use of javax.crypto.BadPaddingException in project platform_frameworks_base by android.
the class LockSettingsService method resetKeyStore.
@Override
public void resetKeyStore(int userId) throws RemoteException {
checkWritePermission(userId);
if (DEBUG)
Slog.v(TAG, "Reset keystore for user: " + userId);
int managedUserId = -1;
String managedUserDecryptedPassword = null;
final List<UserInfo> profiles = mUserManager.getProfiles(userId);
for (UserInfo pi : profiles) {
// Unlock managed profile with unified lock
if (pi.isManagedProfile() && !mLockPatternUtils.isSeparateProfileChallengeEnabled(pi.id) && mStorage.hasChildProfileLock(pi.id)) {
try {
if (managedUserId == -1) {
managedUserDecryptedPassword = getDecryptedPasswordForTiedProfile(pi.id);
managedUserId = pi.id;
} else {
// Should not happen
Slog.e(TAG, "More than one managed profile, uid1:" + managedUserId + ", uid2:" + pi.id);
}
} catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
Slog.e(TAG, "Failed to decrypt child profile key", e);
}
}
}
try {
// Clear all the users credentials could have been installed in for this user.
for (int profileId : mUserManager.getProfileIdsWithDisabled(userId)) {
for (int uid : SYSTEM_CREDENTIAL_UIDS) {
mKeyStore.clearUid(UserHandle.getUid(profileId, uid));
}
}
} finally {
if (managedUserId != -1 && managedUserDecryptedPassword != null) {
if (DEBUG)
Slog.v(TAG, "Restore tied profile lock");
tieProfileLockToParent(managedUserId, managedUserDecryptedPassword);
}
}
}
use of javax.crypto.BadPaddingException in project platform_frameworks_base by android.
the class LockSettingsService method verifyTiedProfileChallenge.
@Override
public VerifyCredentialResponse verifyTiedProfileChallenge(String password, boolean isPattern, long challenge, int userId) throws RemoteException {
checkPasswordReadPermission(userId);
if (!isManagedProfileWithUnifiedLock(userId)) {
throw new RemoteException("User id must be managed profile with unified lock");
}
final int parentProfileId = mUserManager.getProfileParent(userId).id;
// Unlock parent by using parent's challenge
final VerifyCredentialResponse parentResponse = isPattern ? doVerifyPattern(password, true, challenge, parentProfileId, null) : doVerifyPassword(password, true, challenge, parentProfileId, null);
if (parentResponse.getResponseCode() != VerifyCredentialResponse.RESPONSE_OK) {
// Failed, just return parent's response
return parentResponse;
}
try {
// Unlock work profile, and work profile with unified lock must use password only
return doVerifyPassword(getDecryptedPasswordForTiedProfile(userId), true, challenge, userId, null);
} catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
Slog.e(TAG, "Failed to decrypt child profile key", e);
throw new RemoteException("Unable to get tied profile token");
}
}
use of javax.crypto.BadPaddingException in project keywhiz by square.
the class GCMEncryptor method gcm.
private byte[] gcm(boolean encrypt, byte[] input, byte[] nonce) throws AEADBadTagException {
try {
Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
SecretKey secretKey = new SecretKeySpec(key, KEY_ALGORITHM);
GCMParameterSpec gcmParameters = new GCMParameterSpec(TAG_BITS, nonce);
cipher.init(encrypt ? ENCRYPT_MODE : DECRYPT_MODE, secretKey, gcmParameters);
return cipher.doFinal(input);
} catch (NoSuchAlgorithmException | NoSuchPaddingException | BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException e) {
Throwables.propagateIfInstanceOf(e, AEADBadTagException.class);
throw Throwables.propagate(e);
}
}
use of javax.crypto.BadPaddingException in project robovm by robovm.
the class AlgorithmParameterAsymmetricHelper method test.
@Override
public void test(AlgorithmParameters parameters) {
KeyPairGenerator generator = null;
try {
generator = KeyPairGenerator.getInstance(algorithmName);
} catch (NoSuchAlgorithmException e) {
Assert.fail(e.getMessage());
}
generator.initialize(1024);
KeyPair keyPair = generator.generateKeyPair();
Cipher cipher = null;
try {
cipher = Cipher.getInstance(algorithmName);
} catch (NoSuchAlgorithmException e) {
Assert.fail(e.getMessage());
} catch (NoSuchPaddingException e) {
Assert.fail(e.getMessage());
}
try {
cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), parameters);
} catch (InvalidKeyException e) {
Assert.fail(e.getMessage());
} catch (InvalidAlgorithmParameterException e) {
Assert.fail(e.getMessage());
}
byte[] bs = null;
try {
bs = cipher.doFinal(plainData.getBytes());
} catch (IllegalBlockSizeException e) {
Assert.fail(e.getMessage());
} catch (BadPaddingException e) {
Assert.fail(e.getMessage());
}
try {
cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate(), parameters);
} catch (InvalidKeyException e) {
Assert.fail(e.getMessage());
} catch (InvalidAlgorithmParameterException e) {
Assert.fail(e.getMessage());
}
byte[] decrypted = null;
try {
decrypted = cipher.doFinal(bs);
} catch (IllegalBlockSizeException e) {
Assert.fail(e.getMessage());
} catch (BadPaddingException e) {
Assert.fail(e.getMessage());
}
Assert.assertTrue(Arrays.equals(plainData.getBytes(), decrypted));
}
use of javax.crypto.BadPaddingException in project platform_frameworks_base by android.
the class AndroidKeyStoreCipherSpiBase method engineWrap.
@Override
protected final byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
if (mKey == null) {
throw new IllegalStateException("Not initilized");
}
if (!isEncrypting()) {
throw new IllegalStateException("Cipher must be initialized in Cipher.WRAP_MODE to wrap keys");
}
if (key == null) {
throw new NullPointerException("key == null");
}
byte[] encoded = null;
if (key instanceof SecretKey) {
if ("RAW".equalsIgnoreCase(key.getFormat())) {
encoded = key.getEncoded();
}
if (encoded == null) {
try {
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(key.getAlgorithm());
SecretKeySpec spec = (SecretKeySpec) keyFactory.getKeySpec((SecretKey) key, SecretKeySpec.class);
encoded = spec.getEncoded();
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
}
}
} else if (key instanceof PrivateKey) {
if ("PKCS8".equalsIgnoreCase(key.getFormat())) {
encoded = key.getEncoded();
}
if (encoded == null) {
try {
KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
PKCS8EncodedKeySpec spec = keyFactory.getKeySpec(key, PKCS8EncodedKeySpec.class);
encoded = spec.getEncoded();
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
}
}
} else if (key instanceof PublicKey) {
if ("X.509".equalsIgnoreCase(key.getFormat())) {
encoded = key.getEncoded();
}
if (encoded == null) {
try {
KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
encoded = spec.getEncoded();
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
}
}
} else {
throw new InvalidKeyException("Unsupported key type: " + key.getClass().getName());
}
if (encoded == null) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material");
}
try {
return engineDoFinal(encoded, 0, encoded.length);
} catch (BadPaddingException e) {
throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
}
}
Aggregations