Search in sources :

Example 11 with DHPublicKeySpec

use of javax.crypto.spec.DHPublicKeySpec in project robovm by robovm.

the class DHPublicKeySpecTest method testDHPrivateKeySpec.

/**
     * DHPublicKeySpec class testing. Tests the equivalence of parameters
     * specified in the constructor with the values returned by getters.
     */
public void testDHPrivateKeySpec() {
    BigInteger[] ys = { new BigInteger("-1000000000000"), BigInteger.ZERO, BigInteger.ONE, new BigInteger("1000000000000") };
    BigInteger[] ps = { new BigInteger("-1000000000000"), BigInteger.ZERO, BigInteger.ONE, new BigInteger("1000000000000") };
    BigInteger[] gs = { new BigInteger("-1000000000000"), BigInteger.ZERO, BigInteger.ONE, new BigInteger("1000000000000") };
    for (int i = 0; i < ps.length; i++) {
        DHPublicKeySpec dhpks = new DHPublicKeySpec(ys[i], ps[i], gs[i]);
        assertEquals("The value returned by getY() must be " + "equal to the value specified in the constructor", dhpks.getY(), ys[i]);
        assertEquals("The value returned by getP() must be " + "equal to the value specified in the constructor", dhpks.getP(), ps[i]);
        assertEquals("The value returned by getG() must be " + "equal to the value specified in the constructor", dhpks.getG(), gs[i]);
    }
}
Also used : BigInteger(java.math.BigInteger) DHPublicKeySpec(javax.crypto.spec.DHPublicKeySpec)

Example 12 with DHPublicKeySpec

use of javax.crypto.spec.DHPublicKeySpec in project jdk8u_jdk by JetBrains.

the class DHKeyFactory method engineGetKeySpec.

/**
     * Returns a specification (key material) of the given key object
     * in the requested format.
     *
     * @param key the key
     *
     * @param keySpec the requested format in which the key material shall be
     * returned
     *
     * @return the underlying key specification (key material) in the
     * requested format
     *
     * @exception InvalidKeySpecException if the requested key specification is
     * inappropriate for the given key, or the given key cannot be processed
     * (e.g., the given key has an unrecognized algorithm or format).
     */
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
    DHParameterSpec params;
    if (key instanceof javax.crypto.interfaces.DHPublicKey) {
        if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
            javax.crypto.interfaces.DHPublicKey dhPubKey = (javax.crypto.interfaces.DHPublicKey) key;
            params = dhPubKey.getParams();
            return keySpec.cast(new DHPublicKeySpec(dhPubKey.getY(), params.getP(), params.getG()));
        } else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
            return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
        } else {
            throw new InvalidKeySpecException("Inappropriate key specification");
        }
    } else if (key instanceof javax.crypto.interfaces.DHPrivateKey) {
        if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
            javax.crypto.interfaces.DHPrivateKey dhPrivKey = (javax.crypto.interfaces.DHPrivateKey) key;
            params = dhPrivKey.getParams();
            return keySpec.cast(new DHPrivateKeySpec(dhPrivKey.getX(), params.getP(), params.getG()));
        } else if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
            return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
        } else {
            throw new InvalidKeySpecException("Inappropriate key specification");
        }
    } else {
        throw new InvalidKeySpecException("Inappropriate key type");
    }
}
Also used : DHParameterSpec(javax.crypto.spec.DHParameterSpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) DHPrivateKeySpec(javax.crypto.spec.DHPrivateKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) DHPublicKeySpec(javax.crypto.spec.DHPublicKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Example 13 with DHPublicKeySpec

use of javax.crypto.spec.DHPublicKeySpec in project BiglyBT by BiglySoftware.

the class ProtocolDecoderPHE method completeDH.

protected void completeDH(byte[] buffer) throws IOException {
    try {
        BigInteger other_dh_y = bytesToBigInteger(buffer, 0, DH_SIZE_BYTES);
        KeyFactory dh_key_factory = KeyFactory.getInstance("DH");
        PublicKey other_public_key = dh_key_factory.generatePublic(new DHPublicKeySpec(other_dh_y, DH_P_BI, DH_G_BI));
        key_agreement.doPhase(other_public_key, true);
        secret_bytes = key_agreement.generateSecret();
        adapter.gotSecret(secret_bytes);
    // System.out.println( "secret = " + ByteFormatter.encodeString( secret_bytes ));
    } catch (Throwable e) {
        throw (new IOException(Debug.getNestedExceptionMessage(e)));
    }
}
Also used : PublicKey(java.security.PublicKey) DHPublicKey(javax.crypto.interfaces.DHPublicKey) BigInteger(java.math.BigInteger) DHPublicKeySpec(javax.crypto.spec.DHPublicKeySpec) IOException(java.io.IOException) KeyFactory(java.security.KeyFactory)

Example 14 with DHPublicKeySpec

use of javax.crypto.spec.DHPublicKeySpec in project derby by apache.

the class DecryptionManager method decryptData.

