use of cn.hutool.crypto.CryptoException in project hutool by looly.
the class SM2 method decrypt.
/**
* 解密
*
* @param data SM2密文,实际包含三部分:ECC公钥、真正的密文、公钥和原文的SM3-HASH值
* @param privateKeyParameters 私钥参数
* @return 加密后的bytes
* @throws CryptoException 包括InvalidKeyException和InvalidCipherTextException的包装异常
* @since 5.1.6
*/
public byte[] decrypt(byte[] data, CipherParameters privateKeyParameters) throws CryptoException {
lock.lock();
final SM2Engine engine = getEngine();
try {
engine.init(false, privateKeyParameters);
return engine.processBlock(data, 0, data.length);
} catch (InvalidCipherTextException e) {
throw new CryptoException(e);
} finally {
lock.unlock();
}
}
use of cn.hutool.crypto.CryptoException in project hutool by looly.
the class SM2 method sign.
/**
* 用私钥对信息生成数字签名,签名格式为ASN1<br>
* 在硬件签名中,返回结果为R+S,可以通过调用{@link cn.hutool.crypto.SmUtil#rsAsn1ToPlain(byte[])}方法转换之。
*
* @param data 被签名的数据数据
* @param id 可以为null,若为null,则默认withId为字节数组:"1234567812345678".getBytes()
* @return 签名
*/
public byte[] sign(byte[] data, byte[] id) {
lock.lock();
final SM2Signer signer = getSigner();
try {
CipherParameters param = new ParametersWithRandom(getCipherParameters(KeyType.PrivateKey));
if (id != null) {
param = new ParametersWithID(param, id);
}
signer.init(true, param);
signer.update(data, 0, data.length);
return signer.generateSignature();
} catch (org.bouncycastle.crypto.CryptoException e) {
throw new CryptoException(e);
} finally {
lock.unlock();
}
}
use of cn.hutool.crypto.CryptoException in project hutool by looly.
the class Sign method setCertificate.
/**
* 设置{@link Certificate} 为PublicKey<br>
* 如果Certificate是X509Certificate,我们需要检查是否有密钥扩展
*
* @param certificate {@link Certificate}
* @return this
*/
public Sign setCertificate(Certificate certificate) {
// extension marked as critical.
if (certificate instanceof X509Certificate) {
// Check whether the cert has a key usage extension
// marked as a critical extension.
// The OID for KeyUsage extension is 2.5.29.15.
final X509Certificate cert = (X509Certificate) certificate;
final Set<String> critSet = cert.getCriticalExtensionOIDs();
if (CollUtil.isNotEmpty(critSet) && critSet.contains("2.5.29.15")) {
final boolean[] keyUsageInfo = cert.getKeyUsage();
// keyUsageInfo[0] is for digitalSignature.
if ((keyUsageInfo != null) && (keyUsageInfo[0] == false)) {
throw new CryptoException("Wrong key usage");
}
}
}
this.publicKey = certificate.getPublicKey();
return this;
}
use of cn.hutool.crypto.CryptoException in project hutool by looly.
the class SymmetricCrypto method decrypt.
@Override
public void decrypt(InputStream data, OutputStream out, boolean isClose) throws IORuntimeException {
lock.lock();
CipherInputStream cipherInputStream = null;
try {
final Cipher cipher = initMode(Cipher.DECRYPT_MODE);
cipherInputStream = new CipherInputStream(data, cipher);
if (this.isZeroPadding) {
final int blockSize = cipher.getBlockSize();
if (blockSize > 0) {
copyForZeroPadding(cipherInputStream, out, blockSize);
return;
}
}
IoUtil.copy(cipherInputStream, out);
} catch (IOException e) {
throw new IORuntimeException(e);
} catch (IORuntimeException e) {
throw e;
} catch (Exception e) {
throw new CryptoException(e);
} finally {
lock.unlock();
// issue#I4EMST@Gitee
// CipherOutputStream必须关闭,才能完全写出
IoUtil.close(cipherInputStream);
if (isClose) {
IoUtil.close(data);
}
}
}
use of cn.hutool.crypto.CryptoException in project hutool by looly.
the class SymmetricCrypto method update.
/**
* 更新数据,分组加密中间结果可以当作随机数<br>
* 第一次更新数据前需要调用{@link #setMode(CipherMode)}初始化加密或解密模式,然后每次更新数据都是累加模式
*
* @param data 被加密的bytes
* @return update之后的bytes
* @since 5.6.8
*/
public byte[] update(byte[] data) {
final Cipher cipher = cipherWrapper.getCipher();
lock.lock();
try {
return cipher.update(paddingDataWithZero(data, cipher.getBlockSize()));
} catch (Exception e) {
throw new CryptoException(e);
} finally {
lock.unlock();
}
}
Aggregations