Java Code Examples for java.security.InvalidKeyException

The following are top voted examples for showing how to use java.security.InvalidKeyException. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: walle   File: V1SchemeSigner.java   View source code 8 votes vote down vote up
private static byte[] generateSignatureBlock(
        SignerConfig signerConfig, byte[] signatureFileBytes)
                throws InvalidKeyException, CertificateEncodingException, SignatureException {
    JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
    X509Certificate signerCert = signerConfig.certificates.get(0);
    String jcaSignatureAlgorithm =
            getJcaSignatureAlgorithm(
                    signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
    try {
        ContentSigner signer =
                new JcaContentSignerBuilder(jcaSignatureAlgorithm)
                .build(signerConfig.privateKey);
        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        gen.addSignerInfoGenerator(
                new SignerInfoGeneratorBuilder(
                        new JcaDigestCalculatorProviderBuilder().build(),
                        SignerInfoSignatureAlgorithmFinder.INSTANCE)
                        .setDirectSignature(true)
                        .build(signer, new JcaX509CertificateHolder(signerCert)));
        gen.addCertificates(certs);

        CMSSignedData sigData =
                gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);

        ByteArrayOutputStream out = new ByteArrayOutputStream();
        try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
            DEROutputStream dos = new DEROutputStream(out);
            dos.writeObject(asn1.readObject());
        }
        return out.toByteArray();
    } catch (OperatorCreationException | CMSException | IOException e) {
        throw new SignatureException("Failed to generate signature", e);
    }
}
 
Example 2
Project: Daejeon-People   File: AES.java   View source code 7 votes vote down vote up
public static String encrypt(String str) {
    if (str == null) return null;
    Cipher cipher;
    try {
        cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, keySpec,
                new IvParameterSpec(ips.getBytes("UTF-8")));

        byte[] encrypted = cipher.doFinal(str.getBytes("UTF-8"));
        String Str = new String(Base64.encodeBase64(encrypted));
        return Str;
    } catch (NoSuchAlgorithmException | NoSuchPaddingException
            | InvalidKeyException | InvalidAlgorithmParameterException
            | IllegalBlockSizeException | BadPaddingException
            | UnsupportedEncodingException e) {
        e.printStackTrace();
    }
    return null;
}
 
Example 3
Project: jdk8u-jdk   File: ConstructKeys.java   View source code 7 votes vote down vote up
static final Key constructKey(byte[] encoding, String keyAlgorithm,
                              int keyType)
    throws InvalidKeyException, NoSuchAlgorithmException {
    Key result = null;
    switch (keyType) {
    case Cipher.SECRET_KEY:
        result = ConstructKeys.constructSecretKey(encoding,
                                                  keyAlgorithm);
        break;
    case Cipher.PRIVATE_KEY:
        result = ConstructKeys.constructPrivateKey(encoding,
                                                   keyAlgorithm);
        break;
    case Cipher.PUBLIC_KEY:
        result = ConstructKeys.constructPublicKey(encoding,
                                                  keyAlgorithm);
        break;
    }
    return result;
}
 
Example 4
Project: quilt   File: RsaSha256Fulfillment.java   View source code 6 votes vote down vote up
@Override
public boolean verify(final RsaSha256Condition condition, final byte[] message) {
  Objects.requireNonNull(condition,
      "Can't verify a RsaSha256Fulfillment against an null condition.");
  Objects.requireNonNull(message, "Message must not be null!");

  if (!getCondition().equals(condition)) {
    return false;
  }

  try {
    Signature rsaSigner = Signature.getInstance(SHA_256_WITH_RSA_PSS);
    rsaSigner.initVerify(publicKey);
    rsaSigner.update(message);
    return rsaSigner.verify(signature);
  } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
    throw new RuntimeException(e);
  }
}
 
Example 5
Project: OpenJSharp   File: AESCrypt.java   View source code 6 votes vote down vote up
void init(boolean decrypting, String algorithm, byte[] key)
        throws InvalidKeyException {
    if (!algorithm.equalsIgnoreCase("AES")
                && !algorithm.equalsIgnoreCase("Rijndael")) {
        throw new InvalidKeyException
            ("Wrong algorithm: AES or Rijndael required");
    }
    if (!isKeySizeValid(key.length)) {
        throw new InvalidKeyException("Invalid AES key length: " +
            key.length + " bytes");
    }

    if (!Arrays.equals(key, lastKey)) {
        // re-generate session key 'sessionK' when cipher key changes
        makeSessionKey(key);
        lastKey = key.clone();  // save cipher key
    }

    // set sub key to the corresponding session Key
    this.K = (int[]) sessionK[(decrypting? 1:0)];
}
 
