Examples with PBEParameterSpec javax.crypto.spec.PBEParameterSpec used on opensource projects

Search in sources :

Example 16 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project XobotOS by xamarin.

the class JDKPKCS12KeyStore method unwrapKey.

protected PrivateKey unwrapKey(AlgorithmIdentifier algId, byte[] data, char[] password, boolean wrongPKCS12Zero) throws IOException {
    String algorithm = algId.getObjectId().getId();
    PKCS12PBEParams pbeParams = new PKCS12PBEParams((ASN1Sequence) algId.getParameters());
    PBEKeySpec pbeSpec = new PBEKeySpec(password);
    PrivateKey out;
    try {
        SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm, bcProvider);
        PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
        SecretKey k = keyFact.generateSecret(pbeSpec);
        ((JCEPBEKey) k).setTryWrongPKCS12Zero(wrongPKCS12Zero);
        Cipher cipher = Cipher.getInstance(algorithm, bcProvider);
        cipher.init(Cipher.UNWRAP_MODE, k, defParams);
        // we pass "" as the key algorithm type as it is unknown at this point
        out = (PrivateKey) cipher.unwrap(data, "", Cipher.PRIVATE_KEY);
    } catch (Exception e) {
        throw new IOException("exception unwrapping private key - " + e.toString());
    }
    return out;
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKey(javax.crypto.SecretKey) PrivateKey(java.security.PrivateKey) PKCS12PBEParams(org.bouncycastle.asn1.pkcs.PKCS12PBEParams) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) Cipher(javax.crypto.Cipher) IOException(java.io.IOException) SecretKeyFactory(javax.crypto.SecretKeyFactory) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CertificateEncodingException(java.security.cert.CertificateEncodingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 17 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project XobotOS by xamarin.

the class JDKPKCS12KeyStore method wrapKey.

protected byte[] wrapKey(String algorithm, Key key, PKCS12PBEParams pbeParams, char[] password) throws IOException {
    PBEKeySpec pbeSpec = new PBEKeySpec(password);
    byte[] out;
    try {
        SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm, bcProvider);
        PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
        Cipher cipher = Cipher.getInstance(algorithm, bcProvider);
        cipher.init(Cipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), defParams);
        out = cipher.wrap(key);
    } catch (Exception e) {
        throw new IOException("exception encrypting data - " + e.toString());
    }
    return out;
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) Cipher(javax.crypto.Cipher) IOException(java.io.IOException) SecretKeyFactory(javax.crypto.SecretKeyFactory) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CertificateEncodingException(java.security.cert.CertificateEncodingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 18 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project XobotOS by xamarin.

the class JCEStreamCipher method engineInit.

protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
    CipherParameters param;
    this.pbeSpec = null;
    this.pbeAlgorithm = null;
    this.engineParams = null;
    //
    if (!(key instanceof SecretKey)) {
        throw new InvalidKeyException("Key for algorithm " + key.getAlgorithm() + " not suitable for symmetric enryption.");
    }
    if (key instanceof JCEPBEKey) {
        JCEPBEKey k = (JCEPBEKey) key;
        if (k.getOID() != null) {
            pbeAlgorithm = k.getOID().getId();
        } else {
            pbeAlgorithm = k.getAlgorithm();
        }
        if (k.getParam() != null) {
            param = k.getParam();
            pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());
        } else if (params instanceof PBEParameterSpec) {
            param = PBE.Util.makePBEParameters(k, params, cipher.getAlgorithmName());
            pbeSpec = (PBEParameterSpec) params;
        } else {
            throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
        }
        if (k.getIvSize() != 0) {
            ivParam = (ParametersWithIV) param;
        }
    } else if (params == null) {
        param = new KeyParameter(key.getEncoded());
    } else if (params instanceof IvParameterSpec) {
        param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec) params).getIV());
        ivParam = (ParametersWithIV) param;
    } else {
        throw new IllegalArgumentException("unknown parameter type.");
    }
    if ((ivLength != 0) && !(param instanceof ParametersWithIV)) {
        SecureRandom ivRandom = random;
        if (ivRandom == null) {
            ivRandom = new SecureRandom();
        }
        if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE)) {
            byte[] iv = new byte[ivLength];
            ivRandom.nextBytes(iv);
            param = new ParametersWithIV(param, iv);
            ivParam = (ParametersWithIV) param;
        } else {
            throw new InvalidAlgorithmParameterException("no IV set when one expected");
        }
    }
    switch(opmode) {
        case Cipher.ENCRYPT_MODE:
        case Cipher.WRAP_MODE:
            cipher.init(true, param);
            break;
        case Cipher.DECRYPT_MODE:
        case Cipher.UNWRAP_MODE:
            cipher.init(false, param);
            break;
        default:
            System.out.println("eeek!");
    }
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) SecretKey(javax.crypto.SecretKey) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) SecureRandom(java.security.SecureRandom) IvParameterSpec(javax.crypto.spec.IvParameterSpec) InvalidKeyException(java.security.InvalidKeyException) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)

Example 19 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project nhin-d by DirectProject.

the class CertGenerator method writeCertAndKey.

