javax.crypto.SealedObject Java Examples
The following examples show how to use
javax.crypto.SealedObject.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: KeyProtector.java From jdk8u60 with GNU General Public License v2.0 | 7 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #2
Source File: KeyProtector.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #3
Source File: KeyProtector.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #4
Source File: MetadataEncryptor.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
/** * Encrypt a properties if the data definition (model-specific) requires it. * * @param propertyQName the property qualified name * @param inbound the property to encrypt * @return the encrypted property or the original if encryption is not required */ public Serializable encrypt(QName propertyQName, Serializable inbound) { PropertyDefinition propertyDef = dictionaryService.getProperty(propertyQName); if (inbound == null || propertyDef == null || !(propertyDef.getDataType().getName().equals(DataTypeDefinition.ENCRYPTED))) { return inbound; } if (inbound instanceof SealedObject) { return inbound; } Serializable outbound = encryptor.sealObject(KeyProvider.ALIAS_METADATA, null, inbound); // Done return outbound; }
Example #5
Source File: KeyProtector.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #6
Source File: KeyProtector.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #7
Source File: MetadataEncryptor.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
/** * Decrypt a property if the data definition (model-specific) requires it. * * @param propertyQName the property qualified name * @param inbound the property to decrypt * @return the decrypted property or the original if it wasn't encrypted */ public Serializable decrypt(QName propertyQName, Serializable inbound) { PropertyDefinition propertyDef = dictionaryService.getProperty(propertyQName); if (inbound == null || propertyDef == null || !(propertyDef.getDataType().getName().equals(DataTypeDefinition.ENCRYPTED))) { return inbound; } if (!(inbound instanceof SealedObject)) { return inbound; } try { Serializable outbound = encryptor.unsealObject(KeyProvider.ALIAS_METADATA, inbound); // Done return outbound; } catch(KeyException e) { throw new AlfrescoRuntimeException("Invalid metadata decryption key", e); } }
Example #8
Source File: WalletUtils.java From blockchain-java with Apache License 2.0 | 6 votes |
/** * 加载钱包数据 */ private Wallets loadFromDisk() { try { SecretKeySpec sks = new SecretKeySpec(CIPHER_TEXT, ALGORITHM); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, sks); @Cleanup CipherInputStream cipherInputStream = new CipherInputStream( new BufferedInputStream(new FileInputStream(WALLET_FILE)), cipher); @Cleanup ObjectInputStream inputStream = new ObjectInputStream(cipherInputStream); SealedObject sealedObject = (SealedObject) inputStream.readObject(); return (Wallets) sealedObject.getObject(cipher); } catch (Exception e) { log.error("Fail to load wallet from disk ! ", e); throw new RuntimeException("Fail to load wallet from disk ! "); } }
Example #9
Source File: WalletUtils.java From blockchain-java with Apache License 2.0 | 6 votes |
/** * 保存钱包数据 */ private void saveToDisk(Wallets wallets) { try { if (wallets == null) { log.error("Fail to save wallet to file ! wallets is null "); throw new Exception("ERROR: Fail to save wallet to file !"); } SecretKeySpec sks = new SecretKeySpec(CIPHER_TEXT, ALGORITHM); // Create cipher Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, sks); SealedObject sealedObject = new SealedObject(wallets, cipher); // Wrap the output stream @Cleanup CipherOutputStream cos = new CipherOutputStream( new BufferedOutputStream(new FileOutputStream(WALLET_FILE)), cipher); @Cleanup ObjectOutputStream outputStream = new ObjectOutputStream(cos); outputStream.writeObject(sealedObject); } catch (Exception e) { log.error("Fail to save wallet to disk !", e); throw new RuntimeException("Fail to save wallet to disk !"); } }
Example #10
Source File: NodePropertyValue.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override Serializable convert(Serializable value) { if (value == null) { return null; } else if (value instanceof SealedObject) { return value; } else { throw new IllegalArgumentException("Encrypted properties must be encrypted by the client."); } }
Example #11
Source File: KeyProtector.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #12
Source File: KeyProtector.java From hottub with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #13
Source File: AbstractEncryptor.java From alfresco-core with GNU Lesser General Public License v3.0 | 6 votes |
@Override public Serializable sealObject(String keyAlias, AlgorithmParameters params, Serializable input) { if (input == null) { return null; } Cipher cipher = getCipher(keyAlias, params, Cipher.ENCRYPT_MODE); if (cipher == null) { return input; } try { return new SealedObject(input, cipher); } catch (Exception e) { throw new AlfrescoRuntimeException("Failed to seal object", e); } }
