first cut at PKCS#5 Scheme 2 in PKCS#12

author: David Hook <dgh@cryptoworkshop.com> 2020-04-25 16:53:47 +1000
committer: David Hook <dgh@cryptoworkshop.com> 2020-04-25 16:53:47 +1000
commit: 99467b8431c1a871792ecb34fd5eeb962353b1d2 (patch)
tree: 043b017ad8dd740c71e8f0661a170109672b6bb6 /crypto/src/security/PbeUtilities.cs
parent: github #237 - gost 2012 parsing (diff)
download: BouncyCastle.NET-ed25519-99467b8431c1a871792ecb34fd5eeb962353b1d2.tar.xz
1 files changed, 30 insertions, 0 deletions
diff --git a/crypto/src/security/PbeUtilities.cs b/crypto/src/security/PbeUtilities.cs
index ce47e38e5..622c6dd43 100644
--- a/crypto/src/security/PbeUtilities.cs
+++ b/crypto/src/security/PbeUtilities.cs
@@ -42,6 +42,7 @@ namespace Org.BouncyCastle.Security
         {
             algorithms["PKCS5SCHEME1"] = "Pkcs5scheme1";
             algorithms["PKCS5SCHEME2"] = "Pkcs5scheme2";
+            algorithms["PBKDF2"] = "Pkcs5scheme2";
             algorithms[PkcsObjectIdentifiers.IdPbeS2.Id] = "Pkcs5scheme2";
 //			algorithms[PkcsObjectIdentifiers.IdPbkdf2.Id] = "Pkcs5scheme2";
 
@@ -324,6 +325,35 @@ namespace Org.BouncyCastle.Security
             }
         }
 
+        public static Asn1Encodable GenerateAlgorithmParameters( 
+            DerObjectIdentifier cipherAlgorithm,
+            DerObjectIdentifier hashAlgorithm,
+            byte[] salt,
+            int iterationCount,
+            SecureRandom secureRandom)
+        {
+            EncryptionScheme encScheme;
+            if (NistObjectIdentifiers.IdAes128Cbc.Equals(cipherAlgorithm)
+                || NistObjectIdentifiers.IdAes192Cbc.Equals(cipherAlgorithm)
+                || NistObjectIdentifiers.IdAes256Cbc.Equals(cipherAlgorithm)
+                || NistObjectIdentifiers.IdAes128Cfb.Equals(cipherAlgorithm)
+                || NistObjectIdentifiers.IdAes192Cfb.Equals(cipherAlgorithm)
+                || NistObjectIdentifiers.IdAes256Cfb.Equals(cipherAlgorithm))
+            {
+                byte[] iv = new byte[16];
+                secureRandom.NextBytes(iv);
+                encScheme = new EncryptionScheme(cipherAlgorithm, new DerOctetString(iv));
+            }
+            else
+            {
+                throw new ArgumentException("unknown cipher: " + cipherAlgorithm);
+            }
+
+            KeyDerivationFunc func = new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2, new Pbkdf2Params(salt, iterationCount, new AlgorithmIdentifier(hashAlgorithm, DerNull.Instance)));
+
+            return new PbeS2Parameters(func, encScheme);
+        }
+
         public static ICipherParameters GenerateCipherParameters(
             DerObjectIdentifier algorithmOid,
             char[]              password,
author	David Hook <dgh@cryptoworkshop.com>	2020-04-25 16:53:47 +1000
committer	David Hook <dgh@cryptoworkshop.com>	2020-04-25 16:53:47 +1000
commit	99467b8431c1a871792ecb34fd5eeb962353b1d2 (patch)
tree	043b017ad8dd740c71e8f0661a170109672b6bb6 /crypto/src/security/PbeUtilities.cs
parent	github #237 - gost 2012 parsing (diff)
download	BouncyCastle.NET-ed25519-99467b8431c1a871792ecb34fd5eeb962353b1d2.tar.xz