public CombinedCipherOutputStream(OutputStream out, Cipher asym, String algorithm) throws IOException, GeneralSecurityException { super(out); // create a new symmetric cipher key used for this stream String keyAlgorithm = getKeyAlgorithm(algorithm); SecretKey symKey = KeyGenerator.getInstance(keyAlgorithm).generateKey(); // place the symmetric key by encrypting it with asymmetric cipher out.write(asym.doFinal(symKey.getEncoded())); // the rest of the data will be encrypted by this symmetric cipher Cipher sym = Secret.getCipher(algorithm); sym.init(Cipher.ENCRYPT_MODE,symKey, keyAlgorithm.equals(algorithm) ? null : new IvParameterSpec(symKey.getEncoded())); super.out = new CipherOutputStream(out,sym); }
public static String protect(String secret) { try { Cipher cipher = Secret.getCipher(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, DES_KEY); return new String(Base64.encode(cipher.doFinal((secret+ MAGIC).getBytes("UTF-8")))); } catch (GeneralSecurityException e) { throw new Error(e); // impossible } catch (UnsupportedEncodingException e) { throw new Error(e); // impossible } }
/** * @param keyLength * Block size of the asymmetric cipher, in bits. I thought I can get it from {@code asym.getBlockSize()} * but that doesn't work with Sun's implementation. */ public CombinedCipherInputStream(InputStream in, Cipher asym, String algorithm, int keyLength) throws IOException, GeneralSecurityException { super(in); String keyAlgorithm = getKeyAlgorithm(algorithm); // first read the symmetric key cipher byte[] symKeyBytes = new byte[keyLength/8]; new DataInputStream(in).readFully(symKeyBytes); SecretKey symKey = new SecretKeySpec(asym.doFinal(symKeyBytes),keyAlgorithm); // the rest of the data will be decrypted by this symmetric cipher Cipher sym = Secret.getCipher(algorithm); sym.init(Cipher.DECRYPT_MODE,symKey, keyAlgorithm.equals(algorithm) ? null : new IvParameterSpec(symKey.getEncoded())); super.in = new CipherInputStream(in,sym); }
public SecretRewriter() throws GeneralSecurityException { cipher = Secret.getCipher("AES"); key = HistoricalSecrets.getLegacyKey(); }
/** * Returns a {@link Cipher} object for encrypting with this key. * @deprecated use {@link #encrypt(byte[])} */ @Deprecated public Cipher encrypt() { try { Cipher cipher = Secret.getCipher(KEY_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, getKey()); return cipher; } catch (GeneralSecurityException e) { throw new AssertionError(e); } }
/** * Returns a {@link Cipher} object for decrypting with this key. * @deprecated use {@link #decrypt(byte[])} */ @Deprecated public Cipher decrypt() { try { Cipher cipher = Secret.getCipher(KEY_ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, getKey()); return cipher; } catch (GeneralSecurityException e) { throw new AssertionError(e); } }
/** * Returns null if fails to decrypt properly. */ public static String unprotect(String data) { if(data==null) return null; try { Cipher cipher = Secret.getCipher(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, DES_KEY); String plainText = new String(cipher.doFinal(Base64.decode(data.toCharArray())), "UTF-8"); if(plainText.endsWith(MAGIC)) return plainText.substring(0,plainText.length()-3); return null; } catch (GeneralSecurityException e) { return null; } catch (UnsupportedEncodingException e) { throw new Error(e); // impossible } catch (IOException e) { return null; } }
/** * Returns a {@link Cipher} object for encrypting with this key using the provided initialization vector. * @param iv the initialization vector * @return the cipher */ @Restricted(NoExternalUse.class) // TODO pending API public Cipher encrypt(byte[] iv) { try { Cipher cipher = Secret.getCipher(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, getKey(), new IvParameterSpec(iv)); return cipher; } catch (GeneralSecurityException e) { throw new AssertionError(e); } }
/** * Returns a {@link Cipher} object for decrypting with this key using the provided initialization vector. * @param iv the initialization vector * @return the cipher */ @Restricted(NoExternalUse.class) // TODO pending ApI public Cipher decrypt(byte[] iv) { try { Cipher cipher = Secret.getCipher(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, getKey(), new IvParameterSpec(iv)); return cipher; } catch (GeneralSecurityException e) { throw new AssertionError(e); } }
/** * Reverse operation of {@link #store(ConfidentialKey, byte[])} * * @return * null the data has not been previously persisted. */ @Override protected byte[] load(ConfidentialKey key) throws IOException { try { File f = getFileFor(key); if (!f.exists()) return null; Cipher sym = Secret.getCipher("AES"); sym.init(Cipher.DECRYPT_MODE, masterKey); try (InputStream fis=Files.newInputStream(f.toPath()); CipherInputStream cis = new CipherInputStream(fis, sym)) { byte[] bytes = IOUtils.toByteArray(cis); return verifyMagic(bytes); } } catch (GeneralSecurityException e) { throw new IOException("Failed to load the key: "+key.getId(),e); } catch (InvalidPathException e) { throw new IOException(e); } catch (IOException x) { if (x.getCause() instanceof BadPaddingException) { return null; // broken somehow } else { throw x; } } }
