public static BufferedBlockCipher getCipher(boolean forEncryption, Key shared) {
   BufferedBlockCipher cip = new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8));
   cip.init(
       forEncryption,
       new ParametersWithIV(new KeyParameter(shared.getEncoded()), shared.getEncoded(), 0, 16));
   return cip;
 }
 /**
  * Method decrypts the data with the RSA private key corresponding to this certificate (which was
  * used to encrypt it). Decryption will be done with keystore
  *
  * @param data data to be decrypted.
  * @param token index of authentication token
  * @param pin PIN code
  * @return decrypted data.
  * @throws DigiDocException for all decryption errors
  */
 public byte[] decrypt(byte[] data, int token, String pin) throws DigiDocException {
   try {
     if (m_keyStore == null)
       throw new DigiDocException(
           DigiDocException.ERR_NOT_INITED, "Keystore not initialized", null);
     String alias = getTokenName(token);
     if (alias == null)
       throw new DigiDocException(
           DigiDocException.ERR_TOKEN_LOGIN, "Invalid token nr: " + token, null);
     // get key
     if (m_logger.isDebugEnabled())
       m_logger.debug(
           "loading key: " + alias + " passwd-len: " + ((pin != null) ? pin.length() : 0));
     Key key = m_keyStore.getKey(alias, pin.toCharArray());
     if (m_logger.isDebugEnabled())
       m_logger.debug("Key: " + ((key != null) ? "OK, algorithm: " + key.getAlgorithm() : "NULL"));
     if (key == null)
       throw new DigiDocException(
           DigiDocException.ERR_TOKEN_LOGIN, "Invalid password for token: " + alias, null);
     Cipher cipher = Cipher.getInstance("RSA");
     cipher.init(Cipher.DECRYPT_MODE, key);
     byte[] decdata = cipher.doFinal(data);
     if (m_logger.isDebugEnabled())
       m_logger.debug("Decrypted len: " + ((decdata != null) ? decdata.length : 0));
     return decdata;
   } catch (Exception ex) {
     m_logger.error("Error decrypting: " + ex);
   }
   return null;
 }
Exemple #3
0
  @Override
  public final IFuzzyValue<Boolean> execute(
      final IContext p_context,
      final boolean p_parallel,
      final List<ITerm> p_argument,
      final List<ITerm> p_return,
      final List<ITerm> p_annotation) {
    final Key l_key = p_argument.get(0).raw();
    final EAlgorithm l_algorithm = EAlgorithm.from(l_key.getAlgorithm());

    p_argument
        .subList(1, p_argument.size())
        .stream()
        .map(i -> Base64.getDecoder().decode(i.<String>raw()))
        .map(
            i -> {
              try {
                return l_algorithm.getDecryptCipher(l_key).doFinal(i);
              } catch (final NoSuchPaddingException
                  | NoSuchAlgorithmException
                  | InvalidKeyException
                  | BadPaddingException
                  | IllegalBlockSizeException l_exception) {
                return null;
              }
            })
        .filter(Objects::nonNull)
        .map(i -> CRawTerm.from(SerializationUtils.deserialize(i)))
        .forEach(p_return::add);

    return CFuzzyValue.from(true);
  }
Exemple #4
0
  protected void engineInit(Key key, AlgorithmParameterSpec params)
      throws InvalidKeyException, InvalidAlgorithmParameterException {
    CipherParameters param;

    if (key == null) {
      throw new InvalidKeyException("key is null");
    }

    if (key instanceof JCEPBEKey) {
      JCEPBEKey k = (JCEPBEKey) key;

      if (k.getParam() != null) {
        param = k.getParam();
      } else if (params instanceof PBEParameterSpec) {
        param = PBE.Util.makePBEMacParameters(k, params);
      } else {
        throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
      }
    } else if (params instanceof IvParameterSpec) {
      param =
          new ParametersWithIV(
              new KeyParameter(key.getEncoded()), ((IvParameterSpec) params).getIV());
    } else if (params == null) {
      param = new KeyParameter(key.getEncoded());
    } else {
      throw new InvalidAlgorithmParameterException("unknown parameter type.");
    }