private static void writeCertAndKey(X509Certificate cert, PrivateKey key, CertCreateFields fields) throws Exception {
    // write the cert
    FileUtils.writeByteArrayToFile(fields.getNewCertFile(), cert.getEncoded());
    if (fields.getNewPassword() == null || fields.getNewPassword().length == 0) {
        // no password... just write the file 
        FileUtils.writeByteArrayToFile(fields.getNewKeyFile(), key.getEncoded());
    } else {
        // encypt it, then write it
        // prime the salts
        byte[] salt = new byte[8];
        VMPCRandomGenerator ranGen = new VMPCRandomGenerator();
        ranGen.addSeedMaterial(new SecureRandom().nextLong());
        ranGen.nextBytes(salt);
        // create PBE parameters from salt and iteration count
        PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20);
        PBEKeySpec pbeKeySpec = new PBEKeySpec(fields.getNewPassword());
        SecretKey sKey = SecretKeyFactory.getInstance("PBEWithMD5AndDES", CryptoExtensions.getJCEProviderName()).generateSecret(pbeKeySpec);
        // encrypt
        Cipher cipher = Cipher.getInstance("PBEWithMD5AndDES", CryptoExtensions.getJCEProviderName());
        cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec, null);
        byte[] plain = (byte[]) key.getEncoded();
        byte[] encrKey = cipher.doFinal(plain, 0, plain.length);
        // set the algorithm parameters
        AlgorithmParameters pbeParams = AlgorithmParameters.getInstance(PBE_WITH_MD5_AND_DES_CBC_OID, Security.getProvider("SunJCE"));
        pbeParams.init(pbeSpec);
        // place in a EncryptedPrivateKeyInfo to encode to the proper file format
        EncryptedPrivateKeyInfo info = new EncryptedPrivateKeyInfo(pbeParams, encrKey);
        // now write it to the file
        FileUtils.writeByteArrayToFile(fields.getNewKeyFile(), info.getEncoded());
    }
    if (fields.getSignerCert() == null)
        fields.setSignerCert(cert);
    if (fields.getSignerKey() == null)
        fields.setSignerKey(key);
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKey(javax.crypto.SecretKey) VMPCRandomGenerator(org.bouncycastle.crypto.prng.VMPCRandomGenerator) SecureRandom(java.security.SecureRandom) EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo) Cipher(javax.crypto.Cipher) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec) AlgorithmParameters(java.security.AlgorithmParameters)

Example 20 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project jdk8u_jdk by JetBrains.

the class TestCipherPBE method runTest.

private void runTest(String algorithm) throws InvalidKeySpecException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, ShortBufferException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException {
    out.println("=> Testing: " + algorithm);
    try {
        // Initialization
        AlgorithmParameterSpec algoParamSpec = new PBEParameterSpec(SALT, 6);
        SecretKey secretKey = SecretKeyFactory.getInstance(KEY_ALGO).generateSecret(new PBEKeySpec(("Secret Key Value").toCharArray()));
        Cipher ci = Cipher.getInstance(algorithm);
        ci.init(Cipher.ENCRYPT_MODE, secretKey, algoParamSpec);
        // Encryption
        byte[] cipherText = ci.doFinal(PLAIN_TEXT);
        // Decryption
        ci.init(Cipher.DECRYPT_MODE, secretKey, algoParamSpec);
        byte[] recoveredText = ci.doFinal(cipherText);
        if (algorithm.contains("TripleDES")) {
            throw new RuntimeException("Expected InvalidKeyException exception uncaugh");
        }
        // Comparison
        if (!Arrays.equals(PLAIN_TEXT, recoveredText)) {
            throw new RuntimeException("Test failed: plainText is not equal to recoveredText");
        }
        out.println("Test Passed.");
    } catch (InvalidKeyException ex) {
        if (algorithm.contains("TripleDES")) {
            out.println("Expected InvalidKeyException raised");
        } else {
            throw new RuntimeException(ex);
        }
    }
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) SecretKey(javax.crypto.SecretKey) Cipher(javax.crypto.Cipher) InvalidKeyException(java.security.InvalidKeyException) AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)

Aggregations

PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)56 SecretKey (javax.crypto.SecretKey)35 Cipher (javax.crypto.Cipher)32 PBEKeySpec (javax.crypto.spec.PBEKeySpec)31 SecretKeyFactory (javax.crypto.SecretKeyFactory)26 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)13 IvParameterSpec (javax.crypto.spec.IvParameterSpec)13 KeyStoreException (java.security.KeyStoreException)11 UnrecoverableKeyException (java.security.UnrecoverableKeyException)11 CertificateException (java.security.cert.CertificateException)11 InvalidKeyException (java.security.InvalidKeyException)10 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)9 CipherParameters (org.bouncycastle.crypto.CipherParameters)9 KeyParameter (org.bouncycastle.crypto.params.KeyParameter)9 ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)9 IOException (java.io.IOException)8 AlgorithmParameters (java.security.AlgorithmParameters)8 SecureRandom (java.security.SecureRandom)8 CertificateEncodingException (java.security.cert.CertificateEncodingException)8 AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial