Example 1 with PBEKeySpec
use of javax.crypto.spec.PBEKeySpec in project elasticsearch by elastic.
the class KeyStoreWrapper method getString.
// TODO: make settings accessible only to code that registered the setting
/** Retrieve a string setting. The {@link SecureString} should be closed once it is used. */
@Override
public SecureString getString(String setting) throws GeneralSecurityException {
KeyStore.Entry entry = keystore.get().getEntry(setting, keystorePassword.get());
if (entry instanceof KeyStore.SecretKeyEntry == false) {
throw new IllegalStateException("Secret setting " + setting + " is not a string");
}
// TODO: only allow getting a setting once?
KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) entry;
PBEKeySpec keySpec = (PBEKeySpec) secretFactory.getKeySpec(secretKeyEntry.getSecretKey(), PBEKeySpec.class);
SecureString value = new SecureString(keySpec.getPassword());
keySpec.clearPassword();
return value;
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
KeyStore(java.security.KeyStore)
Example 2 with PBEKeySpec
use of javax.crypto.spec.PBEKeySpec in project hbase by apache.
the class Encryption method pbkdf128.
/**
* Return a 128 bit key derived from the concatenation of the supplied
* arguments using PBKDF2WithHmacSHA1 at 10,000 iterations.
*
*/
public static byte[] pbkdf128(String... args) {
byte[] salt = new byte[128];
Bytes.random(salt);
StringBuilder sb = new StringBuilder();
for (String s : args) {
sb.append(s);
}
PBEKeySpec spec = new PBEKeySpec(sb.toString().toCharArray(), salt, 10000, 128);
try {
return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(spec).getEncoded();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
} catch (InvalidKeySpecException e) {
throw new RuntimeException(e);
}
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
Example 3 with PBEKeySpec
use of javax.crypto.spec.PBEKeySpec in project android_frameworks_base by ParanoidAndroid.
the class BackupManagerService method buildCharArrayKey.
private SecretKey buildCharArrayKey(char[] pwArray, byte[] salt, int rounds) {
try {
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec ks = new PBEKeySpec(pwArray, salt, rounds, PBKDF2_KEY_SIZE);
return keyFactory.generateSecret(ks);
} catch (InvalidKeySpecException e) {
Slog.e(TAG, "Invalid key spec for PBKDF2!");
} catch (NoSuchAlgorithmException e) {
Slog.e(TAG, "PBKDF2 unavailable!");
}
return null;
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeySpec(java.security.spec.KeySpec)
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
Example 4 with PBEKeySpec
use of javax.crypto.spec.PBEKeySpec in project che by eclipse.
the class PBKDF2PasswordEncryptor method computeHash.
private HashCode computeHash(char[] password, byte[] salt, int iterations) {
try {
final SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(SECRET_KEY_FACTORY_NAME);
final KeySpec keySpec = new PBEKeySpec(password, salt, iterations, 512);
return HashCode.fromBytes(keyFactory.generateSecret(keySpec).getEncoded());
} catch (NoSuchAlgorithmException | InvalidKeySpecException x) {
throw new RuntimeException(x.getMessage(), x);
}
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
KeySpec(java.security.spec.KeySpec)
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
Example 5 with PBEKeySpec
use of javax.crypto.spec.PBEKeySpec in project XobotOS by xamarin.
the class JDKPKCS12KeyStore method unwrapKey.
protected PrivateKey unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero) throws IOException {
String algorithm = algId.getObjectId().getId();
PKCS12PBEParams pbeParams = new PKCS12PBEParams((ASN1Sequence) algId.getParameters());
PBEKeySpec pbeSpec = new PBEKeySpec(password);
PrivateKey out;
try {
SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm, bcProvider);
PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
SecretKey k = keyFact.generateSecret(pbeSpec);
((JCEPBEKey) k).setTryWrongPKCS12Zero(wrongPKCS12Zero);
Cipher cipher = Cipher.getInstance(algorithm, bcProvider);
cipher.init(Cipher.UNWRAP_MODE, k, defParams);
// we pass "" as the key algorithm type as it is unknown at this point
out = (PrivateKey) cipher.unwrap(data, "", Cipher.PRIVATE_KEY);
} catch (Exception e) {
throw new IOException("exception unwrapping private key - " + e.toString());
}
return out;
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKey(javax.crypto.SecretKey)
PrivateKey(java.security.PrivateKey)
PKCS12PBEParams(org.bouncycastle.asn1.pkcs.PKCS12PBEParams)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Cipher(javax.crypto.Cipher)
IOException(java.io.IOException)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Aggregations
PBEKeySpec (javax.crypto.spec.PBEKeySpec)249
SecretKeyFactory (javax.crypto.SecretKeyFactory)190
SecretKey (javax.crypto.SecretKey)118
Cipher (javax.crypto.Cipher)82
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)73
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)63
KeySpec (java.security.spec.KeySpec)59
PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)59
SecretKeySpec (javax.crypto.spec.SecretKeySpec)49
IOException (java.io.IOException)25
KeyStoreException (java.security.KeyStoreException)23
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)22
EncryptedPrivateKeyInfo (javax.crypto.EncryptedPrivateKeyInfo)17
CertificateException (java.security.cert.CertificateException)15
GeneralSecurityException (java.security.GeneralSecurityException)14
UnrecoverableKeyException (java.security.UnrecoverableKeyException)14
AlgorithmParameters (java.security.AlgorithmParameters)13
Key (java.security.Key)13
KeyStore (java.security.KeyStore)13
InvalidKeyException (java.security.InvalidKeyException)12
