static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out) { HMac mac = new HMac(digest); KeyParameter param = new KeyParameter(secret); byte[] a = seed; int size = digest.getDigestSize(); int iterations = (out.length + size - 1) / size; byte[] buf = new byte[mac.getMacSize()]; byte[] buf2 = new byte[mac.getMacSize()]; for (int i = 0; i < iterations; i++) { mac.init(param); mac.update(a, 0, a.length); mac.doFinal(buf, 0); a = buf; mac.init(param); mac.update(a, 0, a.length); mac.update(seed, 0, seed.length); mac.doFinal(buf2, 0); System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i))); } }
public HmacContentSigner(HashAlgoType hashAlgo, AlgorithmIdentifier algorithmIdentifier, SecretKey signingKey) throws XiSecurityException { this.algorithmIdentifier = ParamUtil.requireNonNull("algorithmIdentifier", algorithmIdentifier); try { this.encodedAlgorithmIdentifier = algorithmIdentifier.getEncoded(); } catch (IOException ex) { throw new XiSecurityException("could not encode AlgorithmIdentifier", ex); } ParamUtil.requireNonNull("signingKey", signingKey); if (hashAlgo == null) { hashAlgo = AlgorithmUtil.extractHashAlgoFromMacAlg(algorithmIdentifier); } this.hmac = new HMac(hashAlgo.createDigest()); byte[] keyBytes = signingKey.getEncoded(); this.hmac.init(new KeyParameter(keyBytes, 0, keyBytes.length)); this.outLen = hmac.getMacSize(); this.outputStream = new HmacOutputStream(); }
static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out) { HMac mac = new HMac(digest); mac.init(new KeyParameter(secret)); byte[] a = seed; int size = digest.getDigestSize(); int iterations = (out.length + size - 1) / size; byte[] buf = new byte[mac.getMacSize()]; byte[] buf2 = new byte[mac.getMacSize()]; for (int i = 0; i < iterations; i++) { mac.update(a, 0, a.length); mac.doFinal(buf, 0); a = buf; mac.update(a, 0, a.length); mac.update(seed, 0, seed.length); mac.doFinal(buf2, 0); System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i))); } }
public TestResult perform() { HMac hmac = new HMac(new RIPEMD128Digest()); byte[] resBuf = new byte[hmac.getMacSize()]; for (int i = 0; i < messages.length; i++) { byte[] m = messages[i].getBytes(); if (messages[i].startsWith("0x")) { m = Hex.decode(messages[i].substring(2)); } hmac.init(new KeyParameter(Hex.decode(keys[i]))); hmac.update(m, 0, m.length); hmac.doFinal(resBuf, 0); if (!Arrays.areEqual(resBuf, Hex.decode(digests[i]))) { return new SimpleTestResult(false, getName() + ": Vector " + i + " failed"); } } return new SimpleTestResult(true, getName() + ": Okay"); }
public TestResult perform() { HMac hmac = new HMac(new RIPEMD160Digest()); byte[] resBuf = new byte[hmac.getMacSize()]; for (int i = 0; i < messages.length; i++) { byte[] m = messages[i].getBytes(); if (messages[i].startsWith("0x")) { m = Hex.decode(messages[i].substring(2)); } hmac.init(new KeyParameter(Hex.decode(keys[i]))); hmac.update(m, 0, m.length); hmac.doFinal(resBuf, 0); if (!Arrays.areEqual(resBuf, Hex.decode(digests[i]))) { return new SimpleTestResult(false, getName() + ": Vector " + i + " failed"); } } return new SimpleTestResult(true, getName() + ": Okay"); }
public static int calculateRounds(int milliseconds) { Logging.info("Calculating how many SHA1 rounds we can do in %d millis.", milliseconds); HMac mac = new HMac(new SHA256Digest()); byte[] state = new byte[mac.getMacSize()]; long startTime = System.currentTimeMillis(); int pbkdf2Iterations = 0; while((System.currentTimeMillis() - startTime) < milliseconds) { mac.update(state, 0, state.length); mac.doFinal(state, 0); pbkdf2Iterations++; } pbkdf2Iterations = Math.max(pbkdf2Iterations, PBKDF2Descriptor.MINIMUM_PBKD2_ITERS); Logging.info("Got %d", pbkdf2Iterations); return pbkdf2Iterations; }
public static byte[] ctrHMac(byte[] keyDerivationKey, byte[] label, Supplier<Digest> digestSupplier, int keyLengthBytes) { logger.trace("<< ctrHMac() - keyDerivationKey: 0x{} label: {} digestSupplier: {} length: {}", Hex.toHexString(keyDerivationKey), Hex.toHexString(label), digestSupplier, keyLengthBytes); byte[] derivedKey = new byte[keyLengthBytes]; // fixedInputData = label || 0x00 || dkLen in bits as 4 bytes big endian ByteBuffer buffer = ByteBuffer.allocate(label.length + 5); buffer.put(label); buffer.put((byte) 0); buffer.putInt(keyLengthBytes * 8); byte[] fixedInputData = buffer.array(); logger.debug("-- ctrHMac() - fixed input data: 0x{}", Hex.toHexString(fixedInputData)); HMac hMac = new HMac(digestSupplier.get()); KDFCounterBytesGenerator generator = new KDFCounterBytesGenerator(hMac); generator.init(new KDFCounterParameters(keyDerivationKey, fixedInputData, R)); generator.generateBytes(derivedKey, 0, derivedKey.length); logger.trace(">> ctrHMac() - derivedKey: 0x{}", Hex.toHexString(derivedKey)); return derivedKey; }
/** * Generate HMAC-SHA1 for message * * @param key * @param message * @return * @throws Exception */ private static String generateHmac(String key, String message) throws Exception { Log.d(LOG_TAG, "generateHmac: " + key + "=" + message); byte[] keyBytes = key.getBytes(ShapewaysClient.ENCODING); byte[] data = message.getBytes(ShapewaysClient.ENCODING); HMac macProvider = new HMac(new SHA1Digest()); macProvider.init(new KeyParameter(keyBytes)); macProvider.reset(); macProvider.update(data, 0, data.length); byte[] output = new byte[macProvider.getMacSize()]; macProvider.doFinal(output, 0); byte[] hmac = Base64.encode(output); return new String(hmac).replaceAll("\r\n", ""); }
private static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out) { HMac mac = new HMac(digest); KeyParameter param = new KeyParameter(secret); byte[] a = seed; int size = digest.getDigestSize(); int iterations = (out.length + size - 1) / size; byte[] buf = new byte[mac.getMacSize()]; byte[] buf2 = new byte[mac.getMacSize()]; for (int i = 0; i < iterations; i++) { mac.init(param); mac.update(a, 0, a.length); mac.doFinal(buf, 0); a = buf; mac.init(param); mac.update(a, 0, a.length); mac.update(seed, 0, seed.length); mac.doFinal(buf2, 0); System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i))); } }
static MacCalculator createMacCalculator(final ASN1ObjectIdentifier digestAlgorithm, ExtendedDigest digest, final PKCS12PBEParams pbeParams, final char[] password) { PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest); pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue()); final KeyParameter keyParam = (KeyParameter)pGen.generateDerivedMacParameters(digest.getDigestSize() * 8); final HMac hMac = new HMac(digest); hMac.init(keyParam); return new MacCalculator() { public AlgorithmIdentifier getAlgorithmIdentifier() { return new AlgorithmIdentifier(digestAlgorithm, pbeParams); } public OutputStream getOutputStream() { return new MacOutputStream(hMac); } public byte[] getMac() { byte[] res = new byte[hMac.getMacSize()]; hMac.doFinal(res, 0); return res; } public GenericKey getKey() { return new GenericKey(getAlgorithmIdentifier(), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password)); } }; }
/** * Calculates the MacTag (to be used for key confirmation), as defined by * <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>, * Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes. * <p/> * <p/> * <pre> * MacTag = HMAC(MacKey, MacLen, MacData) * * MacKey = H(K || "JPAKE_KC") * * MacData = "KC_1_U" || participantId || partnerParticipantId || gx1 || gx2 || gx3 || gx4 * * Note that both participants use "KC_1_U" because the sender of the round 3 message * is always the initiator for key confirmation. * * HMAC = {@link HMac} used with the given {@link Digest} * H = The given {@link Digest}</li> * MacLen = length of MacTag * </pre> * <p/> */ public static BigInteger calculateMacTag( String participantId, String partnerParticipantId, BigInteger gx1, BigInteger gx2, BigInteger gx3, BigInteger gx4, BigInteger keyingMaterial, Digest digest) { byte[] macKey = calculateMacKey( keyingMaterial, digest); HMac mac = new HMac(digest); byte[] macOutput = new byte[mac.getMacSize()]; mac.init(new KeyParameter(macKey)); /* * MacData = "KC_1_U" || participantId_Alice || participantId_Bob || gx1 || gx2 || gx3 || gx4. */ updateMac(mac, "KC_1_U"); updateMac(mac, participantId); updateMac(mac, partnerParticipantId); updateMac(mac, gx1); updateMac(mac, gx2); updateMac(mac, gx3); updateMac(mac, gx4); mac.doFinal(macOutput, 0); Arrays.fill(macKey, (byte)0); return new BigInteger(macOutput); }
public IESwithDESede() { super(new IESEngine(new DHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(new DESedeEngine()))); }
public IESwithAES() { super(new IESEngine(new DHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(new AESEngine()))); }
public ECIESwithDESede() { super(new IESEngine(new ECDHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(new DESedeEngine()))); }
public ECIESwithAES() { super(new IESEngine(new ECDHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(new AESEngine()))); }
public IES() { super(new IESEngine( new DHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()))); }
public ECIES() { super(new IESEngine( new ECDHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()))); }
/** * Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3 * * @param group the {@link SRP6GroupParameters} defining the group that SRP is operating in * @param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3 * @return an instance of {@link SimulatedTlsSRPIdentityManager} */ public static SimulatedTlsSRPIdentityManager getRFC5054Default(SRP6GroupParameters group, byte[] seedKey) { SRP6VerifierGenerator verifierGenerator = new SRP6VerifierGenerator(); verifierGenerator.init(group, TlsUtils.createHash(HashAlgorithm.sha1)); HMac mac = new HMac(TlsUtils.createHash(HashAlgorithm.sha1)); mac.init(new KeyParameter(seedKey)); return new SimulatedTlsSRPIdentityManager(group, verifierGenerator, mac); }
/** * Calculates the MacTag (to be used for key confirmation), as defined by * <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>, * Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes. * <pre> * MacTag = HMAC(MacKey, MacLen, MacData) * * MacKey = H(K || "JPAKE_KC") * * MacData = "KC_1_U" || participantId || partnerParticipantId || gx1 || gx2 || gx3 || gx4 * * Note that both participants use "KC_1_U" because the sender of the round 3 message * is always the initiator for key confirmation. * * HMAC = {@link HMac} used with the given {@link Digest} * H = The given {@link Digest} * MacLen = length of MacTag * </pre> */ public static BigInteger calculateMacTag( String participantId, String partnerParticipantId, BigInteger gx1, BigInteger gx2, BigInteger gx3, BigInteger gx4, BigInteger keyingMaterial, Digest digest) { byte[] macKey = calculateMacKey( keyingMaterial, digest); HMac mac = new HMac(digest); byte[] macOutput = new byte[mac.getMacSize()]; mac.init(new KeyParameter(macKey)); /* * MacData = "KC_1_U" || participantId_Alice || participantId_Bob || gx1 || gx2 || gx3 || gx4. */ updateMac(mac, "KC_1_U"); updateMac(mac, participantId); updateMac(mac, partnerParticipantId); updateMac(mac, gx1); updateMac(mac, gx2); updateMac(mac, gx3); updateMac(mac, gx4); mac.doFinal(macOutput, 0); Arrays.fill(macKey, (byte)0); return new BigInteger(macOutput); }
/** * Base constructor. * * @param digest digest to build the HMAC on. */ public HMacDSAKCalculator(Digest digest) { this.hMac = new HMac(digest); this.V = new byte[hMac.getMacSize()]; this.K = new byte[hMac.getMacSize()]; }
private void doHMACTest(DRBGTestVector tv) { SP800SecureRandomBuilder rBuild = new SP800SecureRandomBuilder(new SHA1EntropyProvider()); rBuild.setPersonalizationString(tv.personalizationString()); rBuild.setSecurityStrength(tv.securityStrength()); rBuild.setEntropyBitsRequired(tv.entropySource().getEntropy().length * 8); SecureRandom random = rBuild.buildHMAC(new HMac(tv.getDigest()), tv.nonce(), tv.predictionResistance()); byte[] expected = tv.expectedValue(0); byte[] produced = new byte[expected.length]; random.nextBytes(produced); if (!Arrays.areEqual(expected, produced)) { fail("SP800 HMAC SecureRandom produced incorrect result (1)"); } random.nextBytes(produced); expected = tv.expectedValue(1); if (!Arrays.areEqual(expected, produced)) { fail("SP800 HMAC SecureRandom produced incorrect result (2)"); } }
/** * Construct OPE with a key * @param keyBytes Key bytes. */ public OPE(byte[] keyBytes) { // get the key key = new byte[keyBytes.length]; System.arraycopy(keyBytes, 0, key, 0, keyBytes.length); VIL_PRF = new HMac(new SHA1Digest()); VIL_PRF.init(new KeyParameter(key)); this.cache = new Hashtable<Long, Long>(maxCacheSize); }
public OldIESwithCipher(BlockCipher baseCipher) { super(new OldIESEngine(new DHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(baseCipher))); }
public ECIESwithCipher(BlockCipher cipher) { super(new IESEngine(new ECDHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(cipher))); }
public ECIESwithCipher(BlockCipher cipher, int ivLength) { super(new IESEngine(new ECDHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(cipher)), ivLength); }
public OldECIESwithCipher(BlockCipher baseCipher) { super(new OldIESEngine(new ECDHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(baseCipher))); }
