List of usage examples for javax.crypto Cipher getIV
public final byte[] getIV()
From source file:cn.ctyun.amazonaws.services.s3.AmazonS3EncryptionClient.java
@Override public InitiateMultipartUploadResult initiateMultipartUpload( InitiateMultipartUploadRequest initiateMultipartUploadRequest) throws AmazonClientException, AmazonServiceException { appendUserAgent(initiateMultipartUploadRequest, USER_AGENT); // Generate a one-time use symmetric key and initialize a cipher to encrypt object data SecretKey envelopeSymmetricKey = EncryptionUtils.generateOneTimeUseSymmetricKey(); Cipher symmetricCipher = EncryptionUtils.createSymmetricCipher(envelopeSymmetricKey, Cipher.ENCRYPT_MODE, cryptoConfig.getCryptoProvider(), null); if (cryptoConfig.getStorageMode() == CryptoStorageMode.ObjectMetadata) { EncryptionMaterials encryptionMaterials = encryptionMaterialsProvider.getEncryptionMaterials(); // Encrypt the envelope symmetric key byte[] encryptedEnvelopeSymmetricKey = EncryptionUtils.getEncryptedSymmetricKey(envelopeSymmetricKey, encryptionMaterials, cryptoConfig.getCryptoProvider()); // Store encryption info in metadata ObjectMetadata metadata = EncryptionUtils.updateMetadataWithEncryptionInfo( initiateMultipartUploadRequest, encryptedEnvelopeSymmetricKey, symmetricCipher, encryptionMaterials.getMaterialsDescription()); // Update the request's metadata to the updated metadata initiateMultipartUploadRequest.setObjectMetadata(metadata); }/*from w w w. ja v a 2 s. c om*/ InitiateMultipartUploadResult result = super.initiateMultipartUpload(initiateMultipartUploadRequest); EncryptedUploadContext encryptedUploadContext = new EncryptedUploadContext( initiateMultipartUploadRequest.getBucketName(), initiateMultipartUploadRequest.getKey(), envelopeSymmetricKey); encryptedUploadContext.setNextInitializationVector(symmetricCipher.getIV()); encryptedUploadContext.setFirstInitializationVector(symmetricCipher.getIV()); currentMultipartUploadSecretKeys.put(result.getUploadId(), encryptedUploadContext); return result; }
From source file:main.java.vasolsim.common.file.ExamBuilder.java
/** * Writes an exam to an XML file/*from w w w.j a v a 2s .c o m*/ * * @param exam the exam to be written * @param examFile the target file * @param password the passphrase locking the restricted content * @param overwrite if an existing file can be overwritten * * @return if the write was successful * * @throws VaSolSimException */ public static boolean writeExam(@Nonnull Exam exam, @Nonnull File examFile, @Nonnull String password, boolean overwrite) throws VaSolSimException { logger.info("beginning exam export -> " + exam.getTestName()); logger.debug("checking export destination..."); /* * check the file creation status and handle it */ //if it exists if (examFile.isFile()) { logger.trace("exam file exists, checking overwrite..."); //can't overwrite if (!overwrite) { logger.error("file already present and cannot overwrite"); throw new VaSolSimException(ERROR_MESSAGE_FILE_ALREADY_EXISTS); } //can overwrite, clear the existing file else { logger.trace("overwriting..."); PrintWriter printWriter; try { printWriter = new PrintWriter(examFile); } catch (FileNotFoundException e) { logger.error("internal file presence check failed", e); throw new VaSolSimException(ERROR_MESSAGE_FILE_NOT_FOUND_AFTER_INTERNAL_CHECK); } printWriter.print(""); printWriter.close(); } } //no file, create one else { logger.trace("exam file does not exist, creating..."); if (!examFile.getParentFile().isDirectory() && !examFile.getParentFile().mkdirs()) { logger.error("could