Exemple #1
0
  /**
   * Encrypts or decrypts the given input.
   *
   * @param in input
   * @param s encryption type
   * @param k secret key
   * @param a encryption algorithm
   * @param ec encrypt or decrypt
   * @return encrypted or decrypted input
   * @throws QueryException query exception
   */
  Str encryption(final byte[] in, final byte[] s, final byte[] k, final byte[] a, final boolean ec)
      throws QueryException {

    final boolean symmetric = eq(lc(s), SYM) || s.length == 0;
    final byte[] aa = a.length == 0 ? DES : a;
    final byte[] tivl = ALGE.get(lc(aa));
    if (!symmetric) throw CX_ENCTYP.get(info, ec);
    if (tivl == null) throw CX_INVALGO.get(info, s);
    // initialization vector length
    final int ivl = toInt(tivl);

    try {
      return Str.get(ec ? encrypt(in, k, aa, ivl) : decrypt(in, k, aa, ivl));
    } catch (final NoSuchPaddingException e) {
      throw CX_NOPAD.get(info, e);
    } catch (final BadPaddingException e) {
      throw CX_BADPAD.get(info, e);
    } catch (final InvalidKeyException e) {
      throw CX_KEYINV.get(info, e);
    } catch (final IllegalBlockSizeException e) {
      throw CX_ILLBLO.get(info, e);
    } catch (final GeneralSecurityException e) {
      throw CX_INVALGO.get(info, e);
    }
  }
Exemple #2
0
 static {
   ALGE.put("des", "8");
   ALGE.put("aes", "16");
   ALGN.put("des", "DES/CBC/PKCS5Padding");
   ALGN.put("aes", "AES/CBC/PKCS5Padding");
   ALGHMAC.put("md5", "hmacmd5");
   ALGHMAC.put("sha1", "hmacsha1");
   ALGHMAC.put("sha256", "hmacsha256");
   ALGHMAC.put("sha384", "hmacsha1");
   ALGHMAC.put("sha512", "hmacsha512");
 }
Exemple #3
0
  /**
   * Decrypts the given input data.
   *
   * @param in data to decrypt
   * @param k secret key
   * @param a encryption algorithm
   * @param ivl initialization vector length
   * @return decrypted data
   * @throws NoSuchAlgorithmException ex
   * @throws NoSuchPaddingException ex
   * @throws InvalidKeyException ex
   * @throws InvalidAlgorithmParameterException ex
   * @throws IllegalBlockSizeException ex
   * @throws BadPaddingException ex
   */
  private static byte[] decrypt(final byte[] in, final byte[] k, final byte[] a, final int ivl)
      throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
          InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {

    final SecretKeySpec keySpec = new SecretKeySpec(k, string(a));
    final Cipher cipher = Cipher.getInstance(string(ALGN.get(lc(a))));

    // extract iv from message beginning
    final byte[] iv = substring(in, 0, ivl);
    final IvParameterSpec ivspec = new IvParameterSpec(iv);
    cipher.init(Cipher.DECRYPT_MODE, keySpec, ivspec);
    return cipher.doFinal(substring(in, ivl, in.length));
  }
Exemple #4
0
  /**
   * Creates a message authentication code (MAC) for the given input.
   *
   * @param msg input
   * @param k secret key
   * @param a encryption algorithm
   * @param enc encoding
   * @return MAC
   * @throws QueryException query exception
   */
  Item hmac(final byte[] msg, final byte[] k, final byte[] a, final byte[] enc)
      throws QueryException {

    // create hash value from input message
    final Key key = new SecretKeySpec(k, string(a));

    final byte[] aa = a.length == 0 ? DEFA : a;
    if (!ALGHMAC.contains(lc(aa))) throw CX_INVHASH.get(info, aa);

    final boolean b64 = eq(lc(enc), BASE64) || enc.length == 0;
    if (!b64 && !eq(lc(enc), HEX)) throw CX_ENC.get(info, enc);

    try {
      final Mac mac = Mac.getInstance(string(ALGHMAC.get(lc(aa))));
      mac.init(key);
      final byte[] hash = mac.doFinal(msg);
      // convert to specified encoding, base64 as a standard, else use hex
      return Str.get(b64 ? org.basex.util.Base64.encode(hash) : hex(hash, true));
    } catch (final NoSuchAlgorithmException e) {
      throw CX_INVHASH.get(info, e);
    } catch (final InvalidKeyException e) {
      throw CX_KEYINV.get(info, e);
    }
  }
Exemple #5
0
  /**
   * Encrypts the given input data.
   *
   * @param in input data to encrypt
   * @param k key
   * @param a encryption algorithm
   * @param ivl initialization vector length
   * @return encrypted input data
   * @throws InvalidKeyException ex
   * @throws InvalidAlgorithmParameterException ex
   * @throws NoSuchAlgorithmException ex
   * @throws NoSuchPaddingException ex
   * @throws IllegalBlockSizeException ex
   * @throws BadPaddingException ex
   */
  private static byte[] encrypt(final byte[] in, final byte[] k, final byte[] a, final int ivl)
      throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException,
          NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException {

    final Cipher cipher = Cipher.getInstance(string(ALGN.get(lc(a))));
    final SecretKeySpec kspec = new SecretKeySpec(k, string(a));
    // generate random iv. random iv is necessary to make the encryption of a
    // string look different every time it is encrypted.
    final byte[] iv = new byte[ivl];
    // create new random iv if encrypting
    final SecureRandom rand = SecureRandom.getInstance("SHA1PRNG");
    rand.nextBytes(iv);
    final IvParameterSpec ivspec = new IvParameterSpec(iv);

    // encrypt/decrypt
    cipher.init(Cipher.ENCRYPT_MODE, kspec, ivspec);
    final byte[] t = cipher.doFinal(in);
    // initialization vector is appended to the message for later decryption
    return concat(iv, t);
  }