Example 21 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class DigestUtil method getMessageDigest.
/**
* Get a digest of the input stream.
*
* @param istream
* Input stream to digest
* @param digestType
* The message digest algorithm
* @return The message digest
* @throws CryptoException
* If message digester could not be created
*/
public static byte[] getMessageDigest(InputStream istream, DigestType digestType) throws CryptoException {
MessageDigest messageDigester = getMessageDigester(digestType);
try {
byte[] buffer = new byte[2048];
int read = 0;
while ((read = istream.read(buffer)) != -1) {
messageDigester.update(buffer, 0, read);
}
byte[] messageDigest = messageDigester.digest();
return messageDigest;
} catch (IOException ex) {
throw new CryptoException(res.getString("NoCreateDigest.exception.message"), ex);
} finally {
IOUtils.closeQuietly(istream);
}
}
Also used :
IOException(java.io.IOException)
MessageDigest(java.security.MessageDigest)
CryptoException(org.kse.crypto.CryptoException)
Example 22 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class JarSigner method createSignatureBlock.
private static byte[] createSignatureBlock(byte[] toSign, PrivateKey privateKey, X509Certificate[] certificateChain, SignatureType signatureType, String tsaUrl, Provider provider) throws CryptoException {
try {
List<X509Certificate> certList = new ArrayList<>();
Collections.addAll(certList, certificateChain);
DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().setProvider("BC").build();
JcaContentSignerBuilder csb = new JcaContentSignerBuilder(signatureType.jce()).setSecureRandom(SecureRandom.getInstance("SHA1PRNG"));
if (provider != null) {
csb.setProvider(provider);
}
JcaSignerInfoGeneratorBuilder siGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digCalcProv);
// remove cmsAlgorithmProtect for compatibility reasons
SignerInfoGenerator sigGen = siGeneratorBuilder.build(csb.build(privateKey), certificateChain[0]);
final CMSAttributeTableGenerator sAttrGen = sigGen.getSignedAttributeTableGenerator();
sigGen = new SignerInfoGenerator(sigGen, new DefaultSignedAttributeTableGenerator() {
@Override
public AttributeTable getAttributes(@SuppressWarnings("rawtypes") Map parameters) {
AttributeTable ret = sAttrGen.getAttributes(parameters);
return ret.remove(CMSAttributes.cmsAlgorithmProtect);
}
}, sigGen.getUnsignedAttributeTableGenerator());
CMSSignedDataGenerator dataGen = new CMSSignedDataGenerator();
dataGen.addSignerInfoGenerator(sigGen);
dataGen.addCertificates(new JcaCertStore(certList));
CMSSignedData signedData = dataGen.generate(new CMSProcessableByteArray(toSign), true);
// now let TSA time-stamp the signature
if (tsaUrl != null && !tsaUrl.isEmpty()) {
signedData = addTimestamp(tsaUrl, signedData);
}
return signedData.getEncoded();
} catch (Exception ex) {
throw new CryptoException(res.getString("SignatureBlockCreationFailed.exception.message"), ex);
}
}
Also used :
CMSSignedDataGenerator(org.bouncycastle.cms.CMSSignedDataGenerator)
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
DefaultSignedAttributeTableGenerator(org.bouncycastle.cms.DefaultSignedAttributeTableGenerator)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
ArrayList(java.util.ArrayList)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
JcaCertStore(org.bouncycastle.cert.jcajce.JcaCertStore)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
X509Certificate(java.security.cert.X509Certificate)
CryptoException(org.kse.crypto.CryptoException)
IOException(java.io.IOException)
JcaSignerInfoGeneratorBuilder(org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder)
DigestCalculatorProvider(org.bouncycastle.operator.DigestCalculatorProvider)
CMSAttributeTableGenerator(org.bouncycastle.cms.CMSAttributeTableGenerator)
SignerInfoGenerator(org.bouncycastle.cms.SignerInfoGenerator)
JcaDigestCalculatorProviderBuilder(org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder)
CryptoException(org.kse.crypto.CryptoException)
Map(java.util.Map)
Example 23 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class JcePolicyUtil method getCryptoStrength.
/**
* Get a JCE policy's crypto strength.
*
* @param jcePolicy
* JCE policy
* @return Crypto strength
* @throws CryptoException
* If there was a problem getting the crypto strength
*/
public static CryptoStrength getCryptoStrength(JcePolicy jcePolicy) throws CryptoException {
JarFile jarFile = null;
try {
File file = getJarFile(jcePolicy);
// if there is no policy file at all, we assume that we are running under OpenJDK
if (!file.exists()) {
return UNLIMITED;
}
jarFile = new JarFile(file);
Manifest jarManifest = jarFile.getManifest();
String strength = jarManifest.getMainAttributes().getValue("Crypto-Strength");
// workaround for IBM JDK: test for maximum key size
if (strength == null) {
return unlimitedStrengthTest();
}
if (strength.equals(LIMITED.manifestValue())) {
return LIMITED;
} else {
return UNLIMITED;
}
} catch (IOException ex) {
throw new CryptoException(MessageFormat.format(res.getString("NoGetCryptoStrength.exception.message"), jcePolicy), ex);
} finally {
IOUtils.closeQuietly(jarFile);
}
}
Also used :
IOException(java.io.IOException)
JarFile(java.util.jar.JarFile)
Manifest(java.util.jar.Manifest)
CryptoException(org.kse.crypto.CryptoException)
JarFile(java.util.jar.JarFile)
File(java.io.File)
Example 24 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class JcePolicyUtil method getPolicyDetails.
/**
* Get a JCE policy's details.
*
* @param jcePolicy
* JCE policy
* @return Policy details
* @throws CryptoException
* If there was a problem getting the policy details
*/
public static String getPolicyDetails(JcePolicy jcePolicy) throws CryptoException {
JarFile jarFile = null;
try {
StringWriter sw = new StringWriter();
File file = getJarFile(jcePolicy);
// if there is no policy file at all, return empty string
if (!file.exists()) {
return "";
}
jarFile = new JarFile(file);
Enumeration<JarEntry> jarEntries = jarFile.entries();
while (jarEntries.hasMoreElements()) {
JarEntry jarEntry = jarEntries.nextElement();
String entryName = jarEntry.getName();
if (!jarEntry.isDirectory() && entryName.endsWith(".policy")) {
sw.write(entryName + ":\n\n");
try (InputStreamReader isr = new InputStreamReader(jarFile.getInputStream(jarEntry))) {
CopyUtil.copy(isr, sw);
}
sw.write('\n');
}
}
return sw.toString();
} catch (IOException ex) {
throw new CryptoException(MessageFormat.format(res.getString("NoGetPolicyDetails.exception.message"), jcePolicy), ex);
} finally {
IOUtils.closeQuietly(jarFile);
}
}
Also used :
StringWriter(java.io.StringWriter)
InputStreamReader(java.io.InputStreamReader)
IOException(java.io.IOException)
JarFile(java.util.jar.JarFile)
JarEntry(java.util.jar.JarEntry)
CryptoException(org.kse.crypto.CryptoException)
JarFile(java.util.jar.JarFile)
File(java.io.File)
Example 25 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class KeyPairUtil method generateECKeyPair.
/**
* Generate a EC key pair.
*
* @param curveName
* Name of the ECC curve
* @param provider A JCE provider.
* @return A key pair
* @throws CryptoException
* If there was a problem generating the key pair
*/
public static KeyPair generateECKeyPair(String curveName, Provider provider) throws CryptoException {
try {
// Get a key pair generator
KeyPairGenerator keyPairGen;
if (provider != null) {
keyPairGen = KeyPairGenerator.getInstance(KeyPairType.EC.jce(), provider);
} else {
keyPairGen = KeyPairGenerator.getInstance(KeyPairType.EC.jce(), BOUNCY_CASTLE.jce());
}
keyPairGen.initialize(new ECGenParameterSpec(curveName), SecureRandom.getInstance("SHA1PRNG"));
// Generate and return the key pair
KeyPair keyPair = keyPairGen.generateKeyPair();
return keyPair;
} catch (GeneralSecurityException ex) {
throw new CryptoException(MessageFormat.format(res.getString("NoGenerateKeypair.exception.message"), KeyPairType.EC), ex);
}
}
Also used :
KeyPair(java.security.KeyPair)
GeneralSecurityException(java.security.GeneralSecurityException)
ECGenParameterSpec(java.security.spec.ECGenParameterSpec)
KeyPairGenerator(java.security.KeyPairGenerator)
CryptoException(org.kse.crypto.CryptoException)
Aggregations
CryptoException (org.kse.crypto.CryptoException)80
GeneralSecurityException (java.security.GeneralSecurityException)22
IOException (java.io.IOException)21
X509Certificate (java.security.cert.X509Certificate)21
KeyStore (java.security.KeyStore)16
KeyStoreException (java.security.KeyStoreException)13
BigInteger (java.math.BigInteger)11
DError (org.kse.gui.error.DError)10
ByteArrayInputStream (java.io.ByteArrayInputStream)9
File (java.io.File)9
DefaultMutableTreeNode (javax.swing.tree.DefaultMutableTreeNode)9
ByteBuffer (java.nio.ByteBuffer)8
CertificateException (java.security.cert.CertificateException)8
PrivateKey (java.security.PrivateKey)7
KeyFactory (java.security.KeyFactory)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6
CertificateFactory (java.security.cert.CertificateFactory)6
DSAPrivateKey (java.security.interfaces.DSAPrivateKey)6
RSAPrivateCrtKey (java.security.interfaces.RSAPrivateCrtKey)6
Cipher (javax.crypto.Cipher)6
