org.bouncycastle.crypto.RuntimeCryptoException Java Examples

The following examples show how to use org.bouncycastle.crypto.RuntimeCryptoException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: P11ContentSigner.java    From xipki with Apache License 2.0 6 votes vote down vote up
@Override
public byte[] getSignature() {
  byte[] dataToSign;
  if (outputStream instanceof ByteArrayOutputStream) {
    dataToSign = ((ByteArrayOutputStream) outputStream).toByteArray();
    ((ByteArrayOutputStream) outputStream).reset();
  } else {
    byte[] hashValue = ((DigestOutputStream) outputStream).digest();
    ((DigestOutputStream) outputStream).reset();
    dataToSign = new byte[digestPkcsPrefix.length + hashValue.length];
    System.arraycopy(digestPkcsPrefix, 0, dataToSign, 0, digestPkcsPrefix.length);
    System.arraycopy(hashValue, 0, dataToSign, digestPkcsPrefix.length, hashValue.length);
  }

  try {
    if (mechanism == PKCS11Constants.CKM_RSA_X_509) {
      dataToSign = SignerUtil.EMSA_PKCS1_v1_5_encoding(dataToSign, modulusBitLen);
    }

    return cryptService.getIdentity(identityId).sign(mechanism, null, dataToSign);
  } catch (XiSecurityException | P11TokenException ex) {
    LogUtil.error(LOG, ex, "could not sign");
    throw new RuntimeCryptoException("SignerException: " + ex.getMessage());
  }
}
 
Example #2
Source File: AESGCM.java    From InflatableDonkey with MIT License 5 votes vote down vote up
/**
 * Returns decrypted data.
 *
 * @param key
 * @param nonce nonce/ IV
 * @param header
 * @param encryptedData
 * @param tag
 * @param optional optional AADBytes (post header)
 * @return decrypted data
 * @throws IllegalArgumentException on decryption exceptions
 * @throws NullPointerException on null arguments
 */
public static byte[] decrypt(
        byte[] key,
        byte[] nonce,
        byte[] header,
        byte[] encryptedData,
        byte[] tag,
        Optional<byte[]> optional) {

    try {
        GCMBlockCipher cipher = new GCMBlockCipher(new AESFastEngine());
        AEADParameters parameters = new AEADParameters(new KeyParameter(key), tag.length * 8, nonce, header);
        cipher.init(false, parameters);

        if (optional.isPresent()) {
            byte[] aadBytes = optional.get();
            cipher.processAADBytes(aadBytes, 0, aadBytes.length);
        }

        byte[] out = new byte[cipher.getOutputSize(encryptedData.length + tag.length)];

        int pos = cipher.processBytes(encryptedData, 0, encryptedData.length, out, 0);
        pos += cipher.processBytes(tag, 0, tag.length, out, pos);
        pos += cipher.doFinal(out, pos);

        return Arrays.copyOf(out, pos);

    } catch (IllegalStateException | InvalidCipherTextException | RuntimeCryptoException ex) {
        throw new IllegalStateException("GCM decrypt error", ex);
    }
}
 
Example #3
Source File: FileCache.java    From InflatableDonkey with MIT License 5 votes vote down vote up
public Optional<byte[]> load(Path file, byte[] password) throws IOException {
    byte[] bs = null;
    if (Files.exists(file)) {
        try (InputStream is = fileCryptor.newCipherInputStream(Files.newInputStream(file), password)) {
            bs = IOUtils.toByteArray(is);
        } catch (RuntimeCryptoException | InvalidCipherTextIOException ex) {
            logger.debug("-- load() - exception: ", ex);
        }
    } else {
        logger.debug("-- load() - no file: {}", file);
    }
    Optional<byte[]> _bs = Optional.ofNullable(bs);
    logger.debug("-- load() - file: {} bs: 0x{}", file, _bs.map(Hex::toHexString));
    return _bs;
}
 
