Examples with NoSuchProviderException java.security.NoSuchProviderException used on opensource projects

Search in sources :

Example 51 with NoSuchProviderException

use of java.security.NoSuchProviderException in project jetty-bootstrap by teknux-org.

the class AbstractJettyKeystore method checkValidity.

public static void checkValidity(KeyStore keystore, String keystoreAlias, boolean checkValidity, boolean verifySignature) throws JettyKeystoreException {
    try {
        Objects.requireNonNull(keystore, "Keystore can not be null");
        Certificate certificate = keystore.getCertificate(keystoreAlias);
        Objects.requireNonNull(certificate, "Certificate is unreacheable");
        X509Certificate x509Certificate = (X509Certificate) certificate;
        if (checkValidity) {
            x509Certificate.checkValidity();
        }
        if (verifySignature) {
            x509Certificate.verify(certificate.getPublicKey());
        }
    } catch (NullPointerException | InvalidKeyException | CertificateException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | KeyStoreException e) {
        throw new JettyKeystoreException(JettyKeystoreException.ERROR_INVALID_KEYSTORE, "Keystore is not valid", e);
    }
}
Also used : CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) KeyStoreException(java.security.KeyStoreException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 52 with NoSuchProviderException

use of java.security.NoSuchProviderException in project athenz by yahoo.

the class Crypto method verify.

/**
 * Verify the signed data with given digest algorithm and the private key against the ybase64 encoded signature.
 * @param message the message to sign, as a UTF8 string
 * @param key the public key corresponding to the signing key
 * @param signature the ybase64 encoded signature for the data
 * @param digestAlgorithm supported values SHA1 and SHA256
 * @return true if the message was indeed signed by the signature.
 * @throws CryptoException for any issues with provider/algorithm/signature/key
 */
public static boolean verify(String message, PublicKey key, String signature, String digestAlgorithm) throws CryptoException {
    try {
        byte[] sig = ybase64Decode(signature);
        String signatureAlgorithm = getSignatureAlgorithm(key.getAlgorithm(), digestAlgorithm);
        java.security.Signature signer = java.security.Signature.getInstance(signatureAlgorithm, BC_PROVIDER);
        signer.initVerify(key);
        signer.update(utf8Bytes(message));
        return signer.verify(sig);
    } catch (NoSuchProviderException e) {
        LOG.error("verify: Caught NoSuchProviderException, check to make sure the provider is loaded correctly.");
        throw new CryptoException(e);
    } catch (NoSuchAlgorithmException e) {
        LOG.error("verify: Caught NoSuchAlgorithmException, check to make sure the algorithm is supported by the provider.");
        throw new CryptoException(e);
    } catch (SignatureException e) {
        LOG.error("verify: Caught SignatureException.");
        throw new CryptoException(e);
    } catch (InvalidKeyException e) {
        LOG.error("verify: Caught InvalidKeyException, invalid key type is being used.");
        throw new CryptoException(e);
    }
}
Also used : DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) NoSuchProviderException(java.security.NoSuchProviderException) InvalidKeyException(java.security.InvalidKeyException)

Example 53 with NoSuchProviderException

use of java.security.NoSuchProviderException in project athenz by yahoo.

the class Crypto method loadPrivateKey.

