Example usage for javax.crypto Cipher getMaxAllowedKeyLength

List of usage examples for javax.crypto Cipher getMaxAllowedKeyLength

  1. HOME
  2. Java
  3. javax
  4. javax.crypto.*
  5. Cipher
  6. getMaxAllowedKeyLength

Introduction

In this page you can find the example usage for javax.crypto Cipher getMaxAllowedKeyLength.

Prototype

public static final int getMaxAllowedKeyLength(String transformation) throws NoSuchAlgorithmException

Source Link

Document

Returns the maximum key length for the specified transformation according to the installed JCE jurisdiction policy files.

Usage

From source file:org.apache.hadoop.hive.ql.udf.generic.TestGenericUDFAesDecrypt.java

@Test
public void testAesDec192Bin() throws HiveException, NoSuchAlgorithmException {
    int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
    // skip the test if Java Cryptography Extension (JCE) Unlimited Strength
    // Jurisdiction Policy Files not installed
    if (maxKeyLen < 192) {
        return;/*from  w  w w .jav a 2 s.  c om*/
    }
    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
    ObjectInspector[] arguments = { valueOI0, valueOI1 };

    udf.initialize(arguments);

    BytesWritable keyWr = new BytesWritable(("1234567890123456" + "12345678").getBytes());
    runAndVerifyBin("ucvvpP9r2/LfQ6BilQuFtA==", keyWr, "ABC", udf);
    runAndVerifyBin("KqMT3cF6VwSISMaUVUB4Qw==", keyWr, "", udf);
    // null
    runAndVerifyBin(null, keyWr, null, udf);
}

From source file:org.apache.hadoop.hive.ql.udf.generic.TestGenericUDFAesEncrypt.java

@Test
public void testAesEnc256ConstStr() throws HiveException, NoSuchAlgorithmException {
    int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
    // skip the test if Java Cryptography Extension (JCE) Unlimited Strength
    // Jurisdiction Policy Files not installed
    if (maxKeyLen < 256) {
        return;//from w w  w .j av  a2  s. c  o m
    }
    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
    Text keyWr = new Text("1234567890123456" + "1234567890123456");
    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
            .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr);
    ObjectInspector[] arguments = { valueOI0, valueOI1 };

    udf.initialize(arguments);

    runAndVerifyStr("ABC", keyWr, "nYfCuJeRd5eD60yXDw7WEA==", udf);
    runAndVerifyStr("", keyWr, "mVClVqZ6W4VF6b842FOgCA==", udf);
    // null
    runAndVerifyStr(null, keyWr, null, udf);
}

From source file:org.apache.hadoop.hive.ql.udf.generic.TestGenericUDFAesEncrypt.java

@Test
public void testAesEnc192Bin() throws HiveException, NoSuchAlgorithmException {
    int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
    // skip the test if Java Cryptography Extension (JCE) Unlimited Strength
    // Jurisdiction Policy Files not installed
    if (maxKeyLen < 192) {
        return;//from  w  w  w.  j  a va 2  s  .  co  m
    }
    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
    ObjectInspector[] arguments = { valueOI0, valueOI1 };

    udf.initialize(arguments);

    BytesWritable keyWr = new BytesWritable(("1234567890123456" + "12345678").getBytes());
    runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, "ucvvpP9r2/LfQ6BilQuFtA==", udf);
    runAndVerifyBin(new byte[0], keyWr, "KqMT3cF6VwSISMaUVUB4Qw==", udf);
    // null
    runAndVerifyBin(null, keyWr, null, udf);
}

From source file:org.apache.hadoop.security.KDiag.java

/**
 * Fail fast on a JVM without JCE installed.
 *
 * This is a recurrent problem/*w  ww. j a va 2s  . c  o  m*/
 * (that is: it keeps creeping back with JVM updates);
 * a fast failure is the best tactic.
 * @throws NoSuchAlgorithmException
 */

protected void validateKeyLength() throws NoSuchAlgorithmException {
    int aesLen = Cipher.getMaxAllowedKeyLength("AES");
    println("Maximum AES encryption key length %d bits", aesLen);
    verify(minKeyLength <= aesLen, CAT_JVM, "Java Cryptography Extensions are not installed on this JVM."
            + " Maximum supported key length %s - minimum required %d", aesLen, minKeyLength);
}

From source file:org.apache.hadoop.security.KerberosDiags.java

/**
 * Fail fast on a JVM without JCE installed.
 *
 * This is a recurrent problem/*www  .j a va  2  s  .c om*/
 * (that is: it keeps creeping back with JVM updates);
 * a fast failure is the best tactic
 * @throws NoSuchAlgorithmException
 */

protected void validateKeyLength() throws NoSuchAlgorithmException {
    int aesLen = Cipher.getMaxAllowedKeyLength("AES");
    println("Maximum AES encryption key length %d bits", aesLen);
    failif(aesLen < minKeyLength, CAT_JVM, "Java Cryptography Extensions are not installed on this JVM."
            + " Maximum supported key length %s - minimum required %d", aesLen, minKeyLength);
}

From source file:org.apache.nifi.processors.standard.util.crypto.KeyedEncryptor.java

public static int getMaxAllowedKeyLength(final String algorithm) {
    if (StringUtils.isEmpty(algorithm)) {
        return DEFAULT_MAX_ALLOWED_KEY_LENGTH;
    }//ww  w .j  a v a  2 s.c  o m
    String parsedCipher = CipherUtility.parseCipherFromAlgorithm(algorithm);
    try {
        return Cipher.getMaxAllowedKeyLength(parsedCipher);
    } catch (NoSuchAlgorithmException e) {
        // Default algorithm max key length on unmodified JRE
        return DEFAULT_MAX_ALLOWED_KEY_LENGTH;
    }
}

From source file:org.apache.nifi.processors.standard.util.PasswordBasedEncryptor.java

public static int getMaxAllowedKeyLength(final String algorithm) {
    if (StringUtils.isEmpty(algorithm)) {
        return DEFAULT_MAX_ALLOWED_KEY_LENGTH;
    }/*  w w  w .j  a  v a2 s  .co m*/
    String parsedCipher = parseCipherFromAlgorithm(algorithm);
    try {
        return Cipher.getMaxAllowedKeyLength(parsedCipher);
    } catch (NoSuchAlgorithmException e) {
        // Default algorithm max key length on unmodified JRE
        return DEFAULT_MAX_ALLOWED_KEY_LENGTH;
    }
}

From source file:org.apache.nifi.properties.AESSensitivePropertyProvider.java

private static List<Integer> getValidKeyLengths() {
    List<Integer> validLengths = new ArrayList<>();
    validLengths.add(128);// ww w .  j ava2s.c om

    try {
        if (Cipher.getMaxAllowedKeyLength("AES") > 128) {
            validLengths.add(192);
            validLengths.add(256);
        } else {
            logger.warn(
                    "JCE Unlimited Strength Cryptography Jurisdiction policies are not available, so the max key length is 128 bits");
        }
    } catch (NoSuchAlgorithmException e) {
        logger.warn("Encountered an error determining the max key length", e);
    }

    return validLengths;
}

From source file:org.apache.nifi.properties.NiFiPropertiesLoader.java

private static String getDefaultProviderKey() {
    try {//from  w  ww  .  j  a v a  2 s  .  c om
        return "aes/gcm/" + (Cipher.getMaxAllowedKeyLength("AES") > 128 ? "256" : "128");
    } catch (NoSuchAlgorithmException e) {
        return "aes/gcm/128";
    }
}

From source file:org.apache.nifi.provenance.CryptoUtils.java

public static boolean isUnlimitedStrengthCryptoAvailable() {
    try {//from w w  w  .jav  a  2  s.  c  o  m
        return Cipher.getMaxAllowedKeyLength("AES") > 128;
    } catch (NoSuchAlgorithmException e) {
        logger.warn(
                "Tried to determine if unlimited strength crypto is available but the AES algorithm is not available");
        return false;
    }
}