Skip to content

Commit f726aaa

Browse files
dev-koandev-koan
committed
Support for PBES2, PBEKeyfactory, PBEKey and PBEParameters
This update adds support for PBES2, PBEKeyFactory, PBEKey, and PBEParameters for PBE algorithms with Hmac and AES for OpenJCEPlus provider. Signed-off-by: Dev Agarwal <[email protected]>
1 parent 8530e03 commit f726aaa

20 files changed

+2554
-165
lines changed

JenkinsfilePerformance

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -357,6 +357,7 @@ pipeline {
357357
'ibm.jceplus.jmh.MessageDigestInstanceBenchmark', \
358358
'ibm.jceplus.jmh.MLDSABenchmark', \
359359
'ibm.jceplus.jmh.MLKEMBenchmark', \
360+
'ibm.jceplus.jmh.PBEBenchmark', \
360361
'ibm.jceplus.jmh.PBKDF2Benchmark', \
361362
'ibm.jceplus.jmh.RandomBenchmark', \
362363
'ibm.jceplus.jmh.RSAKeyGeneratorBenchmark', \

README.md

Lines changed: 206 additions & 164 deletions
Large diffs are not rendered by default.

src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlus.java

Lines changed: 180 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,8 +32,16 @@ public final class OpenJCEPlus extends OpenJCEPlusProvider {
3232

3333
private static final String info = "OpenJCEPlus Provider implements the following:\n"
3434
+ "Algorithm parameter : AES, ChaCha20, ChaCha20-Poly1305, DESede, DiffieHellman, DSA, EC, XEC, GCM, CCM, OAEP, RSAPSS\n"
35+
+ " PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
36+
+ " PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
37+
+ " PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
38+
+ " PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
3539
+ "Algorithm parameter generator : DiffieHellman, DSA, EC, XEC, GCM, CCM\n"
3640
+ "Cipher algorithms : AES, ChaCha20, ChaCha20-Poly1305, DESede, RSA\n"
41+
+ " PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
42+
+ " PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
43+
+ " PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
44+
+ " PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
3745
+ "Key agreement algorithms : DiffieHellman, ECDH, XDH\n"
3846
+ "Key Encapsulation Mechanisms : ML-KEM-512, ML-KEM-768, ML-KEM-1024\n"
3947
+ "Key factory : DiffieHellman, DSA, EC, XEC, RSA, RSAPSS, ML-KEM-512, ML-KEM-768, ML-KEM-1024\n"
@@ -50,6 +58,10 @@ public final class OpenJCEPlus extends OpenJCEPlusProvider {
5058
+ "Message digest : MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512\n"
5159
+ "Secret key factory : AES, ChaCha20, DESede, PBKDF2WithHmacSHA1, PBKDF2WithHmacSHA224, PBKDF2WithHmacSHA256, PBKDF2WithHmacSHA384, PBKDF2WithHmacSHA512\n"
5260
+ " PBKDF2WithHmacSHA512/224, PBKDF2WithHmacSHA512/256\n"
61+
+ " PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
62+
+ " PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
63+
+ " PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
64+
+ " PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
5365
+ "Secure random : HASHDRBG, SHA256DRBG, SHA512DRBG\n"
5466
+ "Signature algorithms : NONEwithDSA, SHA1withDSA, SHA224withDSA, SHA256withDSA,\n"
5567
+ " SHA3-224withDSA, SHA3-256withDSA, SHA3-384withDSA, SHA3-512withDSA,\n"
@@ -154,7 +166,63 @@ private void registerAlgorithms(Provider jce) {
154166
aliases = null;
155167
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "OAEP",
156168
"com.ibm.crypto.plus.provider.OAEPParameters", aliases));
169+
170+
aliases = null;
171+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA1AndAES_128",
172+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA1AndAES_128", aliases));
173+
174+
aliases = null;
175+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA1AndAES_256",
176+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA1AndAES_256", aliases));
177+
178+
aliases = null;
179+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA224AndAES_128",
180+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA224AndAES_128", aliases));
181+
182+
aliases = null;
183+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA224AndAES_256",
184+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA224AndAES_256", aliases));
185+
186+
aliases = null;
187+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA256AndAES_128",
188+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA256AndAES_128", aliases));
189+
190+
aliases = null;
191+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA256AndAES_256",
192+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA256AndAES_256", aliases));
193+
194+
aliases = null;
195+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA384AndAES_128",
196+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA384AndAES_128", aliases));
197+
198+
aliases = null;
199+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA384AndAES_256",
200+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA384AndAES_256", aliases));
201+
202+
aliases = null;
203+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512AndAES_128",
204+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512AndAES_128", aliases));
205+
206+
aliases = null;
207+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512AndAES_256",
208+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512AndAES_256", aliases));
209+
210+
aliases = null;
211+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/224AndAES_128",
212+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_224AndAES_128", aliases));
213+
214+
aliases = null;
215+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/224AndAES_256",
216+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_224AndAES_256", aliases));
157217

218+
aliases = null;
219+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/256AndAES_128",
220+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_256AndAES_128", aliases));
221+
222+
aliases = null;
223+
putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithHmacSHA512/256AndAES_256",
224+
"com.ibm.crypto.plus.provider.PBES2Parameters$HmacSHA512_256AndAES_256", aliases));
225+
158226
/*aliases = null;
159227
putService(new OpenJCEPlusService(jce,
160228
"AlgorithmParameters",
@@ -269,6 +337,62 @@ private void registerAlgorithms(Provider jce) {
269337
putService(new OpenJCEPlusService(jce, "Cipher", "ChaCha20-Poly1305",
270338
"com.ibm.crypto.plus.provider.ChaCha20Poly1305Cipher", aliases));
271339

340+
aliases = null;
341+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA1AndAES_128",
342+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA1AndAES_128", aliases));
343+
344+
aliases = null;
345+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA1AndAES_256",
346+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA1AndAES_256", aliases));
347+
348+
aliases = null;
349+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA224AndAES_128",
350+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA224AndAES_128", aliases));
351+
352+
aliases = null;
353+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA224AndAES_256",
354+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA224AndAES_256", aliases));
355+
356+
aliases = null;
357+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA256AndAES_128",
358+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA256AndAES_128", aliases));
359+
360+
aliases = null;
361+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA256AndAES_256",
362+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA256AndAES_256", aliases));
363+
364+
aliases = null;
365+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA384AndAES_128",
366+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA384AndAES_128", aliases));
367+
368+
aliases = null;
369+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA384AndAES_256",
370+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA384AndAES_256", aliases));
371+
372+
aliases = null;
373+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512AndAES_128",
374+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512AndAES_128", aliases));
375+
376+
aliases = null;
377+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512AndAES_256",
378+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512AndAES_256", aliases));
379+
380+
aliases = null;
381+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/224AndAES_128",
382+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_224AndAES_128", aliases));
383+
384+
aliases = null;
385+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/224AndAES_256",
386+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_224AndAES_256", aliases));
387+
388+
aliases = null;
389+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/256AndAES_128",
390+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_256AndAES_128", aliases));
391+
392+
aliases = null;
393+
putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/256AndAES_256",
394+
"com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_256AndAES_256", aliases));
395+
272396
/* =======================================================================
273397
* Key agreement
274398
* =======================================================================
@@ -785,6 +909,62 @@ private void registerAlgorithms(Provider jce) {
785909
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "ChaCha20",
786910
"com.ibm.crypto.plus.provider.ChaCha20KeyFactory", aliases));
787911

912+
aliases = null;
913+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA1AndAES_128",
914+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_128", aliases));
915+
916+
aliases = null;
917+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA1AndAES_256",
918+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_256", aliases));
919+
920+
aliases = null;
921+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA224AndAES_128",
922+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_128", aliases));
923+
924+
aliases = null;
925+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA224AndAES_256",
926+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_256", aliases));
927+
928+
aliases = null;
929+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA256AndAES_128",
930+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_128", aliases));
931+
932+
aliases = null;
933+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA256AndAES_256",
934+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_256", aliases));
935+
936+
aliases = null;
937+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA384AndAES_128",
938+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_128", aliases));
939+
940+
aliases = null;
941+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA384AndAES_256",
942+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_256", aliases));
943+
944+
aliases = null;
945+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512AndAES_128",
946+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_128", aliases));
947+
948+
aliases = null;
949+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512AndAES_256",
950+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_256", aliases));
951+
952+
aliases = null;
953+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/224AndAES_128",
954+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_224AndAES_128", aliases));
955+
956+
aliases = null;
957+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/224AndAES_256",
958+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_224AndAES_256", aliases));
959+
960+
aliases = null;
961+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/256AndAES_128",
962+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_256AndAES_128", aliases));
963+
964+
aliases = null;
965+
putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/256AndAES_256",
966+
"com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_256AndAES_256", aliases));
967+
788968
/* =======================================================================
789969
* SecureRandom
790970
* =======================================================================

0 commit comments

Comments
 (0)