not create empty directories for export"); throw new VaSolSimException(ERROR_MESSAGE_COULD_NOT_CREATE_DIRS); } try { logger.trace("creating files..."); if (!examFile.createNewFile()) { logger.error("could not create empty file for export"); throw new VaSolSimException(ERROR_MESSAGE_COULD_NOT_CREATE_FILE); } } catch (IOException e) { logger.error("io error on empty file creation", e); throw new VaSolSimException(ERROR_MESSAGE_CREATE_FILE_EXCEPTION); } } logger.debug("initializing weak cryptography scheme..."); /* * initialize the cryptography system */ String encryptedHash; Cipher encryptionCipher; try { logger.trace("hashing password into key..."); //hash the password byte[] hash; MessageDigest msgDigest = MessageDigest.getInstance("SHA-512"); msgDigest.update(password.getBytes()); hash = GenericUtils.validate512HashTo128Hash(msgDigest.digest()); logger.trace("initializing cipher"); encryptionCipher = GenericUtils.initCrypto(hash, Cipher.ENCRYPT_MODE); encryptedHash = GenericUtils .convertBytesToHexString(GenericUtils.applyCryptographicCipher(hash, encryptionCipher)); } catch (NoSuchAlgorithmException e) { logger.error("FAILED. could not initialize crypto", e); throw new VaSolSimException(ERROR_MESSAGE_GENERIC_CRYPTO + "\n\nBAD ALGORITHM\n" + e.toString() + "\n" + e.getCause() + "\n" + ExceptionUtils.getStackTrace(e), e); } logger.debug("initializing the document builder..."); /* * initialize the document */ Document examDoc; Transformer examTransformer; try { logger.trace("create document builder factory instance -> create new doc"); examDoc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); logger.trace("set document properties"); examTransformer = TransformerFactory.newInstance().newTransformer(); examTransformer.setOutputProperty(OutputKeys.INDENT, "yes"); examTransformer.setOutputProperty(OutputKeys.METHOD, "xml"); examTransformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8"); examTransformer.setOutputProperty(OutputKeys.DOCTYPE_SYSTEM, "roles.dtd"); examTransformer.setOutputProperty(INDENTATION_KEY, "4"); } catch (ParserConfigurationException e) { logger.error("parser was not configured correctly", e); throw new VaSolSimException(ERROR_MESSAGE_INTERNAL_XML_PARSER_INITIALIZATION_EXCEPTION, e); } catch (TransformerConfigurationException e) { logger.error("transformer was not configured properly"); throw new VaSolSimException(ERROR_MESSAGE_INTERNAL_TRANSFORMER_CONFIGURATION, e); } logger.debug("building document..."); /* * build exam info */ logger.trace("attaching root..."); Element root = examDoc.createElement(XML_ROOT_ELEMENT_NAME); examDoc.appendChild(root); logger.trace("attaching info..."); Element info = examDoc.createElement(XML_INFO_ELEMENT_NAME); root.appendChild(info); //exam info logger.trace("attaching exam info..."); GenericUtils.appendSubNode(XML_TEST_NAME_ELEMENT_NAME, exam.getTestName(), info, examDoc); GenericUtils.appendSubNode(XML_AUTHOR_NAME_ELEMENT_NAME, exam.getAuthorName(), info, examDoc); GenericUtils.appendSubNode(XML_SCHOOL_NAME_ELEMENT_NAME, exam.getSchoolName(), info, examDoc); GenericUtils.appendSubNode(XML_PERIOD_NAME_ELEMENT_NAME, exam.getPeriodName(), info, examDoc); GenericUtils.appendSubNode(XML_DATE_ELEMENT_NAME, exam.getDate(), info, examDoc); //start security xml section logger.trace("attaching security..."); Element security = examDoc.createElement(XML_SECURITY_ELEMENT_NAME); root.appendChild(security); GenericUtils.appendSubNode(XML_ENCRYPTED_VALIDATION_HASH_ELEMENT_NAME, encryptedHash, security, examDoc); GenericUtils.appendSubNode(XML_PARAMETRIC_INITIALIZATION_VECTOR_ELEMENT_NAME, GenericUtils.convertBytesToHexString(encryptionCipher.getIV()), security, examDoc); GenericUtils.appendSubNode(XML_IS_REPORTING_STATISTICS_ELEMENT_NAME, Boolean.toString(exam.isReportingStats()), security, examDoc); GenericUtils.appendSubNode(XML_IS_REPORTING_STATISTICS_STANDALONE_ELEMENT_NAME, Boolean.toString(exam.isReportingStatsStandalone()), security, examDoc); GenericUtils.appendSubNode(XML_STATISTICS_DESTINATION_EMAIL_ADDRESS_ELEMENT_NAME, GenericUtils.convertBytesToHexString(GenericUtils.applyCryptographicCipher( exam.getStatsDestinationEmail() == null ? GenericUtils.NO_EMAIL.getBytes() : exam.getStatsDestinationEmail().getBytes(), encryptionCipher)), security, examDoc); GenericUtils.appendSubNode(XML_STATISTICS_SENDER_EMAIL_ADDRESS_ELEMENT_NAME, GenericUtils.convertBytesToHexString(GenericUtils.applyCryptographicCipher( exam.getStatsSenderEmail() == null ? GenericUtils.NO_EMAIL.getBytes() : exam.getStatsSenderEmail().getBytes(), encryptionCipher)), security, examDoc); GenericUtils.appendSubNode(XML_STATISTICS_SENDER_EMAIL_PASSWORD_ELEMENT_NAME, GenericUtils.convertBytesToHexString(GenericUtils.applyCryptographicCipher( exam.getStatsSenderPassword() == null ? GenericUtils.NO_DATA.getBytes() : exam.getStatsSenderPassword().getBytes(), encryptionCipher)), security, examDoc); GenericUtils.appendSubNode(XML_STATISTICS_SENDER_SMTP_ADDRESS_ELEMENT_NAME, GenericUtils.convertBytesToHexString(GenericUtils.applyCryptographicCipher( exam.getStatsSenderSMTPAddress() == null ? GenericUtils.NO_SMTP.getBytes() : exam.getStatsSenderSMTPAddress().getBytes(), encryptionCipher)), security, examDoc); GenericUtils.appendSubNode(XML_STATISTICS_SENDER_SMTP_PORT_ELEMENT_NAME, GenericUtils.convertBytesToHexString(GenericUtils.applyCryptographicCipher( Integer.toString(exam.getStatsSenderSMTPPort()).getBytes(), encryptionCipher)), security, examDoc); logger.debug("checking exam content integrity..."); ArrayList<QuestionSet> questionSets = exam.getQuestionSets(); if (GenericUtils.checkExamIntegrity(exam).size() == 0) { logger.debug("exporting exam content..."); for (int setsIndex = 0; setsIndex < questionSets.size(); setsIndex++) { QuestionSet qSet = questionSets.get(setsIndex); logger.trace("exporting question set -> " + qSet.getName()); Element qSetElement = examDoc.createElement(XML_QUESTION_SET_ELEMENT_NAME); root.appendChild(qSetElement); GenericUtils.appendSubNode(XML_QUESTION_SET_ID_ELEMENT_NAME, Integer.toString(setsIndex + 1), qSetElement, examDoc); GenericUtils.appendSubNode(XML_QUESTION_SET_NAME_ELEMENT_NAME, (qSet.getName().equals("")) ? "Question Set " + (setsIndex + 1) : qSet.getName(), qSetElement, examDoc); GenericUtils.appendSubNode(XML_QUESTION_SET_RESOURCE_TYPE_ELEMENT_NAME, qSet.getResourceType().toString(), qSetElement, examDoc); if (qSet.getResourceType() != GenericUtils.ResourceType.NONE && qSet.getResources() != null) { logger.debug("exporting question set resources..."); for (BufferedImage img : qSet.getResources()) { if (img != null) { try { logger.trace("writing image..."); ByteArrayOutputStream out = new ByteArrayOutputStream(); ImageIO.write(img, "png", out); out.flush(); GenericUtils.appendCDATASubNode(XML_QUESTION_SET_RESOURCE_DATA_ELEMENT_NAME, new String(Base64.encodeBase64(out.toByteArray())), qSetElement, examDoc); } catch (IOException e) { throw new VaSolSimException( "Error: cannot write images to byte array for transport"); } } } } //TODO export problem