1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/crypto/weakcrypto/source/pkcs12kdf/GenTestDKs.java Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,150 @@
1.4 +/*
1.5 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +* This program generates keys with Bouncy Castle for compatibility testing.
1.19 +*
1.20 +*/
1.21 +
1.22 +
1.23 +import java.security.SecureRandom;
1.24 +import org.bouncycastle.crypto.PBEParametersGenerator;
1.25 +import org.bouncycastle.crypto.digests.SHA1Digest;
1.26 +import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
1.27 +import org.bouncycastle.crypto.params.KeyParameter;
1.28 +
1.29 +public class GenTestDKs
1.30 +{
1.31 + public static void main(String[] args)
1.32 + {
1.33 + PKCS12ParametersGenerator pgen = new PKCS12ParametersGenerator(new SHA1Digest());
1.34 +
1.35 + // SB.4: key lengths for defined OIDs
1.36 + // (168 for triple DES will first exercise chaining.)
1.37 + final int[] keyLens = {40, 128, 168, 368};
1.38 +
1.39 + // SB.4 iteration count is recommended to be 1024 or more
1.40 + final int[] iterCounts = {1, 2, 4, 8, 128, 1024, 1536, 2048};
1.41 +
1.42 + // SB.4 salt should be same length as hash function output
1.43 + // (=160 bits for SHA1.)
1.44 + byte[][] salts = new byte[3][];
1.45 + salts[0] = new byte[] {'S', 'A', 'L', 'T'};
1.46 + System.out.println("4 byte salt");
1.47 + printByteArray(salts[0]);
1.48 +
1.49 + // calls to nextBytes() are only executed once
1.50 +/* SecureRandom sr;
1.51 + try { sr = SecureRandom.getInstance("SHA1PRNG", "SUN"); }
1.52 + catch (Exception e)
1.53 + {
1.54 + System.err.println("UNABLE TO GET RANDOM SOURCE");
1.55 + return;
1.56 + }
1.57 +*/
1.58 +// salts[1] = new byte[160 / 8];
1.59 +// sr.nextBytes(salts[1]);
1.60 + salts[1] = new byte[]
1.61 + {
1.62 + (byte) 0x1d, (byte) 0x56, (byte) 0x50, (byte) 0x78,
1.63 + (byte) 0xc3, (byte) 0x50, (byte) 0x6f, (byte) 0x89,
1.64 + (byte) 0xbd, (byte) 0xa7, (byte) 0x3b, (byte) 0xb6,
1.65 + (byte) 0xe3, (byte) 0xe5, (byte) 0xb8, (byte) 0xa3,
1.66 + (byte) 0x68, (byte) 0x3d, (byte) 0xd3, (byte) 0x62
1.67 + };
1.68 + System.out.println("20 byte salt (same size as SHA1 output)");
1.69 + printByteArray(salts[1]);
1.70 +
1.71 +// salts[2] = new byte[200 / 8];
1.72 +// sr.nextBytes(salts[2]);
1.73 + salts[2] = new byte[]
1.74 + {
1.75 + (byte) 0xe2, (byte) 0x2c, (byte) 0x7b, (byte) 0x03,
1.76 + (byte) 0x16, (byte) 0x3a, (byte) 0xe5, (byte) 0x47,
1.77 + (byte) 0xf8, (byte) 0x23, (byte) 0x9d, (byte) 0xa4,
1.78 + (byte) 0x0d, (byte) 0x6f, (byte) 0x46, (byte) 0xd7,
1.79 + (byte) 0x9e, (byte) 0xa3, (byte) 0xc6, (byte) 0xff,
1.80 + (byte) 0xb3, (byte) 0xf0, (byte) 0x4e, (byte) 0xbe,
1.81 + (byte) 0x61
1.82 + };
1.83 + System.out.println("25 byte salt");
1.84 + printByteArray(salts[2]);
1.85 +
1.86 + final String passwds[] = {"0000", "0001", "PSWD", "password", "abcdefghijklmnopqrstuvwxyz"};
1.87 +
1.88 + for (int keyLenIdx = 0; keyLenIdx < keyLens.length; ++keyLenIdx)
1.89 + {
1.90 + for (int iterIdx = 0; iterIdx < iterCounts.length; ++iterIdx)
1.91 + {
1.92 + for (int saltIdx = 0; saltIdx < salts.length; ++saltIdx)
1.93 + {
1.94 + for (int pwdIdx = 0; pwdIdx < passwds.length; ++pwdIdx)
1.95 + {
1.96 + testKey(pgen, keyLens[keyLenIdx], iterCounts[iterIdx], passwds[pwdIdx], salts[saltIdx]);
1.97 + } // for (int pwdIdx = 0; pwdIdx < passwds.length; ++pwdIdx)
1.98 + } // for (int saltIdx = 0; saltIdx < salts.length; ++saltIdx)
1.99 + } // for (int iterIdx = 0; iterIdx < iterCounts.length; ++iterIdx)
1.100 + } // for (int keyLenIdx = 0; keyLenIdx < keyLens.length; ++keyLenIdx)
1.101 + }
1.102 +
1.103 + private static void testKey(
1.104 + PKCS12ParametersGenerator pgen,
1.105 + int keyLen, int iterCount, String password, byte[] salt)
1.106 + {
1.107 + System.out.println(
1.108 + "key len = " + keyLen + ", iter count = " + iterCount
1.109 + + ", password = \"" + password + "\", salt len = " + salt.length);
1.110 +
1.111 + char[] pwChars = password.toCharArray();
1.112 + byte[] pwBytes = PBEParametersGenerator.PKCS12PasswordToBytes(pwChars);
1.113 +
1.114 + pgen.init(pwBytes, salt, iterCount);
1.115 + KeyParameter kp = (KeyParameter) pgen.generateDerivedParameters(keyLen);
1.116 + printByteArray(kp.getKey());
1.117 + }
1.118 +
1.119 + private static void printByteArray(byte[] a)
1.120 + {
1.121 + final int BLOCK_SIZE = 16;
1.122 + int keyLen = a.length;
1.123 + int rowCount = keyLen / BLOCK_SIZE;
1.124 + if ((keyLen % BLOCK_SIZE) != 0)
1.125 + ++rowCount;
1.126 +
1.127 + for (int row = 0; row < rowCount; ++row)
1.128 + {
1.129 + int start = row * BLOCK_SIZE;
1.130 + int end = Math.min(start + BLOCK_SIZE, keyLen);
1.131 +
1.132 + StringBuffer line = new StringBuffer("[" + hexStr(start, 4) + "]");
1.133 +
1.134 + for (int i = start; i < end; ++i)
1.135 + line.append(" " + hexStr(a[i], 2));
1.136 + System.out.println(line);
1.137 + }
1.138 + System.out.println();
1.139 + }
1.140 +
1.141 + private static String hexStr(int val, int width)
1.142 + {
1.143 + StringBuffer result = new StringBuffer();
1.144 + while (--width >= 0)
1.145 + {
1.146 + int bitPos = 4 * width;
1.147 + int nybble = (val & (0xf << bitPos)) >> bitPos;
1.148 + result.append(Integer.toHexString(nybble));
1.149 + }
1.150 +
1.151 + return result.toString();
1.152 + }
1.153 +}