Support for PBES1 using native acceleration

README.md

@@ -293,6 +293,12 @@ AlgorithmParameters         | EC                              |X
 AlgorithmParameters         | GCM                             |X                |X             |              |
 AlgorithmParameters         | OAEP                            |X                |X             |              |
 AlgorithmParameters         | RSAPSS                          |X                |X             |              |
+AlgorithmParameters         | PBEWithMD5AndDES                |                 |X             |              |
+AlgorithmParameters         | PBEWithSHA1AndDESede            |                 |X             |              |
+AlgorithmParameters         | PBEWithSHA1AndRC2_40            |                 |X             |              |
+AlgorithmParameters         | PBEWithSHA1AndRC2_128           |                 |X             |              |
+AlgorithmParameters         | PBEWithSHA1AndRC4_40            |                 |X             |              |
+AlgorithmParameters         | PBEWithSHA1AndRC4_128           |                 |X             |              |
 AlgorithmParameters         | PBEWithHmacSHA1AndAES_128       |                 |X             |              |
 AlgorithmParameters         | PBEWithHmacSHA1AndAES_256       |                 |X             |              |
 AlgorithmParameters         | PBEWithHmacSHA224AndAES_128     |                 |X             |              |
@@ -314,6 +320,12 @@ Cipher                      | ChaCha20                        |
 Cipher                      | ChaCha20-Poly1305               |                 |X             |              |
 Cipher                      | DESede                          |                 |X             |              |
 Cipher                      | RSA                             |X                |X             |              |
+Cipher                      | PBEWithMD5AndDES                |                 |X             |              |
+Cipher                      | PBEWithSHA1AndDESede            |                 |X             |              |
+Cipher                      | PBEWithSHA1AndRC2_40            |                 |X             |              |
+Cipher                      | PBEWithSHA1AndRC2_128           |                 |X             |              |
+Cipher                      | PBEWithSHA1AndRC4_40            |                 |X             |              |
+Cipher                      | PBEWithSHA1AndRC4_128           |                 |X             |              |
 Cipher                      | PBEWithHmacSHA1AndAES_128       |                 |X             |              |
 Cipher                      | PBEWithHmacSHA1AndAES_256       |                 |X             |              |
 Cipher                      | PBEWithHmacSHA224AndAES_128     |                 |X             |              |
@@ -430,6 +442,12 @@ SecretKeyFactory            | PBKDF2WithHmacSHA384            |X
 SecretKeyFactory            | PBKDF2WithHmacSHA512            |X                |X             |              |
 SecretKeyFactory            | PBKDF2WithHmacSHA512/224        |                 |X             |              |
 SecretKeyFactory            | PBKDF2WithHmacSHA512/256        |                 |X             |              |
+SecretKeyFactory            | PBEWithMD5AndDES                |                 |X             |              |
+SecretKeyFactory            | PBEWithSHA1AndDESede            |                 |X             |              |
+SecretKeyFactory            | PBEWithSHA1AndRC2_40            |                 |X             |              |
+SecretKeyFactory            | PBEWithSHA1AndRC2_128           |                 |X             |              |
+SecretKeyFactory            | PBEWithSHA1AndRC4_40            |                 |X             |              |
+SecretKeyFactory            | PBEWithSHA1AndRC4_128           |                 |X             |              |
 SecretKeyFactory            | PBEWithHmacSHA1AndAES_128       |                 |X             |              |
 SecretKeyFactory            | PBEWithHmacSHA1AndAES_256       |                 |X             |              |
 SecretKeyFactory            | PBEWithHmacSHA224AndAES_128     |                 |X             |              |

src/main/java/com/ibm/crypto/plus/provider/AESCipher.java

@@ -87,6 +87,10 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[]
 
         try {
             if (use_z_fast_command) {
+                if ((output == null) || ((output.length - outputOffset) < getOutputSizeForZ(inputLen))) {
+                    throw new ShortBufferException(
+                            "Output buffer must be " + "(at least) " + getOutputSizeForZ(inputLen) + " bytes long");
+                }
                 int encryptedData = engineUpdate(input, inputOffset, inputLen, output,
                         outputOffset);
                 outputOffset += encryptedData;

