Examples with GeneralSecurityException java.security.GeneralSecurityException used on opensource projects

Example 6 with GeneralSecurityException

use of java.security.GeneralSecurityException in project hadoop by apache.

the class FSDirEncryptionZoneOp method generateEncryptedDataEncryptionKey.

/**
   * Invoke KeyProvider APIs to generate an encrypted data encryption key for
   * an encryption zone. Should not be called with any locks held.
   *
   * @param fsd fsdirectory
   * @param ezKeyName key name of an encryption zone
   * @return New EDEK, or null if ezKeyName is null
   * @throws IOException
   */
private static EncryptedKeyVersion generateEncryptedDataEncryptionKey(final FSDirectory fsd, final String ezKeyName) throws IOException {
    // must not be holding lock during this operation
    assert !fsd.getFSNamesystem().hasReadLock();
    assert !fsd.getFSNamesystem().hasWriteLock();
    if (ezKeyName == null) {
        return null;
    }
    long generateEDEKStartTime = monotonicNow();
    // Generate EDEK with login user (hdfs) so that KMS does not need
    // an extra proxy configuration allowing hdfs to proxy its clients and
    // KMS does not need configuration to allow non-hdfs user GENERATE_EEK
    // operation.
    EncryptedKeyVersion edek = SecurityUtil.doAsLoginUser(new PrivilegedExceptionAction<EncryptedKeyVersion>() {

        @Override
        public EncryptedKeyVersion run() throws IOException {
            try {
                return fsd.getProvider().generateEncryptedKey(ezKeyName);
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
    });
    long generateEDEKTime = monotonicNow() - generateEDEKStartTime;
    NameNode.getNameNodeMetrics().addGenerateEDEKTime(generateEDEKTime);
    Preconditions.checkNotNull(edek);
    return edek;
}

Example 7 with GeneralSecurityException

use of java.security.GeneralSecurityException in project hadoop by apache.

the class DFSClient method decryptEncryptedDataEncryptionKey.

/**
   * Decrypts a EDEK by consulting the KeyProvider.
   */
private KeyVersion decryptEncryptedDataEncryptionKey(FileEncryptionInfo feInfo) throws IOException {
    try (TraceScope ignored = tracer.newScope("decryptEDEK")) {
        KeyProvider provider = getKeyProvider();
        if (provider == null) {
            throw new IOException("No KeyProvider is configured, cannot access" + " an encrypted file");
        }
        EncryptedKeyVersion ekv = EncryptedKeyVersion.createForDecryption(feInfo.getKeyName(), feInfo.getEzKeyVersionName(), feInfo.getIV(), feInfo.getEncryptedDataEncryptionKey());
        try {
            KeyProviderCryptoExtension cryptoProvider = KeyProviderCryptoExtension.createKeyProviderCryptoExtension(provider);
            return cryptoProvider.decryptEncryptedKey(ekv);
        } catch (GeneralSecurityException e) {
            throw new IOException(e);
        }
    }
}

Example 8 with GeneralSecurityException

use of java.security.GeneralSecurityException in project openhab1-addons by openhab.

the class KM200Comm method encodeMessage.

/**
     * This function does the encoding for a new message to the device
     *
     */
public byte[] encodeMessage(String data) {
    byte[] encryptedDataB64 = null;
    try {
        // --- create cipher
        byte[] bdata = data.getBytes(device.getCharSet());
        final Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(device.getCryptKeyPriv(), "AES"));
        logger.debug("Create padding..");
        int bsize = cipher.getBlockSize();
        logger.debug("Add Padding and Encrypt AES..");
        final byte[] encryptedData = cipher.doFinal(addZeroPadding(bdata, bsize, device.getCharSet()));
        logger.debug("Encrypt B64..");
        try {
            encryptedDataB64 = Base64.encodeBase64(encryptedData);
        } catch (Exception e) {
            logger.error("Base64encoding not possible: {}", e.getMessage());
        }
        return encryptedDataB64;
    } catch (UnsupportedEncodingException | GeneralSecurityException e) {
        // failure to authenticate
        logger.error("Exception on encoding: {}", e);
        return null;
    }
}

Example 9 with GeneralSecurityException

use of java.security.GeneralSecurityException in project java-apns by notnoop.

the class SSLContextBuilder method withTrustKeyStore.

public SSLContextBuilder withTrustKeyStore(KeyStore keyStore, String keyStorePassword) throws InvalidSSLConfig {
    try {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
        trustManagerFactory.init(keyStore);
        trustManagers = trustManagerFactory.getTrustManagers();
        return this;
    } catch (GeneralSecurityException e) {
        throw new InvalidSSLConfig(e);
    }
}

Example 10 with GeneralSecurityException

use of java.security.GeneralSecurityException in project java-apns by notnoop.

the class SSLContextBuilder method withCertificateKeyStore.

public SSLContextBuilder withCertificateKeyStore(KeyStore keyStore, String keyStorePassword) throws InvalidSSLConfig {
    try {
        keyManagerFactory = KeyManagerFactory.getInstance(algorithm);
        keyManagerFactory.init(keyStore, keyStorePassword.toCharArray());
        return this;
    } catch (GeneralSecurityException e) {
        throw new InvalidSSLConfig(e);
    }
}