Examples with InvalidKeyException - java.security.InvalidKeyException

Example 31 with InvalidKeyException

use of java.security.InvalidKeyException in project keywhiz by square.

the class ContentCryptographer method computeHmac.

public String computeHmac(byte[] data) {
    SecretKey hmacKey = deriveKey(32, "hmackey");
    try {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(hmacKey);
        return BaseEncoding.base16().encode(mac.doFinal(data));
    } catch (NoSuchAlgorithmException | InvalidKeyException e) {
        logger.warn("Error computing HMAC: ", e);
        return null;
    }
}

Also used : SecretKey(javax.crypto.SecretKey) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) Mac(javax.crypto.Mac)

Example 32 with InvalidKeyException

use of java.security.InvalidKeyException in project keywhiz by square.

the class ContentCryptographer method gcm.

private byte[] gcm(Mode mode, String info, byte[] nonce, byte[] data) {
    try {
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM, encryptionProvider);
        SecretKey derivedKey = deriveKey(cipher.getBlockSize(), info);
        GCMParameterSpec gcmParameters = new GCMParameterSpec(TAG_BITS, nonce);
        cipher.init(mode.cipherMode, derivedKey, gcmParameters);
        return cipher.doFinal(data);
    } catch (IllegalBlockSizeException | InvalidAlgorithmParameterException | NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException | BadPaddingException e) {
        throw Throwables.propagate(e);
    }
}

Also used : SecretKey(javax.crypto.SecretKey) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) Cipher(javax.crypto.Cipher) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException)

Example 33 with InvalidKeyException

use of java.security.InvalidKeyException in project camel by apache.

the class XmlSignerProcessor method sign.

protected Document sign(final Message out) throws Exception {
    try {
        XMLSignatureFactory fac;
        // not work
        try {
            fac = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig");
        } catch (NoSuchProviderException ex) {
            fac = XMLSignatureFactory.getInstance("DOM");
        }
        final Node node = getMessageBodyNode(out);
        if (getConfiguration().getKeyAccessor() == null) {
            throw new XmlSignatureNoKeyException("Key accessor is missing for XML signature generation. Specify a key accessor in the configuration.");
        }
        final KeySelector keySelector = getConfiguration().getKeyAccessor().getKeySelector(out);
        if (keySelector == null) {
            throw new XmlSignatureNoKeyException("Key selector is missing for XML signature generation. Specify a key selector in the configuration.");
        }
        SignatureType signatureType = determineSignatureType(out);
        final List<String> contentReferenceUris = getContentReferenceUris(out, signatureType, node);
        Node lastParent = null;
        // only in the detached case there can be several
        for (final String contentReferenceUri : contentReferenceUris) {
            // the method KeyAccessor.getKeyInfo must be called after the method KeyAccessor.getKeySelector, this is part of the interface contract!
            // and this method must be called within the loop over the content reference URIs, because for each signature the key info ID must be different
            final KeyInfo keyInfo = getConfiguration().getKeyAccessor().getKeyInfo(out, node, fac.getKeyInfoFactory());
            String signatureId = getConfiguration().getSignatureId();
            if (signatureId == null) {
                signatureId = "_" + UUID.randomUUID().toString();
            } else if (signatureId.isEmpty()) {
                // indicator that no signature Id attribute shall be generated
                signatureId = null;
            }
            // parent only relevant for enveloped or detached signature
            Node parent = getParentOfSignature(out, node, contentReferenceUri, signatureType);
            if (parent == null) {
                // for enveloping signature, create new document 
                parent = XmlSignatureHelper.newDocumentBuilder(Boolean.TRUE).newDocument();
            }
            lastParent = parent;
            XmlSignatureProperties.Input input = new InputBuilder().contentDigestAlgorithm(getDigestAlgorithmUri()).keyInfo(keyInfo).message(out).messageBodyNode(node).parent(parent).signatureAlgorithm(getConfiguration().getSignatureAlgorithm()).signatureFactory(fac).signatureId(signatureId).contentReferenceUri(contentReferenceUri).signatureType(signatureType).prefixForXmlSignatureNamespace(getConfiguration().getPrefixForXmlSignatureNamespace()).build();
            XmlSignatureProperties.Output properties = getSignatureProperties(input);
            // the signature properties can overwrite the signature Id
            if (properties != null && properties.getSignatureId() != null && !properties.getSignatureId().isEmpty()) {
                signatureId = properties.getSignatureId();
            }
            List<? extends XMLObject> objects = getObjects(input, properties);
            List<? extends Reference> refs = getReferences(input, properties, getKeyInfoId(keyInfo));
            SignedInfo si = createSignedInfo(fac, refs);
            DOMSignContext dsc = createAndConfigureSignContext(parent, keySelector);
            XMLSignature signature = fac.newXMLSignature(si, keyInfo, objects, signatureId, null);
            // generate the signature
            signature.sign(dsc);
        }
        return XmlSignatureHelper.getDocument(lastParent);
    } catch (XMLSignatureException se) {
        if (se.getCause() instanceof InvalidKeyException) {
            throw new XmlSignatureInvalidKeyException(se.getMessage(), se);
        } else {
            throw new XmlSignatureException(se);
        }
    } catch (GeneralSecurityException e) {
        // like NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException
        throw new XmlSignatureException(e);
    }
}