/** * Persists the payload of {@link ConfidentialKey} to the disk. */ @Override protected void store(ConfidentialKey key, byte[] payload) throws IOException { try { Cipher sym = Secret.getCipher("AES"); sym.init(Cipher.ENCRYPT_MODE, masterKey); try (OutputStream fos = Files.newOutputStream(getFileFor(key).toPath()); CipherOutputStream cos = new CipherOutputStream(fos, sym)) { cos.write(payload); cos.write(MAGIC); } } catch (GeneralSecurityException e) { throw new IOException("Failed to persist the key: "+key.getId(),e); } catch (InvalidPathException e) { throw new IOException(e); } }
/*package*/ static Secret decrypt(String data, CryptoConfidentialKey key) throws IOException, GeneralSecurityException { byte[] in = Base64.decode(data.toCharArray()); Secret s = tryDecrypt(key.decrypt(), in); if (s!=null) return s; // try our historical key for backward compatibility Cipher cipher = Secret.getCipher("AES"); cipher.init(Cipher.DECRYPT_MODE, getLegacyKey()); return tryDecrypt(cipher, in); }
byte[] encrypted; try { Cipher c = Secret.getCipher("AES/CFB8/NoPadding"); c.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv)); encrypted = c.doFinal(csos.getBytes());
public CombinedCipherOutputStream(OutputStream out, Cipher asym, String algorithm) throws IOException, GeneralSecurityException { super(out); // create a new symmetric cipher key used for this stream SecretKey symKey = KeyGenerator.getInstance(algorithm).generateKey(); // place the symmetric key by encrypting it with asymmetric cipher out.write(asym.doFinal(symKey.getEncoded())); // the rest of the data will be encrypted by this symmetric cipher Cipher sym = Secret.getCipher(algorithm); sym.init(Cipher.ENCRYPT_MODE, symKey); super.out = new CipherOutputStream(out, sym); } }
public CombinedCipherOutputStream(OutputStream out, Cipher asym, String algorithm) throws IOException, GeneralSecurityException { super(out); // create a new symmetric cipher key used for this stream SecretKey symKey = KeyGenerator.getInstance(algorithm).generateKey(); // place the symmetric key by encrypting it with asymmetric cipher out.write(asym.doFinal(symKey.getEncoded())); // the rest of the data will be encrypted by this symmetric cipher Cipher sym = Secret.getCipher(algorithm); sym.init(Cipher.ENCRYPT_MODE, symKey); super.out = new CipherOutputStream(out, sym); } }
public CombinedCipherOutputStream(OutputStream out, Cipher asym, String algorithm) throws IOException, GeneralSecurityException { super(out); // create a new symmetric cipher key used for this stream SecretKey symKey = KeyGenerator.getInstance(algorithm).generateKey(); // place the symmetric key by encrypting it with asymmetric cipher out.write(asym.doFinal(symKey.getEncoded())); // the rest of the data will be encrypted by this symmetric cipher Cipher sym = Secret.getCipher(algorithm); sym.init(Cipher.ENCRYPT_MODE, symKey); super.out = new CipherOutputStream(out, sym); } }
public CombinedCipherOutputStream(OutputStream out, Cipher asym, String algorithm) throws IOException, GeneralSecurityException { super(out); // create a new symmetric cipher key used for this stream String keyAlgorithm = getKeyAlgorithm(algorithm); SecretKey symKey = KeyGenerator.getInstance(keyAlgorithm).generateKey(); // place the symmetric key by encrypting it with asymmetric cipher out.write(asym.doFinal(symKey.getEncoded())); // the rest of the data will be encrypted by this symmetric cipher Cipher sym = Secret.getCipher(algorithm); sym.init(Cipher.ENCRYPT_MODE,symKey, keyAlgorithm.equals(algorithm) ? null : new IvParameterSpec(symKey.getEncoded())); super.out = new CipherOutputStream(out,sym); }
public static String protect(String secret) { try { Cipher cipher = Secret.getCipher(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, DES_KEY); return new String(Base64.encode(cipher.doFinal((secret+ MAGIC).getBytes("UTF-8")))); } catch (GeneralSecurityException e) { throw new Error(e); // impossible } catch (UnsupportedEncodingException e) { throw new Error(e); // impossible } }
public static String protect(String secret) { try { Cipher cipher = Secret.getCipher(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, DES_KEY); return new String(Base64.encode(cipher.doFinal((secret+ MAGIC).getBytes("UTF-8")))); } catch (GeneralSecurityException e) { throw new Error(e); // impossible } catch (UnsupportedEncodingException e) { throw new Error(e); // impossible } }
/*package*/ static Secret decrypt(String data, CryptoConfidentialKey key) throws IOException, GeneralSecurityException { byte[] in = Base64.decode(data.toCharArray()); Secret s = tryDecrypt(key.decrypt(), in); if (s!=null) return s; // try our historical key for backward compatibility Cipher cipher = Secret.getCipher("AES"); cipher.init(Cipher.DECRYPT_MODE, getLegacyKey()); return tryDecrypt(cipher, in); }