Example #4
Source File: XiXDHContentVerifierProvider.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
public OutputStream getOutputStream() {
  try {
    hmac.init(macKey);
  } catch (InvalidKeyException ex) {
    throw new RuntimeCryptoException("could not init MAC: " + ex.getMessage());
  }
  return outputStream;
}
 
Example #5
Source File: SecurityFactoryImpl.java    From xipki with Apache License 2.0 5 votes vote down vote up
private static SecureRandom getSecureRandom(boolean strong) {
  if (!strong) {
    return new SecureRandom();
  }

  try {
    return SecureRandom.getInstanceStrong();
  } catch (NoSuchAlgorithmException ex) {
    throw new RuntimeCryptoException(
        "could not get strong SecureRandom: " + ex.getMessage());
  }
}
 
Example #6
Source File: P11ContentSigner.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
public byte[] getSignature() {
  try {
    byte[] plainSignature = getPlainSignature();
    return plain ? plainSignature : SignerUtil.dsaSigPlainToX962(plainSignature);
  } catch (XiSecurityException ex) {
    LogUtil.warn(LOG, ex);
    throw new RuntimeCryptoException("XiSecurityException: " + ex.getMessage());
  } catch (Throwable th) {
    LogUtil.warn(LOG, th);
    throw new RuntimeCryptoException(th.getClass().getName() + ": " + th.getMessage());
  }
}
 
Example #7
Source File: P11ContentSigner.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
public byte[] getSignature() {
  try {
    byte[] plainSignature = getPlainSignature();
    return plain ? plainSignature : SignerUtil.dsaSigPlainToX962(plainSignature);
  } catch (XiSecurityException ex) {
    LogUtil.warn(LOG, ex);
    throw new RuntimeCryptoException("XiSecurityException: " + ex.getMessage());
  } catch (Throwable th) {
    LogUtil.warn(LOG, th);
    throw new RuntimeCryptoException(th.getClass().getName() + ": " + th.getMessage());
  }
}
 
Example #8
Source File: P11ContentSigner.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
public byte[] getSignature() {
  byte[] content = outputStream.toByteArray();
  outputStream.reset();
  try {
    return cryptService.getIdentity(identityId).sign(mechanism, null, content);
  } catch (Throwable th) {
    LogUtil.warn(LOG, th);
    throw new RuntimeCryptoException(th.getClass().getName() + ": " + th.getMessage());
  }
}
 
Example #9
Source File: P11ContentSigner.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
public byte[] getSignature() {
  try {
    byte[] dataToSign = outputStream.toByteArray();
    outputStream.reset();
    return cryptService.getIdentity(identityId).sign(mechanism, null, dataToSign);
  } catch (P11TokenException ex) {
    LogUtil.warn(LOG, ex);
    throw new RuntimeCryptoException("P11TokenException: " + ex.getMessage());
  } catch (Throwable th) {
    LogUtil.warn(LOG, th);
    throw new RuntimeCryptoException(th.getClass().getName() + ": " + th.getMessage());
  }
}
 
Example #10
Source File: P11ContentSigner.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
public byte[] getSignature() {
  try {
    byte[] plainSignature = getPlainSignature();
    return SignerUtil.dsaSigPlainToX962(plainSignature);
  } catch (XiSecurityException ex) {
    LogUtil.warn(LOG, ex);
    throw new RuntimeCryptoException("XiSecurityException: " + ex.getMessage());
  } catch (Throwable th) {
    LogUtil.warn(LOG, th);
    throw new RuntimeCryptoException(th.getClass().getName() + ": " + th.getMessage());
  }
}
 
Example #11
Source File: P11PlainRSASigner.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
public void init(boolean forEncryption, CipherParameters cipherParam) {
  if (!forEncryption) {
    throw new RuntimeCryptoException("verification mode not supported.");
  }

  if (!(cipherParam instanceof P11RSAKeyParameter)) {
    throw new IllegalArgumentException("invalid param type " + cipherParam.getClass().getName());
  }
  this.param = (P11RSAKeyParameter) cipherParam;
}