Examples with SecretKeyFactory javax.crypto.SecretKeyFactory used on opensource projects

Example 36 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project nhin-d by DirectProject.

the class CertLoader method loadCertificate.

public static CertCreateFields loadCertificate(File certFile, File keyFile, char[] password) throws Exception {
    byte[] certData = loadFileData(certFile);
    byte[] keyData = loadFileData(keyFile);
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    InputStream inStr = new ByteArrayInputStream(certData);
    java.security.cert.Certificate holdCert = cf.generateCertificate(inStr);
    X509Certificate cert = (X509Certificate) holdCert;
    IOUtils.closeQuietly(inStr);
    KeyFactory kf = KeyFactory.getInstance("RSA", CryptoExtensions.getJCEProviderName());
    PKCS8EncodedKeySpec keysp = null;
    if (password != null && password.length > 0) {
        EncryptedPrivateKeyInfo encInfo = new EncryptedPrivateKeyInfo(keyData);
        PBEKeySpec keySpec = new PBEKeySpec(password);
        String alg = encInfo.getAlgName();
        SecretKeyFactory secFactory = SecretKeyFactory.getInstance(alg, CryptoExtensions.getJCEProviderName());
        SecretKey secKey = secFactory.generateSecret(keySpec);
        keysp = encInfo.getKeySpec(secKey, CryptoExtensions.getJCEProviderName());
    } else {
        keysp = new PKCS8EncodedKeySpec(keyData);
    }
    PrivateKey privKey = kf.generatePrivate(keysp);
    Map<String, Object> attributes = getAttributes(cert);
    Calendar now = Calendar.getInstance();
    Calendar exp = Calendar.getInstance();
    exp.setTime(cert.getNotAfter());
    long diff = exp.getTimeInMillis() - now.getTimeInMillis();
    long diffDays = diff / (24 * 60 * 60 * 1000);
    // TODO: get the key strength
    // just hard coded
    int keyStr = 1024;
    CertCreateFields retVal = new CertCreateFields(attributes, certFile, keyFile, password, (int) diffDays, keyStr, cert, privKey);
    return retVal;
}

Example 37 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project nhin-d by DirectProject.

the class CreatePKCS12 method create.

/**
	 * Creates a PCKS12 file from the certificate and key files.
	 * @param certFile The X509 DER encoded certificate file.
	 * @param keyFile The PCKS8 DER encoded private key file.
	 * @param password Option password for the private key file.  This is required if the private key file is encrypted.  Should be null or empty
	 * if the private key file is not encrypted.
	 * @param createFile Optional file descriptor for the output file of the pkcs12 file.  If this is null, the file name is based on the 
	 * certificate file name.
	 * @return File descriptor of the created pcks12 file.  Null if an error occurred.  
	 */
public static File create(File certFile, File keyFile, String password, File createFile) {
    File pkcs12File = null;
    CreatePKCS12.certFile = certFile;
    CreatePKCS12.keyFile = keyFile;
    FileOutputStream outStr = null;
    InputStream inStr = null;
    // load cert file
    try {
        KeyStore localKeyStore = KeyStore.getInstance("PKCS12", CryptoExtensions.getJCEProviderName());
        localKeyStore.load(null, null);
        byte[] certData = loadFileData(certFile);
        byte[] keyData = loadFileData(keyFile);
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        inStr = new ByteArrayInputStream(certData);
        java.security.cert.Certificate cert = cf.generateCertificate(inStr);
        IOUtils.closeQuietly(inStr);
        KeyFactory kf = KeyFactory.getInstance("RSA", CryptoExtensions.getJCEProviderName());
        PKCS8EncodedKeySpec keysp = null;
        if (password != null && !password.isEmpty()) {
            EncryptedPrivateKeyInfo encInfo = new EncryptedPrivateKeyInfo(keyData);
            PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
            String alg = encInfo.getAlgName();
            SecretKeyFactory secFactory = SecretKeyFactory.getInstance(alg, CryptoExtensions.getJCEProviderName());
            SecretKey secKey = secFactory.generateSecret(keySpec);
            keysp = encInfo.getKeySpec(secKey, CryptoExtensions.getJCEProviderName());
        } else {
            keysp = new PKCS8EncodedKeySpec(keyData);
        }
        Key privKey = kf.generatePrivate(keysp);
        char[] array = "".toCharArray();
        localKeyStore.setKeyEntry("privCert", privKey, array, new java.security.cert.Certificate[] { cert });
        pkcs12File = getPKCS12OutFile(createFile);
        outStr = new FileOutputStream(pkcs12File);
        localKeyStore.store(outStr, p12Pass.toCharArray());
    } catch (Exception e) {
        System.err.println("Failed to create pcks12 file: " + e.getMessage());
        e.printStackTrace(System.err);
        return null;
    } finally {
        IOUtils.closeQuietly(outStr);
        IOUtils.closeQuietly(inStr);
    }
    return pkcs12File;
}

