Search in sources :

Example 91 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project Signal-Android by WhisperSystems.

the class MasterSecretUtil method getKeyFromPassphrase.

private static SecretKey getKeyFromPassphrase(String passphrase, byte[] salt, int iterations) throws GeneralSecurityException {
    PBEKeySpec keyspec = new PBEKeySpec(passphrase.toCharArray(), salt, iterations);
    SecretKeyFactory skf = SecretKeyFactory.getInstance("PBEWITHSHA1AND128BITAES-CBC-BC");
    return skf.generateSecret(keyspec);
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 92 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project platform_frameworks_base by android.

the class AndroidKeyStoreCipherSpiBase method engineWrap.

@Override
protected final byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
    if (mKey == null) {
        throw new IllegalStateException("Not initilized");
    }
    if (!isEncrypting()) {
        throw new IllegalStateException("Cipher must be initialized in Cipher.WRAP_MODE to wrap keys");
    }
    if (key == null) {
        throw new NullPointerException("key == null");
    }
    byte[] encoded = null;
    if (key instanceof SecretKey) {
        if ("RAW".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(key.getAlgorithm());
                SecretKeySpec spec = (SecretKeySpec) keyFactory.getKeySpec((SecretKey) key, SecretKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PrivateKey) {
        if ("PKCS8".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                PKCS8EncodedKeySpec spec = keyFactory.getKeySpec(key, PKCS8EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PublicKey) {
        if ("X.509".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else {
        throw new InvalidKeyException("Unsupported key type: " + key.getClass().getName());
    }
    if (encoded == null) {
        throw new InvalidKeyException("Failed to wrap key because it does not export its key material");
    }
    try {
        return engineDoFinal(encoded, 0, encoded.length);
    } catch (BadPaddingException e) {
        throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
    }
}
Also used : PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) SecretKey(javax.crypto.SecretKey) SecretKeySpec(javax.crypto.spec.SecretKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SecretKeyFactory(javax.crypto.SecretKeyFactory) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyFactory(java.security.KeyFactory)

Example 93 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project ButterRemote-Android by se-bastiaan.

the class ObscuredSharedPreferences method encrypt.

protected String encrypt(String value) {
    try {
        final byte[] bytes = value != null ? value.getBytes(UTF8) : new byte[0];
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(PBE_WITH_MD5_AND_DES);
        SecretKey key = keyFactory.generateSecret(new PBEKeySpec(SEKRIT));
        Cipher pbeCipher = Cipher.getInstance(PBE_WITH_MD5_AND_DES);
        pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(Settings.Secure.getString(context.getContentResolver(), Settings.System.ANDROID_ID).getBytes(UTF8), 20));
        return new String(Base64.encode(pbeCipher.doFinal(bytes), Base64.NO_WRAP), UTF8);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKey(javax.crypto.SecretKey) Cipher(javax.crypto.Cipher) SecretKeyFactory(javax.crypto.SecretKeyFactory) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)

Example 94 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project graylog2-server by Graylog2.

the class PemKeyStore method generateKeySpec.

/**
     * Generates a key specification for an (encrypted) private key.
     *
     * @param password characters, if {@code null} or empty an unencrypted key is assumed
     * @param key      bytes of the DER encoded private key
     * @return a key specification
     * @throws IOException                        if parsing {@code key} fails
     * @throws NoSuchAlgorithmException           if the algorithm used to encrypt {@code key} is unkown
     * @throws NoSuchPaddingException             if the padding scheme specified in the decryption algorithm is unkown
     * @throws InvalidKeySpecException            if the decryption key based on {@code password} cannot be generated
     * @throws InvalidKeyException                if the decryption key based on {@code password} cannot be used to decrypt
     *                                            {@code key}
     * @throws InvalidAlgorithmParameterException if decryption algorithm parameters are somehow faulty
     */
protected static PKCS8EncodedKeySpec generateKeySpec(char[] password, byte[] key) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException {
    if (password == null || password.length == 0) {
        return new PKCS8EncodedKeySpec(key);
    }
    final EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(key);
    final SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName());
    final PBEKeySpec pbeKeySpec = new PBEKeySpec(password);
    final SecretKey pbeKey = keyFactory.generateSecret(pbeKeySpec);
    @SuppressWarnings("InsecureCryptoUsage") final Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
    cipher.init(Cipher.DECRYPT_MODE, pbeKey, encryptedPrivateKeyInfo.getAlgParameters());
    return encryptedPrivateKeyInfo.getKeySpec(cipher);
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKey(javax.crypto.SecretKey) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo) Cipher(javax.crypto.Cipher) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 95 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project opennms by OpenNMS.

the class JCEKSSecureCredentialsVault method getCredentials.

@Override
public Credentials getCredentials(String alias) {
    try {
        KeyStore.PasswordProtection keyStorePP = new KeyStore.PasswordProtection(m_password);
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE");
        KeyStore.SecretKeyEntry ske = (KeyStore.SecretKeyEntry) m_keystore.getEntry(alias, keyStorePP);
        if (ske == null) {
            return null;
        }
        PBEKeySpec keySpec = (PBEKeySpec) factory.getKeySpec(ske.getSecretKey(), PBEKeySpec.class);
        return fromBase64EncodedByteArray(new String(keySpec.getPassword()).getBytes());
    } catch (KeyStoreException | InvalidKeySpecException | NoSuchAlgorithmException | IOException | ClassNotFoundException | UnrecoverableEntryException e) {
        throw Throwables.propagate(e);
    }
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) KeyStore(java.security.KeyStore) UnrecoverableEntryException(java.security.UnrecoverableEntryException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Aggregations

SecretKeyFactory (javax.crypto.SecretKeyFactory)129 SecretKey (javax.crypto.SecretKey)84 PBEKeySpec (javax.crypto.spec.PBEKeySpec)75 Cipher (javax.crypto.Cipher)58 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)39 DESKeySpec (javax.crypto.spec.DESKeySpec)28 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)26 PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)26 KeySpec (java.security.spec.KeySpec)25 SecretKeySpec (javax.crypto.spec.SecretKeySpec)23 SecureRandom (java.security.SecureRandom)18 KeyStoreException (java.security.KeyStoreException)16 IOException (java.io.IOException)15 InvalidKeyException (java.security.InvalidKeyException)14 PrivateKey (java.security.PrivateKey)12 CertificateException (java.security.cert.CertificateException)12 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)12 UnrecoverableKeyException (java.security.UnrecoverableKeyException)11 Key (java.security.Key)10 KeyFactory (java.security.KeyFactory)10