List of usage examples for javax.crypto Cipher getMaxAllowedKeyLength
public static final int getMaxAllowedKeyLength(String transformation) throws NoSuchAlgorithmException
From source file:com.couchbase.lite.LiteTestCaseWithDB.java
protected boolean isEncryptionTestEnabled() { if (!isAndriod()) { boolean support256Key = false; try {//from w w w . ja va 2 s .c o m support256Key = Cipher.getMaxAllowedKeyLength("AES") >= 256; } catch (NoSuchAlgorithmException e) { } if (!support256Key) return false; } return !isSQLiteDB() || (isSQLiteDB() && SQLiteNativeLibrary.TEST_NATIVE_LIBRARY_NAME == SQLiteNativeLibrary.JNI_SQLCIPHER_LIBRARY); }
From source file:org.cryptomator.crypto.aes256.Aes256Cryptor.java
/** * Reads the encrypted masterkey from the given input stream and decrypts it with the given password. * //from www . jav a2s .c om * @throws DecryptFailedException If the decryption failed for various reasons (including wrong password). * @throws WrongPasswordException If the provided password was wrong. Note: Sometimes the algorithm itself fails due to a wrong * password. In this case a DecryptFailedException will be thrown. * @throws UnsupportedKeyLengthException If the masterkey has been encrypted with a higher key length than supported by the system. In * this case Java JCE needs to be installed. */ @Override public void decryptMasterKey(InputStream in, CharSequence password) throws DecryptFailedException, WrongPasswordException, UnsupportedKeyLengthException, IOException { try { // load encrypted masterkey: final KeyFile keyfile = objectMapper.readValue(in, KeyFile.class); // check, whether the key length is supported: final int maxKeyLen = Cipher.getMaxAllowedKeyLength(AES_KEY_ALGORITHM); if (keyfile.getKeyLength() > maxKeyLen) { throw new UnsupportedKeyLengthException(keyfile.getKeyLength(), maxKeyLen); } // derive key: final SecretKey kek = scrypt(password, keyfile.getScryptSalt(), keyfile.getScryptCostParam(), keyfile.getScryptBlockSize(), AES_KEY_LENGTH_IN_BITS); // decrypt and check password by catching AEAD exception final Cipher decCipher = aesKeyWrapCipher(kek, Cipher.UNWRAP_MODE); SecretKey primary = (SecretKey) decCipher.unwrap(keyfile.getPrimaryMasterKey(), AES_KEY_ALGORITHM, Cipher.SECRET_KEY); SecretKey secondary = (SecretKey) decCipher.unwrap(keyfile.getHMacMasterKey(), HMAC_KEY_ALGORITHM, Cipher.SECRET_KEY); // everything ok, assign decrypted keys: this.primaryMasterKey = primary; this.hMacMasterKey = secondary; } catch (NoSuchAlgorithmException ex) { throw new IllegalStateException("Algorithm should exist.", ex); } catch (InvalidKeyException e) { throw new WrongPasswordException(); } }
From source file:com.zacwolf.commons.crypto.Crypter_AES.java
/** * @param keyfile//from w w w .j a v a2s . co m * @throws NoSuchAlgorithmException * @throws IOException * @throws InvalidKeySpecException */ public final static void generateNewKeyFile(File keyfile) throws NoSuchAlgorithmException, IOException, InvalidKeySpecException { generateNewKeyFile(keyfile, Cipher.getMaxAllowedKeyLength(mytype), Crypter.defaultsalter); }
From source file:com.zacwolf.commons.crypto.Crypter_AES.java
/** * @param keyfile/*from w w w . ja v a 2s . c o m*/ * @param salter * @throws NoSuchAlgorithmException * @throws IOException * @throws InvalidKeySpecException */ public final static void generateNewKeyFile(File keyfile, final SecureRandom salter) throws NoSuchAlgorithmException, IOException, InvalidKeySpecException { generateNewKeyFile(keyfile, Cipher.getMaxAllowedKeyLength(mytype), salter); }
From source file:com.zacwolf.commons.crypto.Crypter_AES.java
/** * @param keyfile/*w w w . j a v a 2s.c o m*/ * @param keysize * @param salter * @throws InvalidKeySpecException * @throws IOException * @throws NoSuchAlgorithmException */ public final static void generateNewKeyFile(final File keyfile, final int keysize, final SecureRandom salter) throws InvalidKeySpecException, IOException, NoSuchAlgorithmException { if (keysize > Cipher.getMaxAllowedKeyLength(mytype)) throw new InvalidKeySpecException( "You specified a key size not supported by your current cryptographic libraries, which currently have a max key size of " + Cipher.getMaxAllowedKeyLength(mytype) + " for " + mytype); final FileOutputStream fos = new FileOutputStream(keyfile); try { final KeyGenerator kgen = KeyGenerator.getInstance(mytype); kgen.init(keysize > mykeysizemax ? mykeysizemax : keysize, salter); // 192 and 256 bits may not be available final SecretKey sk = kgen.generateKey(); fos.write(sk.getEncoded()); } finally { fos.flush(); fos.close(); ; } }
From source file:com.zacwolf.commons.crypto.Crypter_Blowfish.java
/** * /*from w ww .ja v a2 s . com*/ * Create a new key with a custom keysize less-than equal to mykeysizemax, * specifying a custom salter * * @param keyfile * @param keysize * @param salter * @throws NoSuchAlgorithmException * @throws IOException * @throws InvalidKeySpecException */ public final static void generateNewKeyFile(final File keyfile, final int keysize, final SecureRandom salter) throws NoSuchAlgorithmException, IOException, InvalidKeySpecException { if (keysize > Cipher.getMaxAllowedKeyLength(mytype)) throw new InvalidKeySpecException( "You specified a key size not supported by your current cryptographic libraries, which currently have a max key size of " + Cipher.getMaxAllowedKeyLength(mytype) + " for " + mytype); final FileOutputStream fos = new FileOutputStream(keyfile); try { final KeyGenerator kgen = KeyGenerator.getInstance(mytype); kgen.init(keysize > mykeysizemax ? mykeysizemax : keysize, salter); // 192 and 256 bits may not be available final SecretKey sk = kgen.generateKey(); fos.write(sk.getEncoded()); } finally { if (fos != null) { fos.flush(); fos.close(); } } }
From source file:io.bitsquare.common.util.Utilities.java
public static void checkCryptoPolicySetup() throws NoSuchAlgorithmException, LimitedKeyStrengthException { if (Cipher.getMaxAllowedKeyLength("AES") > 128) log.debug("Congratulations, you have unlimited key length support!"); else/* w w w . j a va 2 s .c o m*/ throw new LimitedKeyStrengthException(); }
From source file:com.piusvelte.taplock.server.TapLockServer.java
protected static String encryptString(String decStr) { String encStr = null;/* w ww .j a va 2 s.com*/ KeyStore ks = getKeyStore(); if (ks != null) { SecretKey sk = getSecretKey(ks); if (sk == null) { // create key KeyGenerator kgen = null; try { kgen = KeyGenerator.getInstance("AES"); } catch (NoSuchAlgorithmException e) { writeLog("encryptString: " + e.getMessage()); } if (kgen != null) { int keyLength; try { keyLength = Cipher.getMaxAllowedKeyLength("AES"); } catch (NoSuchAlgorithmException e) { keyLength = 128; writeLog("encryptString: " + e.getMessage()); } kgen.init(keyLength); sk = kgen.generateKey(); // create a keystore try { ks.load(null, sPassphrase.toCharArray()); ks.setKeyEntry(TAP_LOCK, sk, sPassphrase.toCharArray(), null); ks.store(new FileOutputStream(sKeystore), sPassphrase.toCharArray()); } catch (NoSuchAlgorithmException e) { writeLog("encryptString: " + e.getMessage()); } catch (CertificateException e) { writeLog("encryptString: " + e.getMessage()); } catch (IOException e) { writeLog("encryptString: " + e.getMessage()); } catch (KeyStoreException e) { writeLog("encryptString: " + e.getMessage()); } } } if ((sk != null) && (decStr != null)) { Cipher cipher; try { cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, sk); return new String(Base64.encodeBase64(cipher.doFinal(decStr.getBytes("UTF-8")))); } catch (NoSuchAlgorithmException e) { writeLog("encryptString: " + e.getMessage()); } catch (NoSuchPaddingException e) { writeLog("encryptString: " + e.getMessage()); } catch (InvalidKeyException e) { writeLog("encryptString: " + e.getMessage()); } catch (IllegalBlockSizeException e) { writeLog("encryptString: " + e.getMessage()); } catch (BadPaddingException e) { writeLog("encryptString: " + e.getMessage()); } catch (UnsupportedEncodingException e) { writeLog("encryptString: " + e.getMessage()); } } } return encStr; }
From source file:ninja.utils.CookieEncryption.java
@Inject public CookieEncryption(NinjaProperties properties) { Optional<SecretKeySpec> secretKeySpec = Optional.absent(); if (properties.getBooleanWithDefault(NinjaConstant.applicationCookieEncrypted, false)) { encryptionEnabled = true;/*from ww w . jav a 2 s.c o m*/ String secret = properties.getOrDie(NinjaConstant.applicationSecret); try { int maxKeyLengthBits = Cipher.getMaxAllowedKeyLength(ALGORITHM); if (maxKeyLengthBits == Integer.MAX_VALUE) { maxKeyLengthBits = 256; } secretKeySpec = Optional .of(new SecretKeySpec(secret.getBytes(), 0, maxKeyLengthBits / Byte.SIZE, ALGORITHM)); logger.info("Ninja session encryption is using {} / {} bit.", secretKeySpec.get().getAlgorithm(), maxKeyLengthBits); } catch (Exception exception) { logger.error("Can not create class to encrypt cookie.", exception); throw new RuntimeException(exception); } } else { encryptionEnabled = false; secretKeySpec = Optional.absent(); } this.secretKeySpec = secretKeySpec; }
From source file:org.apache.hadoop.hive.ql.udf.generic.TestGenericUDFAesDecrypt.java
@Test public void testAesDec256ConstStr() throws HiveException, NoSuchAlgorithmException { int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); // skip the test if Java Cryptography Extension (JCE) Unlimited Strength // Jurisdiction Policy Files not installed if (maxKeyLen < 256) { return;//from w w w . j av a2 s . c om } GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; Text keyWr = new Text("1234567890123456" + "1234567890123456"); ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr); ObjectInspector[] arguments = { valueOI0, valueOI1 }; udf.initialize(arguments); runAndVerifyStr("nYfCuJeRd5eD60yXDw7WEA==", keyWr, "ABC", udf); runAndVerifyStr("mVClVqZ6W4VF6b842FOgCA==", keyWr, "", udf); // null runAndVerifyStr(null, keyWr, null, udf); }