Search in sources :

Example 66 with BadPaddingException

use of javax.crypto.BadPaddingException in project platform_frameworks_base by android.

the class LockSettingsService method resetKeyStore.

@Override
public void resetKeyStore(int userId) throws RemoteException {
    checkWritePermission(userId);
    if (DEBUG)
        Slog.v(TAG, "Reset keystore for user: " + userId);
    int managedUserId = -1;
    String managedUserDecryptedPassword = null;
    final List<UserInfo> profiles = mUserManager.getProfiles(userId);
    for (UserInfo pi : profiles) {
        // Unlock managed profile with unified lock
        if (pi.isManagedProfile() && !mLockPatternUtils.isSeparateProfileChallengeEnabled(pi.id) && mStorage.hasChildProfileLock(pi.id)) {
            try {
                if (managedUserId == -1) {
                    managedUserDecryptedPassword = getDecryptedPasswordForTiedProfile(pi.id);
                    managedUserId = pi.id;
                } else {
                    // Should not happen
                    Slog.e(TAG, "More than one managed profile, uid1:" + managedUserId + ", uid2:" + pi.id);
                }
            } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
                Slog.e(TAG, "Failed to decrypt child profile key", e);
            }
        }
    }
    try {
        // Clear all the users credentials could have been installed in for this user.
        for (int profileId : mUserManager.getProfileIdsWithDisabled(userId)) {
            for (int uid : SYSTEM_CREDENTIAL_UIDS) {
                mKeyStore.clearUid(UserHandle.getUid(profileId, uid));
            }
        }
    } finally {
        if (managedUserId != -1 && managedUserDecryptedPassword != null) {
            if (DEBUG)
                Slog.v(TAG, "Restore tied profile lock");
            tieProfileLockToParent(managedUserId, managedUserDecryptedPassword);
        }
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) UserInfo(android.content.pm.UserInfo) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) UnrecoverableKeyException(java.security.UnrecoverableKeyException)

Example 67 with BadPaddingException

use of javax.crypto.BadPaddingException in project platform_frameworks_base by android.

the class LockSettingsService method verifyTiedProfileChallenge.

@Override
public VerifyCredentialResponse verifyTiedProfileChallenge(String password, boolean isPattern, long challenge, int userId) throws RemoteException {
    checkPasswordReadPermission(userId);
    if (!isManagedProfileWithUnifiedLock(userId)) {
        throw new RemoteException("User id must be managed profile with unified lock");
    }
    final int parentProfileId = mUserManager.getProfileParent(userId).id;
    // Unlock parent by using parent's challenge
    final VerifyCredentialResponse parentResponse = isPattern ? doVerifyPattern(password, true, challenge, parentProfileId, null) : doVerifyPassword(password, true, challenge, parentProfileId, null);
    if (parentResponse.getResponseCode() != VerifyCredentialResponse.RESPONSE_OK) {
        // Failed, just return parent's response
        return parentResponse;
    }
    try {
        // Unlock work profile, and work profile with unified lock must use password only
        return doVerifyPassword(getDecryptedPasswordForTiedProfile(userId), true, challenge, userId, null);
    } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
        Slog.e(TAG, "Failed to decrypt child profile key", e);
        throw new RemoteException("Unable to get tied profile token");
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) VerifyCredentialResponse(com.android.internal.widget.VerifyCredentialResponse) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RemoteException(android.os.RemoteException)

Example 68 with BadPaddingException

use of javax.crypto.BadPaddingException in project keywhiz by square.

the class GCMEncryptor method gcm.

private byte[] gcm(boolean encrypt, byte[] input, byte[] nonce) throws AEADBadTagException {
    try {
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
        SecretKey secretKey = new SecretKeySpec(key, KEY_ALGORITHM);
        GCMParameterSpec gcmParameters = new GCMParameterSpec(TAG_BITS, nonce);
        cipher.init(encrypt ? ENCRYPT_MODE : DECRYPT_MODE, secretKey, gcmParameters);
        return cipher.doFinal(input);
    } catch (NoSuchAlgorithmException | NoSuchPaddingException | BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException e) {
        Throwables.propagateIfInstanceOf(e, AEADBadTagException.class);
        throw Throwables.propagate(e);
    }
}
Also used : SecretKey(javax.crypto.SecretKey) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) SecretKeySpec(javax.crypto.spec.SecretKeySpec) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) Cipher(javax.crypto.Cipher) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) AEADBadTagException(javax.crypto.AEADBadTagException)

Example 69 with BadPaddingException

use of javax.crypto.BadPaddingException in project robovm by robovm.

the class AlgorithmParameterAsymmetricHelper method test.

@Override
public void test(AlgorithmParameters parameters) {
    KeyPairGenerator generator = null;
    try {
        generator = KeyPairGenerator.getInstance(algorithmName);
    } catch (NoSuchAlgorithmException e) {
        Assert.fail(e.getMessage());
    }
    generator.initialize(1024);
    KeyPair keyPair = generator.generateKeyPair();
    Cipher cipher = null;
    try {
        cipher = Cipher.getInstance(algorithmName);
    } catch (NoSuchAlgorithmException e) {
        Assert.fail(e.getMessage());
    } catch (NoSuchPaddingException e) {
        Assert.fail(e.getMessage());
    }
    try {
        cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), parameters);
    } catch (InvalidKeyException e) {
        Assert.fail(e.getMessage());
    } catch (InvalidAlgorithmParameterException e) {
        Assert.fail(e.getMessage());
    }
    byte[] bs = null;
    try {
        bs = cipher.doFinal(plainData.getBytes());
    } catch (IllegalBlockSizeException e) {
        Assert.fail(e.getMessage());
    } catch (BadPaddingException e) {
        Assert.fail(e.getMessage());
    }
    try {
        cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate(), parameters);
    } catch (InvalidKeyException e) {
        Assert.fail(e.getMessage());
    } catch (InvalidAlgorithmParameterException e) {
        Assert.fail(e.getMessage());
    }
    byte[] decrypted = null;
    try {
        decrypted = cipher.doFinal(bs);
    } catch (IllegalBlockSizeException e) {
        Assert.fail(e.getMessage());
    } catch (BadPaddingException e) {
        Assert.fail(e.getMessage());
    }
    Assert.assertTrue(Arrays.equals(plainData.getBytes(), decrypted));
}
Also used : KeyPair(java.security.KeyPair) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) KeyPairGenerator(java.security.KeyPairGenerator) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Cipher(javax.crypto.Cipher) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException)

Example 70 with BadPaddingException

use of javax.crypto.BadPaddingException in project platform_frameworks_base by android.

the class AndroidKeyStoreCipherSpiBase method engineWrap.

@Override
protected final byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
    if (mKey == null) {
        throw new IllegalStateException("Not initilized");
    }
    if (!isEncrypting()) {
        throw new IllegalStateException("Cipher must be initialized in Cipher.WRAP_MODE to wrap keys");
    }
    if (key == null) {
        throw new NullPointerException("key == null");
    }
    byte[] encoded = null;
    if (key instanceof SecretKey) {
        if ("RAW".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(key.getAlgorithm());
                SecretKeySpec spec = (SecretKeySpec) keyFactory.getKeySpec((SecretKey) key, SecretKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PrivateKey) {
        if ("PKCS8".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                PKCS8EncodedKeySpec spec = keyFactory.getKeySpec(key, PKCS8EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PublicKey) {
        if ("X.509".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else {
        throw new InvalidKeyException("Unsupported key type: " + key.getClass().getName());
    }
    if (encoded == null) {
        throw new InvalidKeyException("Failed to wrap key because it does not export its key material");
    }
    try {
        return engineDoFinal(encoded, 0, encoded.length);
    } catch (BadPaddingException e) {
        throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
    }
}
Also used : PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) SecretKey(javax.crypto.SecretKey) SecretKeySpec(javax.crypto.spec.SecretKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SecretKeyFactory(javax.crypto.SecretKeyFactory) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyFactory(java.security.KeyFactory)

Aggregations

BadPaddingException (javax.crypto.BadPaddingException)120 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)103 InvalidKeyException (java.security.InvalidKeyException)80 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)70 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)69 Cipher (javax.crypto.Cipher)53 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)45 IOException (java.io.IOException)39 KeyStoreException (java.security.KeyStoreException)25 UnrecoverableKeyException (java.security.UnrecoverableKeyException)25 CertificateException (java.security.cert.CertificateException)25 SecretKey (javax.crypto.SecretKey)25 IvParameterSpec (javax.crypto.spec.IvParameterSpec)25 SecretKeySpec (javax.crypto.spec.SecretKeySpec)23 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)17 RemoteException (android.os.RemoteException)15 ShortBufferException (javax.crypto.ShortBufferException)14 KeyGenerator (javax.crypto.KeyGenerator)13 UnsupportedEncodingException (java.io.UnsupportedEncodingException)12 FileNotFoundException (java.io.FileNotFoundException)11