List of usage examples for javax.crypto Mac getInstance
public static final Mac getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
From source file:org.apache.nifi.toolkit.tls.util.TlsHelper.java
public static byte[] calculateHMac(String token, PublicKey publicKey) throws GeneralSecurityException { SecretKeySpec keySpec = new SecretKeySpec(token.getBytes(StandardCharsets.UTF_8), "RAW"); Mac mac = Mac.getInstance("Hmac-SHA256", BouncyCastleProvider.PROVIDER_NAME); mac.init(keySpec);/*from ww w . jav a 2 s. c o m*/ return mac.doFinal(getKeyIdentifier(publicKey)); }
From source file:com.orange.oidc.secproxy_service.KryptoUtils.java
static String encryptJWE(byte[] bytes, Key pubRsaKey, byte[] cek) { // Log.d("","encryptJWE"); try {//from w w w. ja v a2 s . co m // A.2.1 // jwe header already computed as static // jweProtectedHeader; // A.2.2 Content Encryption Key (CEK) if (cek == null) { cek = generateRandomKey(256); } // Log.d("","cek: "+bytesToHex(cek)); // A.2.3 Key Encryption String jweEncrypted64 = encryptRsaB64(cek, pubRsaKey); // Log.d("","jweEncrypted "+jweEncrypted64 ); // A.2.4 Initialization Vector byte[] iv_key = generateRandomKey(128); // Log.d("","jweInitVector: "+bytesToHex(iv_key)); String jweInitVector64 = encodeB64(iv_key); // Log.d("","jweInitVector64 "+jweInitVector64 ); // A.2.5 Additional Authenticated Data byte[] aad = jweProtectedHeader.getBytes(); // A.2.6. Content Encryption Cipher encrypt = Cipher.getInstance("AES/CBC/PKCS5Padding"); // check cek result byte array if (cek == null || cek.length == 0 || (cek.length % 2) != 0) return null; int keySize = cek.length / 2; Log.d("", "Encryption AES: " + keySize * 8); byte aes_key[] = new byte[keySize]; byte hmac_key[] = new byte[keySize]; System.arraycopy(cek, 0, hmac_key, 0, keySize); System.arraycopy(cek, keySize, aes_key, 0, keySize); // Log.d("","hmac_key: "+bytesToHex(hmac_key)); // Log.d("","aes_key: "+bytesToHex(aes_key)); encrypt.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(aes_key, "AES"), new IvParameterSpec(iv_key)); byte[] cryptedBytes = encrypt.doFinal(bytes); String cryptedBytes64 = encodeB64(cryptedBytes); // compute hmac long al = aad.length * 8; // concatenate aad, iv_key, cryptedBytes and al byte[] hmacData = new byte[aad.length + iv_key.length + cryptedBytes.length + 8]; int offset = 0; System.arraycopy(aad, offset, hmacData, 0, aad.length); offset += aad.length; System.arraycopy(iv_key, 0, hmacData, offset, iv_key.length); offset += iv_key.length; System.arraycopy(cryptedBytes, 0, hmacData, offset, cryptedBytes.length); offset += cryptedBytes.length; ByteBuffer buffer = ByteBuffer.allocate(8); buffer.putLong(al); System.arraycopy(buffer.array(), 0, hmacData, offset, 8); // hmac Mac hmac = Mac.getInstance("HmacSHA256", "SC"); hmac.init(new SecretKeySpec(hmac_key, "HmacSHA256")); byte[] hmacValue = hmac.doFinal(hmacData); // authentication tag byte[] auth_tag = Arrays.copyOf(hmacValue, 16); String auth_tag64 = encodeB64(auth_tag); // A.2.7. Complete Representation String finalString = jweProtectedHeader + "." + jweEncrypted64 + "." + jweInitVector64 + "." + cryptedBytes64 + "." + auth_tag64; return finalString; } catch (Exception e) { e.printStackTrace(); } return null; }