List of usage examples for javax.crypto Mac doFinal
public final byte[] doFinal(byte[] input) throws IllegalStateException
From source file:com.orange.oidc.secproxy_service.KryptoUtils.java
static String encryptJWE(byte[] bytes, Key pubRsaKey, byte[] cek) { // Log.d("","encryptJWE"); try {//w w w .j a v a 2s. co m // A.2.1 // jwe header already computed as static // jweProtectedHeader; // A.2.2 Content Encryption Key (CEK) if (cek == null) { cek = generateRandomKey(256); } // Log.d("","cek: "+bytesToHex(cek)); // A.2.3 Key Encryption String jweEncrypted64 = encryptRsaB64(cek, pubRsaKey); // Log.d("","jweEncrypted "+jweEncrypted64 ); // A.2.4 Initialization Vector byte[] iv_key = generateRandomKey(128); // Log.d("","jweInitVector: "+bytesToHex(iv_key)); String jweInitVector64 = encodeB64(iv_key); // Log.d("","jweInitVector64 "+jweInitVector64 ); // A.2.5 Additional Authenticated Data byte[] aad = jweProtectedHeader.getBytes(); // A.2.6. Content Encryption Cipher encrypt = Cipher.getInstance("AES/CBC/PKCS5Padding"); // check cek result byte array if (cek == null || cek.length == 0 || (cek.length % 2) != 0) return null; int keySize = cek.length / 2; Log.d("", "Encryption AES: " + keySize * 8); byte aes_key[] = new byte[keySize]; byte hmac_key[] = new byte[keySize]; System.arraycopy(cek, 0, hmac_key, 0, keySize); System.arraycopy(cek, keySize, aes_key, 0, keySize); // Log.d("","hmac_key: "+bytesToHex(hmac_key)); // Log.d("","aes_key: "+bytesToHex(aes_key)); encrypt.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(aes_key, "AES"), new IvParameterSpec(iv_key)); byte[] cryptedBytes = encrypt.doFinal(bytes); String cryptedBytes64 = encodeB64(cryptedBytes); // compute hmac long al = aad.length * 8; // concatenate aad, iv_key, cryptedBytes and al byte[] hmacData = new byte[aad.length + iv_key.length + cryptedBytes.length + 8]; int offset = 0; System.arraycopy(aad, offset, hmacData, 0, aad.length); offset += aad.length; System.arraycopy(iv_key, 0, hmacData, offset, iv_key.length); offset += iv_key.length; System.arraycopy(cryptedBytes, 0, hmacData, offset, cryptedBytes.length); offset += cryptedBytes.length; ByteBuffer buffer = ByteBuffer.allocate(8); buffer.putLong(al); System.arraycopy(buffer.array(), 0, hmacData, offset, 8); // hmac Mac hmac = Mac.getInstance("HmacSHA256", "SC"); hmac.init(new SecretKeySpec(hmac_key, "HmacSHA256")); byte[] hmacValue = hmac.doFinal(hmacData); // authentication tag byte[] auth_tag = Arrays.copyOf(hmacValue, 16); String auth_tag64 = encodeB64(auth_tag); // A.2.7. Complete Representation String finalString = jweProtectedHeader + "." + jweEncrypted64 + "." + jweInitVector64 + "." + cryptedBytes64 + "." + auth_tag64; return finalString; } catch (Exception e) { e.printStackTrace(); } return null; }
From source file:com.mastfrog.acteur.twitter.TwitterSign.java
private static String computeSignature(String baseString, String keyString) throws GeneralSecurityException, UnsupportedEncodingException { SecretKey secretKey = null;//from ww w .jav a 2s . c o m byte[] keyBytes = keyString.getBytes(); secretKey = new SecretKeySpec(keyBytes, "HmacSHA1"); Mac mac = Mac.getInstance("HmacSHA1"); mac.init(secretKey); byte[] text = baseString.getBytes(); // return new String(Base64.getEncoder().encode(mac.doFinal(text))).trim(); return new String(Base64.encodeBase64(mac.doFinal(text))).trim(); }
From source file:com.microsoft.tfs.jni.internal.ntlm.JavaNTLM.java
private static byte[] createLm2Response(final String username, final String password, final String domain, final NTLMType2Message type2) throws NTLMException { final byte[] ntlm2Hash = ntlm2Hash(username, password, domain); final byte[] clientNonce = createClientNonce(); final byte[] challenges = new byte[type2.challenge.length + clientNonce.length]; addBytes(challenges, 0, type2.challenge); addBytes(challenges, type2.challenge.length, clientNonce); // used HMAC-MD5 on the concatenated challenges w/ the NTLMv2 hash as a // key/*www . ja va 2 s . c om*/ byte[] hashedChallenges; try { final Mac mac = Mac.getInstance("HmacMD5"); //$NON-NLS-1$ mac.init(new SecretKeySpec(ntlm2Hash, "HmacMD5")); //$NON-NLS-1$ hashedChallenges = mac.doFinal(challenges); } catch (final Exception e) { LOG.error("Could not load HmacMD5 for NTLM", e); //$NON-NLS-1$ throw new NTLMException(e.getMessage()); } // concatenate the hashed challenges with the client nonce final byte[] lm2Response = new byte[hashedChallenges.length + clientNonce.length]; addBytes(lm2Response, 0, hashedChallenges); addBytes(lm2Response, hashedChallenges.length, clientNonce); return lm2Response; }
From source file:com.microsoft.tfs.jni.internal.ntlm.JavaNTLM.java
private static byte[] ntlm2Hash(final String username, final String password, final String domain) throws NTLMException { // we must get the ntlmHash here, which depends on MD4 which // we sneakily implemented using Cryptix's implementation // this is a requirement for the ntlm2 response (unlike the // type3 ntlm response, which may work despite having no // ntlm message) final byte[] ntlmHash = ntlmHash(password); // we need the username and domain concatenated final byte[] usernameBytes = getBytes(username.toUpperCase(), "UTF-16LE"); //$NON-NLS-1$ final byte[] domainBytes = getBytes(domain.toUpperCase(), "UTF-16LE"); //$NON-NLS-1$ final byte[] usernameDomainBytes = new byte[usernameBytes.length + domainBytes.length]; int i;/*from ww w .j a v a 2 s. co m*/ for (i = 0; i < usernameBytes.length; i++) { usernameDomainBytes[i] = usernameBytes[i]; } for (int j = 0; j < domainBytes.length; j++) { usernameDomainBytes[i + j] = domainBytes[j]; } // ntlm2 hash is created by running HMAC-MD5 on the unicode // username and domain (uppercased), with the ntlmHash as a // key byte[] ntlm2Hash; try { final Mac mac = Mac.getInstance("HmacMD5"); //$NON-NLS-1$ mac.init(new SecretKeySpec(ntlmHash, "HmacMD5")); //$NON-NLS-1$ ntlm2Hash = mac.doFinal(usernameDomainBytes); } catch (final Exception e) { LOG.error("Could not load HmacMD5 for NTLM", e); //$NON-NLS-1$ throw new NTLMException(e.getMessage()); } return ntlm2Hash; }
From source file:com.javaps.springboot.LicenseController.java
@RequestMapping(value = "/public/license", produces = "text/plain", method = RequestMethod.GET) public String licenseIssue(@RequestParam(value = "ip") String clientIp) throws Exception { SecretKeySpec signingKey = new SecretKeySpec(licenseSecretKey.getBytes(), "HmacSHA1"); Mac mac = Mac.getInstance("HmacSHA1"); mac.init(signingKey);//from w w w. j a va 2s . c o m byte[] rawHmac = mac.doFinal(clientIp.getBytes()); return Base64.encodeBase64String(rawHmac); }
From source file:com.microsoft.tfs.jni.internal.ntlm.JavaNTLM.java
private static byte[] createNtlm2Response(final String username, final String password, final String domain, final NTLMType2Message type2) throws NTLMException { final byte[] ntlm2Hash = ntlm2Hash(username, password, domain); final int targetInfoLen = type2.targetInfo != null ? type2.targetInfo.length : 0; final byte[] ntlm2Blob = new byte[40 + targetInfoLen]; // construct the "blob" addBytes(ntlm2Blob, 0, new byte[] { 0x01, 0x01, 0x00, 0x00 }); // "blob" signature addLong(ntlm2Blob, 4, 0); // "reserved" addBytes(ntlm2Blob, 8, createTimestamp()); addBytes(ntlm2Blob, 16, createClientNonce()); addBytes(ntlm2Blob, 24, new byte[] { (byte) 0xad, (byte) 0xde, (byte) 0x15, (byte) 0xed }); // unknown if (targetInfoLen > 0) { addBytes(ntlm2Blob, 28, type2.targetInfo); }/*ww w . ja v a 2 s .com*/ // insert obligatory pixies reference here addBytes(ntlm2Blob, (28 + targetInfoLen), new byte[] { (byte) 0xad, (byte) 0xde, (byte) 0x15, (byte) 0xed }); // again unknown // the end? of the blob // concatenate the type 2 message's challenge with the blob final byte[] challengedBlob = new byte[type2.challenge.length + ntlm2Blob.length]; addBytes(challengedBlob, 0, type2.challenge); addBytes(challengedBlob, type2.challenge.length, ntlm2Blob); // now we get the HMAC-MD5 of the blob using the ntlm2 hash as a key // ick. byte[] blobHash; try { final Mac mac = Mac.getInstance("HmacMD5"); //$NON-NLS-1$ mac.init(new SecretKeySpec(ntlm2Hash, "HmacMD5")); //$NON-NLS-1$ blobHash = mac.doFinal(challengedBlob); } catch (final Exception e) { LOG.error("Could not load HmacMD5 for NTLM", e); //$NON-NLS-1$ throw new NTLMException(e.getMessage()); } final byte[] ntlm2Response = new byte[blobHash.length + ntlm2Blob.length]; // concatenate the blob with its hash addBytes(ntlm2Response, 0, blobHash); addBytes(ntlm2Response, blobHash.length, ntlm2Blob); return ntlm2Response; }
From source file:com.javaps.springboot.LicenseController.java
@RequestMapping(value = "/public/license", produces = "text/plain", method = RequestMethod.POST) public String licenseValidate(HttpServletRequest req, @RequestBody String license) throws Exception { String clientIp = req.getHeader("X-Forwarded-For"); //nginx???IP if (clientIp == null) clientIp = req.getRemoteAddr(); //????? //System.out.println("clientIp="+clientIp); SecretKeySpec signingKey = new SecretKeySpec(licenseSecretKey.getBytes(), "HmacSHA1"); Mac mac = Mac.getInstance("HmacSHA1"); mac.init(signingKey);//from w ww . j a va2 s . c o m byte[] rawHmac = mac.doFinal(clientIp.getBytes()); //System.out.println("license should be:"+Base64.encodeBase64String(rawHmac)); if (!license.equals(Base64.encodeBase64String(rawHmac))) throw new Exception(); return "OK"; }
From source file:com.k42b3.neodym.oauth.HMACSHA1.java
public String build(String baseString, String consumerSecret, String tokenSecret) throws Exception { String key = Oauth.urlEncode(consumerSecret) + "&" + Oauth.urlEncode(tokenSecret); Charset charset = Charset.defaultCharset(); SecretKey sk = new SecretKeySpec(key.getBytes(charset), "HmacSHA1"); Mac mac = Mac.getInstance("HmacSHA1"); mac.init(sk);//from w ww . j av a2 s. c o m byte[] result = mac.doFinal(baseString.getBytes(charset)); return Base64.encodeBase64String(result); }
From source file:spring.travel.site.auth.Signer.java
public String sign(String data) throws AuthException { try {/* w w w . ja va 2s. co m*/ SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), HMAC_SHA1_ALGORITHM); Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM); mac.init(signingKey); byte[] raw = mac.doFinal(data.getBytes(StandardCharsets.UTF_8)); return toHex(raw); } catch (InvalidKeyException | NoSuchAlgorithmException e) { throw new AuthException("Failed signing data", e); } }
From source file:com.algolia.search.saas.APIClient.java
static String hmac(String key, String msg) { Mac hmac; try {// w ww . ja va2s .c om hmac = Mac.getInstance("HmacSHA256"); } catch (NoSuchAlgorithmException e) { throw new Error(e); } try { hmac.init(new SecretKeySpec(key.getBytes(), "HmacSHA256")); } catch (InvalidKeyException e) { throw new Error(e); } byte[] rawHmac = hmac.doFinal(msg.getBytes()); byte[] hexBytes = new Hex().encode(rawHmac); return new String(hexBytes); }