    macEngine.init(param);
  }
 /**
  * Decrypts an encrypted symmetric key using the provided encryption materials and returns it as a
  * SecretKey object.
  *
  * @deprecated no longer used and will be removed in the future
  */
 @Deprecated
 private static SecretKey getDecryptedSymmetricKey(
     byte[] encryptedSymmetricKeyBytes, EncryptionMaterials materials, Provider cryptoProvider) {
   Key keyToDoDecryption;
   if (materials.getKeyPair() != null) {
     // Do envelope decryption with private key from key pair
     keyToDoDecryption = materials.getKeyPair().getPrivate();
   } else {
     // Do envelope decryption with symmetric key
     keyToDoDecryption = materials.getSymmetricKey();
   }
   try {
     Cipher cipher;
     if (cryptoProvider != null) {
       cipher = Cipher.getInstance(keyToDoDecryption.getAlgorithm(), cryptoProvider);
     } else {
       cipher = Cipher.getInstance(keyToDoDecryption.getAlgorithm());
     }
     cipher.init(Cipher.DECRYPT_MODE, keyToDoDecryption);
     byte[] decryptedSymmetricKeyBytes = cipher.doFinal(encryptedSymmetricKeyBytes);
     return new SecretKeySpec(
         decryptedSymmetricKeyBytes, JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
   } catch (Exception e) {
     throw new AmazonClientException(
         "Unable to decrypt symmetric key from object metadata : " + e.getMessage(), e);
   }
 }
 /**
  * Encrypts a symmetric key using the provided encryption materials and returns it in raw byte
  * array form.
  *
  * @deprecated no longer used and will be removed in the future
  */
 @Deprecated
 public static byte[] getEncryptedSymmetricKey(
     SecretKey toBeEncrypted, EncryptionMaterials materials, Provider cryptoProvider) {
   Key keyToDoEncryption;
   if (materials.getKeyPair() != null) {
     // Do envelope encryption with public key from key pair
     keyToDoEncryption = materials.getKeyPair().getPublic();
   } else {
     // Do envelope encryption with symmetric key
     keyToDoEncryption = materials.getSymmetricKey();
   }
   try {
     Cipher cipher;
     byte[] toBeEncryptedBytes = toBeEncrypted.getEncoded();
     if (cryptoProvider != null) {
       cipher = Cipher.getInstance(keyToDoEncryption.getAlgorithm(), cryptoProvider);
     } else {
       cipher = Cipher.getInstance(keyToDoEncryption.getAlgorithm()); // Use default JCE Provider
     }
     cipher.init(Cipher.ENCRYPT_MODE, keyToDoEncryption);
     return cipher.doFinal(toBeEncryptedBytes);
   } catch (Exception e) {
     throw new AmazonClientException("Unable to encrypt symmetric key: " + e.getMessage(), e);
   }
 }
  /** 生成密钥对 */
  public static Map<String, String> generateKeyPair() throws Exception {
    /** RSA算法要求有一个可信任的随机数源 */
    SecureRandom sr = new SecureRandom();
    /** 为RSA算法创建一个KeyPairGenerator对象 */
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    /** 利用上面的随机数据源初始化这个KeyPairGenerator对象 */
    kpg.initialize(KEYSIZE, sr);
    /** 生成密匙对 */
    KeyPair kp = kpg.generateKeyPair();
    /** 得到公钥 */
    Key publicKey = kp.getPublic();
    byte[] publicKeyBytes = publicKey.getEncoded();
    String pub =
        new String(Base64.encodeBase64(publicKeyBytes), ConfigureEncryptAndDecrypt.CHAR_ENCODING);
    /** 得到私钥 */
    Key privateKey = kp.getPrivate();
    byte[] privateKeyBytes = privateKey.getEncoded();
    String pri =
        new String(Base64.encodeBase64(privateKeyBytes), ConfigureEncryptAndDecrypt.CHAR_ENCODING);