Example #14
Source File: RangerKeyStore.java From ranger with Apache License 2.0 | 6 votes |
private SealedObject sealKey(Key key, char[] password) throws Exception { if (logger.isDebugEnabled()) { logger.debug("==> RangerKeyStore.sealKey()"); } // Create SecretKey SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndTripleDES"); PBEKeySpec pbeKeySpec = new PBEKeySpec(password); SecretKey secretKey = secretKeyFactory.generateSecret(pbeKeySpec); pbeKeySpec.clearPassword(); // Generate random bytes + set up the PBEParameterSpec SecureRandom random = new SecureRandom(); byte[] salt = new byte[8]; random.nextBytes(salt); PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // Seal the Key Cipher cipher = Cipher.getInstance("PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, secretKey, pbeSpec); if (logger.isDebugEnabled()) { logger.debug("<== RangerKeyStore.sealKey()"); } return new RangerSealedObject(key, cipher); }
Example #15
Source File: KeyProtector.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, 20); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #16
Source File: RangerKeyStore.java From ranger with Apache License 2.0 | 6 votes |
private Key unsealKey(SealedObject sealedKey, char[] password) throws Exception { if (logger.isDebugEnabled()) { logger.debug("==> RangerKeyStore.unsealKey()"); } // Create SecretKey SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndTripleDES"); PBEKeySpec pbeKeySpec = new PBEKeySpec(password); SecretKey secretKey = secretKeyFactory.generateSecret(pbeKeySpec); pbeKeySpec.clearPassword(); // Get the AlgorithmParameters from RangerSealedObject AlgorithmParameters algorithmParameters = null; if (sealedKey instanceof RangerSealedObject) { algorithmParameters = ((RangerSealedObject) sealedKey).getParameters(); } else { algorithmParameters = new RangerSealedObject(sealedKey).getParameters(); } // Unseal the Key Cipher cipher = Cipher.getInstance("PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, secretKey, algorithmParameters); if (logger.isDebugEnabled()) { logger.debug("<== RangerKeyStore.unsealKey()"); } return (Key) sealedKey.getObject(cipher); }
Example #17
Source File: KeyProtector.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, ITERATION_COUNT); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); // seal key Cipher cipher; PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); return new SealedObjectForKeyProtector(key, cipher); }
Example #18
Source File: ObjectSealer.java From chvote-1-0 with GNU Affero General Public License v3.0 | 5 votes |
/** * Parses a SealedObject from the given byte array and retrieves the original wrapped object * * @param encryptedObject a byte array representing a SealedObject * @param maxBytes the maximum size allowed for the read object * @return the original Serializable object * @throws CryptoOperationRuntimeException * @see #sealObject(java.io.Serializable) the matching wrapping operation */ public Object unsealObject(byte[] encryptedObject, long maxBytes) { try { ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encryptedObject); SealedObject sealedObject = SafeObjectReader.safeReadObject(SealedObject.class, new ArrayList<>(), MAX_OBJECTS, maxBytes, byteArrayInputStream); return sealedObject.getObject(key); } catch (IOException | ClassNotFoundException | InvalidKeyException | NoSuchAlgorithmException e) { throw new CryptoOperationRuntimeException("cannot unseal object", e); } }
Example #19
Source File: ObjectSealer.java From chvote-1-0 with GNU Affero General Public License v3.0 | 5 votes |
/** * Wraps any serializable object into a SealedObject and returns the corresponding byte array * * @param object the object to seal * @return the byte array representing the SealedObject (locked with the cipher and key provided to the constructor) * @throws CryptoOperationRuntimeException * @see #unsealObject(byte[], long) the matching unwrapping method */ public byte[] sealObject(Serializable object) { ByteArrayOutputStream byteArrayOutputStream = null; try { cipher.init(Cipher.ENCRYPT_MODE, key, SecureRandomFactory.createPRNG()); SealedObject sealedObject = new SealedObject(object, cipher); byteArrayOutputStream = new ByteArrayOutputStream(); ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream); objectOutputStream.writeObject(sealedObject); } catch (InvalidKeyException | IOException | IllegalBlockSizeException e) { throw new CryptoOperationRuntimeException("cannot seal object", e); } return byteArrayOutputStream.toByteArray(); }
Example #20
Source File: KeyProtector.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
/** * Unseals the sealed key. */ Key unseal(SealedObject so) throws NoSuchAlgorithmException, UnrecoverableKeyException { try { // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey skey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); SealedObjectForKeyProtector soForKeyProtector = null; if (!(so instanceof SealedObjectForKeyProtector)) { soForKeyProtector = new SealedObjectForKeyProtector(so); } else { soForKeyProtector = (SealedObjectForKeyProtector)so; } AlgorithmParameters params = soForKeyProtector.getParameters(); if (params == null) { throw new UnrecoverableKeyException("Cannot get " + "algorithm parameters"); } PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); Cipher cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, skey, params); return (Key)soForKeyProtector.getObject(cipher); } catch (NoSuchAlgorithmException ex) { // Note: this catch needed to be here because of the // later catch of GeneralSecurityException throw ex; } catch (IOException ioe) { throw new UnrecoverableKeyException(ioe.getMessage()); } catch (ClassNotFoundException cnfe) { throw new UnrecoverableKeyException(cnfe.getMessage()); } catch (GeneralSecurityException gse) { throw new UnrecoverableKeyException(gse.getMessage()); } }
Example #21
Source File: TestSealedObjectNull.java From hottub with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws IOException, IllegalBlockSizeException, ClassNotFoundException, BadPaddingException { Cipher nullCipher = new NullCipher(); // Seal SealedObject so = new SealedObject(SEAL_STR, nullCipher); // Unseal and compare if (!(SEAL_STR.equals(so.getObject(nullCipher)))) { throw new RuntimeException("Unseal and compare failed."); } System.out.println("Test passed."); }
Example #22
Source File: TestSealedObjectNull.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws IOException, IllegalBlockSizeException, ClassNotFoundException, BadPaddingException { Cipher nullCipher = new NullCipher(); // Seal SealedObject so = new SealedObject(SEAL_STR, nullCipher); // Unseal and compare if (!(SEAL_STR.equals(so.getObject(nullCipher)))) { throw new RuntimeException("Unseal and compare failed."); } System.out.println("Test passed."); }
Example #23
Source File: TestSealedObjectNull.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws IOException, IllegalBlockSizeException, ClassNotFoundException, BadPaddingException { Cipher nullCipher = new NullCipher(); // Seal SealedObject so = new SealedObject(SEAL_STR, nullCipher); // Unseal and compare if (!(SEAL_STR.equals(so.getObject(nullCipher)))) { throw new RuntimeException("Unseal and compare failed."); } System.out.println("Test passed."); }
Example #24
Source File: KeyProtector.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
/** * Unseals the sealed key. */ Key unseal(SealedObject so) throws NoSuchAlgorithmException, UnrecoverableKeyException { try { // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey skey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); SealedObjectForKeyProtector soForKeyProtector = null; if (!(so instanceof SealedObjectForKeyProtector)) { soForKeyProtector = new SealedObjectForKeyProtector(so); } else { soForKeyProtector = (SealedObjectForKeyProtector)so; } AlgorithmParameters params = soForKeyProtector.getParameters(); if (params == null) { throw new UnrecoverableKeyException("Cannot get " + "algorithm parameters"); } PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); Cipher cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, skey, params); return (Key)soForKeyProtector.getObject(cipher); } catch (NoSuchAlgorithmException ex) { // Note: this catch needed to be here because of the // later catch of GeneralSecurityException throw ex; } catch (IOException ioe) { throw new UnrecoverableKeyException(ioe.getMessage()); } catch (ClassNotFoundException cnfe) { throw new UnrecoverableKeyException(cnfe.getMessage()); } catch (GeneralSecurityException gse) { throw new UnrecoverableKeyException(gse.getMessage()); } }
Example #25
Source File: KeyProtector.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
/** * Unseals the sealed key. */ Key unseal(SealedObject so) throws NoSuchAlgorithmException, UnrecoverableKeyException { try { // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey skey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); SealedObjectForKeyProtector soForKeyProtector = null; if (!(so instanceof SealedObjectForKeyProtector)) { soForKeyProtector = new SealedObjectForKeyProtector(so); } else { soForKeyProtector = (SealedObjectForKeyProtector)so; } AlgorithmParameters params = soForKeyProtector.getParameters(); if (params == null) { throw new UnrecoverableKeyException("Cannot get " + "algorithm parameters"); } PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); Cipher cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, skey, params); return (Key)soForKeyProtector.getObject(cipher); } catch (NoSuchAlgorithmException ex) { // Note: this catch needed to be here because of the // later catch of GeneralSecurityException throw ex; } catch (IOException ioe) { throw new UnrecoverableKeyException(ioe.getMessage()); } catch (ClassNotFoundException cnfe) { throw new UnrecoverableKeyException(cnfe.getMessage()); } catch (GeneralSecurityException gse) { throw new UnrecoverableKeyException(gse.getMessage()); } }