in this subroutine for (int setIndex = 0; setIndex < qSet.getQuestions().size(); setIndex++) { Question question = qSet.getQuestions().get(setIndex); logger.trace("exporting question -> " + question.getName()); Element qElement = examDoc.createElement(XML_QUESTION_ELEMENT_NAME); qSetElement.appendChild(qElement); logger.trace("question id -> " + setIndex); GenericUtils.appendSubNode(XML_QUESTION_ID_ELEMENT_NAME, Integer.toString(setIndex + 1), qElement, examDoc); logger.trace("question name -> " + question.getName()); GenericUtils.appendSubNode(XML_QUESTION_NAME_ELEMENT_NAME, (question.getName().equals("")) ? "Question " + (setIndex + 1) : question.getName(), qElement, examDoc); logger.trace("question test -> " + question.getQuestion()); GenericUtils.appendSubNode(XML_QUESTION_TEXT_ELEMENT_NAME, question.getQuestion(), qElement, examDoc); logger.trace("question answer scramble -> " + Boolean.toString(question.getScrambleAnswers())); GenericUtils.appendSubNode(XML_QUESTION_SCRAMBLE_ANSWERS_ELEMENT_NAME, Boolean.toString(question.getScrambleAnswers()), qElement, examDoc); logger.trace("question answer order matters -> " + Boolean.toString(question.getAnswerOrderMatters())); GenericUtils.appendSubNode(XML_QUESTION_REATIAN_ANSWER_ORDER_ELEMENT_NAME, Boolean.toString(question.getAnswerOrderMatters()), qElement, examDoc); logger.debug("exporting correct answer choices..."); for (AnswerChoice answer : question.getCorrectAnswerChoices()) { logger.trace("exporting correct answer choice(s) -> " + answer.getAnswerText()); GenericUtils .appendSubNode(XML_QUESTION_ENCRYPTED_ANSWER_HASH, GenericUtils.convertBytesToHexString(GenericUtils.applyCryptographicCipher( answer.getAnswerText().getBytes(), encryptionCipher)), qElement, examDoc); } logger.debug("exporting answer choices..."); for (int questionIndex = 0; questionIndex < question.getAnswerChoices() .size(); questionIndex++) { if (question.getAnswerChoices().get(questionIndex).isActive()) { AnswerChoice ac = question.getAnswerChoices().get(questionIndex); logger.trace("exporting answer choice -> " + ac.getAnswerText()); Element acElement = examDoc.createElement(XML_ANSWER_CHOICE_ELEMENT_NAME); qElement.appendChild(acElement); logger.trace("answer choice id -> " + questionIndex); GenericUtils.appendSubNode(XML_ANSWER_CHOICE_ID_ELEMENT_NAME, Integer.toString(questionIndex + 1), acElement, examDoc); logger.trace("answer choice visible id -> " + ac.getVisibleChoiceID()); GenericUtils.appendSubNode(XML_ANSWER_CHOICE_VISIBLE_ID_ELEMENT_NAME, ac.getVisibleChoiceID(), acElement, examDoc); logger.trace("answer text -> " + ac.getAnswerText()); GenericUtils.appendSubNode(XML_ANSWER_TEXT_ELEMENT_NAME, ac.getAnswerText(), acElement, examDoc); } } } } } else { logger.error("integrity check failed"); PopupManager.showMessage(errorsToOutput(GenericUtils.checkExamIntegrity(exam))); return false; } logger.debug("transforming exam..."); try { examTransformer.transform(new DOMSource(examDoc), new StreamResult(examFile)); } catch (TransformerException e) { logger.error("exam export failed (transformer error)", e); return false; } logger.debug("transformation done"); logger.info("exam export successful"); return true; }
From source file:org.apache.xml.security.encryption.XMLCipher.java
