Skip to content

Commit 9e56101

Browse files
dev-koandev-koan
committed
Support for PBES2, PBEKeyfactory, PBEKey and PBEParameters
This update adds support for PBES2, PBEKeyFactory, PBEKey, and PBEParameters for PBE algorithms with Hmac and AES for OpenJCEPlus provider. Signed-off-by: Dev Agarwal <[email protected]>
1 parent b898b1b commit 9e56101

20 files changed

+2409
-165
lines changed

JenkinsfilePerformance

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -357,6 +357,7 @@ pipeline {
357357
'ibm.jceplus.jmh.MessageDigestInstanceBenchmark', \
358358
'ibm.jceplus.jmh.MLDSABenchmark', \
359359
'ibm.jceplus.jmh.MLKEMBenchmark', \
360+
'ibm.jceplus.jmh.PBEBenchmark', \
360361
'ibm.jceplus.jmh.PBKDF2Benchmark', \
361362
'ibm.jceplus.jmh.RandomBenchmark', \
362363
'ibm.jceplus.jmh.RSAKeyGeneratorBenchmark', \

README.md

Lines changed: 206 additions & 164 deletions
Large diffs are not rendered by default.

src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlus.java

Lines changed: 180 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,16 @@ public final class OpenJCEPlus extends OpenJCEPlusProvider {
3030

3131
private static final String info = "OpenJCEPlus Provider implements the following:\n"
3232
+ "Algorithm parameter : AES, ChaCha20, ChaCha20-Poly1305, DESede, DiffieHellman, DSA, EC, XEC, GCM, CCM, OAEP, RSAPSS\n"
33+
+ " PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
34+
+ " PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
35+
+ " PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
36+
+ " PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
3337
+ "Algorithm parameter generator : DiffieHellman, DSA, EC, XEC, GCM, CCM\n"
3438
+ "Cipher algorithms : AES, ChaCha20, ChaCha20-Poly1305, DESede, RSA\n"
39+
+ " PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
40+
+ " PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
41+
+ " PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
42+
+ " PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
3543
+ "Key agreement algorithms : DiffieHellman, ECDH, XDH\n"
3644
+ "Key Encapsulation Mechanisms : ML-KEM-512, ML-KEM-768, ML-KEM-1024\n"
3745
+ "Key factory : DiffieHellman, DSA, EC, XEC, RSA, RSAPSS, ML-KEM-512, ML-KEM-768, ML-KEM-1024\n"
@@ -48,6 +56,10 @@ public final class OpenJCEPlus extends OpenJCEPlusProvider {
4856
+ "Message digest : MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512\n"
4957
+ "Secret key factory : AES, ChaCha20, DESede, PBKDF2WithHmacSHA1, PBKDF2WithHmacSHA224, PBKDF2WithHmacSHA256, PBKDF2WithHmacSHA384, PBKDF2WithHmacSHA512\n"
5058
+ " PBKDF2WithHmacSHA512/224, PBKDF2WithHmacSHA512/256\n"
59+
+ " PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
60+
+ " PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
61+
+ " PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
62+
+ " PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
5163
+ "Secure random : HASHDRBG, SHA256DRBG, SHA512DRBG\n"
5264
+ "Signature algorithms : NONEwithDSA, SHA1withDSA, SHA224withDSA, SHA256withDSA,\n"
5365
+ " SHA3-224withDSA, SHA3-256withDSA, SHA3-384withDSA, SHA3-512withDSA,\n"
@@ -143,7 +155,63 @@ private void registerAlgorithms(Provider jce) {
143155
aliases = null;
144156
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "OAEP",
145157
"com.ibm.crypto.plus.provider.OAEPParameters", aliases));
158+
159+
aliases = null;
160+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA1AndAES_128",
161+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA1AndAES_128", aliases));
162+
163+
aliases = null;
164+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA1AndAES_256",
165+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA1AndAES_256", aliases));
166+
167+
aliases = null;
168+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA224AndAES_128",
169+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA224AndAES_128", aliases));
170+
171+
aliases = null;
172+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA224AndAES_256",
173+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA224AndAES_256", aliases));
174+
175+
aliases = null;
176+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA256AndAES_128",
177+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA256AndAES_128", aliases));
178+
179+
aliases = null;
180+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA256AndAES_256",
181+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA256AndAES_256", aliases));
182+
183+
aliases = null;
184+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA384AndAES_128",
185+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA384AndAES_128", aliases));
186+
187+
aliases = null;
188+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA384AndAES_256",
189+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA384AndAES_256", aliases));
190+
191+
aliases = null;
192+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512AndAES_128",
193+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512AndAES_128", aliases));
194+
195+
aliases = null;
196+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512AndAES_256",
197+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512AndAES_256", aliases));
198+
199+
aliases = null;
200+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/224AndAES_128",
201+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_224AndAES_128", aliases));
202+
203+
aliases = null;
204+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/224AndAES_256",
205+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_224AndAES_256", aliases));
146206

