Example 16 with PSource
use of javax.crypto.spec.PSource in project j2objc by google.
the class OAEPParameterSpecTest method testGetDigestAlgorithm.
/**
* getDigestAlgorithm() method testing.
*/
public void testGetDigestAlgorithm() {
String mdName = "SHA-1";
String mgfName = "MGF1";
AlgorithmParameterSpec mgfSpec = MGF1ParameterSpec.SHA1;
PSource pSrc = PSource.PSpecified.DEFAULT;
OAEPParameterSpec ps = new OAEPParameterSpec(mdName, mgfName, mgfSpec, pSrc);
assertTrue("The returned value does not equal to the " + "value specified in the constructor.", ps.getDigestAlgorithm().equals(mdName));
}
Also used :
PSource(javax.crypto.spec.PSource)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
OAEPParameterSpec(javax.crypto.spec.OAEPParameterSpec)
Example 17 with PSource
use of javax.crypto.spec.PSource in project j2objc by google.
the class OAEPParameterSpecTest method testGetPSource.
/**
* getPSource() method testing.
*/
public void testGetPSource() {
String mdName = "SHA-1";
String mgfName = "MGF1";
AlgorithmParameterSpec mgfSpec = MGF1ParameterSpec.SHA1;
PSource pSrc = PSource.PSpecified.DEFAULT;
OAEPParameterSpec ps = new OAEPParameterSpec(mdName, mgfName, mgfSpec, pSrc);
assertTrue("The returned value does not equal to the " + "value specified in the constructor.", ps.getPSource() == pSrc);
}
Also used :
PSource(javax.crypto.spec.PSource)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
OAEPParameterSpec(javax.crypto.spec.OAEPParameterSpec)
Example 18 with PSource
use of javax.crypto.spec.PSource in project j2objc by google.
the class OAEPParameterSpecTest method testGetMGFAlgorithm.
/**
* getMGFAlgorithm() method testing.
*/
public void testGetMGFAlgorithm() {
String mdName = "SHA-1";
String mgfName = "MGF1";
AlgorithmParameterSpec mgfSpec = MGF1ParameterSpec.SHA1;
PSource pSrc = PSource.PSpecified.DEFAULT;
OAEPParameterSpec ps = new OAEPParameterSpec(mdName, mgfName, mgfSpec, pSrc);
assertTrue("The returned value does not equal to the " + "value specified in the constructor.", ps.getMGFAlgorithm().equals(mgfName));
}
Also used :
PSource(javax.crypto.spec.PSource)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
OAEPParameterSpec(javax.crypto.spec.OAEPParameterSpec)
Example 19 with PSource
use of javax.crypto.spec.PSource in project santuario-java by apache.
the class XMLEncryptOutputProcessor method createInternalEncryptionOutputProcessor.
/**
* Override this method to return a different AbstractInternalEncryptionOutputProcessor instance
* which will write out the KeyInfo contents in the EncryptedData.
*/
protected AbstractInternalEncryptionOutputProcessor createInternalEncryptionOutputProcessor(EncryptionPartDef encryptionPartDef, XMLSecStartElement startElement, String encoding, final OutboundSecurityToken keyWrappingToken) throws XMLStreamException, XMLSecurityException {
final AbstractInternalEncryptionOutputProcessor processor = new AbstractInternalEncryptionOutputProcessor(encryptionPartDef, startElement, encoding) {
@Override
protected void createKeyInfoStructure(OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
if (keyWrappingToken == null) {
// Do not write out a KeyInfo element
return;
}
final String encryptionKeyTransportAlgorithm = getSecurityProperties().getEncryptionKeyTransportAlgorithm();
PublicKey pubKey = keyWrappingToken.getPublicKey();
Key secretKey = keyWrappingToken.getSecretKey(encryptionKeyTransportAlgorithm);
if (pubKey == null && secretKey == null) {
// Do not write out a KeyInfo element
return;
}
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo, true, null);
List<XMLSecAttribute> attributes = new ArrayList<>(1);
String keyId = IDGenerator.generateID("EK");
attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Id, keyId));
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_EncryptedKey, true, attributes);
attributes = new ArrayList<>(1);
attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Algorithm, encryptionKeyTransportAlgorithm));
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_EncryptionMethod, false, attributes);
final String encryptionKeyTransportDigestAlgorithm = getSecurityProperties().getEncryptionKeyTransportDigestAlgorithm();
final String encryptionKeyTransportMGFAlgorithm = getSecurityProperties().getEncryptionKeyTransportMGFAlgorithm();
if (XMLSecurityConstants.NS_XENC11_RSAOAEP.equals(encryptionKeyTransportAlgorithm) || XMLSecurityConstants.NS_XENC_RSAOAEPMGF1P.equals(encryptionKeyTransportAlgorithm)) {
byte[] oaepParams = getSecurityProperties().getEncryptionKeyTransportOAEPParams();
if (oaepParams != null) {
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_OAEPparams, false, null);
createCharactersAndOutputAsEvent(outputProcessorChain, Base64.getMimeEncoder().encodeToString(oaepParams));
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_OAEPparams);
}
if (encryptionKeyTransportDigestAlgorithm != null) {
attributes = new ArrayList<>(1);
attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Algorithm, encryptionKeyTransportDigestAlgorithm));
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_DigestMethod, true, attributes);
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_DigestMethod);
}
if (encryptionKeyTransportMGFAlgorithm != null) {
attributes = new ArrayList<>(1);
attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Algorithm, encryptionKeyTransportMGFAlgorithm));
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc11_MGF, true, attributes);
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc11_MGF);
}
}
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_EncryptionMethod);
createKeyInfoStructureForEncryptedKey(outputProcessorChain, keyWrappingToken);
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_CipherData, false, null);
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_CipherValue, false, null);
// encrypt the symmetric session key with the public key from the receiver:
String jceid = JCEAlgorithmMapper.translateURItoJCEID(encryptionKeyTransportAlgorithm);
if (jceid == null) {
throw new XMLSecurityException("algorithms.NoSuchMap", new Object[] { encryptionKeyTransportAlgorithm });
}
try {
Cipher cipher = Cipher.getInstance(jceid);
AlgorithmParameterSpec algorithmParameterSpec = null;
if (XMLSecurityConstants.NS_XENC11_RSAOAEP.equals(encryptionKeyTransportAlgorithm) || XMLSecurityConstants.NS_XENC_RSAOAEPMGF1P.equals(encryptionKeyTransportAlgorithm)) {
String jceDigestAlgorithm = "SHA-1";
if (encryptionKeyTransportDigestAlgorithm != null) {
jceDigestAlgorithm = JCEAlgorithmMapper.translateURItoJCEID(encryptionKeyTransportDigestAlgorithm);
}
PSource.PSpecified pSource = PSource.PSpecified.DEFAULT;
byte[] oaepParams = getSecurityProperties().getEncryptionKeyTransportOAEPParams();
if (oaepParams != null) {
pSource = new PSource.PSpecified(oaepParams);
}
MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1");
if (encryptionKeyTransportMGFAlgorithm != null) {
String jceMGFAlgorithm = JCEAlgorithmMapper.translateURItoJCEID(encryptionKeyTransportMGFAlgorithm);
mgfParameterSpec = new MGF1ParameterSpec(jceMGFAlgorithm);
}
algorithmParameterSpec = new OAEPParameterSpec(jceDigestAlgorithm, "MGF1", mgfParameterSpec, pSource);
}
if (pubKey != null) {
cipher.init(Cipher.WRAP_MODE, pubKey, algorithmParameterSpec);
} else {
cipher.init(Cipher.WRAP_MODE, secretKey, algorithmParameterSpec);
}
String tokenId = outputProcessorChain.getSecurityContext().get(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
final OutboundSecurityToken securityToken = securityTokenProvider.getSecurityToken();
Key sessionKey = securityToken.getSecretKey(getSecurityProperties().getEncryptionSymAlgorithm());
if (pubKey != null) {
int blockSize = cipher.getBlockSize();
if (blockSize > 0 && blockSize < sessionKey.getEncoded().length) {
throw new XMLSecurityException("stax.unsupportedKeyTransp");
}
}
byte[] encryptedEphemeralKey = cipher.wrap(sessionKey);
createCharactersAndOutputAsEvent(outputProcessorChain, Base64.getMimeEncoder().encodeToString(encryptedEphemeralKey));
} catch (NoSuchPaddingException e) {
throw new XMLSecurityException(e);
} catch (NoSuchAlgorithmException e) {
throw new XMLSecurityException(e);
} catch (InvalidKeyException e) {
throw new XMLSecurityException(e);
} catch (IllegalBlockSizeException e) {
throw new XMLSecurityException(e);
} catch (InvalidAlgorithmParameterException e) {
throw new XMLSecurityException(e);
}
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_CipherValue);
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_CipherData);
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_EncryptedKey);
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo);
}