    Map<String, String> map = new HashMap<String, String>();
    map.put("publicKey", pub);
    map.put("privateKey", pri);
    RSAPublicKey rsp = (RSAPublicKey) kp.getPublic();
    BigInteger bint = rsp.getModulus();
    byte[] b = bint.toByteArray();
    byte[] deBase64Value = Base64.encodeBase64(b);
    String retValue = new String(deBase64Value);
    map.put("modulus", retValue);
    return map;
  }
 private static BufferedBlockCipher func_75892_a(boolean par0, Key par1Key) {
   BufferedBlockCipher var2 = new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8));
   var2.init(
       par0,
       new ParametersWithIV(new KeyParameter(par1Key.getEncoded()), par1Key.getEncoded(), 0, 16));
   return var2;
 }
  /**
   * Converts, if possible, a given key into a key specification. Currently, the following key
   * specifications are supported:
   *
   * <ul>
   *   <li>for McElieceCCA2PublicKey: {@link X509EncodedKeySpec}, {@link McElieceCCA2PublicKeySpec}
   *   <li>for McElieceCCA2PrivateKey: {@link PKCS8EncodedKeySpec}, {@link
   *       McElieceCCA2PrivateKeySpec}.
   * </ul>
   *
   * @param key the key
   * @param keySpec the key specification
   * @return the specification of the McEliece CCA2 key
   * @throws InvalidKeySpecException if the key type or the key specification is not supported.
   * @see BCMcElieceCCA2PrivateKey
   * @see McElieceCCA2PrivateKeySpec
   * @see BCMcElieceCCA2PublicKey
   * @see McElieceCCA2PublicKeySpec
   */
  public KeySpec getKeySpec(Key key, Class keySpec) throws InvalidKeySpecException {
    if (key instanceof BCMcElieceCCA2PrivateKey) {
      if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
        return new PKCS8EncodedKeySpec(key.getEncoded());
      } else if (McElieceCCA2PrivateKeySpec.class.isAssignableFrom(keySpec)) {
        BCMcElieceCCA2PrivateKey privKey = (BCMcElieceCCA2PrivateKey) key;
        return new McElieceCCA2PrivateKeySpec(
            OID,
            privKey.getN(),
            privKey.getK(),
            privKey.getField(),
            privKey.getGoppaPoly(),
            privKey.getP(),
            privKey.getH(),
            privKey.getQInv());
      }
    } else if (key instanceof BCMcElieceCCA2PublicKey) {
      if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
        return new X509EncodedKeySpec(key.getEncoded());
      } else if (McElieceCCA2PublicKeySpec.class.isAssignableFrom(keySpec)) {
        BCMcElieceCCA2PublicKey pubKey = (BCMcElieceCCA2PublicKey) key;
        return new McElieceCCA2PublicKeySpec(OID, pubKey.getN(), pubKey.getT(), pubKey.getG());
      }
    } else {
      throw new InvalidKeySpecException("Unsupported key type: " + key.getClass() + ".");
    }

    throw new InvalidKeySpecException("Unknown key specification: " + keySpec + ".");
  }
Exemple #10
0
  /**
   * This method returns a specification for the supplied key.
   *
   * <p>The specification will be returned in the form of an object of the type specified by
   * keySpec.
   *
   * @param key - either DSAPrivateKey or DSAPublicKey
   * @param keySpec - either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
   * @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
   * @throws InvalidKeySpecException if "keySpec" is not a specification for DSAPublicKey or
   *     DSAPrivateKey
   */
  protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
      throws InvalidKeySpecException {

    BigInteger p, q, g, x, y;

    if (key != null) {
      if (keySpec == null) {
        throw new NullPointerException("keySpec == null");
      }
      if (key instanceof DSAPrivateKey) {
        DSAPrivateKey privateKey = (DSAPrivateKey) key;

        if (keySpec.equals(DSAPrivateKeySpec.class)) {

          x = privateKey.getX();

          DSAParams params = privateKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPrivateKeySpec(x, p, q, g));
        }

        if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
          return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(
            "'keySpec' is neither DSAPrivateKeySpec nor PKCS8EncodedKeySpec");
      }

      if (key instanceof DSAPublicKey) {
        DSAPublicKey publicKey = (DSAPublicKey) key;

        if (keySpec.equals(DSAPublicKeySpec.class)) {

          y = publicKey.getY();

          DSAParams params = publicKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPublicKeySpec(y, p, q, g));
        }

        if (keySpec.equals(X509EncodedKeySpec.class)) {
          return (T) (new X509EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(
            "'keySpec' is neither DSAPublicKeySpec nor X509EncodedKeySpec");
      }
    }
    throw new InvalidKeySpecException("'key' is neither DSAPublicKey nor DSAPrivateKey");
  }
Exemple #11
0
  public static String getPrivateKey(Map<String, Object> keyMap) throws Exception {

    Key key = (Key) keyMap.get(PRIVATE_KEY);

    byte[] privateKey = key.getEncoded();

    return encryptBASE64(key.getEncoded());
  }
Exemple #12
0
  public String createKey() throws NoSuchAlgorithmException, NoSuchProviderException {

    KeyGenerator keygen = KeyGenerator.getInstance("AES", "BC");
    keygen.init(256);
    Key key = keygen.generateKey();

    return Base64.encodeBase64String(key.getEncoded());
  }
 private static BufferedBlockCipher func_75892_a(boolean p_75892_0_, Key p_75892_1_) {
   BufferedBlockCipher bufferedblockcipher =
       new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8));
   bufferedblockcipher.init(
       p_75892_0_,
       new ParametersWithIV(
           new KeyParameter(p_75892_1_.getEncoded()), p_75892_1_.getEncoded(), 0, 16));
   return bufferedblockcipher;
 }
  /**
   * This method returns a specification for the supplied key.
   *
   * <p>The specification will be returned in the form of an object of the type specified by
   * keySpec.
   *
   * @param key - either DSAPrivateKey or DSAPublicKey
   * @param keySpec - either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
   * @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
   * @throws InvalidKeySpecException if "keySpec" is not a specification for DSAPublicKey or
   *     DSAPrivateKey
   */
  protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
      throws InvalidKeySpecException {

    BigInteger p, q, g, x, y;

    if (key != null) {
      if (keySpec == null) {
        throw new NullPointerException(Messages.getString("security.19E")); // $NON-NLS-1$
      }
      if (key instanceof DSAPrivateKey) {
        DSAPrivateKey privateKey = (DSAPrivateKey) key;

        if (keySpec.equals(DSAPrivateKeySpec.class)) {

          x = privateKey.getX();

          DSAParams params = privateKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPrivateKeySpec(x, p, q, g));
        }

        if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
          return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(Messages.getString("security.19C")); // $NON-NLS-1$
      }

      if (key instanceof DSAPublicKey) {
        DSAPublicKey publicKey = (DSAPublicKey) key;

        if (keySpec.equals(DSAPublicKeySpec.class)) {

          y = publicKey.getY();

          DSAParams params = publicKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPublicKeySpec(y, p, q, g));
        }

        if (keySpec.equals(X509EncodedKeySpec.class)) {
          return (T) (new X509EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(Messages.getString("security.19D")); // $NON-NLS-1$
      }
    }
    throw new InvalidKeySpecException(Messages.getString("security.19F")); // $NON-NLS-1$
  }
 public static String generateKey(int len) {
   try {
     KeyGenerator keyGen = KeyGenerator.getInstance("AES");
     keyGen.init(len);
     Key key = keyGen.generateKey();
     // System.out.println(key.getEncoded());
     return Strings.toHexString(key.getEncoded());
   } catch (Exception e) {
     return null;
   }
 }
 /**
  * 张纪豪添加
  *
  * @param len
  * @param password
  * @return
  */
 public static String generateKey(int len, String password) {
   try {
     KeyGenerator keyGen = KeyGenerator.getInstance("AES");
     keyGen.init(len);
     keyGen.init(128, new SecureRandom(password.getBytes()));
     Key key = keyGen.generateKey();
     return Strings.toHexString(key.getEncoded());
   } catch (Exception e) {
     return null;
   }
 }
  public boolean shareAESkey() {
    try {
      Envelope message = null, e = null;

      // Generate AES key
      KeyGenerator keyGen = KeyGenerator.getInstance("AES");
      AESkey = keyGen.generateKey();
      keyGen = KeyGenerator.getInstance("HmacSHA1");
      HMACkey = keyGen.generateKey();
      byte[] keyBytes = AESkey.getEncoded();
      byte[] hashBytes = HMACkey.getEncoded();
      System.out.println("AES key generated");
      System.out.println("HMAC key generated");
      System.out.println("Begin Encryption...");
      // Encrypt message  w/ provided public key
      Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");

      cipher.init(Cipher.ENCRYPT_MODE, pubKey);
      byte[] cipherBytes = cipher.doFinal(keyBytes);
      byte[] cipherBytes1 = cipher.doFinal(hashBytes);
      System.out.println("Encryption Complete");

      message = new Envelope("SKEY");
      message.addObject(cipherBytes); // Add AESkey to message
      message.addObject(cipherBytes1);
      message.addObject(nonce);
      nonce++;

      byte[] messageBytes = Envelope.toByteArray(message);

      output.writeObject(messageBytes);

      byte[] inCipherBytes = (byte[]) input.readObject();

      // Decrypt response
      cipher = Cipher.getInstance("AES");
      cipher.init(Cipher.DECRYPT_MODE, AESkey);
      byte[] responseBytes = cipher.doFinal(inCipherBytes);

      Envelope response = Envelope.getEnvelopefromBytes(responseBytes);

      // If server indicates success, return the member list
      if (response.getMessage().equals("OK")
          && (Integer) response.getObjContents().get(0) == nonce) {
        return true;
      } else {
        return false;
      }
    } catch (Exception e) {
      System.err.println("Error: " + e.getMessage());
      e.printStackTrace(System.err);
      return false;
    }
  }
 protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
     throws InvalidKeySpecException {
   try {
     // convert key to one of our keys
     // this also verifies that the key is a valid RSA key and ensures
     // that the encoding is X.509/PKCS#8 for public/private keys
     key = engineTranslateKey(key);
   } catch (InvalidKeyException e) {
     throw new InvalidKeySpecException(e);
   }
   if (key instanceof RSAPublicKey) {
     RSAPublicKey rsaKey = (RSAPublicKey) key;
     if (rsaPublicKeySpecClass.isAssignableFrom(keySpec)) {
       return keySpec.cast(new RSAPublicKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent()));
     } else if (x509KeySpecClass.isAssignableFrom(keySpec)) {
       return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
     } else {
       throw new InvalidKeySpecException(
           "KeySpec must be RSAPublicKeySpec or " + "X509EncodedKeySpec for RSA public keys");
     }
   } else if (key instanceof RSAPrivateKey) {
     if (pkcs8KeySpecClass.isAssignableFrom(keySpec)) {
       return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
     } else if (rsaPrivateCrtKeySpecClass.isAssignableFrom(keySpec)) {
       if (key instanceof RSAPrivateCrtKey) {
         RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey) key;
         return keySpec.cast(
             new RSAPrivateCrtKeySpec(
                 crtKey.getModulus(),
                 crtKey.getPublicExponent(),
                 crtKey.getPrivateExponent(),
                 crtKey.getPrimeP(),
                 crtKey.getPrimeQ(),
                 crtKey.getPrimeExponentP(),
                 crtKey.getPrimeExponentQ(),
                 crtKey.getCrtCoefficient()));
       } else {
         throw new InvalidKeySpecException("RSAPrivateCrtKeySpec can only be used with CRT keys");
       }
     } else if (rsaPrivateKeySpecClass.isAssignableFrom(keySpec)) {
       RSAPrivateKey rsaKey = (RSAPrivateKey) key;
       return keySpec.cast(
           new RSAPrivateKeySpec(rsaKey.getModulus(), rsaKey.getPrivateExponent()));
     } else {
       throw new InvalidKeySpecException(
           "KeySpec must be RSAPrivate(Crt)KeySpec or "
               + "PKCS8EncodedKeySpec for RSA private keys");
     }
   } else {
     // should not occur, caught in engineTranslateKey()
     throw new InvalidKeySpecException("Neither public nor private key");
   }
 }
 @Test(timeout = 30000)
 public void testKeyStoreKeyProviderWithPassword() throws Exception {
   KeyProvider provider = new KeyStoreKeyProvider();
   provider.init("jceks://" + storeFile.toURI().getPath() + "?password=" + PASSWORD);
   Key key = provider.getKey(ALIAS);
   assertNotNull(key);
   byte[] keyBytes = key.getEncoded();
   assertEquals(keyBytes.length, KEY.length);
   for (int i = 0; i < KEY.length; i++) {
     assertEquals(keyBytes[i], KEY[i]);
   }
 }
Exemple #20
0
 public static byte[] genarateRandomKey() {
   KeyGenerator keygen = null;
   try {
     keygen = KeyGenerator.getInstance(ConfigureEncryptAndDecrypt.AES_ALGORITHM);
   } catch (NoSuchAlgorithmException e) {
     throw new RuntimeException(" genarateRandomKey fail!", e);
   }
   SecureRandom random = new SecureRandom();
   keygen.init(random);
   Key key = keygen.generateKey();
   return key.getEncoded();
 }
 protected void engineInit(
     int paramInt,
     Key paramKey,
     AlgorithmParameterSpec paramAlgorithmParameterSpec,
     SecureRandom paramSecureRandom) {
   Object localObject;
   if ((paramKey instanceof BCPBEKey)) {
     paramKey = (BCPBEKey) paramKey;
     if ((paramAlgorithmParameterSpec instanceof PBEParameterSpec)) {
       localObject = PBE.Util.ˊ(paramKey, paramAlgorithmParameterSpec, this.aXL.iG());
     } else if (paramKey.nU() != null) {
       localObject = paramKey.nU();
     } else {
       throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
     }
   } else {
     localObject = new KeyParameter(paramKey.getEncoded());
   }
   paramKey = (Key) localObject;
   if ((paramAlgorithmParameterSpec instanceof IvParameterSpec)) {
     paramKey =
         new ParametersWithIV(
             (CipherParameters) localObject,
             ((IvParameterSpec) paramAlgorithmParameterSpec).getIV());
   }
   paramAlgorithmParameterSpec = paramKey;
   if ((paramKey instanceof KeyParameter)) {
     paramAlgorithmParameterSpec = paramKey;
     if (this.aYU != 0) {
       this.iv = new byte[this.aYU];
       paramSecureRandom.nextBytes(this.iv);
       paramAlgorithmParameterSpec = new ParametersWithIV(paramKey, this.iv);
     }
   }
   paramKey = paramAlgorithmParameterSpec;
   if (paramSecureRandom != null) {
     paramKey = new ParametersWithRandom(paramAlgorithmParameterSpec, paramSecureRandom);
   }
   switch (paramInt) {
     default:
       break;
     case 3:
       this.aXL.ˊ(true, paramKey);
       return;
     case 4:
       this.aXL.ˊ(false, paramKey);
       return;
     case 1:
     case 2:
       throw new IllegalArgumentException("engine only valid for wrapping");
   }
   System.out.println("eeek!");
 }
Exemple #22
0
  public void load() {
    try {
      KeyStore keyStore = KeyStore.getInstance("JCEKS");
      keyStore.load(new FileInputStream("output.jceks"), "password".toCharArray());

