Search in sources :

Example 1 with CryptoException

use of org.apache.pulsar.client.api.PulsarClientException.CryptoException in project incubator-pulsar by apache.

the class MessageCrypto method addPublicKeyCipher.

private void addPublicKeyCipher(String keyName, CryptoKeyReader keyReader) throws CryptoException {
    if (keyName == null || keyReader == null) {
        throw new PulsarClientException.CryptoException("Keyname or KeyReader is null");
    }
    // Read the public key and its info using callback
    EncryptionKeyInfo keyInfo = keyReader.getPublicKey(keyName, null);
    PublicKey pubKey;
    try {
        pubKey = loadPublicKey(keyInfo.getKey());
    } catch (Exception e) {
        String msg = logCtx + "Failed to load public key " + keyName + ". " + e.getMessage();
        log.error(msg);
        throw new PulsarClientException.CryptoException(msg);
    }
    Cipher dataKeyCipher = null;
    byte[] encryptedKey;
    try {
        // Encrypt data key using public key
        if (RSA.equals(pubKey.getAlgorithm())) {
            dataKeyCipher = Cipher.getInstance(RSA_TRANS, BouncyCastleProvider.PROVIDER_NAME);
        } else if (ECDSA.equals(pubKey.getAlgorithm())) {
            dataKeyCipher = Cipher.getInstance(ECIES, BouncyCastleProvider.PROVIDER_NAME);
        } else {
            String msg = logCtx + "Unsupported key type " + pubKey.getAlgorithm() + " for key " + keyName;
            log.error(msg);
            throw new PulsarClientException.CryptoException(msg);
        }
        dataKeyCipher.init(Cipher.ENCRYPT_MODE, pubKey);
        encryptedKey = dataKeyCipher.doFinal(dataKey.getEncoded());
    } catch (IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException | InvalidKeyException e) {
        log.error("{} Failed to encrypt data key {}. {}", logCtx, keyName, e.getMessage());
        throw new PulsarClientException.CryptoException(e.getMessage());
    }
    EncryptionKeyInfo eki = new EncryptionKeyInfo(encryptedKey, keyInfo.getMetadata());
    encryptedDataKeyMap.put(keyName, eki);
}
Also used : BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) PublicKey(java.security.PublicKey) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) EncryptionKeyInfo(org.apache.pulsar.client.api.EncryptionKeyInfo) ByteString(com.google.protobuf.ByteString) BadPaddingException(javax.crypto.BadPaddingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) PulsarClientException(org.apache.pulsar.client.api.PulsarClientException) ShortBufferException(javax.crypto.ShortBufferException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) CryptoException(org.apache.pulsar.client.api.PulsarClientException.CryptoException) PEMException(org.bouncycastle.openssl.PEMException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchProviderException(java.security.NoSuchProviderException) CryptoException(org.apache.pulsar.client.api.PulsarClientException.CryptoException) PulsarClientException(org.apache.pulsar.client.api.PulsarClientException) Cipher(javax.crypto.Cipher) CryptoException(org.apache.pulsar.client.api.PulsarClientException.CryptoException) NoSuchProviderException(java.security.NoSuchProviderException)

Aggregations

ByteString (com.google.protobuf.ByteString)1 IOException (java.io.IOException)1 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 NoSuchProviderException (java.security.NoSuchProviderException)1 PublicKey (java.security.PublicKey)1 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1 BadPaddingException (javax.crypto.BadPaddingException)1 Cipher (javax.crypto.Cipher)1 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)1 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1 ShortBufferException (javax.crypto.ShortBufferException)1 EncryptionKeyInfo (org.apache.pulsar.client.api.EncryptionKeyInfo)1 PulsarClientException (org.apache.pulsar.client.api.PulsarClientException)1 CryptoException (org.apache.pulsar.client.api.PulsarClientException.CryptoException)1 BCECPublicKey (org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey)1 PEMException (org.bouncycastle.openssl.PEMException)1