Example 6
Project: Phoenix-for-VK   File: KeyExchangeService.java   View source code 6 votes vote down vote up
private void processIniciatorState1(int accountId, int peerId, @NonNull KeyExchangeSession session, @NonNull ExchangeMessage message) {
    String hisAesKey = message.getAesKey();
    PrivateKey myPrivateKey = session.getMyPrivateKey();

    try {
        byte[] hisAesEncoded = Base64.decode(hisAesKey, Base64.DEFAULT);
        String hisOriginalAes = CryptHelper.decryptRsa(hisAesEncoded, myPrivateKey);
        session.setHisAesKey(hisOriginalAes);

        String myOriginalAesKey = CryptHelper.generateRandomAesKey(Version.ofCurrent().getAesKeySize());
        session.setMyAesKey(myOriginalAesKey);

        PublicKey hisPublicKey = CryptHelper.createRsaPublicKeyFromString(message.getPublicKey());
        byte[] myEncodedAesKey = CryptHelper.encryptRsa(myOriginalAesKey, hisPublicKey);
        String myEncodedAesKeyBase64 = Base64.encodeToString(myEncodedAesKey, Base64.DEFAULT);

        Logger.d(TAG, "processIniciatorState1, myOriginalAesKey: " + myOriginalAesKey + ", hisOriginalAes: " + hisOriginalAes);

        ExchangeMessage m = new ExchangeMessage.Builder(Version.CURRENT, session.getId(), SessionState.INITIATOR_STATE_2)
                .setAesKey(myEncodedAesKeyBase64)
                .create();
        sendMessage(accountId, peerId, m);
    } catch (InvalidKeyException | BadPaddingException | IllegalBlockSizeException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeySpecException e) {
        e.printStackTrace();
    }
}
 
Example 7
Project: incubator-servicecomb-java-chassis   File: TestRSAAuthenticationToken.java   View source code 6 votes vote down vote up
@Test
public void testRSAAuthenticationToken()
    throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, SignatureException {
  String tokenstr =
      "[email protected][email protected]@9t0tp8ce80SUM5ts6iRGjFJMvCdQ7uvhpyh0RM7smKm3p4wYOrojr4oT1Pnwx7xwg[email protected]WBYouF6hXYrXzBA31HC3VX8Bw9PNgJUtVqOPAaeW9ye3q/D7WWb0M+XMouBIWxWY6v9Un1dGu5Rkjlx6gZbnlHkb2VO8qFR3Y6lppooWCirzpvEBRjlJQu8LPBur0BCfYGq8XYrEZA2NU6sg2zXieqCSiX6BnMnBHNn4cR9iZpk=";
  RSAAuthenticationToken token = RSAAuthenticationToken.fromStr(tokenstr);
  String contents = token.plainToken();
  Assert.assertEquals(
      "[email protected][email protected]@9t0tp8ce80SUM5ts6iRGjFJMvCdQ7uvhpyh0RM7smKm3p4wYOrojr4oT1Pnwx7xwgcgEFbQdwPJxIMfivpQ1rHGqiLp67cjACvJ3Ke39pmeAVhybsLADfid6oSjscFaJ",
      contents);
  String sign = token.getSign();
  Assert.assertEquals(
      "WBYouF6hXYrXzBA31HC3VX8Bw9PNgJUtVqOPAaeW9ye3q/D7WWb0M+XMouBIWxWY6v9Un1dGu5Rkjlx6gZbnlHkb2VO8qFR3Y6lppooWCirzpvEBRjlJQu8LPBur0BCfYGq8XYrEZA2NU6sg2zXieqCSiX6BnMnBHNn4cR9iZpk=",
      sign);
  String pubKey =
      "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxKl5TNUTec7fL2degQcCk6vKf3c0wsfNK5V6elKzjWxm0MwbRj/UeR20VSnicBmVIOWrBS9LiERPPvjmmWUOSS2vxwr5XfhBhZ07gCAUNxBOTzgMo5nE45DhhZu5Jzt5qSV6o10Kq7+fCCBlDZ1UoWxZceHkUt5AxcrhEDulFjQIDAQAB";
  Assert.assertTrue(RSAUtils.verify(pubKey, sign, contents));
}
 
Example 8
Project: ipack   File: CMSEnvelopedGenerator.java   View source code 6 votes vote down vote up
/**
 * Add multiple key agreement based recipients (sharing a single KeyAgreeRecipientInfo structure).
 *
 * @deprecated use the addRecipientGenerator and JceKeyAgreeRecipientInfoGenerator
 * @param agreementAlgorithm key agreement algorithm to use.
 * @param senderPrivateKey private key to initialise sender side of agreement with.
 * @param senderPublicKey sender public key to include with message.
 * @param recipientCerts recipients' public key certificates.
 * @param cekWrapAlgorithm OID for key wrapping algorithm to use.
 * @param provider provider to use for the agreement calculation.
 * @exception NoSuchAlgorithmException if the algorithm requested cannot be found
 * @exception InvalidKeyException if the keys are inappropriate for the algorithm specified
 */
public void addKeyAgreementRecipients(
    String           agreementAlgorithm,
    PrivateKey       senderPrivateKey,
    PublicKey        senderPublicKey,
    Collection       recipientCerts,
    String           cekWrapAlgorithm,
    Provider         provider)
    throws NoSuchAlgorithmException, InvalidKeyException
{
    JceKeyAgreeRecipientInfoGenerator recipientInfoGenerator = new JceKeyAgreeRecipientInfoGenerator(new ASN1ObjectIdentifier(agreementAlgorithm), senderPrivateKey, senderPublicKey, new ASN1ObjectIdentifier(cekWrapAlgorithm)).setProvider(provider);

    for (Iterator it = recipientCerts.iterator(); it.hasNext();)
    {
        try
        {
            recipientInfoGenerator.addRecipient((X509Certificate)it.next());
        }
        catch (CertificateEncodingException e)
        {
            throw new IllegalArgumentException("unable to encode certificate: " + e.getMessage());
        }
    }

    oldRecipientInfoGenerators.add(recipientInfoGenerator);
}
 
Example 9
Project: FApkSigner   File: V2SchemeSigner.java   View source code 6 votes vote down vote up
/**
 * Gets the APK Signature Scheme v2 signature algorithms to be used for signing an APK using the
 * provided key.
 *
 * @param minSdkVersion minimum API Level of the platform on which the APK may be installed (see
 *        AndroidManifest.xml minSdkVersion attribute).
 *
 * @throws InvalidKeyException if the provided key is not suitable for signing APKs using
 *         APK Signature Scheme v2
 */
public static List<SignatureAlgorithm> getSuggestedSignatureAlgorithms(
        PublicKey signingKey, int minSdkVersion) throws InvalidKeyException {
    String keyAlgorithm = signingKey.getAlgorithm();
    if ("RSA".equalsIgnoreCase(keyAlgorithm)) {
        // Use RSASSA-PKCS1-v1_5 signature scheme instead of RSASSA-PSS to guarantee
        // deterministic signatures which make life easier for OTA updates (fewer files
        // changed when deterministic signature schemes are used).

        // Pick a digest which is no weaker than the key.
        int modulusLengthBits = ((RSAKey) signingKey).getModulus().bitLength();
        if (modulusLengthBits <= 3072) {
            // 3072-bit RSA is roughly 128-bit strong, meaning SHA-256 is a good fit.
            return Collections.singletonList(SignatureAlgorithm.RSA_PKCS1_V1_5_WITH_SHA256);
        } else {
            // Keys longer than 3072 bit need to be paired with a stronger digest to avoid the
            // digest being the weak link. SHA-512 is the next strongest supported digest.
            return Collections.singletonList(SignatureAlgorithm.RSA_PKCS1_V1_5_WITH_SHA512);
        }
    } else if ("DSA".equalsIgnoreCase(keyAlgorithm)) {
        // DSA is supported only with SHA-256.
        return Collections.singletonList(SignatureAlgorithm.DSA_WITH_SHA256);
    } else if ("EC".equalsIgnoreCase(keyAlgorithm)) {
        // Pick a digest which is no weaker than the key.
        int keySizeBits = ((ECKey) signingKey).getParams().getOrder().bitLength();
        if (keySizeBits <= 256) {
            // 256-bit Elliptic Curve is roughly 128-bit strong, meaning SHA-256 is a good fit.
            return Collections.singletonList(SignatureAlgorithm.ECDSA_WITH_SHA256);
        } else {
            // Keys longer than 256 bit need to be paired with a stronger digest to avoid the
            // digest being the weak link. SHA-512 is the next strongest supported digest.
            return Collections.singletonList(SignatureAlgorithm.ECDSA_WITH_SHA512);
        }
    } else {
        throw new InvalidKeyException("Unsupported key algorithm: " + keyAlgorithm);
    }
}
 
Example 10
Project: openjdk-jdk10   File: DSAPrivateKey.java   View source code 6 votes vote down vote up
/**
 * Make a DSA private key out of a private key and three parameters.
 */
public DSAPrivateKey(BigInteger x, BigInteger p,
                     BigInteger q, BigInteger g)
throws InvalidKeyException {
    this.x = x;
    algid = new AlgIdDSA(p, q, g);

    try {
        key = new DerValue(DerValue.tag_Integer,
                           x.toByteArray()).toByteArray();
        encode();
    } catch (IOException e) {
        InvalidKeyException ike = new InvalidKeyException(
            "could not DER encode x: " + e.getMessage());
        ike.initCause(e);
        throw ike;
    }
}
 
Example 11
Project: PeSanKita-lib   File: AttachmentCipherOutputStream.java   View source code 6 votes vote down vote up
public AttachmentCipherOutputStream(byte[] combinedKeyMaterial,
                                    OutputStream outputStream)
    throws IOException
{
  try {
    this.outputStream  = outputStream;
    this.cipher        = initializeCipher();
    this.mac           = initializeMac();
    this.messageDigest = MessageDigest.getInstance("SHA256");

    byte[][] keyParts = Util.split(combinedKeyMaterial, 32, 32);

    this.cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyParts[0], "AES"));
    this.mac.init(new SecretKeySpec(keyParts[1], "HmacSHA256"));

    mac.update(cipher.getIV());
    messageDigest.update(cipher.getIV());
    outputStream.write(cipher.getIV());
    ciphertextLength += cipher.getIV().length;
  } catch (InvalidKeyException | NoSuchAlgorithmException e) {
    throw new AssertionError(e);
  }
}
 
Example 12
Project: DMS   File: AES256.java   View source code 6 votes vote down vote up
public static String decrypt(String str) {
    if (str == null) return null;
    Cipher cipher;
    try {
        cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, keySpec,
                new IvParameterSpec(ips.getBytes("UTF-8")));

        byte[] byteStr = Base64.decodeBase64(str.getBytes());
        String Str = new String(cipher.doFinal(byteStr), "UTF-8");

        return Str;
    } catch (NoSuchAlgorithmException | NoSuchPaddingException
            | InvalidKeyException | InvalidAlgorithmParameterException
            | IllegalBlockSizeException | BadPaddingException
            | UnsupportedEncodingException e) {
        e.printStackTrace();
    }
    return null;
}
 
Example 13
Project: Mevius-IO   File: MeviusTransferPacket.java   View source code 6 votes vote down vote up
public static MeviusTransferPacket getInstance(PublicKey publickey, MeviusPacket packet)
		throws MeviusCipherException {
	try {
		DESedeKeySpec desKeySpec = new DESedeKeySpec(((String) MeviusCipherKey.randomDESKey().getKey()).getBytes());
		SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
		Key key = keyFactory.generateSecret(desKeySpec);
		Cipher c = Cipher.getInstance("RSA/ECB/PKCS1PADDING", "SunJCE");
		c.init(Cipher.ENCRYPT_MODE, publickey);
		byte[] bkey = convertObj(key, c);
		c = Cipher.getInstance("DESede/ECB/PKCS5Padding");
		c.init(Cipher.ENCRYPT_MODE, key);
		byte[] bobj = convertObj(packet, c);
		return new MeviusTransferPacket(bkey, bobj);
	} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException
			| IOException | InvalidKeySpecException | IllegalBlockSizeException | BadPaddingException e) {
		e.printStackTrace();
		throw new MeviusCipherException(e.getLocalizedMessage());
	}
}
 
Example 14
Project: openjdk-jdk10   File: CipherWithWrappingSpi.java   View source code 6 votes vote down vote up
/**
 * Wrap a key.
 *
 * @param key the key to be wrapped.
 *
 * @return the wrapped key.
 *
 * @exception IllegalBlockSizeException if this cipher is a block
 * cipher, no padding has been requested, and the length of the
 * encoding of the key to be wrapped is not a
 * multiple of the block size.
 *
 * @exception InvalidKeyException if it is impossible or unsafe to
 * wrap the key with this cipher (e.g., a hardware protected key is
 * being passed to a software only cipher).
 */
protected final byte[] engineWrap(Key key)
    throws IllegalBlockSizeException, InvalidKeyException
{
    byte[] result = null;

    try {
        byte[] encodedKey = key.getEncoded();
        if ((encodedKey == null) || (encodedKey.length == 0)) {
            throw new InvalidKeyException("Cannot get an encoding of " +
                                          "the key to be wrapped");
        }

        result = engineDoFinal(encodedKey, 0, encodedKey.length);
    } catch (BadPaddingException e) {
        // Should never happen
    }

    return result;
}
 
Example 15
Project: jdk8u-jdk   File: X509Key.java   View source code 6 votes vote down vote up
public boolean equals(Object obj) {
    if (this == obj) {
        return true;
    }
    if (obj instanceof Key == false) {
        return false;
    }
    try {
        byte[] thisEncoded = this.getEncodedInternal();
        byte[] otherEncoded;
        if (obj instanceof X509Key) {
            otherEncoded = ((X509Key)obj).getEncodedInternal();
        } else {
            otherEncoded = ((Key)obj).getEncoded();
        }
        return Arrays.equals(thisEncoded, otherEncoded);
    } catch (InvalidKeyException e) {
        return false;
    }
}
 
Example 16
Project: openjdk-jdk10   File: TestAESOids.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    for (DataTuple dataTuple : DATA) {
        int maxAllowedKeyLength =
                getMaxAllowedKeyLength(dataTuple.algorithm);
        boolean supportedKeyLength =
                maxAllowedKeyLength >= dataTuple.keyLength;

        try {
            runTest(dataTuple, supportedKeyLength);
            System.out.println("passed");
        } catch (InvalidKeyException ike) {
            if (supportedKeyLength) {
                throw new RuntimeException(String.format(
                        "The key length %d is supported, but test failed.",
                        dataTuple.keyLength), ike);
            } else {
                System.out.printf(
                        "Catch expected InvalidKeyException due "
                                + "to the key length %d is greater than "
                                + "max supported key length %d%n",
                        dataTuple.keyLength, maxAllowedKeyLength);
            }
        }
    }
}
 
