private static BufferedBlockCipher func_75892_a(boolean p_75892_0_, Key p_75892_1_) {
BufferedBlockCipher bufferedblockcipher =
new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8));
bufferedblockcipher.init(
p_75892_0_,
new ParametersWithIV(
new KeyParameter(p_75892_1_.getEncoded()), p_75892_1_.getEncoded(), 0, 16));
return bufferedblockcipher;
}
public boolean shareAESkey() {
try {
Envelope message = null, e = null;
// Generate AES key
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
AESkey = keyGen.generateKey();
keyGen = KeyGenerator.getInstance("HmacSHA1");
HMACkey = keyGen.generateKey();
byte[] keyBytes = AESkey.getEncoded();
byte[] hashBytes = HMACkey.getEncoded();
System.out.println("AES key generated");
System.out.println("HMAC key generated");
System.out.println("Begin Encryption...");
// Encrypt message w/ provided public key
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] cipherBytes = cipher.doFinal(keyBytes);
byte[] cipherBytes1 = cipher.doFinal(hashBytes);
System.out.println("Encryption Complete");
message = new Envelope("SKEY");
message.addObject(cipherBytes); // Add AESkey to message
message.addObject(cipherBytes1);
message.addObject(nonce);
nonce++;
byte[] messageBytes = Envelope.toByteArray(message);
output.writeObject(messageBytes);
byte[] inCipherBytes = (byte[]) input.readObject();
// Decrypt response
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, AESkey);
byte[] responseBytes = cipher.doFinal(inCipherBytes);
Envelope response = Envelope.getEnvelopefromBytes(responseBytes);
// If server indicates success, return the member list
if (response.getMessage().equals("OK")
&& (Integer) response.getObjContents().get(0) == nonce) {
return true;
} else {
return false;
}
} catch (Exception e) {
System.err.println("Error: " + e.getMessage());
e.printStackTrace(System.err);
return false;
}
}
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
throws InvalidKeySpecException {
try {
// convert key to one of our keys
// this also verifies that the key is a valid RSA key and ensures
// that the encoding is X.509/PKCS#8 for public/private keys
key = engineTranslateKey(key);
} catch (InvalidKeyException e) {
throw new InvalidKeySpecException(e);
}
if (key instanceof RSAPublicKey) {
RSAPublicKey rsaKey = (RSAPublicKey) key;
if (rsaPublicKeySpecClass.isAssignableFrom(keySpec)) {
return keySpec.cast(new RSAPublicKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent()));
} else if (x509KeySpecClass.isAssignableFrom(keySpec)) {
return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
} else {
throw new InvalidKeySpecException(
"KeySpec must be RSAPublicKeySpec or " + "X509EncodedKeySpec for RSA public keys");
}
} else if (key instanceof RSAPrivateKey) {
if (pkcs8KeySpecClass.isAssignableFrom(keySpec)) {
return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
} else if (rsaPrivateCrtKeySpecClass.isAssignableFrom(keySpec)) {
if (key instanceof RSAPrivateCrtKey) {
RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey) key;
return keySpec.cast(
new RSAPrivateCrtKeySpec(
crtKey.getModulus(),
crtKey.getPublicExponent(),
crtKey.getPrivateExponent(),
crtKey.getPrimeP(),
crtKey.getPrimeQ(),
crtKey.getPrimeExponentP(),
crtKey.getPrimeExponentQ(),
crtKey.getCrtCoefficient()));
} else {
throw new InvalidKeySpecException("RSAPrivateCrtKeySpec can only be used with CRT keys");
}
} else if (rsaPrivateKeySpecClass.isAssignableFrom(keySpec)) {
RSAPrivateKey rsaKey = (RSAPrivateKey) key;
return keySpec.cast(
new RSAPrivateKeySpec(rsaKey.getModulus(), rsaKey.getPrivateExponent()));
} else {
throw new InvalidKeySpecException(
"KeySpec must be RSAPrivate(Crt)KeySpec or "
+ "PKCS8EncodedKeySpec for RSA private keys");
}
} else {
// should not occur, caught in engineTranslateKey()
throw new InvalidKeySpecException("Neither public nor private key");
}
}
/**
* Returns the key size of the given key object.
*
* @param key the key object.
* @return the key size of the given key object.
* @exception InvalidKeyException if <code>key</code> is invalid.
*/
protected int engineGetKeySize(Key key) throws InvalidKeyException {
byte[] encoded = key.getEncoded();
if (encoded.length != 8) {
throw new InvalidKeyException("Invalid key length: " + encoded.length + " bytes");
}
return 56;
}
/**
* Initializes the Mac with the given secret key and algorithm parameters.
*
* @param key the secret key.
* @param params the algorithm parameters.
* @exception InvalidKeyException if the given key is inappropriate for initializing this MAC.
* @exception InvalidAlgorithmParameterException if the given algorithm parameters are
* inappropriate for this MAC.
*/
void init(Key key, AlgorithmParameterSpec params)
throws InvalidKeyException, InvalidAlgorithmParameterException {
if (params != null) {
throw new InvalidAlgorithmParameterException("SslMac does not use parameters");
}
if (!(key instanceof SecretKey)) {
throw new InvalidKeyException("Secret key expected");
}
secret = key.getEncoded();
if (secret == null || secret.length == 0) {
throw new InvalidKeyException("Missing key data");
}
reset();
}
/**
* Assigns the given key to the given alias, protecting it with the given password.
*
* <p>If the given key is of type <code>java.security.PrivateKey</code>, it must be accompanied by
* a certificate chain certifying the corresponding public key.
*
* <p>If the given alias already exists, the keystore information associated with it is overridden
* by the given key (and possibly certificate chain).
*
* @param alias the alias name
* @param key the key to be associated with the alias
* @param password the password to protect the key
* @param chain the certificate chain for the corresponding public key (only required if the given
* key is of type <code>java.security.PrivateKey</code>).
* @exception KeyStoreException if the given key cannot be protected, or this operation fails for
* some other reason
*/
public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain)
throws KeyStoreException {
permissionCheck();
synchronized (entries) {
try {
KeyEntry entry = new KeyEntry();
entry.date = new Date();
if (key instanceof PrivateKey) {
if ((key.getFormat().equals("PKCS#8")) || (key.getFormat().equals("PKCS8"))) {
entry.protectedPrivKey = encryptPrivateKey(key.getEncoded(), password);
entry.password = password.clone();
} else {
throw new KeyStoreException("Private key is not encoded as PKCS#8");
}
} else {
throw new KeyStoreException("Key is not a PrivateKey");
}
// clone the chain
if (chain != null) {
if ((chain.length > 1) && !validateChain(chain)) {
throw new KeyStoreException("Certificate chain does not validate");
}
entry.chain = chain.clone();
entry.chainRefs = new long[entry.chain.length];
}
String lowerAlias = alias.toLowerCase();
if (entries.get(lowerAlias) != null) {
deletedEntries.put(lowerAlias, entries.get(lowerAlias));
}
entries.put(lowerAlias, entry);
addedEntries.put(lowerAlias, entry);
} catch (Exception nsae) {
KeyStoreException ke = new KeyStoreException("Key protection algorithm not found: " + nsae);
ke.initCause(nsae);
throw ke;
}
}
}
// see JCE spec
protected byte[] engineWrap(Key key) throws InvalidKeyException, IllegalBlockSizeException {
String keyAlg = key.getAlgorithm();
P11Key sKey = null;
try {
// The conversion may fail, e.g. trying to wrap an AES key on
// a token that does not support AES, or when the key size is
// not within the range supported by the token.
sKey = P11SecretKeyFactory.convertKey(token, key, keyAlg);
} catch (InvalidKeyException ike) {
byte[] toBeWrappedKey = key.getEncoded();
if (toBeWrappedKey == null) {
throw new InvalidKeyException("wrap() failed, no encoding available", ike);
}
// Directly encrypt the key encoding when key conversion failed
implInit(Cipher.ENCRYPT_MODE, p11Key);
implUpdate(toBeWrappedKey, 0, toBeWrappedKey.length);
try {
return doFinal();
} catch (BadPaddingException bpe) {
// should not occur
throw new InvalidKeyException("wrap() failed", bpe);
} finally {
// Restore original mode
implInit(Cipher.WRAP_MODE, p11Key);
}
}
Session s = null;
try {
s = token.getOpSession();
return token.p11.C_WrapKey(s.id(), new CK_MECHANISM(mechanism), p11Key.keyID, sKey.keyID);
} catch (PKCS11Exception e) {
throw new InvalidKeyException("wrap() failed", e);
} finally {
token.releaseSession(s);
}
}
void implInit(
int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random, CipherSpi cipherImpl)
throws InvalidKeyException, InvalidAlgorithmParameterException {
char[] passwdChars = null;
salt = null;
iCount = 0;
if (key instanceof javax.crypto.interfaces.PBEKey) {
javax.crypto.interfaces.PBEKey pbeKey = (javax.crypto.interfaces.PBEKey) key;
passwdChars = pbeKey.getPassword();
salt = pbeKey.getSalt(); // maybe null if unspecified
iCount = pbeKey.getIterationCount(); // maybe 0 if unspecified
} else if (key instanceof SecretKey) {
byte[] passwdBytes = key.getEncoded();
if ((passwdBytes == null) || !(key.getAlgorithm().regionMatches(true, 0, "PBE", 0, 3))) {
throw new InvalidKeyException("Missing password");
}
passwdChars = new char[passwdBytes.length];
for (int i = 0; i < passwdChars.length; i++) {
passwdChars[i] = (char) (passwdBytes[i] & 0x7f);
}
} else {
throw new InvalidKeyException("SecretKey of PBE type required");
}
if (((opmode == Cipher.DECRYPT_MODE) || (opmode == Cipher.UNWRAP_MODE))
&& ((params == null) && ((salt == null) || (iCount == 0)))) {
throw new InvalidAlgorithmParameterException("Parameters missing");
}
if (params == null) {
// generate default for salt and iteration count if necessary
if (salt == null) {
salt = new byte[DEFAULT_SALT_LENGTH];
if (random != null) {
random.nextBytes(salt);
} else {
SunJCE.getRandom().nextBytes(salt);
}
}
if (iCount == 0) iCount = DEFAULT_COUNT;
} else if (!(params instanceof PBEParameterSpec)) {
throw new InvalidAlgorithmParameterException("PBEParameterSpec type required");
} else {
PBEParameterSpec pbeParams = (PBEParameterSpec) params;
// make sure the parameter values are consistent
if (salt != null) {
if (!Arrays.equals(salt, pbeParams.getSalt())) {
throw new InvalidAlgorithmParameterException(
"Inconsistent value of salt between key and params");
}
} else {
salt = pbeParams.getSalt();
}
if (iCount != 0) {
if (iCount != pbeParams.getIterationCount()) {
throw new InvalidAlgorithmParameterException(
"Different iteration count between key and params");
}
} else {
iCount = pbeParams.getIterationCount();
}
}
// salt is recommended to be ideally as long as the output
// of the hash function. However, it may be too strict to
// force this; so instead, we'll just require the minimum
// salt length to be 8-byte which is what PKCS#5 recommends
// and openssl does.
if (salt.length < 8) {
throw new InvalidAlgorithmParameterException("Salt must be at least 8 bytes long");
}
if (iCount <= 0) {
throw new InvalidAlgorithmParameterException("IterationCount must be a positive number");
}
byte[] derivedKey = derive(passwdChars, salt, iCount, keySize, CIPHER_KEY);
SecretKey cipherKey = new SecretKeySpec(derivedKey, algo);
if (cipherImpl != null && cipherImpl instanceof ARCFOURCipher) {
((ARCFOURCipher) cipherImpl).engineInit(opmode, cipherKey, random);
} else {
byte[] derivedIv = derive(passwdChars, salt, iCount, 8, CIPHER_IV);
IvParameterSpec ivSpec = new IvParameterSpec(derivedIv, 0, 8);
// initialize the underlying cipher
cipher.init(opmode, cipherKey, ivSpec, random);
}
}
@Override
public void run() {
ChukasaModel chukasaModel = chukasaModelManagementComponent.get(adaptiveBitrateStreaming);
String streamPath = chukasaModel.getStreamPath();
String tempEncPath = chukasaModel.getTempEncPath();
int tsPacketLength = chukasaModel.getHlsConfiguration().getMpeg2TsPacketLength();
int seqTsEnc = 0; // getSeqTsEnc();
seqTsEnc = chukasaModel.getSeqTsEnc();
if (chukasaModel.getChukasaSettings().getStreamingType() == StreamingType.OKKAKE) {
seqTsEnc = chukasaModel.getSeqTsOkkake() - 1;
}
if (chukasaModel.isFlagLastTs()) {
seqTsEnc = chukasaModel.getSeqTsLast();
}
Key sKey;
Cipher c;
FileOutputStream keyOut;
FileWriter ivOut;
FileInputStream fis;
BufferedInputStream bis;
FileOutputStream fos;
CipherOutputStream cos;
try {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
sKey = makeKey(128); // Key length is 128bit
c = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, sKey);
// Set Key File Name at random
String keyPre = RandomStringUtils.randomAlphabetic(10);
keyOut = new FileOutputStream(streamPath + FILE_SEPARATOR + keyPre + seqTsEnc + ".key");
chukasaModel.getKeyArrayList().add(keyPre);
chukasaModel = chukasaModelManagementComponent.update(adaptiveBitrateStreaming, chukasaModel);
byte[] keyOutByte = sKey.getEncoded();
keyOut.write(keyOutByte);
keyOut.close();
byte[] iv = c.getIV();
String ivHex = "";
for (int i = 0; i < iv.length; i++) {
String ivHexTmp = String.format("%02x", iv[i]).toUpperCase();
ivHex = ivHex + ivHexTmp;
}
String ivPre = RandomStringUtils.randomAlphabetic(10);
ivOut = new FileWriter(streamPath + FILE_SEPARATOR + ivPre + seqTsEnc + ".iv");
ivOut.write(ivHex);
ivOut.close();
chukasaModel.getIvArrayList().add(ivHex);
chukasaModel = chukasaModelManagementComponent.update(adaptiveBitrateStreaming, chukasaModel);
fis =
new FileInputStream(
tempEncPath
+ FILE_SEPARATOR
+ chukasaModel.getChukasaConfiguration().getStreamFileNamePrefix()
+ seqTsEnc
+ chukasaModel.getHlsConfiguration().getStreamExtension());
bis = new BufferedInputStream(fis);
fos =
new FileOutputStream(
streamPath
+ FILE_SEPARATOR
+ chukasaModel.getChukasaConfiguration().getStreamFileNamePrefix()
+ seqTsEnc
+ chukasaModel.getHlsConfiguration().getStreamExtension());
cos = new CipherOutputStream(fos, c);
if (chukasaModel.getChukasaSettings().getStreamingType() == StreamingType.OKKAKE) {
// TODO:
fis =
new FileInputStream(
tempEncPath
+ FILE_SEPARATOR
+ "fileSequenceEncoded"
+ seqTsEnc
+ chukasaModel.getHlsConfiguration().getStreamExtension());
bis = new BufferedInputStream(fis);
fos =
new FileOutputStream(
streamPath
+ FILE_SEPARATOR
+ chukasaModel.getChukasaConfiguration().getStreamFileNamePrefix()
+ seqTsEnc
+ chukasaModel.getHlsConfiguration().getStreamExtension());
cos = new CipherOutputStream(fos, c);
}
byte[] buf = new byte[tsPacketLength];
int ch;
while ((ch = bis.read(buf)) != -1) {
cos.write(buf, 0, ch);
}
cos.close();
fos.close();
bis.close();
fis.close();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
e.printStackTrace();
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