public static PrivateKey loadPrivateKey(Reader reader, String pwd) throws CryptoException {
    try (PEMParser pemReader = new PEMParser(reader)) {
        PrivateKey privKey = null;
        X9ECParameters ecParam = null;
        Object pemObj = pemReader.readObject();
        if (pemObj instanceof ASN1ObjectIdentifier) {
            // make sure this is EC Parameter we're handling. In which case
            // we'll store it and read the next object which should be our
            // EC Private Key
            ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
            ecParam = ECNamedCurveTable.getByOID(ecOID);
            if (ecParam == null) {
                throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ((ASN1ObjectIdentifier) pemObj).getId());
            }
            pemObj = pemReader.readObject();
        } else if (pemObj instanceof X9ECParameters) {
            ecParam = (X9ECParameters) pemObj;
            pemObj = pemReader.readObject();
        }
        if (pemObj instanceof PEMKeyPair) {
            PrivateKeyInfo pKeyInfo = ((PEMKeyPair) pemObj).getPrivateKeyInfo();
            JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
            privKey = pemConverter.getPrivateKey(pKeyInfo);
        } else if (pemObj instanceof PKCS8EncryptedPrivateKeyInfo) {
            PKCS8EncryptedPrivateKeyInfo pKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pemObj;
            if (pwd == null) {
                throw new CryptoException("No password specified to decrypt encrypted private key");
            }
            // Decrypt the private key with the specified password
            InputDecryptorProvider pkcs8Prov = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(BC_PROVIDER).build(pwd.toCharArray());
            PrivateKeyInfo privateKeyInfo = pKeyInfo.decryptPrivateKeyInfo(pkcs8Prov);
            JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
            privKey = pemConverter.getPrivateKey(privateKeyInfo);
        }
        if (ecParam != null && ECDSA.equals(privKey.getAlgorithm())) {
            ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
            KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BC_PROVIDER);
            ECPrivateKeySpec keySpec = new ECPrivateKeySpec(((BCECPrivateKey) privKey).getS(), ecSpec);
            privKey = (PrivateKey) keyFactory.generatePrivate(keySpec);
        }
        return privKey;
    } catch (PEMException e) {
        LOG.error("loadPrivateKey: Caught PEMException, problem with format of key detected.");
        throw new CryptoException(e);
    } catch (NoSuchProviderException e) {
        LOG.error("loadPrivateKey: Caught NoSuchProviderException, check to make sure the provider is loaded correctly.");
        throw new CryptoException(e);
    } catch (NoSuchAlgorithmException e) {
        LOG.error("loadPrivateKey: Caught NoSuchAlgorithmException, check to make sure the algorithm is supported by the provider.");
        throw new CryptoException(e);
    } catch (InvalidKeySpecException e) {
        LOG.error("loadPrivateKey: Caught InvalidKeySpecException, invalid key spec is being used.");
        throw new CryptoException(e);
    } catch (OperatorCreationException e) {
        LOG.error("loadPrivateKey: Caught OperatorCreationException when creating JceOpenSSLPKCS8DecryptorProviderBuilder.");
        throw new CryptoException(e);
    } catch (PKCSException e) {
        LOG.error("loadPrivateKey: Caught PKCSException when decrypting private key.");
        throw new CryptoException(e);
    } catch (IOException e) {
        LOG.error("loadPrivateKey: Caught IOException, while trying to read key.");
        throw new CryptoException(e);
    }
}
Also used : BCECPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey) PrivateKey(java.security.PrivateKey) ECPrivateKeySpec(org.bouncycastle.jce.spec.ECPrivateKeySpec) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) PKCSException(org.bouncycastle.pkcs.PKCSException) PEMParser(org.bouncycastle.openssl.PEMParser) InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) PEMException(org.bouncycastle.openssl.PEMException) PemObject(org.bouncycastle.util.io.pem.PemObject) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) JceOpenSSLPKCS8DecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchProviderException(java.security.NoSuchProviderException) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) KeyFactory(java.security.KeyFactory)

Example 54 with NoSuchProviderException

use of java.security.NoSuchProviderException in project athenz by yahoo.

the class Crypto method loadPublicKey.

public static PublicKey loadPublicKey(Reader r) throws CryptoException {
    try (org.bouncycastle.openssl.PEMParser pemReader = new org.bouncycastle.openssl.PEMParser(r)) {
        PublicKey pubKey = null;
        Object pemObj = pemReader.readObject();
        JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
        SubjectPublicKeyInfo keyInfo = null;
        X9ECParameters ecParam = null;
        if (pemObj instanceof ASN1ObjectIdentifier) {
            // make sure this is EC Parameter we're handling. In which case
            // we'll store it and read the next object which should be our
            // EC Public Key
            ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
            ecParam = ECNamedCurveTable.getByOID(ecOID);
            if (ecParam == null) {
                throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ((ASN1ObjectIdentifier) pemObj).getId());
            }
            pemObj = pemReader.readObject();
        } else if (pemObj instanceof X9ECParameters) {
            ecParam = (X9ECParameters) pemObj;
            pemObj = pemReader.readObject();
        }
        if (pemObj instanceof org.bouncycastle.cert.X509CertificateHolder) {
            keyInfo = ((org.bouncycastle.cert.X509CertificateHolder) pemObj).getSubjectPublicKeyInfo();
        } else {
            keyInfo = (SubjectPublicKeyInfo) pemObj;
        }
        pubKey = pemConverter.getPublicKey(keyInfo);
        if (ecParam != null && ECDSA.equals(pubKey.getAlgorithm())) {
            ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
            KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BC_PROVIDER);
            ECPublicKeySpec keySpec = new ECPublicKeySpec(((BCECPublicKey) pubKey).getQ(), ecSpec);
            pubKey = (PublicKey) keyFactory.generatePublic(keySpec);
        }
        return pubKey;
    } catch (PEMException e) {
        throw new CryptoException(e);
    } catch (NoSuchProviderException e) {
        LOG.error("loadPublicKey: Caught NoSuchProviderException, check to make sure the provider is loaded correctly.");
        throw new CryptoException(e);
    } catch (NoSuchAlgorithmException e) {
        LOG.error("loadPublicKey: Caught NoSuchAlgorithmException, check to make sure the algorithm is supported by the provider.");
        throw new CryptoException(e);
    } catch (InvalidKeySpecException e) {
        LOG.error("loadPublicKey: Caught InvalidKeySpecException, invalid key spec is being used.");
        throw new CryptoException("InvalidKeySpecException");
    } catch (IOException e) {
        throw new CryptoException(e);
    }
}
Also used : PEMParser(org.bouncycastle.openssl.PEMParser) BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) PublicKey(java.security.PublicKey) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) ECPublicKeySpec(org.bouncycastle.jce.spec.ECPublicKeySpec) PEMParser(org.bouncycastle.openssl.PEMParser) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) PEMException(org.bouncycastle.openssl.PEMException) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) PemObject(org.bouncycastle.util.io.pem.PemObject) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchProviderException(java.security.NoSuchProviderException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) KeyFactory(java.security.KeyFactory)

Example 55 with NoSuchProviderException

use of java.security.NoSuchProviderException in project jdk8u_jdk by JetBrains.

the class extObjectInputStream method unseal.

private Object unseal(Key key, String provider) throws IOException, ClassNotFoundException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
    /*
         * Create the parameter object.
         */
    AlgorithmParameters params = null;
    if (this.encodedParams != null) {
        try {
            if (provider != null)
                params = AlgorithmParameters.getInstance(this.paramsAlg, provider);
            else
                params = AlgorithmParameters.getInstance(this.paramsAlg);
        } catch (NoSuchProviderException nspe) {
            if (provider == null) {
                throw new NoSuchAlgorithmException(this.paramsAlg + " not found");
            } else {
                throw new NoSuchProviderException(nspe.getMessage());
            }
        }
        params.init(this.encodedParams);
    }
    /*
         * Create and initialize the cipher.
         */
    Cipher c;
    try {
        if (provider != null)
            c = Cipher.getInstance(this.sealAlg, provider);
        else
            c = Cipher.getInstance(this.sealAlg);
    } catch (NoSuchPaddingException nspe) {
        throw new NoSuchAlgorithmException("Padding that was used in " + "sealing operation not " + "available");
    } catch (NoSuchProviderException nspe) {
        if (provider == null) {
            throw new NoSuchAlgorithmException(this.sealAlg + " not found");
        } else {
            throw new NoSuchProviderException(nspe.getMessage());
        }
    }
    try {
        if (params != null)
            c.init(Cipher.DECRYPT_MODE, key, params);
        else
            c.init(Cipher.DECRYPT_MODE, key);
    } catch (InvalidAlgorithmParameterException iape) {
        // parameters that were used in the sealing operation
        throw new RuntimeException(iape.getMessage());
    }
    /*
         * Unseal the object
         */
    byte[] content = c.doFinal(this.encryptedContent);
    /*
         * De-serialize it
         */
    // creating a stream pipe-line, from b to a
    ByteArrayInputStream b = new ByteArrayInputStream(content);
    ObjectInput a = new extObjectInputStream(b);
    try {
        Object obj = a.readObject();
        return obj;
    } finally {
        a.close();
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NoSuchProviderException(java.security.NoSuchProviderException) AlgorithmParameters(java.security.AlgorithmParameters)

Aggregations

NoSuchProviderException (java.security.NoSuchProviderException)102 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)75 InvalidKeyException (java.security.InvalidKeyException)33 IOException (java.io.IOException)31 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)20 CertificateException (java.security.cert.CertificateException)19 SignatureException (java.security.SignatureException)15 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)14 Cipher (javax.crypto.Cipher)13 ByteArrayInputStream (java.io.ByteArrayInputStream)12 KeyStoreException (java.security.KeyStoreException)12 X509Certificate (java.security.cert.X509Certificate)12 BadPaddingException (javax.crypto.BadPaddingException)12 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)12 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)10 SecretKey (javax.crypto.SecretKey)10 CertificateFactory (java.security.cert.CertificateFactory)9 KeyFactory (java.security.KeyFactory)8 CertificateEncodingException (java.security.cert.CertificateEncodingException)8 IvParameterSpec (javax.crypto.spec.IvParameterSpec)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial