Package javax.crypto

Examples of javax.crypto.Cipher$Transform


    }

    public boolean verifyPassword(String password) throws GeneralSecurityException {
        passwordHash = hashPassword(info, password);

        Cipher cipher = getCipher();

        byte[] verifier = cipher.doFinal(info.getVerifier().getVerifier());

        MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
        byte[] calcVerifierHash = sha1.digest(verifier);

        byte[] verifierHash = truncateOrPad(cipher.doFinal(info.getVerifier().getVerifierHash()), calcVerifierHash.length);

        return Arrays.equals(calcVerifierHash, verifierHash);
    }
View Full Code Here


       return result;
    }

    private Cipher getCipher() throws GeneralSecurityException {
        byte[] key = generateKey(0);
        Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
        SecretKey skey = new SecretKeySpec(key, "AES");
        cipher.init(Cipher.DECRYPT_MODE, skey);

        return cipher;
    }
View Full Code Here

        byte[] pwHash = hashPassword(_info, password);
        byte[] iv = generateIv(algorithm, verifier.getSalt(), null);

        SecretKey skey;
        skey = new SecretKeySpec(generateKey(pwHash, kVerifierInputBlock), "AES");
        Cipher cipher = getCipher(algorithm, mode, skey, iv);
        byte[] verifierHashInput = cipher.doFinal(verifier.getVerifier());

        MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
        byte[] trimmed = new byte[verifier.getSalt().length];
        System.arraycopy(verifierHashInput, 0, trimmed, 0, trimmed.length);
        byte[] hashedVerifier = sha1.digest(trimmed);

        skey = new SecretKeySpec(generateKey(pwHash, kHashedVerifierBlock), "AES");
        iv = generateIv(algorithm, verifier.getSalt(), null);
        cipher = getCipher(algorithm, mode, skey, iv);
        byte[] verifierHash = cipher.doFinal(verifier.getVerifierHash());
        trimmed = new byte[hashedVerifier.length];
        System.arraycopy(verifierHash, 0, trimmed, 0, trimmed.length);

        if (Arrays.equals(trimmed, hashedVerifier)) {
            skey = new SecretKeySpec(generateKey(pwHash, kCryptoKeyBlock), "AES");
            iv = generateIv(algorithm, verifier.getSalt(), null);
            cipher = getCipher(algorithm, mode, skey, iv);
            byte[] inter = cipher.doFinal(verifier.getEncryptedKey());
            byte[] keyspec = new byte[_info.getHeader().getKeySize() / 8];
            System.arraycopy(inter, 0, keyspec, 0, keyspec.length);
            _secretKey = new SecretKeySpec(keyspec, "AES");
            return true;
        } else {
View Full Code Here

        if (mode == EncryptionHeader.MODE_CBC)
            chain = "CBC";
        else if (mode == EncryptionHeader.MODE_CFB)
            chain = "CFB";

        Cipher cipher = Cipher.getInstance(name + "/" + chain + "/NoPadding");
        IvParameterSpec iv = new IvParameterSpec(vec);
        cipher.init(Cipher.DECRYPT_MODE, key, iv);
        return cipher;
    }
View Full Code Here

        if (d > 0) {
            a = transformation.substring(0, d);
        } else {
            a = transformation;
        }
        Cipher enccipher = null;
        try {
            KeyGenerator keygen = KeyGenerator.getInstance(a);
            keygen.init(new SecureRandom());
            key = keygen.generateKey();
            enccipher = Cipher.getInstance(transformation);
            enccipher.init(Cipher.ENCRYPT_MODE, key);
            ivp = enccipher.getIV();
        } catch (GeneralSecurityException e) {
            enccipher = null;
            throw e;
        }
    }
View Full Code Here

    public String getTransformation() {
        return transformation;
    }
   
    public Cipher getEncryptor() {
        Cipher enccipher = null;
        try {
            enccipher = Cipher.getInstance(transformation);
            enccipher.init(Cipher.ENCRYPT_MODE, key);
        } catch (GeneralSecurityException e) {
            // ignore
        }
        return enccipher;
    }
View Full Code Here

        }
        return enccipher;
    }
   
    public Cipher getDecryptor() {
        Cipher deccipher = null;
        try {
            deccipher = Cipher.getInstance(transformation);
            deccipher.init(Cipher.DECRYPT_MODE, key, ivp == null ? null : new IvParameterSpec(ivp));
        } catch (GeneralSecurityException e) {
            // ignore
        }
        return deccipher;
    }
View Full Code Here

        try {
            key = crypto.getPrivateKey(cert, callback);
        } catch (Exception ex) {
            throwFault("Encrypted key can not be decrypted", ex);
        }
        Cipher cipher =
            EncryptionUtils.initCipherWithKey(keyEncAlgo, digestAlgo, Cipher.DECRYPT_MODE, key);
        try {
            byte[] encryptedBytes = Base64Utility.decode(base64EncodedKey);
            return cipher.doFinal(encryptedBytes);
        } catch (Base64Exception ex) {
            throwFault("Base64 decoding has failed", ex);
        } catch (Exception ex) {
            throwFault("Encrypted key can not be decrypted", ex);
        }
View Full Code Here

    // Certificates for encrypting the keys
    protected byte[] encryptSymmetricKey(byte[] keyBytes,
                                         X509Certificate remoteCert,
                                         String keyEncAlgo,
                                         String digestAlgo) throws WSSecurityException {
        Cipher cipher =
            EncryptionUtils.initCipherWithCert(
                keyEncAlgo, digestAlgo, Cipher.ENCRYPT_MODE, remoteCert
            );
        int blockSize = cipher.getBlockSize();
        if (blockSize > 0 && blockSize < keyBytes.length) {
            String message = "Public key algorithm too weak to encrypt symmetric key";
            LOG.severe(message);
            throw new WSSecurityException(
                WSSecurityException.FAILURE,
                "unsupportedKeyTransp",
                new Object[] {message}
            );
        }
        byte[] encryptedEphemeralKey = null;
        try {
            encryptedEphemeralKey = cipher.doFinal(keyBytes);
        } catch (IllegalStateException ex) {
            throw new WSSecurityException(
                WSSecurityException.FAILED_ENCRYPTION, null, null, ex
            );
        } catch (IllegalBlockSizeException ex) {
View Full Code Here

        }
           
        // Check BSP Compliance
        checkBSPCompliance(elem, encryptedKeyTransportMethod, data.getBSPEnforcer());
       
        Cipher cipher = WSSecurityUtil.getCipherInstance(encryptedKeyTransportMethod);
        //
        // Now lookup CipherValue.
        //
        Element tmpE =
            WSSecurityUtil.getDirectChildElement(
                elem, "CipherData", WSConstants.ENC_NS
            );
        Element xencCipherValue = null;
        if (tmpE != null) {
            xencCipherValue =
                WSSecurityUtil.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
        }
        if (xencCipherValue == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noCipher");
        }
       
        STRParser strParser = new EncryptedKeySTRParser();
        X509Certificate[] certs =
            getCertificatesFromEncryptedKey(elem, data, wsDocInfo, strParser);

        // Check for compliance against the defined AlgorithmSuite
        if (algorithmSuite != null) {
            AlgorithmSuiteValidator algorithmSuiteValidator = new
                AlgorithmSuiteValidator(algorithmSuite);

            algorithmSuiteValidator.checkAsymmetricKeyLength(certs[0]);
            algorithmSuiteValidator.checkEncryptionKeyWrapAlgorithm(
                encryptedKeyTransportMethod
            );
        }
       
        try {
            PrivateKey privateKey = data.getDecCrypto().getPrivateKey(certs[0], data.getCallbackHandler());
            OAEPParameterSpec oaepParameterSpec = null;
            if (WSConstants.KEYTRANSPORT_RSAOEP.equals(encryptedKeyTransportMethod)
                    || WSConstants.KEYTRANSPORT_RSAOEP_XENC11.equals(encryptedKeyTransportMethod)) {
                // Get the DigestMethod if it exists
                String digestAlgorithm = getDigestAlgorithm(elem);
                String jceDigestAlgorithm = "SHA-1";
                if (digestAlgorithm != null && !"".equals(digestAlgorithm)) {
                    jceDigestAlgorithm = JCEMapper.translateURItoJCEID(digestAlgorithm);
                }

                String mgfAlgorithm = getMGFAlgorithm(elem);
                MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1");
                if (mgfAlgorithm != null) {
                    if (WSConstants.MGF_SHA224.equals(mgfAlgorithm)) {
                        mgfParameterSpec = new MGF1ParameterSpec("SHA-224");
                    } else if (WSConstants.MGF_SHA256.equals(mgfAlgorithm)) {
                        mgfParameterSpec = new MGF1ParameterSpec("SHA-256");
                    } else if (WSConstants.MGF_SHA384.equals(mgfAlgorithm)) {
                        mgfParameterSpec = new MGF1ParameterSpec("SHA-384");
                    } else if (WSConstants.MGF_SHA512.equals(mgfAlgorithm)) {
                        mgfParameterSpec = new MGF1ParameterSpec("SHA-512");
                    }
                }

                PSource.PSpecified pSource = PSource.PSpecified.DEFAULT;
                byte[] pSourceBytes = getPSource(elem);
                if (pSourceBytes != null) {
                    pSource = new PSource.PSpecified(pSourceBytes);
                }
               
                oaepParameterSpec =
                    new OAEPParameterSpec(
                        jceDigestAlgorithm, "MGF1", mgfParameterSpec, pSource
                    );
            }
            if (oaepParameterSpec == null) {
                cipher.init(Cipher.UNWRAP_MODE, privateKey);
            } else {
                cipher.init(Cipher.UNWRAP_MODE, privateKey, oaepParameterSpec);
            }
        } catch (Exception ex) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, ex);
        }
       
        List<String> dataRefURIs = getDataRefURIs(elem);
       
        byte[] encryptedEphemeralKey = null;
        byte[] decryptedBytes = null;
        try {
            encryptedEphemeralKey = getDecodedBase64EncodedData(xencCipherValue);
            String keyAlgorithm = JCEMapper.translateURItoJCEID(encryptedKeyTransportMethod);
            decryptedBytes = cipher.unwrap(encryptedEphemeralKey, keyAlgorithm, Cipher.SECRET_KEY).getEncoded();
        } catch (IllegalStateException ex) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, ex);
        } catch (Exception ex) {
            decryptedBytes = getRandomKey(dataRefURIs, elem.getOwnerDocument(), wsDocInfo);
        }
View Full Code Here

TOP

Related Classes of javax.crypto.Cipher$Transform

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.