/**
 * This method generates a secret key using the application requester's
 * public key, and decrypts the usreid/password with the middle 8 bytes of
 * the generated secret key and a decryption token. Then it returns the
 * decrypted data in a byte array.
 *
 * @param cipherText        The byte array form userid/password to decrypt.
 * @param securityMechanism security mechanism
 * @param initVector        The byte array which is used to calculate the
 *                          decryption token for initializing the cipher
 * @param sourcePublicKey   application requester (encrypter)'s public key.
 * @return the decrypted data (plain text) in a byte array.
 */
public byte[] decryptData(byte[] cipherText, int securityMechanism, byte[] initVector, byte[] sourcePublicKey) throws SQLException {
    byte[] plainText = null;
    byte[] token = calculateDecryptionToken(securityMechanism, initVector);
    try {
        // initiate a Diffie_Hellman KeyFactory object.
        KeyFactory keyFac = KeyFactory.getInstance("DH", "IBMJCE");
        // Use server's public key to initiate a DHPublicKeySpec and then use
        // this DHPublicKeySpec to initiate a publicKey object
        BigInteger publicKey = new BigInteger(1, sourcePublicKey);
        DHPublicKeySpec dhKeySpec = new DHPublicKeySpec(publicKey, modulus__, base__);
        PublicKey pubKey = keyFac.generatePublic(dhKeySpec);
        // Execute the first phase of DH keyagreement protocal.
        keyAgreement_.doPhase(pubKey, true);
        // generate the shared secret key. The application requestor's shared secret
        // key should be exactly the same as the application server's shared secret
        // key
        byte[] sharedSecret = keyAgreement_.generateSecret();
        byte[] newKey = new byte[32];
        // pad 0 to the beginning of the byte array tho make the secret key 32 bytes.
        if (sharedSecret.length == 33 && sharedSecret[0] == 0) {
            for (int i = 0; i < newKey.length; i++) newKey[i] = sharedSecret[i + 1];
        }
        if (sharedSecret.length < 32) {
            int i;
            for (i = 0; i < (32 - sharedSecret.length); i++) newKey[i] = 0;
            for (int j = i; j < sharedSecret.length; j++) newKey[j] = sharedSecret[j - i];
        }
        // The Data Encryption Standard (DES) is going to be used to encrypt userid
        // and password. DES is a block cipher; it encrypts data in 64-bit blocks.
        // DRDA encryption uses DES CBC mode as defined by the FIPS standard
        // DES CBC requires an encryption key and an 8 byte token to encrypt the data.
        // The middle 8 bytes of Diffie-Hellman shared private key is used as the
        // encryption key. The following code retrieves middle 8 bytes of the shared
        // private key.
        byte[] key = new byte[8];
        // if secret key is not 32, we will use the adjust length secret key
        if (sharedSecret.length == 32) {
            for (int i = 0; i < 8; i++) key[i] = sharedSecret[i + 12];
        } else if (sharedSecret.length == 33 || sharedSecret.length < 32) {
            for (int i = 0; i < 8; i++) key[i] = newKey[i + 12];
        } else
            throw new SQLException("sharedSecret key length error " + sharedSecret.length);
        // make parity bit right, even number of 1's
        byte temp;
        int changeParity;
        for (int i = 0; i < 8; i++) {
            temp = key[i];
            changeParity = 1;
            for (int j = 0; j < 8; j++) {
                if (temp < 0)
                    changeParity = 1 - changeParity;
                temp = (byte) (temp << 1);
            }
            if (changeParity == 1) {
                if ((key[i] & 1) != 0)
                    key[i] &= 0xfe;
                else
                    key[i] |= 1;
            }
        }
        // use this encryption key to initiate a SecretKeySpec object
        SecretKeySpec desKey = new SecretKeySpec(key, "DES");
        // We use DES in CBC mode because this is the mode used in DRDA. The
        // encryption mode has to be consistent for encryption and decryption.
        // CBC mode requires an initialization vector(IV) parameter. In CBC mode
        // we need to initialize the Cipher object with an IV, which can be supplied
        // using the javax.crypto.spec.IvParameterSpec class.
        Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding", "IBMJCE");
        // generate a IVParameterSpec object and use it to initiate the
        // Cipher object.
        IvParameterSpec ivParam = new IvParameterSpec(token);
        // initiate the Cipher using encryption mode, encryption key and the
        // IV parameter.
        cipher.init(javax.crypto.Cipher.DECRYPT_MODE, desKey, ivParam);
        // Execute the final phase of encryption
        plainText = cipher.doFinal(cipherText);
    } catch (java.security.NoSuchProviderException e) {
        throw new SQLException("java.security.NoSuchProviderException is caught " + "when encrypting data '" + e.getMessage() + "'");
    } catch (java.security.NoSuchAlgorithmException e) {
        throw new SQLException("java.security.NoSuchAlgorithmException is caught " + "when encrypting data '" + e.getMessage() + "'");
    } catch (java.security.spec.InvalidKeySpecException e) {
        throw new SQLException("java.security.InvalidKeySpecException is caught " + "when encrypting data");
    } catch (java.security.InvalidKeyException e) {
        throw new SQLException("java.security.InvalidKeyException is caught " + "when encrypting data '" + e.getMessage() + "'");
    } catch (javax.crypto.NoSuchPaddingException e) {
        throw new SQLException("javax.crypto.NoSuchPaddingException is caught " + "when encrypting data '" + e.getMessage() + "'");
    } catch (javax.crypto.BadPaddingException e) {
        throw new SQLException("javax.crypto.BadPaddingException is caught " + "when encrypting data '" + e.getMessage() + "'");
    } catch (java.security.InvalidAlgorithmParameterException e) {
        throw new SQLException("java.security.InvalidAlgorithmParameterException is caught " + "when encrypting data '" + e.getMessage() + "'");
    } catch (javax.crypto.IllegalBlockSizeException e) {
        throw new SQLException("javax.crypto.IllegalBlockSizeException is caught " + "when encrypting data '" + e.getMessage() + "'");
    }
    return plainText;
}
Also used : SQLException(java.sql.SQLException) PublicKey(java.security.PublicKey) DHPublicKey(javax.crypto.interfaces.DHPublicKey) SecretKeySpec(javax.crypto.spec.SecretKeySpec) BigInteger(java.math.BigInteger) IvParameterSpec(javax.crypto.spec.IvParameterSpec) DHPublicKeySpec(javax.crypto.spec.DHPublicKeySpec) Cipher(javax.crypto.Cipher) KeyFactory(java.security.KeyFactory)

