Examples of org.keyczar.AesKey$AesStream

org.keyczar.AesKey
Wrapping class for AES keys. Currently the default is to use CBC mode. @author steveweis@gmail.com (Steve Weis) @author arkajit.dey@gmail.com (Arkajit Dey)

        return secrets;
    }


    private Crypter getSecret(Auth auth, Project project) throws CloudException {
        byte[] secret = attachments.findProjectSecret(getClientApp(), auth, project);
        AesKey key;
        if (secret == null) {
            key = KeyczarUtils.generateSymmetricKey();
            secret = KeyczarUtils.pack(key);
            attachments.setProjectSecret(getClientApp(), auth, project, secret);
        } else {

View Full Code Here

        return new AuthenticatedUser(scope, userWithSecret, project, projectRoles, domain);
    }


    @Override
    public ByteString createRegistrationChallenge(ClientCertificate clientCertificate) throws CloudException {
        AesKey secretKey = KeyczarUtils.generateSymmetricKey();
        byte[] payload = KeyczarUtils.pack(secretKey);
        byte[] plaintext = ChallengeResponses.addHeader(payload);


        // We can't encrypt because http proxies don't pass the public key :-(
        // It shouldn't add anything to security anyway

View Full Code Here


    @Inject
    Migrations migrations;


    public ByteString buildTokenSecret(AuthenticatedUser user) {
        AesKey userKey = user.getKeys().getSecretToken().cryptoKey;


        AesKey tokenKey = userKey;
        byte[] plaintext = KeyczarUtils.pack(tokenKey);


        // TODO: Key rotation
        byte[] tokenKeySerialized;
        try {

View Full Code Here

            // This should have been validated
            log.warn("Error decrypting user key");
            return null;
        }


        AesKey tokenKey = KeyczarUtils.unpack(tokenKeySerialized);


        // We could have extra layers here, but I don't think they achieve
        // anything
        AesKey userKey = tokenKey;


        SecretToken secretToken = new SecretToken(SecretTokenType.USER_SECRET, userKey, null);
        return checkSecret(user, secretToken);
    }

View Full Code Here

        if (projectKeyBytes == null) {
            throw new IllegalStateException();
        }


        if (version == 1) {
            AesKey projectKey;
            try {
                projectKey = KeyczarUtils.unpack(projectKeyBytes.toByteArray());
            } catch (KeyczarException e) {
                throw new IllegalStateException("Error reading project key", e);
            }

View Full Code Here

        {
            byte[] seed = KeyczarUtils.generateSecureRandom(16);
            b.setSeed(ByteString.copyFrom(seed));
        }


        AesKey passwordKey = KeyczarUtils.deriveKey(b.getIterations(), b.getSeed().toByteArray(), password);


        b.setVersion(1);
        byte[] ciphertext = encryptSymetricKey(passwordKey, secret.cryptoKey);
        b.setCiphertext(ByteString.copyFrom(ciphertext));
    }

View Full Code Here

            int version = 0;
            if (entry.hasVersion()) {
                version = entry.getVersion();
            }


            AesKey aesKey;


            if (version == 1) {
                Crypter crypter = new Crypter(recoveryKey);


                byte[] plaintext;

View Full Code Here

            if (entry.hasVersion()) {
                version = entry.getVersion();
            }


            CryptoKey v0;
            AesKey v1;


            if (version == 0) {
                AesCbcCryptoKey passwordKey = AesCbcCryptoKey.deriveKey(entry.getIterations(), entry.getSeed()
                        .toByteArray(), password);
                byte[] plaintext = FathomdbCrypto.decrypt(passwordKey, entry.getCiphertext().toByteArray());
                v0 = FathomdbCrypto.deserializeKey(plaintext);


                HmacKey hmacKey = KeyczarUtils.deriveHmac(plaintext, entry.getSeed().toByteArray(), password);
                v1 = new AesKey(((AesCbcCryptoKey) v0).getJce().getEncoded(), hmacKey);
            } else if (version == 1) {
                AesKey passwordKey = KeyczarUtils.deriveKey(entry.getIterations(), entry.getSeed().toByteArray(),
                        password);


                byte[] plaintext = KeyczarUtils.decrypt(passwordKey, entry.getCiphertext().toByteArray());


                v1 = KeyczarUtils.unpack(plaintext);

View Full Code Here

        return KeyczarUtils.encrypt(passwordKey, serialized);
    }


    public UserWithSecret checkPublicKey(UserData user, CredentialData credential, ClientCertificate clientCertificate,
            ByteString challenge, ByteString responseData) {
        AesKey secretKey;


        if (!ChallengeResponses.hasPrefix(responseData.toByteArray())) {
            log.warn("Challenge response was not valid");
            return null;
        }

View Full Code Here

            if (!ChallengeResponses.hasPrefix(plaintext)) {
                throw new IllegalArgumentException();
            }
            byte[] payload = ChallengeResponses.getPayload(plaintext);
            payload = ChallengeResponses.getPayload(payload);
            AesKey cryptoKey;
            try {
                cryptoKey = KeyczarUtils.unpack(payload);
            } catch (KeyczarException e) {
                throw new IllegalArgumentException("Invalid key", e);
            }

View Full Code Here

0 1

TOP

Related Classes of org.keyczar.AesKey$AesStream

io.fathom.cloud.identity.LoginServiceImpl

io.fathom.cloud.identity.secrets.Secrets

io.fathom.cloud.identity.secrets.SecretToken

io.fathom.cloud.identity.services.IdentityServiceImpl

io.fathom.cloud.secrets.services.SecretServiceImpl

javax.crypto.spec.SecretKeySpec

javax.crypto.spec.IvParameterSpec

org.keyczar.exceptions.ShortBufferException

org.keyczar.exceptions.KeyczarException

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.