protected void createKeyInfoStructureForEncryptedKey(OutputProcessorChain outputProcessorChain, OutboundSecurityToken securityToken) throws XMLStreamException, XMLSecurityException {
SecurityTokenConstants.KeyIdentifier keyIdentifier = getSecurityProperties().getEncryptionKeyIdentifier();
X509Certificate[] x509Certificates = securityToken.getX509Certificates();
if (x509Certificates == null) {
if (securityToken.getPublicKey() != null && SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo, true, null);
XMLSecurityUtils.createKeyValueTokenStructure(this, outputProcessorChain, securityToken.getPublicKey());
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo);
}
return;
}
if (!SecurityTokenConstants.KeyIdentifier_NoKeyInfo.equals(keyIdentifier)) {
createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo, true, null);
if (keyIdentifier == null || SecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)) {
XMLSecurityUtils.createX509IssuerSerialStructure(this, outputProcessorChain, x509Certificates);
} else if (SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
XMLSecurityUtils.createKeyValueTokenStructure(this, outputProcessorChain, x509Certificates);
} else if (SecurityTokenConstants.KeyIdentifier_SkiKeyIdentifier.equals(keyIdentifier)) {
XMLSecurityUtils.createX509SubjectKeyIdentifierStructure(this, outputProcessorChain, x509Certificates);
} else if (SecurityTokenConstants.KeyIdentifier_X509KeyIdentifier.equals(keyIdentifier)) {
XMLSecurityUtils.createX509CertificateStructure(this, outputProcessorChain, x509Certificates);
} else if (SecurityTokenConstants.KeyIdentifier_X509SubjectName.equals(keyIdentifier)) {
XMLSecurityUtils.createX509SubjectNameStructure(this, outputProcessorChain, x509Certificates);
} else if (SecurityTokenConstants.KeyIdentifier_KeyName.equals(keyIdentifier)) {
String keyName = getSecurityProperties().getEncryptionKeyName();
XMLSecurityUtils.createKeyNameTokenStructure(this, outputProcessorChain, keyName);
} else {
throw new XMLSecurityException("stax.unsupportedToken", new Object[] { keyIdentifier });
}
createEndElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo);
}
}
};
processor.getAfterProcessors().add(XMLEncryptOutputProcessor.class.getName());
return processor;
}
Also used :
ArrayList(java.util.ArrayList)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
XMLSecAttribute(org.apache.xml.security.stax.ext.stax.XMLSecAttribute)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
SecurityTokenConstants(org.apache.xml.security.stax.securityToken.SecurityTokenConstants)
PSource(javax.crypto.spec.PSource)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
X509Certificate(java.security.cert.X509Certificate)
OAEPParameterSpec(javax.crypto.spec.OAEPParameterSpec)
Cipher(javax.crypto.Cipher)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
MGF1ParameterSpec(java.security.spec.MGF1ParameterSpec)
Example 20 with PSource
use of javax.crypto.spec.PSource in project wycheproof by google.
the class RsaOaepTest method getOaepParameters.
protected static OAEPParameterSpec getOaepParameters(JsonObject group, JsonObject test) throws Exception {
String sha = getString(group, "sha");
String mgf = getString(group, "mgf");
String mgfSha = getString(group, "mgfSha");
PSource p = PSource.PSpecified.DEFAULT;
if (test.has("label")) {
p = new PSource.PSpecified(getBytes(test, "label"));
}
return new OAEPParameterSpec(sha, mgf, new MGF1ParameterSpec(mgfSha), p);
}
Also used :
PSource(javax.crypto.spec.PSource)
OAEPParameterSpec(javax.crypto.spec.OAEPParameterSpec)
MGF1ParameterSpec(java.security.spec.MGF1ParameterSpec)
Aggregations
PSource (javax.crypto.spec.PSource)20
OAEPParameterSpec (javax.crypto.spec.OAEPParameterSpec)17
AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)13
MGF1ParameterSpec (java.security.spec.MGF1ParameterSpec)7
InvalidParameterSpecException (java.security.spec.InvalidParameterSpecException)2
X509Certificate (java.security.cert.X509Certificate)1
ArrayList (java.util.ArrayList)1
Cipher (javax.crypto.Cipher)1
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)1
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1
XMLSecAttribute (org.apache.xml.security.stax.ext.stax.XMLSecAttribute)1
OutboundSecurityToken (org.apache.xml.security.stax.securityToken.OutboundSecurityToken)1
SecurityTokenConstants (org.apache.xml.security.stax.securityToken.SecurityTokenConstants)1
