List of usage examples for javax.crypto SecretKey getEncoded
public byte[] getEncoded();
From source file:org.jasig.cas.extension.clearpass.EncryptedMapDecorator.java
private static Key getSecretKey(final String secretKeyAlgorithm, final String secretKey, final String salt) throws Exception { SecretKeyFactory factory = SecretKeyFactory.getInstance(SECRET_KEY_FACTORY_ALGORITHM); KeySpec spec = new PBEKeySpec(secretKey.toCharArray(), char2byte(salt), 65536, 128); SecretKey tmp = factory.generateSecret(spec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), secretKeyAlgorithm); return secret; }
From source file:com.ironchain.common.kits.DigestKit.java
/** * ?HMAC-SHA1,,160?(20). HMAC-SHA1?,//from ww w . j a v a 2 s. c om * RFC2401160?(20). */ public static byte[] generateHmacSha1Key() { try { KeyGenerator keyGenerator = KeyGenerator.getInstance(HMACSHA1); keyGenerator.init(DEFAULT_HMACSHA1_KEYSIZE); SecretKey secretKey = keyGenerator.generateKey(); return secretKey.getEncoded(); } catch (GeneralSecurityException e) { throw new RuntimeException(e); } }
From source file:com.ironchain.common.kits.DigestKit.java
/** * ?AES,?128,192,256?./*from ww w . ja v a 2 s . co m*/ */ public static byte[] generateAesKey(int keysize) { try { KeyGenerator keyGenerator = KeyGenerator.getInstance(AES); keyGenerator.init(keysize); SecretKey secretKey = keyGenerator.generateKey(); return secretKey.getEncoded(); } catch (GeneralSecurityException e) { throw new RuntimeException(e); } }
From source file:alfio.manager.CheckInManager.java
private static Pair<Cipher, SecretKeySpec> getCypher(String key) { try {/*from ww w . j a v a2 s. c om*/ SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); int iterations = 1000; int keyLength = 256; PBEKeySpec spec = new PBEKeySpec(key.toCharArray(), key.getBytes(StandardCharsets.UTF_8), iterations, keyLength); SecretKey secretKey = factory.generateSecret(spec); SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(), "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); return Pair.of(cipher, secret); } catch (GeneralSecurityException e) { throw new IllegalStateException(e); } }
From source file:com.sun.identity.openid.provider.Codec.java
/** * TODO: Description./*from ww w. ja v a 2 s . c o m*/ * * @param value * TODO. * @return TODO. */ public static String encodeSecretKey(SecretKey value) { if (value == null) { return null; } return encodeBytes(value.getEncoded()); }
From source file:com.cws.esolutions.security.utils.PasswordUtils.java
/** * Provides two-way (reversible) encryption of a provided string. Can be used where reversibility * is required but encryption (obfuscation, technically) is required. * * @param value - The plain text data to encrypt * @param salt - The salt value to utilize for the request * @param secretInstance - The cryptographic instance to use for the SecretKeyFactory * @param iterations - The number of times to loop through the keyspec * @param keyBits - The size of the key, in bits * @param algorithm - The algorithm to encrypt the data with * @param cipherInstance - The cipher instance to utilize * @param encoding - The text encoding//from w ww . j av a2 s. c o m * @return The encrypted string in a reversible format * @throws SecurityException {@link java.lang.SecurityException} if an exception occurs during processing */ public static final String decryptText(final String value, final String salt, final String secretInstance, final int iterations, final int keyBits, final String algorithm, final String cipherInstance, final String encoding) throws SecurityException { final String methodName = PasswordUtils.CNAME + "#encryptText(final String value, final String salt, final String secretInstance, final int iterations, final int keyBits, final String algorithm, final String cipherInstance, final String encoding) throws SecurityException"; if (DEBUG) { DEBUGGER.debug(methodName); DEBUGGER.debug("Value: {}", secretInstance); DEBUGGER.debug("Value: {}", iterations); DEBUGGER.debug("Value: {}", keyBits); DEBUGGER.debug("Value: {}", algorithm); DEBUGGER.debug("Value: {}", cipherInstance); DEBUGGER.debug("Value: {}", encoding); } String decPass = null; try { String decoded = new String(Base64.getDecoder().decode(value)); String iv = decoded.split(":")[0]; String property = decoded.split(":")[1]; SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(secretInstance); PBEKeySpec keySpec = new PBEKeySpec(salt.toCharArray(), salt.getBytes(), iterations, keyBits); SecretKey keyTmp = keyFactory.generateSecret(keySpec); SecretKeySpec sks = new SecretKeySpec(keyTmp.getEncoded(), algorithm); Cipher pbeCipher = Cipher.getInstance(cipherInstance); pbeCipher.init(Cipher.DECRYPT_MODE, sks, new IvParameterSpec(Base64.getDecoder().decode(iv))); decPass = new String(pbeCipher.doFinal(Base64.getDecoder().decode(property)), encoding); } catch (InvalidKeyException ikx) { throw new SecurityException(ikx.getMessage(), ikx); } catch (NoSuchAlgorithmException nsx) { throw new SecurityException(nsx.getMessage(), nsx); } catch (NoSuchPaddingException npx) { throw new SecurityException(npx.getMessage(), npx); } catch (IllegalBlockSizeException ibx) { throw new SecurityException(ibx.getMessage(), ibx); } catch (BadPaddingException bpx) { throw new SecurityException(bpx.getMessage(), bpx); } catch (UnsupportedEncodingException uex) { throw new SecurityException(uex.getMessage(), uex); } catch (InvalidAlgorithmParameterException iapx) { throw new SecurityException(iapx.getMessage(), iapx); } catch (InvalidKeySpecException iksx) { throw new SecurityException(iksx.getMessage(), iksx); } return decPass; }
From source file:com.cws.esolutions.security.utils.PasswordUtils.java
/** * Provides two-way (reversible) encryption of a provided string. Can be used where reversibility * is required but encryption (obfuscation, technically) is required. * * @param value - The plain text data to encrypt * @param salt - The salt value to utilize for the request * @param secretInstance - The cryptographic instance to use for the SecretKeyFactory * @param iterations - The number of times to loop through the keyspec * @param keyBits - The size of the key, in bits * @param algorithm - The algorithm to encrypt the data with * @param cipherInstance - The cipher instance to utilize * @param encoding - The text encoding/*w w w. j ava 2s . c om*/ * @return The encrypted string in a reversible format * @throws SecurityException {@link java.lang.SecurityException} if an exception occurs during processing */ public static final String encryptText(final String value, final String salt, final String secretInstance, final int iterations, final int keyBits, final String algorithm, final String cipherInstance, final String encoding) throws SecurityException { final String methodName = PasswordUtils.CNAME + "#encryptText(final String value, final String salt, final String secretInstance, final int iterations, final int keyBits, final String algorithm, final String cipherInstance, final String encoding) throws SecurityException"; if (DEBUG) { DEBUGGER.debug(methodName); DEBUGGER.debug("Value: {}", secretInstance); DEBUGGER.debug("Value: {}", iterations); DEBUGGER.debug("Value: {}", keyBits); DEBUGGER.debug("Value: {}", algorithm); DEBUGGER.debug("Value: {}", cipherInstance); DEBUGGER.debug("Value: {}", encoding); } String encPass = null; try { SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(secretInstance); PBEKeySpec keySpec = new PBEKeySpec(salt.toCharArray(), salt.getBytes(), iterations, keyBits); SecretKey keyTmp = keyFactory.generateSecret(keySpec); SecretKeySpec sks = new SecretKeySpec(keyTmp.getEncoded(), algorithm); Cipher pbeCipher = Cipher.getInstance(cipherInstance); pbeCipher.init(Cipher.ENCRYPT_MODE, sks); AlgorithmParameters parameters = pbeCipher.getParameters(); IvParameterSpec ivParameterSpec = parameters.getParameterSpec(IvParameterSpec.class); byte[] cryptoText = pbeCipher.doFinal(value.getBytes(encoding)); byte[] iv = ivParameterSpec.getIV(); String combined = Base64.getEncoder().encodeToString(iv) + ":" + Base64.getEncoder().encodeToString(cryptoText); encPass = Base64.getEncoder().encodeToString(combined.getBytes()); } catch (InvalidKeyException ikx) { throw new SecurityException(ikx.getMessage(), ikx); } catch (NoSuchAlgorithmException nsx) { throw new SecurityException(nsx.getMessage(), nsx); } catch (NoSuchPaddingException npx) { throw new SecurityException(npx.getMessage(), npx); } catch (IllegalBlockSizeException ibx) { throw new SecurityException(ibx.getMessage(), ibx); } catch (BadPaddingException bpx) { throw new SecurityException(bpx.getMessage(), bpx); } catch (UnsupportedEncodingException uex) { throw new SecurityException(uex.getMessage(), uex); } catch (InvalidKeySpecException iksx) { throw new SecurityException(iksx.getMessage(), iksx); } catch (InvalidParameterSpecException ipsx) { throw new SecurityException(ipsx.getMessage(), ipsx); } return encPass; }
From source file:com.ntsync.android.sync.client.ClientKeyHelper.java
/** * /*from ww w. j av a 2 s . com*/ * @param account * @param accountManager * @param keyPwd * Password for Key * @param salt * @param existingSalt * @param pwdCheck * null for new Key otherwise used to Check if it is the right * Password. * @return * @throws InvalidKeyException * @throws UnsupportedEncodingException */ public static SecretKey createKey(Account account, AccountManager accountManager, String keyPwd, byte[] salt, boolean existingSalt, byte[] pwdCheck) throws InvalidKeyException, UnsupportedEncodingException { KeyGenerator keyGen = new KeyGenerator(); SecretKey skey = keyGen.generateKey(keyPwd, salt); byte[] raw = skey.getEncoded(); String keyValue = Base64.encodeToString(raw, Base64.DEFAULT); String saltStr = Base64.encodeToString(salt, Base64.DEFAULT); assert (existingSalt ? pwdCheck != null : true); byte[] check = pwdCheck; if (existingSalt && pwdCheck != null) { // Validate new Passwort validateKey(check, skey); } else if (!existingSalt) { check = createPwdCheck(skey); } String pwdCheckStr = check != null ? Base64.encodeToString(check, Base64.DEFAULT) : null; accountManager.setUserData(account, PRIVATE_KEY_SALTSAVED, existingSalt ? "true" : "false"); accountManager.setUserData(account, PRIVATE_KEYSALT, saltStr); accountManager.setUserData(account, PRIVATE_PWDCHECK, pwdCheckStr); accountManager.setUserData(account, PRIVATE_PWD, keyPwd); accountManager.setUserData(account, PRIVATE_KEY, keyValue); return skey; }
From source file:org.oscarehr.common.hl7.v2.oscar_to_oscar.SendingUtils.java
private static byte[] encryptEncryptionKey(SecretKey senderSecretKey, PublicKey receiverOscarKey) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {// w w w .j a va 2s. co m Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.ENCRYPT_MODE, receiverOscarKey); return (cipher.doFinal(senderSecretKey.getEncoded())); }
From source file:org.apache.ws.security.processor.EncryptedKeyProcessor.java
/** * Generates a random secret key using the algorithm specified in the * first DataReference URI/* ww w. j av a2 s . com*/ * * @param dataRefURIs * @param doc * @param wsDocInfo * @return * @throws WSSecurityException */ private static byte[] getRandomKey(List<String> dataRefURIs, Document doc, WSDocInfo wsDocInfo) throws WSSecurityException { try { String alg = "AES"; int size = 16; if (!dataRefURIs.isEmpty()) { String uri = dataRefURIs.iterator().next(); Element ee = ReferenceListProcessor.findEncryptedDataElement(doc, uri); String algorithmURI = X509Util.getEncAlgo(ee); alg = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI); size = WSSecurityUtil.getKeyLength(algorithmURI); } KeyGenerator kgen = KeyGenerator.getInstance(alg); kgen.init(size * 8); SecretKey k = kgen.generateKey(); return k.getEncoded(); } catch (Throwable ex) { // Fallback to just using AES to avoid attacks on EncryptedData algorithms try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); SecretKey k = kgen.generateKey(); return k.getEncoded(); } catch (NoSuchAlgorithmException e) { throw new WSSecurityException(WSSecurityException.FAILED_CHECK, null, null, e); } } }