Example 11 with EncryptedMessage
use of com.tremolosecurity.provisioning.util.EncryptedMessage in project OpenUnison by TremoloSecurity.
the class U2fUtil method loadUserKeys.
public static List<SecurityKeyData> loadUserKeys(AuthInfo userData, String challengeStoreAttribute, String encyrptionKeyName) throws Exception, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
Attribute challengeAttr = userData.getAttribs().get(challengeStoreAttribute);
Type t = new TypeToken<List<KeyHolder>>() {
}.getType();
ArrayList<SecurityKeyData> devices = new ArrayList<SecurityKeyData>();
if (challengeAttr != null) {
SecretKey key = GlobalEntries.getGlobalEntries().getConfigManager().getSecretKey(encyrptionKeyName);
if (key == null) {
throw new Exception("Queue message encryption key not found");
}
EncryptedMessage msg = gson.fromJson(inflate(challengeAttr.getValues().get(0)), EncryptedMessage.class);
IvParameterSpec spec = new IvParameterSpec(msg.getIv());
Cipher cipher;
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, spec);
byte[] bytes = cipher.doFinal(msg.getMsg());
String json = new String(bytes);
java.util.List<KeyHolder> fromJSON = gson.fromJson(json, t);
for (KeyHolder kh : fromJSON) {
devices.add(new SecurityKeyData(kh.getEnrollmentTime(), kh.getKeyHandle(), kh.getPublicKey(), null, kh.getCounter()));
}
}
return devices;
}
Also used :
Attribute(com.tremolosecurity.saml.Attribute)
ArrayList(java.util.ArrayList)
KeyHolder(com.tremolosecurity.unison.google.u2f.KeyHolder)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
MalformedURLException(java.net.MalformedURLException)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
IOException(java.io.IOException)
BadPaddingException(javax.crypto.BadPaddingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
Type(java.lang.reflect.Type)
SecretKey(javax.crypto.SecretKey)
SecurityKeyData(com.google.u2f.server.data.SecurityKeyData)
EncryptedMessage(com.tremolosecurity.provisioning.util.EncryptedMessage)
ArrayList(java.util.ArrayList)
List(java.util.List)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
Example 12 with EncryptedMessage
use of com.tremolosecurity.provisioning.util.EncryptedMessage in project OpenUnison by TremoloSecurity.
the class U2fUtil method encode.
public static String encode(List<SecurityKeyData> devices, String encyrptionKeyName) throws Exception {
ArrayList<KeyHolder> keys = new ArrayList<KeyHolder>();
for (SecurityKeyData dr : devices) {
KeyHolder kh = new KeyHolder();
kh.setCounter(dr.getCounter());
kh.setEnrollmentTime(dr.getEnrollmentTime());
kh.setKeyHandle(dr.getKeyHandle());
kh.setPublicKey(dr.getPublicKey());
kh.setTransports(dr.getTransports());
keys.add(kh);
}
String json = gson.toJson(keys);
EncryptedMessage msg = new EncryptedMessage();
SecretKey key = GlobalEntries.getGlobalEntries().getConfigManager().getSecretKey(encyrptionKeyName);
if (key == null) {
throw new Exception("Queue message encryption key not found");
}
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
msg.setMsg(cipher.doFinal(json.getBytes("UTF-8")));
msg.setIv(cipher.getIV());
ByteArrayOutputStream baos = new ByteArrayOutputStream();
DeflaterOutputStream compressor = new DeflaterOutputStream(baos, new Deflater(Deflater.BEST_COMPRESSION, true));
compressor.write(gson.toJson(msg).getBytes("UTF-8"));
compressor.flush();
compressor.close();
String b64 = new String(Base64.encodeBase64(baos.toByteArray()));
return b64;
}
Also used :
SecretKey(javax.crypto.SecretKey)
SecurityKeyData(com.google.u2f.server.data.SecurityKeyData)
Deflater(java.util.zip.Deflater)
ArrayList(java.util.ArrayList)
EncryptedMessage(com.tremolosecurity.provisioning.util.EncryptedMessage)
DeflaterOutputStream(java.util.zip.DeflaterOutputStream)
KeyHolder(com.tremolosecurity.unison.google.u2f.KeyHolder)
Cipher(javax.crypto.Cipher)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
MalformedURLException(java.net.MalformedURLException)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
IOException(java.io.IOException)
BadPaddingException(javax.crypto.BadPaddingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
Aggregations
EncryptedMessage (com.tremolosecurity.provisioning.util.EncryptedMessage)12
Cipher (javax.crypto.Cipher)7
SecretKey (javax.crypto.SecretKey)7
Gson (com.google.gson.Gson)6
IOException (java.io.IOException)6
Attribute (com.tremolosecurity.saml.Attribute)5
InvalidKeyException (java.security.InvalidKeyException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
BadPaddingException (javax.crypto.BadPaddingException)4
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)4
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)4
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)3
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
HashMap (java.util.HashMap)3
IvParameterSpec (javax.crypto.spec.IvParameterSpec)3
TextMessage (javax.jms.TextMessage)3
SecurityKeyData (com.google.u2f.server.data.SecurityKeyData)2
TaskHolder (com.tremolosecurity.provisioning.util.TaskHolder)2
KeyHolder (com.tremolosecurity.unison.google.u2f.KeyHolder)2