Also used : XmlSignatureInvalidKeyException(org.apache.camel.component.xmlsecurity.api.XmlSignatureInvalidKeyException) XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory) XmlSignatureProperties(org.apache.camel.component.xmlsecurity.api.XmlSignatureProperties) Node(org.w3c.dom.Node) GeneralSecurityException(java.security.GeneralSecurityException) SignatureType(org.apache.camel.component.xmlsecurity.api.SignatureType) KeySelector(javax.xml.crypto.KeySelector) InvalidKeyException(java.security.InvalidKeyException) XmlSignatureInvalidKeyException(org.apache.camel.component.xmlsecurity.api.XmlSignatureInvalidKeyException) SignedInfo(javax.xml.crypto.dsig.SignedInfo) XmlSignatureException(org.apache.camel.component.xmlsecurity.api.XmlSignatureException) KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo) XmlSignatureNoKeyException(org.apache.camel.component.xmlsecurity.api.XmlSignatureNoKeyException) DOMSignContext(javax.xml.crypto.dsig.dom.DOMSignContext) XMLSignature(javax.xml.crypto.dsig.XMLSignature) NoSuchProviderException(java.security.NoSuchProviderException) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException)

Example 34 with InvalidKeyException

use of java.security.InvalidKeyException in project camel by apache.

the class XMLSecurityDataFormat method generateKeyEncryptionKey.

private Key generateKeyEncryptionKey(String algorithm) throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
    DESedeKeySpec keySpec;
    Key secretKey;
    try {
        if (algorithm.equalsIgnoreCase("DESede")) {
            keySpec = new DESedeKeySpec(passPhrase);
            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
            secretKey = keyFactory.generateSecret(keySpec);
        } else if (algorithm.equalsIgnoreCase("SEED")) {
            secretKey = new SecretKeySpec(passPhrase, "SEED");
        } else if (algorithm.equalsIgnoreCase("CAMELLIA")) {
            secretKey = new SecretKeySpec(passPhrase, "CAMELLIA");
        } else {
            secretKey = new SecretKeySpec(passPhrase, "AES");
        }
        if (Arrays.equals(passPhrase, DEFAULT_KEY.getBytes())) {
            LOG.warn("Using the default encryption key is not secure");
        }
    } catch (InvalidKeyException e) {
        throw new InvalidKeyException("InvalidKeyException due to invalid passPhrase: " + Arrays.toString(passPhrase));
    } catch (NoSuchAlgorithmException e) {
        throw new NoSuchAlgorithmException("NoSuchAlgorithmException while using algorithm: " + algorithm);
    } catch (InvalidKeySpecException e) {
        throw new InvalidKeySpecException("Invalid Key generated while using passPhrase: " + Arrays.toString(passPhrase));
    }
    return secretKey;
}

Also used : SecretKeySpec(javax.crypto.spec.SecretKeySpec) DESedeKeySpec(javax.crypto.spec.DESedeKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidKeyException(java.security.InvalidKeyException) SecretKeyFactory(javax.crypto.SecretKeyFactory) PublicKey(java.security.PublicKey) EncryptedKey(org.apache.xml.security.encryption.EncryptedKey) Key(java.security.Key) PrivateKey(java.security.PrivateKey)

Example 35 with InvalidKeyException

use of java.security.InvalidKeyException in project spring-security-oauth by spring-projects.

the class HMAC_SHA1SignatureMethod method sign.

/**
   * Sign the signature base string. The signature is the digest octet string, first base64-encoded per RFC2045, section 6.8, then URL-encoded per
   * OAuth Parameter Encoding.
   *
   * @param signatureBaseString The signature base string.
   * @return The signature.
   */
public String sign(String signatureBaseString) {
    try {
        Mac mac = Mac.getInstance(MAC_NAME);
        mac.init(key);
        byte[] text = signatureBaseString.getBytes("UTF-8");
        byte[] signatureBytes = mac.doFinal(text);
        signatureBytes = Base64.encodeBase64(signatureBytes);
        String signature = new String(signatureBytes, "UTF-8");
        if (LOG.isDebugEnabled()) {
            LOG.debug("signature base: " + signatureBaseString);
            LOG.debug("signature: " + signature);
        }
        return signature;
    } catch (NoSuchAlgorithmException e) {
        throw new IllegalStateException(e);
    } catch (InvalidKeyException e) {
        throw new IllegalStateException(e);
    } catch (UnsupportedEncodingException e) {
        throw new RuntimeException(e);
    }
}

Also used : UnsupportedEncodingException(java.io.UnsupportedEncodingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) Mac(javax.crypto.Mac)

Aggregations

InvalidKeyException (java.security.InvalidKeyException)499 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)263 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)124 SignatureException (java.security.SignatureException)95 IOException (java.io.IOException)94 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)93 BadPaddingException (javax.crypto.BadPaddingException)89 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)87 Cipher (javax.crypto.Cipher)77 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)63 SecretKeySpec (javax.crypto.spec.SecretKeySpec)63 Signature (java.security.Signature)58 SecretKey (javax.crypto.SecretKey)50 PublicKey (java.security.PublicKey)49 PrivateKey (java.security.PrivateKey)47 CertificateException (java.security.cert.CertificateException)46 Mac (javax.crypto.Mac)44 IvParameterSpec (javax.crypto.spec.IvParameterSpec)41 NoSuchProviderException (java.security.NoSuchProviderException)39 KeyStoreException (java.security.KeyStoreException)33