Example #26
Source File: BallotDecryptionController.java From chvote-1-0 with GNU Affero General Public License v3.0 | 5 votes |
@Override protected List<EncryptedBallotAndWrappedKey> call() throws Exception { // Need to create the stream here, so it'll be available to the executor thread try (InputStream encBallotsInputStream = Files.newInputStream(encryptedBallotsFile.toPath(), StandardOpenOption.READ)) { return (List<EncryptedBallotAndWrappedKey>) SafeObjectReader.safeReadObject( ArrayList.class, Arrays.asList(EncryptedBallotAndWrappedKey.class, SealedObject.class), maxObjects, maxBytes, encBallotsInputStream); } }
Example #27
Source File: KeyProtector.java From hottub with GNU General Public License v2.0 | 5 votes |
/** * Unseals the sealed key. */ Key unseal(SealedObject so) throws NoSuchAlgorithmException, UnrecoverableKeyException { try { // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey skey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); SealedObjectForKeyProtector soForKeyProtector = null; if (!(so instanceof SealedObjectForKeyProtector)) { soForKeyProtector = new SealedObjectForKeyProtector(so); } else { soForKeyProtector = (SealedObjectForKeyProtector)so; } AlgorithmParameters params = soForKeyProtector.getParameters(); if (params == null) { throw new UnrecoverableKeyException("Cannot get " + "algorithm parameters"); } PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); Cipher cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, skey, params); return (Key)soForKeyProtector.getObject(cipher); } catch (NoSuchAlgorithmException ex) { // Note: this catch needed to be here because of the // later catch of GeneralSecurityException throw ex; } catch (IOException ioe) { throw new UnrecoverableKeyException(ioe.getMessage()); } catch (ClassNotFoundException cnfe) { throw new UnrecoverableKeyException(cnfe.getMessage()); } catch (GeneralSecurityException gse) { throw new UnrecoverableKeyException(gse.getMessage()); } }
Example #28
Source File: KeyProtector.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
/** * Unseals the sealed key. */ Key unseal(SealedObject so) throws NoSuchAlgorithmException, UnrecoverableKeyException { try { // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey skey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES"); pbeKeySpec.clearPassword(); SealedObjectForKeyProtector soForKeyProtector = null; if (!(so instanceof SealedObjectForKeyProtector)) { soForKeyProtector = new SealedObjectForKeyProtector(so); } else { soForKeyProtector = (SealedObjectForKeyProtector)so; } AlgorithmParameters params = soForKeyProtector.getParameters(); if (params == null) { throw new UnrecoverableKeyException("Cannot get " + "algorithm parameters"); } PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); Cipher cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, skey, params); return (Key)soForKeyProtector.getObject(cipher); } catch (NoSuchAlgorithmException ex) { // Note: this catch needed to be here because of the // later catch of GeneralSecurityException throw ex; } catch (IOException ioe) { throw new UnrecoverableKeyException(ioe.getMessage()); } catch (ClassNotFoundException cnfe) { throw new UnrecoverableKeyException(cnfe.getMessage()); } catch (GeneralSecurityException gse) { throw new UnrecoverableKeyException(gse.getMessage()); } }
Example #29
Source File: KeyProtector.java From Bytecoder with Apache License 2.0 | 5 votes |
/** * Seals the given cleartext key, using the password provided at * construction time */ SealedObject seal(Key key) throws Exception { // create a random salt (8 bytes) byte[] salt = new byte[8]; SunJCE.getRandom().nextBytes(salt); // create PBE parameters from salt and iteration count PBEParameterSpec pbeSpec = new PBEParameterSpec(salt, ITERATION_COUNT); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); SecretKey sKey = null; Cipher cipher; try { sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES", false); pbeKeySpec.clearPassword(); // seal key PBEWithMD5AndTripleDESCipher cipherSpi; cipherSpi = new PBEWithMD5AndTripleDESCipher(); cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec); } finally { if (sKey != null) sKey.destroy(); } return new SealedObjectForKeyProtector(key, cipher); }
Example #30
Source File: TestSealedObjectNull.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws IOException, IllegalBlockSizeException, ClassNotFoundException, BadPaddingException { Cipher nullCipher = new NullCipher(); // Seal SealedObject so = new SealedObject(SEAL_STR, nullCipher); // Unseal and compare if (!(SEAL_STR.equals(so.getObject(nullCipher)))) { throw new RuntimeException("Unseal and compare failed."); } System.out.println("Test passed."); }