Example 41 with NoSuchProviderException
use of java.security.NoSuchProviderException in project robovm by robovm.
the class AlgorithmParameterGenerator2Test method testGetInstance02.
/**
* Test for <code>getInstance(String algorithm, String provider)</code>
* method
* Assertions:
* throws NullPointerException must be thrown is null
* throws NoSuchAlgorithmException must be thrown if algorithm is not available
* throws IllegalArgumentException when provider is null;
* throws NoSuchProviderException when provider is available;
* returns AlgorithmParameterGenerator object
*/
public void testGetInstance02() throws NoSuchAlgorithmException, NoSuchProviderException, IllegalArgumentException, InvalidAlgorithmParameterException {
try {
AlgorithmParameterGenerator.getInstance(null, mProv.getName());
fail("NullPointerException or NoSuchAlgorithmException should be thrown");
} catch (NullPointerException e) {
} catch (NoSuchAlgorithmException e) {
}
for (int i = 0; i < invalidValues.length; i++) {
try {
AlgorithmParameterGenerator.getInstance(invalidValues[i], mProv.getName());
fail("NoSuchAlgorithmException must be thrown (algorithm: ".concat(invalidValues[i]).concat(")"));
} catch (NoSuchAlgorithmException e) {
}
}
String prov = null;
for (int i = 0; i < validValues.length; i++) {
try {
AlgorithmParameterGenerator.getInstance(validValues[i], prov);
fail("IllegalArgumentException must be thrown when provider is null (algorithm: ".concat(invalidValues[i]).concat(")"));
} catch (IllegalArgumentException e) {
}
}
for (int i = 0; i < validValues.length; i++) {
for (int j = 1; j < invalidValues.length; j++) {
try {
AlgorithmParameterGenerator.getInstance(validValues[i], invalidValues[j]);
fail("NoSuchProviderException must be thrown (algorithm: ".concat(invalidValues[i]).concat(" provider: ").concat(invalidValues[j]).concat(")"));
} catch (NoSuchProviderException e) {
}
}
}
AlgorithmParameterGenerator apG;
for (int i = 0; i < validValues.length; i++) {
apG = AlgorithmParameterGenerator.getInstance(validValues[i], mProv.getName());
assertEquals("Incorrect algorithm", apG.getAlgorithm(), validValues[i]);
assertEquals("Incorrect provider", apG.getProvider().getName(), mProv.getName());
checkResult(apG);
}
}
Also used :
AlgorithmParameterGenerator(java.security.AlgorithmParameterGenerator)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 42 with NoSuchProviderException
use of java.security.NoSuchProviderException in project ddf by codice.
the class LoginFilter method validateHolderOfKeyConfirmation.
private void validateHolderOfKeyConfirmation(SamlAssertionWrapper assertion, X509Certificate[] x509Certs) throws SecurityServiceException {
List<String> confirmationMethods = assertion.getConfirmationMethods();
boolean hasHokMethod = false;
for (String method : confirmationMethods) {
if (OpenSAMLUtil.isMethodHolderOfKey(method)) {
hasHokMethod = true;
}
}
if (hasHokMethod) {
if (x509Certs != null && x509Certs.length > 0) {
List<SubjectConfirmation> subjectConfirmations = assertion.getSaml2().getSubject().getSubjectConfirmations();
for (SubjectConfirmation subjectConfirmation : subjectConfirmations) {
if (OpenSAMLUtil.isMethodHolderOfKey(subjectConfirmation.getMethod())) {
Element dom = subjectConfirmation.getSubjectConfirmationData().getDOM();
Node keyInfo = dom.getFirstChild();
Node x509Data = keyInfo.getFirstChild();
Node dataNode = x509Data.getFirstChild();
Node dataText = dataNode.getFirstChild();
X509Certificate tlsCertificate = x509Certs[0];
if (dataNode.getLocalName().equals("X509Certificate")) {
String textContent = dataText.getTextContent();
byte[] byteValue = Base64.getMimeDecoder().decode(textContent);
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(byteValue));
//check that the certificate is still valid
cert.checkValidity();
//if the certs aren't the same, verify
if (!tlsCertificate.equals(cert)) {
//verify that the cert was signed by the same private key as the TLS cert
cert.verify(tlsCertificate.getPublicKey());
}
} catch (CertificateException | NoSuchAlgorithmException | InvalidKeyException | SignatureException | NoSuchProviderException e) {
throw new SecurityServiceException("Unable to validate Holder of Key assertion with certificate.");
}
} else if (dataNode.getLocalName().equals("X509SubjectName")) {
String textContent = dataText.getTextContent();
//If, however, the relying party does not trust the certificate issuer to issue such a DN, the attesting entity is not confirmed and the relying party SHOULD disregard the assertion.