src/main/java/com/ibm/crypto/plus/provider/OpenJCEPlus.java

@@ -25,13 +25,15 @@ public final class OpenJCEPlus extends OpenJCEPlusProvider {
             + "                                       PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
             + "                                       PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
             + "                                       PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
-            + "                                       PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"                                     
+            + "                                       PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
+            + "                                       PBEWithMD5AndDES, PBEWithSHA1AndDESede, PBEWithSHA1AndRC2_40, PBEWithSHA1AndRC2_128, PBEWithSHA1AndRC4_40, PBEWithSHA1AndRC4_128\n"                                    
             + "Algorithm parameter generator      :  DiffieHellman, DSA, EC, XEC, GCM, CCM\n"
             + "Cipher algorithms                  : AES, ChaCha20, ChaCha20-Poly1305, DESede, RSA\n"
             + "                                       PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
             + "                                       PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
             + "                                       PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
-            + "                                       PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"            
+            + "                                       PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"  
+            + "                                       PBEWithMD5AndDES, PBEWithSHA1AndDESede, PBEWithSHA1AndRC2_40, PBEWithSHA1AndRC2_128, PBEWithSHA1AndRC4_40, PBEWithSHA1AndRC4_128\n"        
             + "Key agreement algorithms           : DiffieHellman, ECDH, XDH\n"
             + "Key Encapsulation Mechanisms       : ML-KEM-512, ML-KEM-768, ML-KEM-1024\n"
             + "Key factory                        : DiffieHellman, DSA, EC, XEC,  RSA, RSAPSS, ML-KEM-512, ML-KEM-768, ML-KEM-1024\n"
@@ -51,7 +53,8 @@ public final class OpenJCEPlus extends OpenJCEPlusProvider {
             + "                                       PBEWithHmacSHA1AndAES_128, PBEWithHmacSHA1AndAES_256, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA224AndAES_256\n"
             + "                                       PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA384AndAES_256\n"
             + "                                       PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA512AndAES_256, PBEWithHmacSHA512/224AndAES_128, PBEWithHmacSHA512/224AndAES_256\n"
-            + "                                       PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"              
+            + "                                       PBEWithHmacSHA512/256AndAES_128, PBEWithHmacSHA512/256AndAES_256\n"
+            + "                                       PBEWithMD5AndDES, PBEWithSHA1AndDESede, PBEWithSHA1AndRC2_40, PBEWithSHA1AndRC2_128, PBEWithSHA1AndRC4_40, PBEWithSHA1AndRC4_128\n"               
             + "Secure random                      : HASHDRBG, SHA256DRBG, SHA512DRBG\n"
             + "Signature algorithms               : NONEwithDSA, SHA1withDSA, SHA224withDSA, SHA256withDSA,\n"
             + "                                       SHA3-224withDSA, SHA3-256withDSA, SHA3-384withDSA, SHA3-512withDSA,\n"
@@ -215,6 +218,30 @@ private void registerAlgorithms(Provider jce) {
         putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "ChaCha20-Poly1305",
                 "com.ibm.crypto.plus.provider.ChaCha20Poly1305Parameters", aliases));
 
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithMD5AndDES",
+                "com.ibm.crypto.plus.provider.PBEParameters$PBEWithMD5AndDES", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithSHA1AndDESede",
+                "com.ibm.crypto.plus.provider.PBEParameters$PBEWithSHA1AndDESede", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithSHA1AndRC2_40",
+                "com.ibm.crypto.plus.provider.PBEParameters$PBEWithSHA1AndRC2_40", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithSHA1AndRC2_128",
+                "com.ibm.crypto.plus.provider.PBEParameters$PBEWithSHA1AndRC2_128", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithSHA1AndRC4_40",
+                "com.ibm.crypto.plus.provider.PBEParameters$PBEWithSHA1AndRC4_40", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "AlgorithmParameters", "PBEWithSHA1AndRC4_128",
+                "com.ibm.crypto.plus.provider.PBEParameters$PBEWithSHA1AndRC4_128", aliases));
+
         /* =======================================================================
          * Algorithm parameter generation engines
          * =======================================================================
@@ -373,6 +400,30 @@ private void registerAlgorithms(Provider jce) {
         putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithHmacSHA512/256AndAES_256",
                 "com.ibm.crypto.plus.provider.PBES2Core$HmacSHA512_256AndAES_256", aliases));
 