Example 15 with DHPublicKeySpec

use of javax.crypto.spec.DHPublicKeySpec in project Bytecoder by mirkosertic.

the class DHKeyFactory method engineGetKeySpec.

/**
 * Returns a specification (key material) of the given key object
 * in the requested format.
 *
 * @param key the key
 *
 * @param keySpec the requested format in which the key material shall be
 * returned
 *
 * @return the underlying key specification (key material) in the
 * requested format
 *
 * @exception InvalidKeySpecException if the requested key specification is
 * inappropriate for the given key, or the given key cannot be processed
 * (e.g., the given key has an unrecognized algorithm or format).
 */
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
    DHParameterSpec params;
    if (key instanceof javax.crypto.interfaces.DHPublicKey) {
        if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
            javax.crypto.interfaces.DHPublicKey dhPubKey = (javax.crypto.interfaces.DHPublicKey) key;
            params = dhPubKey.getParams();
            return keySpec.cast(new DHPublicKeySpec(dhPubKey.getY(), params.getP(), params.getG()));
        } else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
            return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
        } else {
            throw new InvalidKeySpecException("Inappropriate key specification");
        }
    } else if (key instanceof javax.crypto.interfaces.DHPrivateKey) {
        if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
            javax.crypto.interfaces.DHPrivateKey dhPrivKey = (javax.crypto.interfaces.DHPrivateKey) key;
            params = dhPrivKey.getParams();
            return keySpec.cast(new DHPrivateKeySpec(dhPrivKey.getX(), params.getP(), params.getG()));
        } else if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
            return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
        } else {
            throw new InvalidKeySpecException("Inappropriate key specification");
        }
    } else {
        throw new InvalidKeySpecException("Inappropriate key type");
    }
}
Also used : DHParameterSpec(javax.crypto.spec.DHParameterSpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) DHPrivateKeySpec(javax.crypto.spec.DHPrivateKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) DHPublicKeySpec(javax.crypto.spec.DHPublicKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Aggregations

DHPublicKeySpec (javax.crypto.spec.DHPublicKeySpec)17 KeyFactory (java.security.KeyFactory)13 DHPublicKey (javax.crypto.interfaces.DHPublicKey)12 BigInteger (java.math.BigInteger)11 PublicKey (java.security.PublicKey)11 IOException (java.io.IOException)9 DHParameterSpec (javax.crypto.spec.DHParameterSpec)9 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8 KeyPair (java.security.KeyPair)6 KeyPairGenerator (java.security.KeyPairGenerator)6 CertificateException (java.security.cert.CertificateException)6 KeyAgreement (javax.crypto.KeyAgreement)6 Cipher (javax.crypto.Cipher)5 X509Certificate (java.security.cert.X509Certificate)4 RSAPublicKey (java.security.interfaces.RSAPublicKey)4 X509ExtendedKeyManager (javax.net.ssl.X509ExtendedKeyManager)4 X509KeyManager (javax.net.ssl.X509KeyManager)4 GeneralSecurityException (java.security.GeneralSecurityException)3 PrivateKey (java.security.PrivateKey)3 DHPrivateKeySpec (javax.crypto.spec.DHPrivateKeySpec)3