sl@0	137
sl@0	138	private static String hexStr(int val, int width)
sl@0	139	{
sl@0	140	StringBuffer result = new StringBuffer();
sl@0	141	while (--width >= 0)
sl@0	142	{
sl@0	143	int bitPos = 4 * width;
sl@0	144	int nybble = (val & (0xf << bitPos)) >> bitPos;
sl@0	145	result.append(Integer.toHexString(nybble));
sl@0	146	}
sl@0	147
sl@0	148	return result.toString();
sl@0	149	}
sl@0	150	}

author	sl
	Tue, 10 Jun 2014 14:32:02 +0200
changeset 1	260cb5ec6c19
permissions	-rw-r--r--