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithMD5AndDES",
+                "com.ibm.crypto.plus.provider.PBES1Core$PBEWithMD5AndDES", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithSHA1AndDESede",
+                "com.ibm.crypto.plus.provider.PBES1Core$PBEWithSHA1AndDESede", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithSHA1AndRC2_40",
+                "com.ibm.crypto.plus.provider.PBES1Core$PBEWithSHA1AndRC2_40", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithSHA1AndRC2_128",
+                "com.ibm.crypto.plus.provider.PBES1Core$PBEWithSHA1AndRC2_128", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithSHA1AndRC4_40",
+                "com.ibm.crypto.plus.provider.PBES1Core$PBEWithSHA1AndRC4_40", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "Cipher", "PBEWithSHA1AndRC4_128",
+                "com.ibm.crypto.plus.provider.PBES1Core$PBEWithSHA1AndRC4_128", aliases));
+
         /* =======================================================================
          * Key agreement
          * =======================================================================
@@ -963,6 +1014,30 @@ private void registerAlgorithms(Provider jce) {
         aliases = null;
         putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithHmacSHA512/256AndAES_256",
                 "com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithHmacSHA512_256AndAES_256", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithMD5AndDES",
+                "com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithMD5AndDES", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithSHA1AndDESede",
+                "com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithSHA1AndDESede", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithSHA1AndRC2_40",
+                "com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithSHA1AndRC2_128",
+                "com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithSHA1AndRC2_128", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithSHA1AndRC4_40",
+                "com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithSHA1AndRC4_40", aliases));
+
+        aliases = null;
+        putService(new OpenJCEPlusService(jce, "SecretKeyFactory", "PBEWithSHA1AndRC4_128",
+                "com.ibm.crypto.plus.provider.PBEKeyFactory$PBEWithSHA1AndRC4_128", aliases));
 
         /* =======================================================================
          * SecureRandom

src/main/java/com/ibm/crypto/plus/provider/PBEKeyFactory.java

@@ -25,6 +25,42 @@ private PBEKeyFactory(String keytype, OpenJCEPlusProvider provider) {
         this.provider = provider;
     }
 
+    public static final class PBEWithMD5AndDES extends PBEKeyFactory {
+        public PBEWithMD5AndDES(OpenJCEPlusProvider provider) {
+            super("PBEWithMD5AndDES", provider);
+        }
+    }
+
+    public static final class PBEWithSHA1AndDESede extends PBEKeyFactory {
+        public PBEWithSHA1AndDESede(OpenJCEPlusProvider provider) {
+            super("PBEWithSHA1AndDESede", provider);
+        }
+    }
+
+    public static final class PBEWithSHA1AndRC2_40 extends PBEKeyFactory {
+        public PBEWithSHA1AndRC2_40(OpenJCEPlusProvider provider) {
+            super("PBEWithSHA1AndRC2_40", provider);
+        }
+    }
+
+    public static final class PBEWithSHA1AndRC2_128 extends PBEKeyFactory {
+        public PBEWithSHA1AndRC2_128(OpenJCEPlusProvider provider) {
+            super("PBEWithSHA1AndRC2_128", provider);
+        }
+    }
+
+    public static final class PBEWithSHA1AndRC4_40 extends PBEKeyFactory {
+        public PBEWithSHA1AndRC4_40(OpenJCEPlusProvider provider) {
+            super("PBEWithSHA1AndRC4_40", provider);
+        }
+    }
+
+    public static final class PBEWithSHA1AndRC4_128 extends PBEKeyFactory {
+        public PBEWithSHA1AndRC4_128(OpenJCEPlusProvider provider) {
+            super("PBEWithSHA1AndRC4_128", provider);
+        }
+    }
+
     public static final class PBEWithHmacSHA1AndAES_128 extends PBEKeyFactory {
         public PBEWithHmacSHA1AndAES_128(OpenJCEPlusProvider provider) {
             super("PBEWithHmacSHA1AndAES_128", provider);