Example 61 with SecretKey
use of javax.crypto.SecretKey in project android-pbe by nelenkov.
the class Crypto method deriveKeyPbkdf2.
public static SecretKey deriveKeyPbkdf2(byte[] salt, String password) {
try {
long start = System.currentTimeMillis();
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, ITERATION_COUNT, KEY_LENGTH);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(PBKDF2_DERIVATION_ALGORITHM);
byte[] keyBytes = keyFactory.generateSecret(keySpec).getEncoded();
Log.d(TAG, "key bytes: " + toHex(keyBytes));
SecretKey result = new SecretKeySpec(keyBytes, "AES");
long elapsed = System.currentTimeMillis() - start;
Log.d(TAG, String.format("PBKDF2 key derivation took %d [ms].", elapsed));
return result;
} catch (GeneralSecurityException e) {
throw new RuntimeException(e);
}
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKey(javax.crypto.SecretKey)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeySpec(java.security.spec.KeySpec)
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
GeneralSecurityException(java.security.GeneralSecurityException)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
Example 62 with SecretKey
use of javax.crypto.SecretKey in project OpenAM by OpenRock.
the class CreateSoapSTSDeployment method setAgentPasswordEncryptionKeyEntry.
private void setAgentPasswordEncryptionKeyEntry(KeyStore soapSTSKeystore, char[] keystorePassword, String agentPasswordEncryptionKey) throws KeyStoreException {
//the keystore password will also protected the password encryption key
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(keystorePassword);
SecretKey agentPasswordEncryptionSecretKey = new SecretKeySpec(agentPasswordEncryptionKey.getBytes(StandardCharsets.US_ASCII), SECRET_KEY_ALGORITHM_TYPE);
KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(agentPasswordEncryptionSecretKey);
soapSTSKeystore.setEntry(SharedSTSConstants.AM_INTERNAL_PEK_ALIAS, secretKeyEntry, protParam);
}
Also used :
SecretKey(javax.crypto.SecretKey)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeyStore(java.security.KeyStore)
Example 63 with SecretKey
use of javax.crypto.SecretKey in project XobotOS by xamarin.
the class JDKPKCS12KeyStore method unwrapKey.
protected PrivateKey unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero) throws IOException {
String algorithm = algId.getObjectId().getId();
PKCS12PBEParams pbeParams = new PKCS12PBEParams((ASN1Sequence) algId.getParameters());
PBEKeySpec pbeSpec = new PBEKeySpec(password);
PrivateKey out;
try {
SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm, bcProvider);
PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
SecretKey k = keyFact.generateSecret(pbeSpec);
((JCEPBEKey) k).setTryWrongPKCS12Zero(wrongPKCS12Zero);
Cipher cipher = Cipher.getInstance(algorithm, bcProvider);
cipher.init(Cipher.UNWRAP_MODE, k, defParams);
// we pass "" as the key algorithm type as it is unknown at this point
out = (PrivateKey) cipher.unwrap(data, "", Cipher.PRIVATE_KEY);
} catch (Exception e) {
throw new IOException("exception unwrapping private key - " + e.toString());
}
return out;
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKey(javax.crypto.SecretKey)
PrivateKey(java.security.PrivateKey)
PKCS12PBEParams(org.bouncycastle.asn1.pkcs.PKCS12PBEParams)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Cipher(javax.crypto.Cipher)
IOException(java.io.IOException)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Example 64 with SecretKey
use of javax.crypto.SecretKey in project XobotOS by xamarin.
the class JCEStreamCipher method engineInit.
protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
CipherParameters param;
this.pbeSpec = null;
this.pbeAlgorithm = null;
this.engineParams = null;
//
if (!(key instanceof SecretKey)) {
throw new InvalidKeyException("Key for algorithm " + key.getAlgorithm() + " not suitable for symmetric enryption.");
}
if (key instanceof JCEPBEKey) {
JCEPBEKey k = (JCEPBEKey) key;
if (k.getOID() != null) {
pbeAlgorithm = k.getOID().getId();
} else {
pbeAlgorithm = k.getAlgorithm();
}
if (k.getParam() != null) {
param = k.getParam();
pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());
} else if (params instanceof PBEParameterSpec) {
param = PBE.Util.makePBEParameters(k, params, cipher.getAlgorithmName());
pbeSpec = (PBEParameterSpec) params;
} else {
throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
}
if (k.getIvSize() != 0) {
ivParam = (ParametersWithIV) param;
}
} else if (params == null) {
param = new KeyParameter(key.getEncoded());
} else if (params instanceof IvParameterSpec) {
param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec) params).getIV());
ivParam = (ParametersWithIV) param;
} else {
throw new IllegalArgumentException("unknown parameter type.");
}
if ((ivLength != 0) && !(param instanceof ParametersWithIV)) {
SecureRandom ivRandom = random;
if (ivRandom == null) {
ivRandom = new SecureRandom();
}
if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE)) {
byte[] iv = new byte[ivLength];
ivRandom.nextBytes(iv);
param = new ParametersWithIV(param, iv);
ivParam = (ParametersWithIV) param;
} else {
throw new InvalidAlgorithmParameterException("no IV set when one expected");
}
}
switch(opmode) {
case Cipher.ENCRYPT_MODE:
case Cipher.WRAP_MODE:
cipher.init(true, param);
break;
case Cipher.DECRYPT_MODE:
case Cipher.UNWRAP_MODE:
cipher.init(false, param);
break;
default:
System.out.println("eeek!");
}
}
Also used :
CipherParameters(org.bouncycastle.crypto.CipherParameters)
ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)
SecretKey(javax.crypto.SecretKey)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
SecureRandom(java.security.SecureRandom)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
InvalidKeyException(java.security.InvalidKeyException)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
Example 65 with SecretKey
use of javax.crypto.SecretKey in project OpenAM by OpenRock.
the class AttributeQueryUtil method encryptAssertion.
private static EncryptedAssertion encryptAssertion(Assertion assertion, EncryptedID encryptedID, String attrAuthorityEntityID, String requesterEntityID, String realm, String attrQueryProfileAlias) throws SAML2Exception {
SecretKey secretKey = EncManager.getEncInstance().getSecretKey(encryptedID.toXMLString(true, true), KeyUtil.getDecryptionKeys(realm, attrAuthorityEntityID, SAML2Constants.ATTR_AUTH_ROLE));
AttributeQueryDescriptorElement aqd = metaManager.getAttributeQueryDescriptor(realm, requesterEntityID);
EncInfo encInfo = KeyUtil.getEncInfo(aqd, requesterEntityID, SAML2Constants.ATTR_QUERY_ROLE);
Element el = EncManager.getEncInstance().encrypt(assertion.toXMLString(true, true), encInfo.getWrappingKey(), secretKey, encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), requesterEntityID, "EncryptedAssertion");
return AssertionFactory.getInstance().createEncryptedAssertion(el);
}
Also used :
EncInfo(com.sun.identity.saml2.key.EncInfo)
SecretKey(javax.crypto.SecretKey)
AttributeServiceElement(com.sun.identity.saml2.jaxb.metadata.AttributeServiceElement)
AttributeValueElement(com.sun.identity.saml2.jaxb.assertion.AttributeValueElement)
AttributeElement(com.sun.identity.saml2.jaxb.assertion.AttributeElement)
IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)
AttributeAuthorityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeAuthorityConfigElement)
AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)
AttributeAuthorityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.AttributeAuthorityDescriptorElement)
Element(org.w3c.dom.Element)
AttributeQueryConfigElement(com.sun.identity.saml2.jaxb.entityconfig.AttributeQueryConfigElement)
AttributeQueryDescriptorElement(com.sun.identity.saml2.jaxb.metadataextquery.AttributeQueryDescriptorElement)
Aggregations
SecretKey (javax.crypto.SecretKey)491
Cipher (javax.crypto.Cipher)176
SecretKeySpec (javax.crypto.spec.SecretKeySpec)141
KeyGenerator (javax.crypto.KeyGenerator)121
SecretKeyFactory (javax.crypto.SecretKeyFactory)89
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)87
SecureRandom (java.security.SecureRandom)61
InvalidKeyException (java.security.InvalidKeyException)58
PBEKeySpec (javax.crypto.spec.PBEKeySpec)58
IvParameterSpec (javax.crypto.spec.IvParameterSpec)46
IOException (java.io.IOException)44
Test (org.junit.Test)40
PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)35
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)34
KeyStore (java.security.KeyStore)32
PrivateKey (java.security.PrivateKey)30
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)30
KeyStoreException (java.security.KeyStoreException)29
BadPaddingException (javax.crypto.BadPaddingException)29
Mac (javax.crypto.Mac)29
