Examples with HashedDataType com.evolveum.prism.xml.ns._public.types_3.HashedDataType used on opensource projects

Search in sources :

Example 1 with HashedDataType

use of com.evolveum.prism.xml.ns._public.types_3.HashedDataType in project midpoint by Evolveum.

the class ProtectorImpl method compareHashedPbkd.

private boolean compareHashedPbkd(HashedDataType hashedDataType, String algorithmName, char[] clearChars) throws EncryptionException {
    DigestMethodType digestMethodType = hashedDataType.getDigestMethod();
    byte[] salt = digestMethodType.getSalt();
    Integer workFactor = digestMethodType.getWorkFactor();
    byte[] digestValue = hashedDataType.getDigestValue();
    int keyLen = digestValue.length * 8;
    SecretKeyFactory secretKeyFactory;
    try {
        secretKeyFactory = SecretKeyFactory.getInstance(algorithmName);
    } catch (NoSuchAlgorithmException e) {
        throw new EncryptionException(e.getMessage(), e);
    }
    PBEKeySpec keySpec = new PBEKeySpec(clearChars, salt, workFactor, keyLen);
    SecretKey key;
    try {
        key = secretKeyFactory.generateSecret(keySpec);
    } catch (InvalidKeySpecException e) {
        throw new EncryptionException(e.getMessage(), e);
    }
    byte[] hashBytes = key.getEncoded();
    return Arrays.equals(digestValue, hashBytes);
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKey(javax.crypto.SecretKey) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DigestMethodType(com.evolveum.prism.xml.ns._public.types_3.DigestMethodType) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 2 with HashedDataType

use of com.evolveum.prism.xml.ns._public.types_3.HashedDataType in project midpoint by Evolveum.

the class XNodeProcessorUtil method parseProtectedType.

public static <T> void parseProtectedType(ProtectedDataType<T> protectedType, MapXNode xmap, PrismContext prismContext, ParsingContext pc) throws SchemaException {
    RootXNode xEncryptedData = xmap.getEntryAsRoot(ProtectedDataType.F_ENCRYPTED_DATA);
    if (xEncryptedData != null) {
        if (!(xEncryptedData.getSubnode() instanceof MapXNode)) {
            throw new SchemaException("Cannot parse encryptedData from " + xEncryptedData);
        }
        EncryptedDataType encryptedDataType = prismContext.parserFor(xEncryptedData).context(pc).parseRealValue(EncryptedDataType.class);
        protectedType.setEncryptedData(encryptedDataType);
    } else {
        // Check for legacy EncryptedData
        RootXNode xLegacyEncryptedData = xmap.getEntryAsRoot(ProtectedDataType.F_XML_ENC_ENCRYPTED_DATA);
        if (xLegacyEncryptedData != null) {
            if (!(xLegacyEncryptedData.getSubnode() instanceof MapXNode)) {
                throw new SchemaException("Cannot parse EncryptedData from " + xEncryptedData);
            }
            RootXNode xConvertedEncryptedData = (RootXNode) xLegacyEncryptedData.cloneTransformKeys(in -> {
                String elementName = StringUtils.uncapitalize(in.getLocalPart());
                if (elementName.equals("type")) {
                    return null;
                }
                return new QName(null, elementName);
            });
            EncryptedDataType encryptedDataType = prismContext.parserFor(xConvertedEncryptedData).context(pc).parseRealValue(EncryptedDataType.class);
            protectedType.setEncryptedData(encryptedDataType);
            if (protectedType instanceof ProtectedStringType) {
                transformEncryptedValue(protectedType, prismContext);
            }
        }
    }
    RootXNode xHashedData = xmap.getEntryAsRoot(ProtectedDataType.F_HASHED_DATA);
    if (xHashedData != null) {
        if (!(xHashedData.getSubnode() instanceof MapXNode)) {
            throw new SchemaException("Cannot parse hashedData from " + xHashedData);
        }
        HashedDataType hashedDataType = prismContext.parserFor(xHashedData).context(pc).parseRealValue(HashedDataType.class);
        protectedType.setHashedData(hashedDataType);
    }
    // protected data empty..check for clear value
    if (protectedType.isEmpty()) {
        XNode xClearValue = xmap.get(ProtectedDataType.F_CLEAR_VALUE);
        if (xClearValue == null) {
            //TODO: try to use common namespace (only to be compatible with previous versions)
            //FIXME maybe add some warning, info...
            xClearValue = xmap.get(new QName(ProtectedDataType.F_CLEAR_VALUE.getLocalPart()));
        }
        if (xClearValue == null) {
            return;
        }
        if (!(xClearValue instanceof PrimitiveXNode)) {
            //this is maybe not good..
            throw new SchemaException("Cannot parse clear value from " + xClearValue);
        }
        // TODO: clearValue
        T clearValue = (T) ((PrimitiveXNode) xClearValue).getParsedValue(DOMUtil.XSD_STRING, String.class);
        protectedType.setClearValue(clearValue);
    }
}
Also used : StringUtils(org.apache.commons.lang.StringUtils) RootXNode(com.evolveum.midpoint.prism.xnode.RootXNode) XNode(com.evolveum.midpoint.prism.xnode.XNode) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) HashedDataType(com.evolveum.prism.xml.ns._public.types_3.HashedDataType) Field(java.lang.reflect.Field) EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException) PrimitiveXNode(com.evolveum.midpoint.prism.xnode.PrimitiveXNode) DOMUtil(com.evolveum.midpoint.util.DOMUtil) ParsingContext(com.evolveum.midpoint.prism.ParsingContext) Protector(com.evolveum.midpoint.prism.crypto.Protector) PrismContext(com.evolveum.midpoint.prism.PrismContext) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) XmlValue(javax.xml.bind.annotation.XmlValue) QName(javax.xml.namespace.QName) ProtectedDataType(com.evolveum.prism.xml.ns._public.types_3.ProtectedDataType) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) EncryptedDataType(com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) PrimitiveXNode(com.evolveum.midpoint.prism.xnode.PrimitiveXNode) EncryptedDataType(com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType) QName(javax.xml.namespace.QName) RootXNode(com.evolveum.midpoint.prism.xnode.RootXNode) XNode(com.evolveum.midpoint.prism.xnode.XNode) PrimitiveXNode(com.evolveum.midpoint.prism.xnode.PrimitiveXNode) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) RootXNode(com.evolveum.midpoint.prism.xnode.RootXNode) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) HashedDataType(com.evolveum.prism.xml.ns._public.types_3.HashedDataType)

Example 3 with HashedDataType

use of com.evolveum.prism.xml.ns._public.types_3.HashedDataType in project midpoint by Evolveum.

the class ProtectorImpl method hashPbkd.

private HashedDataType hashPbkd(ProtectedData<String> protectedData, String algorithmUri, String algorithmName) throws EncryptionException {
    char[] clearChars = getClearChars(protectedData);
    byte[] salt = generatePbkdSalt();
    int iterations = getPbkdIterations();
    SecretKeyFactory secretKeyFactory;
    try {
        secretKeyFactory = SecretKeyFactory.getInstance(algorithmName);
    } catch (NoSuchAlgorithmException e) {
        throw new EncryptionException(e.getMessage(), e);
    }
    PBEKeySpec keySpec = new PBEKeySpec(clearChars, salt, iterations, getPbkdKeyLength());
    SecretKey key;
    try {
        key = secretKeyFactory.generateSecret(keySpec);
    } catch (InvalidKeySpecException e) {
        throw new EncryptionException(e.getMessage(), e);
    }
    byte[] hashBytes = key.getEncoded();
    HashedDataType hashedDataType = new HashedDataType();
    DigestMethodType digestMethod = new DigestMethodType();
    digestMethod.setAlgorithm(algorithmUri);
    digestMethod.setSalt(salt);
    digestMethod.setWorkFactor(iterations);
    hashedDataType.setDigestMethod(digestMethod);
    hashedDataType.setDigestValue(hashBytes);
    return hashedDataType;
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKey(javax.crypto.SecretKey) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DigestMethodType(com.evolveum.prism.xml.ns._public.types_3.DigestMethodType) SecretKeyFactory(javax.crypto.SecretKeyFactory) HashedDataType(com.evolveum.prism.xml.ns._public.types_3.HashedDataType)

Example 4 with HashedDataType

use of com.evolveum.prism.xml.ns._public.types_3.HashedDataType in project midpoint by Evolveum.

the class ProtectorImpl method compareHashed.

private boolean compareHashed(ProtectedStringType hashedPs, char[] clearChars) throws SchemaException, EncryptionException {
    HashedDataType hashedDataType = hashedPs.getHashedDataType();
    DigestMethodType digestMethodType = hashedDataType.getDigestMethod();
    if (digestMethodType == null) {
        throw new SchemaException("No digest type");
    }
    String algorithmUri = digestMethodType.getAlgorithm();
    QName algorithmQName = QNameUtil.uriToQName(algorithmUri);
    String algorithmNamespace = algorithmQName.getNamespaceURI();
    if (algorithmNamespace == null) {
        throw new SchemaException("No algorithm namespace");
    }
    switch(algorithmNamespace) {
        case PrismConstants.NS_CRYPTO_ALGORITHM_PBKD:
            return compareHashedPbkd(hashedDataType, algorithmQName.getLocalPart(), clearChars);
        default:
            throw new SchemaException("Unkown namespace " + algorithmNamespace);
    }
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) QName(javax.xml.namespace.QName) DigestMethodType(com.evolveum.prism.xml.ns._public.types_3.DigestMethodType) HashedDataType(com.evolveum.prism.xml.ns._public.types_3.HashedDataType)

Example 5 with HashedDataType

use of com.evolveum.prism.xml.ns._public.types_3.HashedDataType in project midpoint by Evolveum.

the class ProtectorImpl method hash.

@Override
public <T> void hash(ProtectedData<T> protectedData) throws EncryptionException, SchemaException {
    if (protectedData.isHashed()) {
        throw new IllegalArgumentException("Attempt to hash protected data that are already hashed");
    }
    String algorithmUri = getDigestAlgorithm();
    QName algorithmQName = QNameUtil.uriToQName(algorithmUri);
    String algorithmNamespace = algorithmQName.getNamespaceURI();
    if (algorithmNamespace == null) {
        throw new SchemaException("No algorithm namespace");
    }
    HashedDataType hashedDataType;
    switch(algorithmNamespace) {
        case PrismConstants.NS_CRYPTO_ALGORITHM_PBKD:
            if (!protectedData.canSupportType(String.class)) {
                throw new SchemaException("Non-string proteted data");
            }
            hashedDataType = hashPbkd((ProtectedData<String>) protectedData, algorithmUri, algorithmQName.getLocalPart());
            break;
        default:
            throw new SchemaException("Unkown namespace " + algorithmNamespace);
    }
    protectedData.setHashedData(hashedDataType);
    protectedData.destroyCleartext();
    protectedData.setEncryptedData(null);
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) QName(javax.xml.namespace.QName) HashedDataType(com.evolveum.prism.xml.ns._public.types_3.HashedDataType)

Aggregations

HashedDataType (com.evolveum.prism.xml.ns._public.types_3.HashedDataType)4 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)3 DigestMethodType (com.evolveum.prism.xml.ns._public.types_3.DigestMethodType)3 QName (javax.xml.namespace.QName)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)2 SecretKey (javax.crypto.SecretKey)2 SecretKeyFactory (javax.crypto.SecretKeyFactory)2 PBEKeySpec (javax.crypto.spec.PBEKeySpec)2 ParsingContext (com.evolveum.midpoint.prism.ParsingContext)1 PrismContext (com.evolveum.midpoint.prism.PrismContext)1 EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)1 Protector (com.evolveum.midpoint.prism.crypto.Protector)1 MapXNode (com.evolveum.midpoint.prism.xnode.MapXNode)1 PrimitiveXNode (com.evolveum.midpoint.prism.xnode.PrimitiveXNode)1 RootXNode (com.evolveum.midpoint.prism.xnode.RootXNode)1 XNode (com.evolveum.midpoint.prism.xnode.XNode)1 DOMUtil (com.evolveum.midpoint.util.DOMUtil)1 EncryptedDataType (com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType)1 ProtectedDataType (com.evolveum.prism.xml.ns._public.types_3.ProtectedDataType)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial