/** * Decrypts the encapsulated credentials * * @see org.ow2.proactive.authentication.crypto.KeyPairUtil#decrypt(String, String, String, * byte[]) * @param privKey the private key * @return the credential data containing the clear data:login, password and key * @throws KeyException decryption failure, malformed data */ public CredData decrypt(PrivateKey privKey) throws KeyException { byte[] data = null; byte[] aesClear = null; // recover clear AES key using the private key try { aesClear = KeyPairUtil.decrypt(this.algorithm, privKey, this.cipher, this.aes); } catch (KeyException e) { throw new KeyException("Could not decrypt symmetric key", e); } // recover clear credentials using the AES key try { data = KeyUtil.decrypt(new SecretKeySpec(aesClear, AES_ALGO), AES_CIPHER, this.data); } catch (KeyException e) { throw new KeyException("Could not decrypt data", e); } // deserialize clear credentials and obtain login & password try { return (CredData) ByteToObjectConverter.ObjectStream.convert(data); } catch (Exception e) { throw new KeyException(e.getMessage()); } }
@Test public void encrypt_decrypt() throws Exception { KeyPair keyPair = KeyPairUtil.generateKeyPair("RSA", 1024); PrivateKey privateKey = keyPair.getPrivate(); PublicKey publicKey = keyPair.getPublic(); HybridEncryptedData encryptedData = HybridEncryptionUtil.encryptString("hello", publicKey); String decryptedData = HybridEncryptionUtil.decryptString(encryptedData, privateKey); assertEquals("hello", decryptedData); }
/** * Creates new encrypted credentials * * <p>Encrypts the message '<code>login</code>:<code>password</code>' using the public key <code> * pubKey</code> and <code>cipher</code> and store it in a new Credentials object. * * @see KeyPairUtil#encrypt(String, String, String, byte[]) * @param login the login to encrypt * @param password the corresponding password to encrypt * @param pubKey public key used for encryption * @param cipher cipher parameters: combination of transformations * @return the Credentials object containing the encrypted data * @throws KeyException key generation or encryption failed */ @Deprecated public static Credentials createCredentials( String login, String password, byte[] datakey, PublicKey pubKey, String cipher) throws KeyException { CredData cc = new CredData(); cc.setLogin(CredData.parseLogin(login)); cc.setDomain(CredData.parseDomain(login)); cc.setPassword(password); cc.setKey(datakey); // serialize clear credentials to byte array byte[] clearCred = null; try { clearCred = ObjectToByteConverter.ObjectStream.convert(cc); } catch (IOException e1) { throw new KeyException(e1.getMessage()); } int size = -1; if (pubKey instanceof java.security.interfaces.RSAPublicKey) { size = ((RSAPublicKey) pubKey).getModulus().bitLength(); } else if (pubKey instanceof java.security.interfaces.DSAPublicKey) { size = ((DSAPublicKey) pubKey).getParams().getP().bitLength(); } else if (pubKey instanceof javax.crypto.interfaces.DHPublicKey) { size = ((DHPublicKey) pubKey).getParams().getP().bitLength(); } // generate symmetric key SecretKey aesKey = KeyUtil.generateKey(AES_ALGO, AES_KEYSIZE); byte[] encData = null; byte[] encAes = null; // encrypt AES key with public RSA key try { encAes = KeyPairUtil.encrypt(pubKey, size, cipher, aesKey.getEncoded()); } catch (KeyException e) { throw new KeyException("Symmetric key encryption failed", e); } // encrypt clear credentials with AES key try { encData = KeyUtil.encrypt(aesKey, AES_CIPHER, clearCred); } catch (KeyException e) { throw new KeyException("Message encryption failed", e); } Credentials cred = new Credentials(pubKey.getAlgorithm(), size, cipher, encAes, encData); return cred; }