Search in sources :

Example 86 with KeySpec

use of java.security.spec.KeySpec in project karaf by apache.

the class PublicKeyLoginModuleTest method testUnknownKeyRSA.

@Test
public void testUnknownKeyRSA() throws Exception {
    Properties options = getLoginModuleOptions();
    PublickeyLoginModule module = new PublickeyLoginModule();
    Subject subject = new Subject();
    String knownModulus = "2504227846033126752625313329217708474924890377669312098933267135871562327792150810915433595733" + "979130785790337621243914845149325143098632580183245971502051291613503136182182218708721890923769091345704" + "119963221758691543226829294312457492456071842409242817598014777158790065648435489978774648853589909638928" + "448069481622573966178879417253888452317622624006445863588961367514293886664167742695648199055900918338245" + "701727653606086096756173044470526840851957391900922886984556493506186438991284463663361749451775578708454" + "0181594148839238901052763862484299588887844606103377160953183624788815045644521767391398467190125279745";
    // Generate a PublicKey using the known values
    BigInteger modulus = new BigInteger(knownModulus);
    BigInteger exponent = new BigInteger("65537");
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    KeySpec publicKeySpec = new RSAPublicKeySpec(modulus, exponent);
    PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
    module.initialize(subject, new NamePubkeyCallbackHandler("rsa", publicKey), null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    try {
        module.login();
        fail("Failure expected on an unknown user");
    } catch (FailedLoginException ex) {
    // expected
    }
}
Also used : FailedLoginException(javax.security.auth.login.FailedLoginException) PublicKey(java.security.PublicKey) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) KeySpec(java.security.spec.KeySpec) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec) BigInteger(java.math.BigInteger) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) Properties(org.apache.felix.utils.properties.Properties) NamePubkeyCallbackHandler(org.apache.karaf.jaas.modules.NamePubkeyCallbackHandler) Subject(javax.security.auth.Subject) KeyFactory(java.security.KeyFactory) Test(org.junit.Test)

Example 87 with KeySpec

use of java.security.spec.KeySpec in project karaf by apache.

the class PublicKeyLoginModuleTest method testECLogin.

@Test
public void testECLogin() throws Exception {
    Properties options = getLoginModuleOptions();
    PublickeyLoginModule module = new PublickeyLoginModule();
    Subject subject = new Subject();
    String x = "-29742501866672735446035294501787338870744851402037490785638836399245997090445";
    String y = "-47637824304079393691947094099226900728731860400898598466261954347951527449659";
    KeyFactory keyFactory = KeyFactory.getInstance("EC");
    AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC");
    parameters.init(new ECGenParameterSpec("secp256r1"));
    ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
    ECPoint pubPoint = new ECPoint(new BigInteger(x), new BigInteger(y));
    KeySpec keySpec = new ECPublicKeySpec(pubPoint, ecParameters);
    PublicKey publicKey = keyFactory.generatePublic(keySpec);
    module.initialize(subject, new NamePubkeyCallbackHandler("ec", publicKey), null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertTrue(module.login());
    assertTrue(module.commit());
    assertFalse(subject.getPrincipals().isEmpty());
    assertThat("ec", isIn(names(subject.getPrincipals(UserPrincipal.class))));
    assertThat("ssh", isIn(names(subject.getPrincipals(RolePrincipal.class))));
    assertTrue(module.logout());
    assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
}
Also used : PublicKey(java.security.PublicKey) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) KeySpec(java.security.spec.KeySpec) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) Properties(org.apache.felix.utils.properties.Properties) ECPoint(java.security.spec.ECPoint) Subject(javax.security.auth.Subject) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) ECParameterSpec(java.security.spec.ECParameterSpec) BigInteger(java.math.BigInteger) NamePubkeyCallbackHandler(org.apache.karaf.jaas.modules.NamePubkeyCallbackHandler) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) KeyFactory(java.security.KeyFactory) AlgorithmParameters(java.security.AlgorithmParameters) Test(org.junit.Test)

Example 88 with KeySpec

use of java.security.spec.KeySpec in project smoke by textbrowser.

the class Cryptography method pbkdf2.

public static byte[] pbkdf2(byte[] salt, char[] password, int iterations, int length) {
    if (password == null || salt == null)
        return null;
    try {
        KeySpec keySpec = new PBEKeySpec(password, salt, iterations, length);
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(PBKDF2_ALGORITHM);
        return secretKeyFactory.generateSecret(keySpec).getEncoded();
    } catch (Exception exception) {
        return null;
    }
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) EncodedKeySpec(java.security.spec.EncodedKeySpec) SecretKeySpec(javax.crypto.spec.SecretKeySpec) KeySpec(java.security.spec.KeySpec) PBEKeySpec(javax.crypto.spec.PBEKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 89 with KeySpec

use of java.security.spec.KeySpec in project smoke by textbrowser.

the class Cryptography method generateMacKey.

public static SecretKey generateMacKey(byte[] salt, char[] password, int iterations, int keyDerivationFunction) {
    if (password == null || salt == null)
        return null;
    if (// Argon2id
    keyDerivationFunction == 0) {
        try {
            Argon2BytesGenerator generator = new Argon2BytesGenerator();
            Argon2Parameters.Builder builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withVersion(Argon2Parameters.ARGON2_VERSION_13).withIterations(iterations).withMemoryAsKB(HASH_KEY_LENGTH).withParallelism(NUMBER_OF_CORES).withAdditional(Hex.decode("000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a")).withSecret(new String(password).getBytes(StandardCharsets.UTF_8)).withSalt(salt);
            byte[] bytes = new byte[HASH_KEY_LENGTH];
            generator.init(builder.build());
            generator.generateBytes(password, bytes);
            return new SecretKeySpec(bytes, HASH_ALGORITHM);
        } catch (Exception exception) {
        }
    } else // PBKDF2
    {
        // Bits.
        int length = 8 * HASH_KEY_LENGTH;
        try {
            KeySpec keySpec = new PBEKeySpec(password, salt, iterations, length);
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(PBKDF2_ALGORITHM);
            return secretKeyFactory.generateSecret(keySpec);
        } catch (Exception exception) {
        }
    }
    return null;
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) Argon2Parameters(org.bouncycastle.crypto.params.Argon2Parameters) SecretKeySpec(javax.crypto.spec.SecretKeySpec) EncodedKeySpec(java.security.spec.EncodedKeySpec) SecretKeySpec(javax.crypto.spec.SecretKeySpec) KeySpec(java.security.spec.KeySpec) PBEKeySpec(javax.crypto.spec.PBEKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) Argon2BytesGenerator(org.bouncycastle.crypto.generators.Argon2BytesGenerator) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 90 with KeySpec

use of java.security.spec.KeySpec in project fdroidclient by f-droid.

the class ZipSigner method readPrivateKey.

/**
 * Read a PKCS 8 format private key.
 */
public PrivateKey readPrivateKey(URL privateKeyUrl, String keyPassword) throws IOException, GeneralSecurityException {
    DataInputStream input = new DataInputStream(privateKeyUrl.openStream());
    try {
        byte[] bytes = readContentAsBytes(input);
        KeySpec spec = decryptPrivateKey(bytes, keyPassword);
        if (spec == null) {
            spec = new PKCS8EncodedKeySpec(bytes);
        }
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(spec);
        } catch (InvalidKeySpecException ex) {
            return KeyFactory.getInstance("DSA").generatePrivate(spec);
        }
    } finally {
        input.close();
    }
}
Also used : KeySpec(java.security.spec.KeySpec) PBEKeySpec(javax.crypto.spec.PBEKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DataInputStream(java.io.DataInputStream)

Aggregations

KeySpec (java.security.spec.KeySpec)171 PBEKeySpec (javax.crypto.spec.PBEKeySpec)71 SecretKeyFactory (javax.crypto.SecretKeyFactory)65 KeyFactory (java.security.KeyFactory)61 SecretKeySpec (javax.crypto.spec.SecretKeySpec)50 RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)41 BigInteger (java.math.BigInteger)40 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)40 SecretKey (javax.crypto.SecretKey)39 DSAPublicKeySpec (java.security.spec.DSAPublicKeySpec)38 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)37 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)34 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)29 PublicKey (java.security.PublicKey)27 ECPublicKeySpec (java.security.spec.ECPublicKeySpec)24 RSAPrivateKeySpec (java.security.spec.RSAPrivateKeySpec)21 PrivateKey (java.security.PrivateKey)19 IOException (java.io.IOException)18 Cipher (javax.crypto.Cipher)16 InvalidKeyException (java.security.InvalidKeyException)15