if (!tlsCertificate.getSubjectDN().getName().equals(textContent)) {
throw new SecurityServiceException("Unable to validate Holder of Key assertion with subject DN.");
}
} else if (dataNode.getLocalName().equals("X509IssuerSerial")) {
//we have no way to support this confirmation type so we have to throw an error
throw new SecurityServiceException("Unable to validate Holder of Key assertion with issuer serial. NOT SUPPORTED");
} else if (dataNode.getLocalName().equals("X509SKI")) {
String textContent = dataText.getTextContent();
byte[] tlsSKI = tlsCertificate.getExtensionValue("2.5.29.14");
byte[] assertionSKI = Base64.getMimeDecoder().decode(textContent);
if (tlsSKI != null && tlsSKI.length > 0) {
ASN1OctetString tlsOs = ASN1OctetString.getInstance(tlsSKI);
ASN1OctetString assertionOs = ASN1OctetString.getInstance(assertionSKI);
SubjectKeyIdentifier tlsSubjectKeyIdentifier = SubjectKeyIdentifier.getInstance(tlsOs.getOctets());
SubjectKeyIdentifier assertSubjectKeyIdentifier = SubjectKeyIdentifier.getInstance(assertionOs.getOctets());
//the attesting entity is not confirmed and the relying party SHOULD disregard the assertion.
if (!Arrays.equals(tlsSubjectKeyIdentifier.getKeyIdentifier(), assertSubjectKeyIdentifier.getKeyIdentifier())) {
throw new SecurityServiceException("Unable to validate Holder of Key assertion with subject key identifier.");
}
} else {
throw new SecurityServiceException("Unable to validate Holder of Key assertion with subject key identifier.");
}
}
}
}
} else {
throw new SecurityServiceException("Holder of Key assertion, must be used with 2-way TLS.");
}
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
SecurityServiceException(ddf.security.service.SecurityServiceException)
Element(org.w3c.dom.Element)
Node(org.w3c.dom.Node)
CertificateException(java.security.cert.CertificateException)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SignatureException(java.security.SignatureException)
SubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectKeyIdentifier)
InvalidKeyException(java.security.InvalidKeyException)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
SubjectConfirmation(org.opensaml.saml.saml2.core.SubjectConfirmation)
ByteArrayInputStream(java.io.ByteArrayInputStream)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 43 with NoSuchProviderException
use of java.security.NoSuchProviderException in project jdk8u_jdk by JetBrains.
the class DSAParameterGenerator method engineGenerateParameters.
/**
* Generates the parameters.
*
* @return the new AlgorithmParameters object
*/
protected AlgorithmParameters engineGenerateParameters() {
AlgorithmParameters algParams = null;
try {
if (this.random == null) {
this.random = new SecureRandom();
}
if (valueL == -1) {
try {
engineInit(DEFAULTS, this.random);
} catch (InvalidAlgorithmParameterException iape) {
// should never happen
}
}
BigInteger[] pAndQ = generatePandQ(this.random, valueL, valueN, seedLen);
BigInteger paramP = pAndQ[0];
BigInteger paramQ = pAndQ[1];
BigInteger paramG = generateG(paramP, paramQ);
DSAParameterSpec dsaParamSpec = new DSAParameterSpec(paramP, paramQ, paramG);
algParams = AlgorithmParameters.getInstance("DSA", "SUN");
algParams.init(dsaParamSpec);
} catch (InvalidParameterSpecException e) {
// this should never happen
throw new RuntimeException(e.getMessage());
} catch (NoSuchAlgorithmException e) {
// this should never happen, because we provide it
throw new RuntimeException(e.getMessage());
} catch (NoSuchProviderException e) {
// this should never happen, because we provide it
throw new RuntimeException(e.getMessage());
}
return algParams;
}
Also used :
DSAParameterSpec(java.security.spec.DSAParameterSpec)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
SecureRandom(java.security.SecureRandom)
BigInteger(java.math.BigInteger)
InvalidParameterSpecException(java.security.spec.InvalidParameterSpecException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
AlgorithmParameters(java.security.AlgorithmParameters)
Example 44 with NoSuchProviderException
use of java.security.NoSuchProviderException in project jdk8u_jdk by JetBrains.
the class TestSameBuffer method runTest.