Example 17
Project: jdk8u-jdk   File: SignatureDSA.java   View source code 6 votes vote down vote up
/**
 * @inheritDoc
 */
protected void engineInitSign(Key privateKey) throws XMLSignatureException {
    if (!(privateKey instanceof PrivateKey)) {
        String supplied = privateKey.getClass().getName();
        String needed = PrivateKey.class.getName();
        Object exArgs[] = { supplied, needed };

        throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs);
    }

    try {
        this.signatureAlgorithm.initSign((PrivateKey) privateKey);
    } catch (InvalidKeyException ex) {
        throw new XMLSignatureException("empty", ex);
    }
    size = ((DSAKey)privateKey).getParams().getQ().bitLength();
}
 
Example 18
Project: dracoon-dropzone   File: CryptoUtil.java   View source code 6 votes vote down vote up
private byte[] decrypt(byte[] cipherText, byte[] key, byte[] initialVector)
		throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
		InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
	Cipher cipher = Cipher.getInstance(cipherTransformation);
	SecretKeySpec secretKeySpecy = new SecretKeySpec(key, aesEncryptionAlgorithm);
	IvParameterSpec ivParameterSpec = new IvParameterSpec(initialVector);
	cipher.init(Cipher.DECRYPT_MODE, secretKeySpecy, ivParameterSpec);
	cipherText = cipher.doFinal(cipherText);
	return cipherText;
}
 
Example 19
Project: ipack   File: SignatureSpi.java   View source code 6 votes vote down vote up
protected void engineInitVerify(
    PublicKey   publicKey)
    throws InvalidKeyException
{
    CipherParameters    param;

    if (publicKey instanceof ECPublicKey)
    {
        param = ECUtil.generatePublicKeyParameter(publicKey);
    }
    else if (publicKey instanceof GOST3410Key)
    {
        param = GOST3410Util.generatePublicKeyParameter(publicKey);
    }
    else
    {
        try
        {
            byte[]  bytes = publicKey.getEncoded();

            publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes));

            if (publicKey instanceof ECPublicKey)
            {
                param = ECUtil.generatePublicKeyParameter(publicKey);
            }
            else
            {
                throw new InvalidKeyException("can't recognise key type in DSA based signer");
            }
        }
        catch (Exception e)
        {
            throw new InvalidKeyException("can't recognise key type in DSA based signer");
        }
    }

    digest.reset();
    signer.init(false, param);
}
 
Example 20
Project: openjdk-jdk10   File: PBKDF2HmacSHA1Factory.java   View source code 5 votes vote down vote up
/**
 * Translates a <code>SecretKey</code> object, whose provider may be
 * unknown or potentially untrusted, into a corresponding
 * <code>SecretKey</code> object of this key factory.
 *
 * @param key the key whose provider is unknown or untrusted
 *
 * @return the translated key
 *
 * @exception InvalidKeyException if the given key cannot be processed by
 * this key factory.
 */
protected SecretKey engineTranslateKey(SecretKey key)
    throws InvalidKeyException {
    if ((key != null) &&
        (key.getAlgorithm().equalsIgnoreCase("PBKDF2WithHmacSHA1")) &&
        (key.getFormat().equalsIgnoreCase("RAW"))) {

        // Check if key originates from this factory
        if (key instanceof com.sun.crypto.provider.PBKDF2KeyImpl) {
            return key;
        }
        // Check if key implements the PBEKey
        if (key instanceof javax.crypto.interfaces.PBEKey) {
            javax.crypto.interfaces.PBEKey pKey =
                (javax.crypto.interfaces.PBEKey) key;
            try {
                PBEKeySpec spec =
                    new PBEKeySpec(pKey.getPassword(),
                                   pKey.getSalt(),
                                   pKey.getIterationCount(),
                                   pKey.getEncoded().length*8);
                return new PBKDF2KeyImpl(spec, "HmacSHA1");
            } catch (InvalidKeySpecException re) {
                InvalidKeyException ike = new InvalidKeyException
                    ("Invalid key component(s)");
                ike.initCause(re);
                throw ike;
            }
        }
    }
    throw new InvalidKeyException("Invalid key format/algorithm");
}
 
Example 21
Project: keepass2android   File: JCEStreamCipher.java   View source code 5 votes vote down vote up
protected void engineInit(
    int                 opmode,
    Key                 key,
    SecureRandom        random) 
    throws InvalidKeyException
{
    try
    {
        engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
    }
    catch (InvalidAlgorithmParameterException e)
    {
        throw new InvalidKeyException(e.getMessage());
    }
}
 
Example 22
Project: ipack   File: SignedPublicKeyAndChallenge.java   View source code 5 votes vote down vote up
public boolean verify(String provider)
    throws NoSuchAlgorithmException, SignatureException, 
           NoSuchProviderException, InvalidKeyException
{
    Signature sig = null;
    if (provider == null)
    {
        sig = Signature.getInstance(signatureAlgorithm.getAlgorithm().getId());
    }
    else
    {
        sig = Signature.getInstance(signatureAlgorithm.getAlgorithm().getId(), provider);
    }
    PublicKey pubKey = this.getPublicKey(provider);
    sig.initVerify(pubKey);
    try
    {
        DERBitString pkBytes = new DERBitString(pkac);
        sig.update(pkBytes.getBytes());

        return sig.verify(signature.getBytes());
    }
    catch (Exception e)
    {
        throw new InvalidKeyException("error encoding public key");
    }
}
 
Example 23
Project: ipack   File: CMSSignedDataStreamGenerator.java   View source code 5 votes vote down vote up
/**
 * @deprecated use addSignedInfoGenerator
 */
public void addSigner(
    PrivateKey                  key,
    X509Certificate             cert,
    String                      encryptionOID,
    String                      digestOID,
    CMSAttributeTableGenerator  signedAttrGenerator,
    CMSAttributeTableGenerator  unsignedAttrGenerator,
    Provider                    sigProvider)
    throws NoSuchAlgorithmException, InvalidKeyException
{
    addSigner(key, cert, encryptionOID, digestOID, signedAttrGenerator, unsignedAttrGenerator, sigProvider, sigProvider);
}
 
Example 24
Project: openjdk-jdk10   File: LargeByteBufferTest.java   View source code 5 votes vote down vote up
@Override
public void doTest(String alg) throws NoSuchAlgorithmException,
        InvalidKeyException, NoSuchProviderException {
    SecretKey key = Utils.getSecretKeySpec();

    // instantiate Mac object and init it with a SecretKey
    Mac mac = Mac.getInstance(alg, "SunJCE");
    mac.init(key);

    // prepare buffer
    byte[] data = new byte[BUFFER_SIZE];
    for (int i = 0; i < BUFFER_SIZE; i++) {
        data[i] = (byte) (i % 256);
    }

    ByteBuffer buf = ByteBuffer.wrap(data);
    int limitBefore = buf.limit();

    mac.update(buf);
    mac.doFinal();

    int limitAfter = buf.limit();
    int positonAfter = buf.position();

    if (limitAfter != limitBefore) {
        System.out.println("limit after = " + limitAfter);
        System.out.println("limit before = " + limitBefore);
        throw new RuntimeException("Test failed: "
                + "limit of buffer has been chenged.");
    }

    if (positonAfter != limitAfter) {
        System.out.println("position after = " + positonAfter);
        System.out.println("limit after = " + limitAfter);
        throw new RuntimeException("Test failed: "
                + "position of buffer isn't equal to its limit");
    }
}
 
Example 25
Project: ipack   File: McEliecePKCSCipherSpi.java   View source code 5 votes vote down vote up
protected void initCipherDecrypt(Key key, AlgorithmParameterSpec params)
    throws InvalidKeyException, InvalidAlgorithmParameterException
{
    CipherParameters param;
    param = McElieceKeysToParams.generatePrivateKeyParameter((PrivateKey)key);

    digest.reset();
    cipher.init(false, param);
    this.maxPlainTextSize = cipher.maxPlainTextSize;
    this.cipherTextSize = cipher.cipherTextSize;
}
 
Example 26
Project: rtmp-rtsp-stream-client-java   File: Crypto.java   View source code 5 votes vote down vote up
/**
 * Calculates an HMAC SHA256 hash using a default key length.
 *
 *
 * @param input
 * @param key
 * @return hmac hashed bytes
 */
public byte[] calculateHmacSHA256(byte[] input, byte[] key) {
    byte[] output = null;
    try {
        hmacSHA256.init(new SecretKeySpec(key, "HmacSHA256"));
        output = hmacSHA256.doFinal(input);
    } catch (InvalidKeyException e) {
        Log.e(TAG, "Invalid key", e);
    }
    return output;
}
 
Example 27
Project: ipack   File: PKCS10CertificationRequest.java   View source code 5 votes vote down vote up
/**
 * create a PKCS10 certfication request using the BC provider.
 */
public PKCS10CertificationRequest(
    String              signatureAlgorithm,
    X500Principal       subject,
    PublicKey           key,
    ASN1Set             attributes,
    PrivateKey          signingKey)
    throws NoSuchAlgorithmException, NoSuchProviderException,
            InvalidKeyException, SignatureException
{
    this(signatureAlgorithm, convertName(subject), key, attributes, signingKey, BouncyCastleProvider.PROVIDER_NAME);
}
 
Example 28
Project: OpenJSharp   File: DESKeyFactory.java   View source code 5 votes vote down vote up
/**
 * Translates a <code>SecretKey</code> object, whose provider may be
 * unknown or potentially untrusted, into a corresponding
 * <code>SecretKey</code> object of this key factory.
 *
 * @param key the key whose provider is unknown or untrusted
 *
 * @return the translated key
 *
 * @exception InvalidKeyException if the given key cannot be processed by
 * this key factory.
 */
protected SecretKey engineTranslateKey(SecretKey key)
    throws InvalidKeyException {

    try {

        if ((key != null) &&
            (key.getAlgorithm().equalsIgnoreCase("DES")) &&
            (key.getFormat().equalsIgnoreCase("RAW"))) {

            // Check if key originates from this factory
            if (key instanceof com.sun.crypto.provider.DESKey) {
                return key;
            }
            // Convert key to spec
            DESKeySpec desKeySpec
                = (DESKeySpec)engineGetKeySpec(key, DESKeySpec.class);
            // Create key from spec, and return it
            return engineGenerateSecret(desKeySpec);

        } else {
            throw new InvalidKeyException
                ("Inappropriate key format/algorithm");
        }

    } catch (InvalidKeySpecException e) {
        throw new InvalidKeyException("Cannot translate key");
    }
}
 
Example 29
Project: RISE-V2G   File: SecurityUtils.java   View source code 5 votes vote down vote up
/**
 * Signs the SignedInfo element of the V2GMessage header.
 * 
 * @param signedInfoElementExi The EXI-encoded SignedInfo element given as a byte array
 * @param ecPrivateKey The private key which is used to sign the SignedInfo element
 * @return The signature value for the SignedInfo element given as a byte array
 */
public static byte[] signSignedInfoElement(byte[] signedInfoElementExi, ECPrivateKey ecPrivateKey) {
	try {
		Signature ecdsa = Signature.getInstance("SHA256withECDSA", "SunEC");
	
		getLogger().debug("EXI encoded SignedInfo: " + ByteUtils.toHexString(signedInfoElementExi));
		
		if (ecPrivateKey != null) {
			getLogger().debug("\n\tPrivate key used for creating signature: " + ByteUtils.toHexString(ecPrivateKey.getS().toByteArray()));
			
			ecdsa.initSign(ecPrivateKey);
			ecdsa.update(signedInfoElementExi);
			
			byte[] signature = ecdsa.sign();
			
			// Java operates on DER encoded signatures, but we must send the raw r and s values as signature 
			byte[] rawSignature = getRawSignatureFromDEREncoding(signature);
			
			getLogger().debug("Signature value: " + ByteUtils.toHexString(rawSignature));
			
			return rawSignature;
		} else {
			getLogger().error("Private key used to sign SignedInfo element is null");
			return null;
		}	
	} catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException | NoSuchProviderException e) {
		getLogger().error(e.getClass().getSimpleName() + " occurred while trying to create signature", e);
		return null;
	}
}
 
Example 30
Project: FApkSigner   File: DefaultApkSignerEngine.java   View source code 5 votes vote down vote up
/**
 * Returns a new {@code DefaultApkSignerEngine} instance configured based on the
 * configuration of this builder.
 */
public DefaultApkSignerEngine build() throws InvalidKeyException {
    return new DefaultApkSignerEngine(
            mSignerConfigs,
            mMinSdkVersion,
            mV1SigningEnabled,
            mV2SigningEnabled,
            mOtherSignersSignaturesPreserved,
            mCreatedBy);
}
 
Example 31
Project: ipack   File: DHUtil.java   View source code 5 votes vote down vote up
static public AsymmetricKeyParameter generatePrivateKeyParameter(
    PrivateKey    key)
    throws InvalidKeyException
{
    if (key instanceof DHPrivateKey)
    {
        DHPrivateKey    k = (DHPrivateKey)key;

        return new DHPrivateKeyParameters(k.getX(),
            new DHParameters(k.getParams().getP(), k.getParams().getG(), null, k.getParams().getL()));
    }
                    
    throw new InvalidKeyException("can't identify DH private key.");
}
 
Example 32
Project: ipack   File: BaseStreamCipher.java   View source code 5 votes vote down vote up
protected void engineInit(
    int                 opmode,
    Key                 key,
    SecureRandom        random) 
    throws InvalidKeyException
{
    try
    {
        engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
    }
    catch (InvalidAlgorithmParameterException e)
    {
        throw new InvalidKeyException(e.getMessage());
    }
}
 
Example 33
Project: ipack   File: BaseBlockCipher.java   View source code 5 votes vote down vote up
protected void engineInit(
    int                 opmode,
    Key                 key,
    AlgorithmParameters params,
    SecureRandom        random) 
throws InvalidKeyException, InvalidAlgorithmParameterException
{
    AlgorithmParameterSpec  paramSpec = null;

    if (params != null)
    {
        for (int i = 0; i != availableSpecs.length; i++)
        {
            try
            {
                paramSpec = params.getParameterSpec(availableSpecs[i]);
                break;
            }
            catch (Exception e)
            {
                // try again if possible
            }
        }

        if (paramSpec == null)
        {
            throw new InvalidAlgorithmParameterException("can't handle parameter " + params.toString());
        }
    }

    engineInit(opmode, key, paramSpec, random);
    
    engineParams = params;
}
 
Example 34
Project: OpenJSharp   File: DSAKeyFactory.java   View source code 5 votes vote down vote up
/**
 * Translates a key object, whose provider may be unknown or potentially
 * untrusted, into a corresponding key object of this key factory.
 *
 * @param key the key whose provider is unknown or untrusted
 *
 * @return the translated key
 *
 * @exception InvalidKeyException if the given key cannot be processed by
 * this key factory.
 */
protected Key engineTranslateKey(Key key) throws InvalidKeyException {

    try {

        if (key instanceof java.security.interfaces.DSAPublicKey) {
            // Check if key originates from this factory
            if (key instanceof sun.security.provider.DSAPublicKey) {
                return key;
            }
            // Convert key to spec
            DSAPublicKeySpec dsaPubKeySpec
                = engineGetKeySpec(key, DSAPublicKeySpec.class);
            // Create key from spec, and return it
            return engineGeneratePublic(dsaPubKeySpec);

        } else if (key instanceof java.security.interfaces.DSAPrivateKey) {
            // Check if key originates from this factory
            if (key instanceof sun.security.provider.DSAPrivateKey) {
                return key;
            }
            // Convert key to spec
            DSAPrivateKeySpec dsaPrivKeySpec
                = engineGetKeySpec(key, DSAPrivateKeySpec.class);
            // Create key from spec, and return it
            return engineGeneratePrivate(dsaPrivKeySpec);

        } else {
            throw new InvalidKeyException("Wrong algorithm type");
        }

    } catch (InvalidKeySpecException e) {
        throw new InvalidKeyException("Cannot translate key: "
                                      + e.getMessage());
    }
}
 
Example 35
Project: crypto-shuffle   File: SymmetricEncryptionAlgorithm.java   View source code 5 votes vote down vote up
private static byte[] aesDecrypt(@NotNull byte[] key, @NotNull byte[] encryptedText) {
    @NotNull SecretKeySpec aesKey = new SecretKeySpec(key, "AES");
    Cipher aes = SymmetricEncryptionAlgorithmHelper.getAesCipherInstance();
    try {
        aes.init(Cipher.DECRYPT_MODE, aesKey);
        return aes.doFinal(encryptedText);
    } catch (@NotNull InvalidKeyException | IllegalBlockSizeException | BadPaddingException e) {
        throw new RuntimeException("Problem with AES decrypt", e);
    }
}
 
Example 36
Project: kafka-0.11.0.0-src-with-comment   File: ScramSaslClient.java   View source code 5 votes vote down vote up
private void handleServerFinalMessage(byte[] signature) throws SaslException {
    try {
        byte[] serverKey = formatter.serverKey(saltedPassword);
        byte[] serverSignature = formatter.serverSignature(serverKey, clientFirstMessage, serverFirstMessage, clientFinalMessage);
        if (!Arrays.equals(signature, serverSignature))
            throw new SaslException("Invalid server signature in server final message");
    } catch (InvalidKeyException e) {
        throw new SaslException("Sasl server signature verification failed", e);
    }
}
 
Example 37
Project: zipkin-azure   File: LazyRegisterEventProcessorFactoryWithHostTest.java   View source code 5 votes vote down vote up
@Test
public void close_cancelsPendingRegistration() throws Exception {
  LazyRegisterEventProcessorFactoryWithHost
      lazy = new TestLazyRegisterEventProcessorFactoryWithHost() {
    @Override Future<?> registerEventProcessorFactoryWithHost() throws InvalidKeyException {
      return registration; // note: we aren't setting this done!
    }
  };

  lazy.get();
  lazy.close();

  assertThat(registration).isCancelled();
  assertThat(unregistered.get()).isTrue();
}
 
Example 38
Project: ipack   File: CMSSignedDataStreamGenerator.java   View source code 5 votes vote down vote up
/**
 * add a signer - no attributes other than the default ones will be
 * provided here.
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws InvalidKeyException
 * @deprecated use addSignedInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    byte[]          subjectKeyID,
    String          encryptionOID,
    String          digestOID,
    String          sigProvider)
    throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
{
    addSigner(key, subjectKeyID, encryptionOID, digestOID, CMSUtils.getProvider(sigProvider));
}
 
Example 39
Project: springboot-shiro-cas-mybatis   File: MockX509CRL.java   View source code 5 votes vote down vote up
/**
 * @see java.security.cert.X509CRL#verify(java.security.PublicKey)
 */
@Override
public void verify(final PublicKey key) throws CRLException,
NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
SignatureException {
    // Do nothing to indicate valid signature
}
 
Example 40
Project: playTorrent   File: BitDecoder.java   View source code 5 votes vote down vote up
private void decode() throws IOException, InvalidKeyException {
    int type = this.in.read();
    if (type != 'd') {
        throw new InvalidKeyException("We expect dictionary first, but " + (char)type);
    }
    // start decode dictionary
    infoMaps = decodeDictionary(this.in);
}