Search in sources :

Example 6 with CryptoException

use of cn.hutool.crypto.CryptoException in project hutool by looly.

the class SM2 method decrypt.

/**
 * 解密
 *
 * @param data                 SM2密文,实际包含三部分:ECC公钥、真正的密文、公钥和原文的SM3-HASH值
 * @param privateKeyParameters 私钥参数
 * @return 加密后的bytes
 * @throws CryptoException 包括InvalidKeyException和InvalidCipherTextException的包装异常
 * @since 5.1.6
 */
public byte[] decrypt(byte[] data, CipherParameters privateKeyParameters) throws CryptoException {
    lock.lock();
    final SM2Engine engine = getEngine();
    try {
        engine.init(false, privateKeyParameters);
        return engine.processBlock(data, 0, data.length);
    } catch (InvalidCipherTextException e) {
        throw new CryptoException(e);
    } finally {
        lock.unlock();
    }
}
Also used : InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) SM2Engine(org.bouncycastle.crypto.engines.SM2Engine) CryptoException(cn.hutool.crypto.CryptoException)

Example 7 with CryptoException

use of cn.hutool.crypto.CryptoException in project hutool by looly.

the class SM2 method sign.

/**
 * 用私钥对信息生成数字签名,签名格式为ASN1<br>
 * 在硬件签名中,返回结果为R+S,可以通过调用{@link cn.hutool.crypto.SmUtil#rsAsn1ToPlain(byte[])}方法转换之。
 *
 * @param data 被签名的数据数据
 * @param id   可以为null,若为null,则默认withId为字节数组:"1234567812345678".getBytes()
 * @return 签名
 */
public byte[] sign(byte[] data, byte[] id) {
    lock.lock();
    final SM2Signer signer = getSigner();
    try {
        CipherParameters param = new ParametersWithRandom(getCipherParameters(KeyType.PrivateKey));
        if (id != null) {
            param = new ParametersWithID(param, id);
        }
        signer.init(true, param);
        signer.update(data, 0, data.length);
        return signer.generateSignature();
    } catch (org.bouncycastle.crypto.CryptoException e) {
        throw new CryptoException(e);
    } finally {
        lock.unlock();
    }
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithID(org.bouncycastle.crypto.params.ParametersWithID) ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom) CryptoException(cn.hutool.crypto.CryptoException) SM2Signer(org.bouncycastle.crypto.signers.SM2Signer)

Example 8 with CryptoException

use of cn.hutool.crypto.CryptoException in project hutool by looly.

the class Sign method setCertificate.

/**
 * 设置{@link Certificate} 为PublicKey<br>
 * 如果Certificate是X509Certificate,我们需要检查是否有密钥扩展
 *
 * @param certificate {@link Certificate}
 * @return this
 */
public Sign setCertificate(Certificate certificate) {
    // extension marked as critical.
    if (certificate instanceof X509Certificate) {
        // Check whether the cert has a key usage extension
        // marked as a critical extension.
        // The OID for KeyUsage extension is 2.5.29.15.
        final X509Certificate cert = (X509Certificate) certificate;
        final Set<String> critSet = cert.getCriticalExtensionOIDs();
        if (CollUtil.isNotEmpty(critSet) && critSet.contains("2.5.29.15")) {
            final boolean[] keyUsageInfo = cert.getKeyUsage();
            // keyUsageInfo[0] is for digitalSignature.
            if ((keyUsageInfo != null) && (keyUsageInfo[0] == false)) {
                throw new CryptoException("Wrong key usage");
            }
        }
    }
    this.publicKey = certificate.getPublicKey();
    return this;
}
Also used : CryptoException(cn.hutool.crypto.CryptoException) X509Certificate(java.security.cert.X509Certificate)

Example 9 with CryptoException

use of cn.hutool.crypto.CryptoException in project hutool by looly.

the class SymmetricCrypto method decrypt.

@Override
public void decrypt(InputStream data, OutputStream out, boolean isClose) throws IORuntimeException {
    lock.lock();
    CipherInputStream cipherInputStream = null;
    try {
        final Cipher cipher = initMode(Cipher.DECRYPT_MODE);
        cipherInputStream = new CipherInputStream(data, cipher);
        if (this.isZeroPadding) {
            final int blockSize = cipher.getBlockSize();
            if (blockSize > 0) {
                copyForZeroPadding(cipherInputStream, out, blockSize);
                return;
            }
        }
        IoUtil.copy(cipherInputStream, out);
    } catch (IOException e) {
        throw new IORuntimeException(e);
    } catch (IORuntimeException e) {
        throw e;
    } catch (Exception e) {
        throw new CryptoException(e);
    } finally {
        lock.unlock();
        // issue#I4EMST@Gitee
        // CipherOutputStream必须关闭,才能完全写出
        IoUtil.close(cipherInputStream);
        if (isClose) {
            IoUtil.close(data);
        }
    }
}
Also used : CipherInputStream(javax.crypto.CipherInputStream) IORuntimeException(cn.hutool.core.io.IORuntimeException) Cipher(javax.crypto.Cipher) IOException(java.io.IOException) CryptoException(cn.hutool.crypto.CryptoException) IORuntimeException(cn.hutool.core.io.IORuntimeException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) IOException(java.io.IOException) CryptoException(cn.hutool.crypto.CryptoException) InvalidKeyException(java.security.InvalidKeyException)

Example 10 with CryptoException

use of cn.hutool.crypto.CryptoException in project hutool by looly.

the class SymmetricCrypto method update.

/**
 * 更新数据,分组加密中间结果可以当作随机数<br>
 * 第一次更新数据前需要调用{@link #setMode(CipherMode)}初始化加密或解密模式,然后每次更新数据都是累加模式
 *
 * @param data 被加密的bytes
 * @return update之后的bytes
 * @since 5.6.8
 */
public byte[] update(byte[] data) {
    final Cipher cipher = cipherWrapper.getCipher();
    lock.lock();
    try {
        return cipher.update(paddingDataWithZero(data, cipher.getBlockSize()));
    } catch (Exception e) {
        throw new CryptoException(e);
    } finally {
        lock.unlock();
    }
}
Also used : Cipher(javax.crypto.Cipher) CryptoException(cn.hutool.crypto.CryptoException) IORuntimeException(cn.hutool.core.io.IORuntimeException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) IOException(java.io.IOException) CryptoException(cn.hutool.crypto.CryptoException) InvalidKeyException(java.security.InvalidKeyException)

Aggregations

CryptoException (cn.hutool.crypto.CryptoException)20 IOException (java.io.IOException)10 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)8 InvalidKeyException (java.security.InvalidKeyException)6 Cipher (javax.crypto.Cipher)6 IORuntimeException (cn.hutool.core.io.IORuntimeException)4 Key (java.security.Key)4 PrivateKey (java.security.PrivateKey)4 PublicKey (java.security.PublicKey)4 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 RSAKey (java.security.interfaces.RSAKey)2 BadPaddingException (javax.crypto.BadPaddingException)2 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)2 InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)2 SM2Engine (org.bouncycastle.crypto.engines.SM2Engine)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 X509Certificate (java.security.cert.X509Certificate)1 ReentrantReadWriteLock (java.util.concurrent.locks.ReentrantReadWriteLock)1 WriteLock (java.util.concurrent.locks.ReentrantReadWriteLock.WriteLock)1 CipherInputStream (javax.crypto.CipherInputStream)1