207+
aliases = null;
208+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/256AndAES_128",
209+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_256AndAES_128", aliases));
210+
211+
aliases = null;
212+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/256AndAES_256",
213+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_256AndAES_256", aliases));
214+
147215
/*aliases = null;
148216
putService(new OpenJCEPlusService(jce,
149217
"AlgorithmParameters",
@@ -258,6 +326,62 @@ private void registerAlgorithms(Provider jce) {
258326
putService(new OpenJCEPlusService(jce, "Cipher", "ChaCha20-Poly1305",
259327
"com.ibm.crypto.plus.provider.ChaCha20Poly1305Cipher", aliases));
260328

329+
aliases = null;
330+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA1AndAES_128",
331+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA1AndAES_128", aliases));
332+
333+
aliases = null;
334+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA1AndAES_256",
335+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA1AndAES_256", aliases));
336+
337+
aliases = null;
338+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA224AndAES_128",
339+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA224AndAES_128", aliases));
340+
341+
aliases = null;
342+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA224AndAES_256",
343+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA224AndAES_256", aliases));
344+
345+
aliases = null;
346+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA256AndAES_128",
347+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA256AndAES_128", aliases));
348+
349+
aliases = null;
350+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA256AndAES_256",
351+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA256AndAES_256", aliases));
352+
353+
aliases = null;
354+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA384AndAES_128",
355+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA384AndAES_128", aliases));
356+
357+
aliases = null;
358+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA384AndAES_256",
359+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA384AndAES_256", aliases));
360+
361+
aliases = null;
362+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512AndAES_128",
363+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512AndAES_128", aliases));
364+
365+
aliases = null;
366+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512AndAES_256",
367+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512AndAES_256", aliases));
368+
369+
aliases = null;
370+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/224AndAES_128",
371+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_224AndAES_128", aliases));
372+
373+
aliases = null;
374+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/224AndAES_256",
375+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_224AndAES_256", aliases));
376+
377+
aliases = null;
378+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/256AndAES_128",
379+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_256AndAES_128", aliases));
380+
381+
aliases = null;
382+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/256AndAES_256",
383+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_256AndAES_256", aliases));
384+
261385
/* =======================================================================
262386
* Key agreement
263387
* =======================================================================
@@ -786,6 +910,62 @@ private void registerAlgorithms(Provider jce) {
786910
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "ChaCha20",
787911
"com.ibm.crypto.plus.provider.ChaCha20KeyFactory", aliases));
788912

913+
aliases = null;
914+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA1AndAES_128",
915+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_128", aliases));
916+
917+
aliases = null;
918+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA1AndAES_256",
919+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_256", aliases));
920+
921+
aliases = null;
922+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA224AndAES_128",
923+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_128", aliases));
924+
925+
aliases = null;
926+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA224AndAES_256",
927+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_256", aliases));
928+
929+
aliases = null;
930+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA256AndAES_128",
931+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_128", aliases));
932+
933+
aliases = null;
934+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA256AndAES_256",
935+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_256", aliases));
936+
937+
aliases = null;
938+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA384AndAES_128",
939+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_128", aliases));
940+
941+
aliases = null;
942+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA384AndAES_256",
943+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_256", aliases));
944+
945+
aliases = null;
946+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512AndAES_128",
947+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_128", aliases));
948+
949+
aliases = null;
950+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512AndAES_256",
951+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_256", aliases));
952+
953+
aliases = null;
954+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/224AndAES_128",
955+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_224AndAES_128", aliases));
956+
957+
aliases = null;
958+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/224AndAES_256",
959+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_224AndAES_256", aliases));
960+
961+
aliases = null;
962+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/256AndAES_128",
963+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_256AndAES_128", aliases));
964+
965+
aliases = null;
966+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/256AndAES_256",
967+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_256AndAES_256", aliases));
968+
789969
/* =======================================================================
790970
* SecureRandom
791971
* =======================================================================

0 commit comments

Comments
 (0)