public void runTest(String algo, String mo, String pad) throws Exception {
Cipher ci = null;
byte[] iv = null;
AlgorithmParameterSpec aps = null;
SecretKey key = null;
try {
// Initialization
Random rdm = new Random();
byte[] plainText = new byte[128];
rdm.nextBytes(plainText);
// keep the plain text
byte[] tmpText = new byte[plainText.length];
for (int i = 0; i < plainText.length; i++) {
tmpText[i] = plainText[i];
}
ci = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
kg.init(KEY_LENGTH);
key = kg.generateKey();
// encrypt
ci.init(Cipher.ENCRYPT_MODE, key);
int offset = ci.update(plainText, 0, plainText.length, plainText, 0);
ci.doFinal(plainText, offset);
if (!mo.equalsIgnoreCase("ECB")) {
iv = ci.getIV();
aps = new IvParameterSpec(iv);
} else {
aps = null;
}
ci.init(Cipher.DECRYPT_MODE, key, aps);
byte[] recoveredText = new byte[ci.getOutputSize(plainText.length)];
ci.doFinal(plainText, 0, plainText.length, recoveredText);
// Comparison
if (!java.util.Arrays.equals(tmpText, recoveredText)) {
System.out.println("Original: ");
dumpBytes(plainText);
System.out.println("Recovered: ");
dumpBytes(recoveredText);
throw new RuntimeException("Original text is not equal with recovered text, with mode:" + mo);
}
} catch (NoSuchAlgorithmException e) {
//CFB7 and CFB150 are for negative testing
if (!mo.equalsIgnoreCase("CFB7") && !mo.equalsIgnoreCase("CFB150")) {
System.out.println("Unexpected NoSuchAlgorithmException with mode: " + mo);
throw new RuntimeException("Test failed!");
}
} catch (NoSuchProviderException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException | ShortBufferException | IllegalBlockSizeException | BadPaddingException e) {
System.out.println("Test failed!");
throw e;
}
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
BadPaddingException(javax.crypto.BadPaddingException)
InvalidKeyException(java.security.InvalidKeyException)
SecretKey(javax.crypto.SecretKey)
Random(java.util.Random)
ShortBufferException(javax.crypto.ShortBufferException)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
NoSuchProviderException(java.security.NoSuchProviderException)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
KeyGenerator(javax.crypto.KeyGenerator)
Example 45 with NoSuchProviderException
use of java.security.NoSuchProviderException in project jdk8u_jdk by JetBrains.
the class Padding method runTest.
public void runTest(String algo, String mo, String pad) throws Exception {
Cipher ci = null;
byte[] iv = null;
AlgorithmParameterSpec aps = null;
SecretKey key = null;
try {
Random rdm = new Random();
byte[] plainText;
ci = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
kg.init(KEY_LENGTH);
key = kg.generateKey();
for (int i = 0; i < 15; i++) {
plainText = new byte[1600 + i + 1];
rdm.nextBytes(plainText);
if (!mo.equalsIgnoreCase("GCM")) {
ci.init(Cipher.ENCRYPT_MODE, key, aps);
} else {
ci.init(Cipher.ENCRYPT_MODE, key);
}
byte[] cipherText = new byte[ci.getOutputSize(plainText.length)];
int offset = ci.update(plainText, 0, plainText.length, cipherText, 0);
ci.doFinal(cipherText, offset);
if (!mo.equalsIgnoreCase("ECB")) {
iv = ci.getIV();
aps = new IvParameterSpec(iv);
} else {
aps = null;
}
if (!mo.equalsIgnoreCase("GCM")) {
ci.init(Cipher.DECRYPT_MODE, key, aps);
} else {
ci.init(Cipher.DECRYPT_MODE, key, ci.getParameters());
}
byte[] recoveredText = new byte[ci.getOutputSize(cipherText.length)];
int len = ci.doFinal(cipherText, 0, cipherText.length, recoveredText);
byte[] tmp = new byte[len];
for (int j = 0; j < len; j++) {
tmp[j] = recoveredText[j];
}
if (!java.util.Arrays.equals(plainText, tmp)) {
System.out.println("Original: ");
dumpBytes(plainText);
System.out.println("Recovered: ");
dumpBytes(tmp);
throw new RuntimeException("Original text is not equal with recovered text, with mode:" + mo);
}
}
} catch (NoSuchAlgorithmException e) {
//CFB7 and OFB150 are for negative testing
if (!mo.equalsIgnoreCase("CFB7") && !mo.equalsIgnoreCase("OFB150")) {
System.out.println("Unexpected NoSuchAlgorithmException with mode: " + mo);
throw new RuntimeException("Test failed!");
}
} catch (NoSuchProviderException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException | ShortBufferException | IllegalBlockSizeException | BadPaddingException e) {
System.out.println("Test failed!");
throw e;
}
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
BadPaddingException(javax.crypto.BadPaddingException)
InvalidKeyException(java.security.InvalidKeyException)
SecretKey(javax.crypto.SecretKey)
Random(java.util.Random)
ShortBufferException(javax.crypto.ShortBufferException)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
NoSuchProviderException(java.security.NoSuchProviderException)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
KeyGenerator(javax.crypto.KeyGenerator)
Aggregations
NoSuchProviderException (java.security.NoSuchProviderException)97
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)70
InvalidKeyException (java.security.InvalidKeyException)31
IOException (java.io.IOException)29
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)20
CertificateException (java.security.cert.CertificateException)19
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)14
Cipher (javax.crypto.Cipher)13
ByteArrayInputStream (java.io.ByteArrayInputStream)12
KeyStoreException (java.security.KeyStoreException)12
X509Certificate (java.security.cert.X509Certificate)12
BadPaddingException (javax.crypto.BadPaddingException)12
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)12
SignatureException (java.security.SignatureException)11
SecretKey (javax.crypto.SecretKey)10
CertificateFactory (java.security.cert.CertificateFactory)9
CertificateEncodingException (java.security.cert.CertificateEncodingException)8
IvParameterSpec (javax.crypto.spec.IvParameterSpec)8
KeyStore (java.security.KeyStore)7
Provider (java.security.Provider)7