      Key key = keyStore.getKey("secret", "password".toCharArray());

      System.out.println(key.toString());
    } catch (Exception ex) {
      ex.printStackTrace();
    }
  }
 void assertPrivateKs(File file, String pass, String alias) throws Exception {
   KeyStore ks = loadKeyStore("jceks", file, alias);
   List aliases = ListUtil.fromIterator(new EnumerationIterator(ks.aliases()));
   assertEquals(2, aliases.size());
   Certificate cert = ks.getCertificate(alias + ".crt");
   assertNotNull(cert);
   assertEquals("X.509", cert.getType());
   assertTrue(ks.isKeyEntry(alias + ".key"));
   assertTrue(ks.isCertificateEntry(alias + ".crt"));
   Key key = ks.getKey(alias + ".key", pass.toCharArray());
   assertNotNull(key);
   assertEquals("RSA", key.getAlgorithm());
 }
  /**
   * Encrypt the MAC key using the provided shared secret.
   *
   * @param macKey MAC key to encrypt
   * @param sharedSecret shared secret used to encrypt MAC key
   * @return encrypted MAC Key
   */
  private static SecretKey macKeyEncryption(Key macKey, SecretKey sharedSecret) {
    try {
      MessageDigest messageDigest = MessageDigest.getInstance(sharedSecret.getAlgorithm());
      byte[] digestedSecret = messageDigest.digest(sharedSecret.getEncoded());

      byte[] encrypted = xor(macKey.getEncoded(), digestedSecret);
      return new SecretKeySpec(encrypted, macKey.getAlgorithm());
    } catch (NoSuchAlgorithmException e) {
      log.error("unable to encrypt MAC key: {}", e.getMessage());
    }

    return null;
  }
  byte[] getPublicKeyEncoded() {
    try {
      // generate a key pair
      SecureRandom random = new SecureRandom();
      KeyPairGenerator generator = KeyPairGenerator.getInstance(ASYM_KEY_TYPE);
      generator.initialize(ASYM_KEY_SIZE, random);

      _serverKeyPair = generator.generateKeyPair();
      Key pubKey = _serverKeyPair.getPublic();
      return pubKey.getEncoded();
    } catch (Exception e) {
      e.printStackTrace();
    }
    return null;
  }
 /**
  * Convert a Key to string encoded as BASE64
  *
  * @param key The key (private or public)
  * @return A string representation of the key
  */
 public static String getKeyAsString(Key key) {
   // Get the bytes of the key
   byte[] keyBytes = key.getEncoded();
   // Convert key to BASE64 encoded string
   BASE64Encoder b64 = new BASE64Encoder();
   return b64.encode(keyBytes);
 }
  /** @inheritDoc */
  protected void engineInitVerify(Key publicKey) throws XMLSignatureException {
    if (!(publicKey instanceof PublicKey)) {
      String supplied = publicKey.getClass().getName();
      String needed = PublicKey.class.getName();
      Object exArgs[] = {supplied, needed};

      throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
    }

    try {
      this.signatureAlgorithm.initVerify((PublicKey) publicKey);
    } catch (InvalidKeyException ex) {
      // reinstantiate Signature object to work around bug in JDK
      // see: http://bugs.sun.com/view_bug.do?bug_id=4953555
      Signature sig = this.signatureAlgorithm;
      try {
        this.signatureAlgorithm = Signature.getInstance(signatureAlgorithm.getAlgorithm());
      } catch (Exception e) {
        // this shouldn't occur, but if it does, restore previous
        // Signature
        if (log.isLoggable(java.util.logging.Level.FINE)) {
          log.log(java.util.logging.Level.FINE, "Exception when reinstantiating Signature:" + e);
        }
        this.signatureAlgorithm = sig;
      }
      throw new XMLSignatureException("empty", ex);
    }
  }
  @Override
  public String toString() {
    if (null == _nodeKey) {
      return "NodeKey for node: "
          + _nodeName
          + " Stored at: "
          + _storedNodeKeyName
          + " Stored ID: "
          + DataUtils.printHexBytes(_storedNodeKeyID)
          + " Key: null"
          + " Key id: null";
    }

    // not great to print out keys, but nec for debugging
    return "NodeKey for node: "
        + _nodeName
        + " Stored at: "
        + _storedNodeKeyName
        + " Stored ID: "
        + DataUtils.printHexBytes(_storedNodeKeyID)
        + " Key: "
        + DataUtils.printHexBytes(_nodeKey.getEncoded())
        + " Key id: "
        + DataUtils.printHexBytes(WrappedKey.wrappingKeyIdentifier(_nodeKey));
  }
 protected byte[] engineWrap(Key paramKey) {
   paramKey = paramKey.getEncoded();
   if (paramKey == null) {
     throw new InvalidKeyException("Cannot wrap key, null encoding.");
   }
   try {
     if (this.aXL == null) {
       paramKey = engineDoFinal(paramKey, 0, paramKey.length);
       return paramKey;
     }
     paramKey = this.aXL.ᐨ(paramKey, 0, paramKey.length);
     return paramKey;
   } catch (BadPaddingException paramKey) {
     throw new IllegalBlockSizeException(paramKey.getMessage());
   }
 }
 /**
  * Returns the key size of the given key object.
  *
  * @param key the key object.
  * @return the key size of the given key object.
  * @exception InvalidKeyException if <code>key</code> is invalid.
  */
 protected int engineGetKeySize(Key key) throws InvalidKeyException {
   byte[] encoded = key.getEncoded();
   if (encoded.length != 8) {
     throw new InvalidKeyException("Invalid key length: " + encoded.length + " bytes");
   }
   return 56;
 }