private EncryptedData encryptData(Document context, Element element, String type, InputStream serializedData) throws /* XMLEncryption */ Exception { contextDocument = context;/*from ww w . j av a2s. c o m*/ if (algorithm == null) { throw new XMLEncryptionException("XMLCipher instance without transformation specified"); } String serializedOctets = null; if (serializedData == null) { if (type.equals(EncryptionConstants.TYPE_CONTENT)) { NodeList children = element.getChildNodes(); if (null != children) { serializedOctets = serializer.serialize(children); } else { Object exArgs[] = { "Element has no content." }; throw new XMLEncryptionException("empty", exArgs); } } else { serializedOctets = serializer.serialize(element); } if (log.isDebugEnabled()) { log.debug("Serialized octets:\n" + serializedOctets); } } byte[] encryptedBytes = null; // Now create the working cipher if none was created already Cipher c; if (contextCipher == null) { String jceAlgorithm = JCEMapper.translateURItoJCEID(algorithm); if (log.isDebugEnabled()) { log.debug("alg = " + jceAlgorithm); } try { if (requestedJCEProvider == null) { c = Cipher.getInstance(jceAlgorithm); } else { c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider); } } catch (NoSuchAlgorithmException nsae) { throw new XMLEncryptionException("empty", nsae); } catch (NoSuchProviderException nspre) { throw new XMLEncryptionException("empty", nspre); } catch (NoSuchPaddingException nspae) { throw new XMLEncryptionException("empty", nspae); } } else { c = contextCipher; } // Now perform the encryption try { // Should internally generate an IV // todo - allow user to set an IV c.init(cipherMode, key); } catch (InvalidKeyException ike) { throw new XMLEncryptionException("empty", ike); } try { if (serializedData != null) { int numBytes; byte[] buf = new byte[8192]; ByteArrayOutputStream baos = new ByteArrayOutputStream(); while ((numBytes = serializedData.read(buf)) != -1) { byte[] data = c.update(buf, 0, numBytes); baos.write(data); } baos.write(c.doFinal()); encryptedBytes = baos.toByteArray(); } else { encryptedBytes = c.doFinal(serializedOctets.getBytes("UTF-8")); if (log.isDebugEnabled()) { log.debug("Expected cipher.outputSize = " + Integer.toString(c.getOutputSize(serializedOctets.getBytes("UTF-8").length))); } } if (log.isDebugEnabled()) { log.debug("Actual cipher.outputSize = " + Integer.toString(encryptedBytes.length)); } } catch (IllegalStateException ise) { throw new XMLEncryptionException("empty", ise); } catch (IllegalBlockSizeException ibse) { throw new XMLEncryptionException("empty", ibse); } catch (BadPaddingException bpe) { throw new XMLEncryptionException("empty", bpe); } catch (UnsupportedEncodingException uee) { throw new XMLEncryptionException("empty", uee); } // Now build up to a properly XML Encryption encoded octet stream // IvParameterSpec iv; byte[] iv = c.getIV(); byte[] finalEncryptedBytes = new byte[iv.length + encryptedBytes.length]; System.arraycopy(iv, 0, finalEncryptedBytes, 0, iv.length); System.arraycopy(encryptedBytes, 0, finalEncryptedBytes, iv.length, encryptedBytes.length); String base64EncodedEncryptedOctets = Base64.encode(finalEncryptedBytes); if (log.isDebugEnabled()) { log.debug("Encrypted octets:\n" + base64EncodedEncryptedOctets); log.debug("Encrypted octets length = " + base64EncodedEncryptedOctets.length()); } try { CipherData cd = ed.getCipherData(); CipherValue cv = cd.getCipherValue(); // cv.setValue(base64EncodedEncryptedOctets.getBytes()); cv.setValue(base64EncodedEncryptedOctets); if (type != null) { ed.setType(new URI(type).toString()); } EncryptionMethod method = factory.newEncryptionMethod(new URI(algorithm).toString()); ed.setEncryptionMethod(method); } catch (URISyntaxException ex) { throw new XMLEncryptionException("empty", ex); } return ed; }