Welcome to novaBBS (click a section below)
|mail  files  register  newsreader  login|
|PPK Version3 file generation using Java (With Argon2 Hashing) failing||Arivazhagan Jeganathan|
|Re: PPK Version3 file generation using Java (With Argon2 Hashing)||Arivazhagan Jeganathan|
We are trying to generate PPK Version3 using Java code.
Followed this documentation for generating the same:
Able to generate PPK file successfully with and without encryption. Facing issues while we try to convert PPK to PEM file via puttygen.
1. Built the PPK file version 3 format as specified by the document
2. public-lines are written as Base64 encoded
3. Private-lines - Argon2 KDF generated 80 bytes of data (CipherKey + IV + MAC Key)
4. Private-MAC key is generated as per the document specification
i) algorithm name, encryption, comment, public-lines (base64), private-lines with padding (unencrypted + base64)
But when the generated PPK is converted to PEM with passphrase, getting "wrong passphrase" error in PuttyGen tool.
Could you please help if any specific step is missing during PPK file generation via Java?
Sharing Argon2 logic:
byte out = new byte;
Argon2BytesGenerator encoder = new Argon2BytesGenerator();
Argon2Parameters parameters = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withParallelism(parallelism).withIterations(iterations)
encoder.generateBytes(password, out, 0, 80);
encryption/decryption logic: (bouncy castle)
SecretKey keyValue = new SecretKeySpec(Arrays.copyOfRange(keyIVMac, 0, 32), "AES");
AlgorithmParameterSpec ivSpec = new IvParameterSpec(Arrays.copyOfRange(keyIVMac, 32, 48));
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding", BouncyCastleProvider.PROVIDER_NAME);
cipher.init(Cipher.ENCRYPT_MODE, keyValue, ivSpec);
data = cipher.doFinal(keyWriter.array(), 0, encrypted_len);
Please share any suggestions on this.
Issue was due to wrong Salt value passed in Argon2 KDF.
Argon2 requires Salt as byte and while writing in PPK it should be hexadecimal string.
I was trying to pass in hexadecimal string salt to Argon function and it did not work well.