Example 38 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project midpoint by Evolveum.

the class ProtectorImpl method compareHashedPbkd.

private boolean compareHashedPbkd(HashedDataType hashedDataType, String algorithmName, char[] clearChars) throws EncryptionException {
    DigestMethodType digestMethodType = hashedDataType.getDigestMethod();
    byte[] salt = digestMethodType.getSalt();
    Integer workFactor = digestMethodType.getWorkFactor();
    byte[] digestValue = hashedDataType.getDigestValue();
    int keyLen = digestValue.length * 8;
    SecretKeyFactory secretKeyFactory;
    try {
        secretKeyFactory = SecretKeyFactory.getInstance(algorithmName);
    } catch (NoSuchAlgorithmException e) {
        throw new EncryptionException(e.getMessage(), e);
    }
    PBEKeySpec keySpec = new PBEKeySpec(clearChars, salt, workFactor, keyLen);
    SecretKey key;
    try {
        key = secretKeyFactory.generateSecret(keySpec);
    } catch (InvalidKeySpecException e) {
        throw new EncryptionException(e.getMessage(), e);
    }
    byte[] hashBytes = key.getEncoded();
    return Arrays.equals(digestValue, hashBytes);
}

Example 39 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project android_frameworks_base by DirtyUnicorns.

the class AndroidKeyStoreCipherSpiBase method engineWrap.

@Override
protected final byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
    if (mKey == null) {
        throw new IllegalStateException("Not initilized");
    }
    if (!isEncrypting()) {
        throw new IllegalStateException("Cipher must be initialized in Cipher.WRAP_MODE to wrap keys");
    }
    if (key == null) {
        throw new NullPointerException("key == null");
    }
    byte[] encoded = null;
    if (key instanceof SecretKey) {
        if ("RAW".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(key.getAlgorithm());
                SecretKeySpec spec = (SecretKeySpec) keyFactory.getKeySpec((SecretKey) key, SecretKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PrivateKey) {
        if ("PKCS8".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                PKCS8EncodedKeySpec spec = keyFactory.getKeySpec(key, PKCS8EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PublicKey) {
        if ("X.509".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else {
        throw new InvalidKeyException("Unsupported key type: " + key.getClass().getName());
    }
    if (encoded == null) {
        throw new InvalidKeyException("Failed to wrap key because it does not export its key material");
    }
    try {
        return engineDoFinal(encoded, 0, encoded.length);
    } catch (BadPaddingException e) {
        throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
    }
}

Example 40 with SecretKeyFactory

use of javax.crypto.SecretKeyFactory in project android_frameworks_base by DirtyUnicorns.

the class BackupManagerService method buildCharArrayKey.

private SecretKey buildCharArrayKey(String algorithm, char[] pwArray, byte[] salt, int rounds) {
    try {
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
        KeySpec ks = new PBEKeySpec(pwArray, salt, rounds, PBKDF2_KEY_SIZE);
        return keyFactory.generateSecret(ks);
    } catch (InvalidKeySpecException e) {
        Slog.e(TAG, "Invalid key spec for PBKDF2!");
    } catch (NoSuchAlgorithmException e) {
        Slog.e(TAG, "PBKDF2 unavailable!");
    }
    return null;
}