Example 26 with PBEParameterSpec
use of javax.crypto.spec.PBEParameterSpec in project jdk8u_jdk by JetBrains.
the class HmacPKCS12PBESHA1 method engineInit.
/**
* Initializes the HMAC with the given secret key and algorithm parameters.
*
* @param key the secret key.
* @param params the algorithm parameters.
*
* @exception InvalidKeyException if the given key is inappropriate for
* initializing this MAC.
* @exception InvalidAlgorithmParameterException if the given algorithm
* parameters are inappropriate for this MAC.
*/
protected void engineInit(Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException {
char[] passwdChars;
byte[] salt = null;
int iCount = 0;
if (key instanceof javax.crypto.interfaces.PBEKey) {
javax.crypto.interfaces.PBEKey pbeKey = (javax.crypto.interfaces.PBEKey) key;
passwdChars = pbeKey.getPassword();
// maybe null if unspecified
salt = pbeKey.getSalt();
// maybe 0 if unspecified
iCount = pbeKey.getIterationCount();
} else if (key instanceof SecretKey) {
byte[] passwdBytes = key.getEncoded();
if ((passwdBytes == null) || !(key.getAlgorithm().regionMatches(true, 0, "PBE", 0, 3))) {
throw new InvalidKeyException("Missing password");
}
passwdChars = new char[passwdBytes.length];
for (int i = 0; i < passwdChars.length; i++) {
passwdChars[i] = (char) (passwdBytes[i] & 0x7f);
}
} else {
throw new InvalidKeyException("SecretKey of PBE type required");
}
if (params == null) {
// retrieve the generated defaults.
if ((salt == null) || (iCount == 0)) {
throw new InvalidAlgorithmParameterException("PBEParameterSpec required for salt and iteration count");
}
} else if (!(params instanceof PBEParameterSpec)) {
throw new InvalidAlgorithmParameterException("PBEParameterSpec type required");
} else {
PBEParameterSpec pbeParams = (PBEParameterSpec) params;
// make sure the parameter values are consistent
if (salt != null) {
if (!Arrays.equals(salt, pbeParams.getSalt())) {
throw new InvalidAlgorithmParameterException("Inconsistent value of salt between key and params");
}
} else {
salt = pbeParams.getSalt();
}
if (iCount != 0) {
if (iCount != pbeParams.getIterationCount()) {
throw new InvalidAlgorithmParameterException("Different iteration count between key and params");
}
} else {
iCount = pbeParams.getIterationCount();
}
}
// which is what PKCS#5 recommends and openssl does.
if (salt.length < 8) {
throw new InvalidAlgorithmParameterException("Salt must be at least 8 bytes long");
}
if (iCount <= 0) {
throw new InvalidAlgorithmParameterException("IterationCount must be a positive number");
}
byte[] derivedKey = PKCS12PBECipherCore.derive(passwdChars, salt, iCount, engineGetMacLength(), PKCS12PBECipherCore.MAC_KEY);
SecretKey cipherKey = new SecretKeySpec(derivedKey, "HmacSHA1");
super.engineInit(cipherKey, null);
}
Also used :
SecretKey(javax.crypto.SecretKey)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
Example 27 with PBEParameterSpec
use of javax.crypto.spec.PBEParameterSpec in project GeoGig by boundlessgeo.
the class Remote method decryptPassword.
public static String decryptPassword(String password) {
try {
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(PASSWORD));
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20));
return new String(pbeCipher.doFinal(Base64.decode(password)));
} catch (Exception e) {
return password;
}
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKey(javax.crypto.SecretKey)
Cipher(javax.crypto.Cipher)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
MalformedURLException(java.net.MalformedURLException)
Example 28 with PBEParameterSpec
use of javax.crypto.spec.PBEParameterSpec in project symmetric-ds by JumpMind.
the class SecurityService method initializeCipher.
protected void initializeCipher(Cipher cipher, int mode) throws Exception {
AlgorithmParameterSpec paramSpec = Cipher.getMaxAllowedParameterSpec(cipher.getAlgorithm());
if (paramSpec instanceof PBEParameterSpec || (paramSpec == null && cipher.getAlgorithm().startsWith("PBE"))) {
paramSpec = new PBEParameterSpec(SecurityConstants.SALT, SecurityConstants.ITERATION_COUNT);
cipher.init(mode, secretKey, paramSpec);
} else if (paramSpec instanceof IvParameterSpec) {
paramSpec = new IvParameterSpec(SecurityConstants.SALT);
cipher.init(mode, secretKey, paramSpec);
} else {
cipher.init(mode, secretKey, (AlgorithmParameterSpec) null);
}
}
Also used :
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
Example 29 with PBEParameterSpec
use of javax.crypto.spec.PBEParameterSpec in project Lucee by lucee.
the class Cryptor method _crypt.
private static byte[] _crypt(byte[] input, String key, String algorithm, byte[] ivOrSalt, int iterations, boolean doDecrypt) throws PageException {
byte[] result = null;
Key secretKey = null;
AlgorithmParameterSpec params = null;
String algo = algorithm;
boolean isFBM = false, isPBE = StringUtil.startsWithIgnoreCase(algo, "PBE");
int ivsLen = 0, algoDelimPos = algorithm.indexOf('/');
if (algoDelimPos > -1) {
algo = algorithm.substring(0, algoDelimPos);
isFBM = !StringUtil.startsWithIgnoreCase(algorithm.substring(algoDelimPos + 1), "ECB");
}
try {
Cipher cipher = Cipher.getInstance(algorithm);
if (ivOrSalt == null) {
if (isPBE || isFBM) {
ivsLen = cipher.getBlockSize();
ivOrSalt = new byte[ivsLen];
if (doDecrypt)
System.arraycopy(input, 0, ivOrSalt, 0, ivsLen);
else
secureRandom.nextBytes(ivOrSalt);
}
}
if (isPBE) {
secretKey = SecretKeyFactory.getInstance(algorithm).generateSecret(new PBEKeySpec(key.toCharArray()));
// set Salt and Iterations for PasswordBasedEncryption
params = new PBEParameterSpec(ivOrSalt, iterations > 0 ? iterations : DEFAULT_ITERATIONS);
} else {
secretKey = new SecretKeySpec(Coder.decode(Coder.ENCODING_BASE64, key), algo);
if (isFBM)
// set Initialization Vector for non-ECB Feedback Mode
params = new IvParameterSpec(ivOrSalt);
}
if (doDecrypt) {
cipher.init(Cipher.DECRYPT_MODE, secretKey, params);
result = cipher.doFinal(input, ivsLen, input.length - ivsLen);
} else {
cipher.init(Cipher.ENCRYPT_MODE, secretKey, params);
result = new byte[ivsLen + cipher.getOutputSize(input.length)];
if (ivsLen > 0)
System.arraycopy(ivOrSalt, 0, result, 0, ivsLen);
cipher.doFinal(input, 0, input.length, result, ivsLen);
}
return result;
} catch (Throwable t) {
ExceptionUtil.rethrowIfNecessary(t);
throw Caster.toPageException(t);
}
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
Key(java.security.Key)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
Example 30 with PBEParameterSpec
use of javax.crypto.spec.PBEParameterSpec in project ORCID-Source by ORCID.
the class DesEncrypter method initDesEncrypter.
private void initDesEncrypter(final String passPhrase) {
try {
// Create the key
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (GeneralSecurityException e) {
LOGGER.trace("DesEncrypter.creation failed", e);
throw new ApplicationException("DesEncrypter creation failed", e);
}
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKey(javax.crypto.SecretKey)
ApplicationException(org.orcid.core.exception.ApplicationException)
KeySpec(java.security.spec.KeySpec)
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
GeneralSecurityException(java.security.GeneralSecurityException)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)
Aggregations
PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)58
SecretKey (javax.crypto.SecretKey)36
Cipher (javax.crypto.Cipher)34
PBEKeySpec (javax.crypto.spec.PBEKeySpec)33
SecretKeyFactory (javax.crypto.SecretKeyFactory)27
IvParameterSpec (javax.crypto.spec.IvParameterSpec)14
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)13
KeyStoreException (java.security.KeyStoreException)11
UnrecoverableKeyException (java.security.UnrecoverableKeyException)11
CertificateException (java.security.cert.CertificateException)11
InvalidKeyException (java.security.InvalidKeyException)10
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)9
CipherParameters (org.bouncycastle.crypto.CipherParameters)9
KeyParameter (org.bouncycastle.crypto.params.KeyParameter)9
ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)9
IOException (java.io.IOException)8
AlgorithmParameters (java.security.AlgorithmParameters)8
SecureRandom (java.security.SecureRandom)8
CertificateEncodingException (java.security.cert.CertificateEncodingException)8
AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)8
