public static byte[] encodeKeyForTransmission( Key encodingKey, Key keyToEncode ) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException { Cipher cipher = Cipher.getInstance( TRANSMISSION_CIPHER_PARAMS ); cipher.init( Cipher.WRAP_MODE, encodingKey ); byte[] encodedKey = cipher.wrap( keyToEncode ); return encodedKey; }
keyCipher.init(Cipher.WRAP_MODE, _privateKey); byte[] encKey = keyCipher.wrap(sharedKey);
keyCipher.init(Cipher.WRAP_MODE, _cert); byte[] encKey = keyCipher.wrap(sharedKey);
keyWrapAlgo, provider); cipher.init(Cipher.WRAP_MODE, kek, srand); return new SecuredCEK(cipher.wrap(cek), keyWrapAlgo, matdesc);
@SuppressFBWarnings(value = "CIPHER_INTEGRITY", justification = "integrity not needed for key wrap") public static byte[] wrapKey(Key fek, Key kek) { byte[] result = null; try { Cipher c = Cipher.getInstance(KEY_WRAP_TRANSFORM); c.init(Cipher.WRAP_MODE, kek); result = c.wrap(fek); } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException | IllegalBlockSizeException e) { throw new CryptoException("Unable to wrap file encryption key", e); } return result; }
keyWrapAlgo, p); cipher.init(Cipher.WRAP_MODE, kek, srand); return new SecuredCEK(cipher.wrap(cek), keyWrapAlgo, matdesc);
Cipher keyEncryptionCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); for (Certificate recipient : recipients) { keyEncryptionCipher.init(Cipher.WRAP_MODE, recipient); byte[] encryptedKey = keyEncryptionCipher.wrap(contentEncryptionKey); /* Store the encryptedKey with an identifier for the recipient... */ } /* Store the IV... */ /* Encrypt the file... */
Cipher c = Cipher.getInstance("AESWrap", "SunJCE"); c.init(Cipher.WRAP_MODE, secretKey); byte[] result = c.wrap(someKey);
/** * Wrap a {@link SecretKey} using the public key assigned to this wrapper. * Use {@link #unwrap(byte[])} to later recover the original * {@link SecretKey}. * * @return a wrapped version of the given {@link SecretKey} that can be * safely stored on untrusted storage. */ public byte[] wrap(SecretKey key) throws GeneralSecurityException { mCipher.init(Cipher.WRAP_MODE, mPair.getPublic()); return mCipher.wrap(key); }
public static byte[] wrapKey(PublicKey pubKey, SecretKey symKey) throws InvalidKeyException, IllegalBlockSizeException { try { final Cipher cipher = Cipher .getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding"); cipher.init(Cipher.WRAP_MODE, pubKey); final byte[] wrapped = cipher.wrap(symKey); return wrapped; } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { throw new IllegalStateException( "Java runtime does not support RSA/ECB/OAEPWithSHA1AndMGF1Padding", e); } }
private static String wrapSymmetricKey(KeyPair wrapperKey, SecretKey symmetricKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException { Cipher cipher = Cipher.getInstance(WRAPPER_TRANSFORMATION); cipher.init(Cipher.WRAP_MODE, wrapperKey.getPublic()); byte[] decodedData = cipher.wrap(symmetricKey); return Base64.encodeToString(decodedData, Base64.DEFAULT); }
KeyFactory factory rsa = KeyFactory.getInstance("RSA"); BigInteger n = ... ; /* modulus */ BigInteger e = ... ; /* public exponent */ RSAPublicKeySpec spec = new RSAPublicKeySpec(n, e); RSAPublicKey pub = (RSAPublicKey) factory.generatePublic(spec); Cipher enc = Cipher.getInstance("RSA"); enc.init(Cipher.WRAP_MODE, pub); byte[] encryptedContentKey = enc.wrap(secret);
public static byte[] wrapSecretKey(Key secretKey, Key wrapperKey, KeyProperties keyProps) throws SecurityException { try { Cipher c = initCipher(wrapperKey, keyProps, Cipher.WRAP_MODE); return c.wrap(secretKey); } catch (Exception ex) { throw new SecurityException(ex); } }
public static byte[] wrapSecretKey(Key secretKey, Key wrapperKey, KeyProperties keyProps) throws SecurityException { try { Cipher c = initCipher(wrapperKey, keyProps, Cipher.WRAP_MODE); return c.wrap(secretKey); } catch (Exception ex) { throw new SecurityException(ex); } }
Cipher rsa = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding"); rsa.init(Cipher.WRAP_MODE, keyPair.getPublic()); byte[] wrapped = rsa.wrap(aesKey); rsa.init(Cipher.UNWRAP_MODE, keyPair.getPrivate()); SecretKey unwrappedAESKey = (SecretKey) rsa.unwrap(wrapped, "RSA", Cipher.SECRET_KEY);
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "SunJSSE"); generator.initialize(2048); KeyPair keyPair = generator.generateKeyPair(); SecretKey sessionKey = new SecretKeySpec(new byte[16], "AES"); Cipher c = Cipher.getInstance("RSA", "SunJCE"); c.init(Cipher.ENCRYPT_MODE, keyPair.getPublic()); byte[] result1 = c.doFinal(sessionKey.getEncoded()); c.init(Cipher.WRAP_MODE, keyPair.getPublic()); byte[] result2 = c.wrap(sessionKey); c.init(Cipher.UNWRAP_MODE, keyPair.getPrivate()); SecretKey sessionKey1 = (SecretKey) c.unwrap(result1, "AES", Cipher.SECRET_KEY); c.init(Cipher.DECRYPT_MODE, keyPair.getPrivate()); SecretKey sessionKey2 = new SecretKeySpec(c.doFinal(result2), "AES"); System.out.println(Arrays.equals(sessionKey1.getEncoded(), sessionKey2.getEncoded()));
SecretKey sk = new SecretKeySpec(new byte[16], "AES"); Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); GCMParameterSpec gcmSpec = new GCMParameterSpec(128, new byte[12]); cipher.init(Cipher.WRAP_MODE, sk, gcmSpec); byte[] wrappedKey = cipher.wrap(sk); System.out.println(Hex.toHexString(wrappedKey)); cipher.init(Cipher.UNWRAP_MODE, sk, gcmSpec); SecretKey unwrap = (SecretKey) cipher.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY); System.out.println(Hex.toHexString(unwrap.getEncoded()));
public byte[] wrapKey(SecretKey key, String wrappingAlg) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException { if (wrappingKey instanceof DelegatedKey) { return ((DelegatedKey)wrappingKey).wrap(key, null, wrappingAlg); } else { Cipher cipher = Cipher.getInstance(wrappingAlg); cipher.init(Cipher.WRAP_MODE, wrappingKey, Utils.getRng()); byte[] encryptedKey = cipher.wrap(key); return encryptedKey; } }
public byte[] wrapKey(SecretKey key, String wrappingAlg) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException { if (wrappingKey instanceof DelegatedKey) { return ((DelegatedKey)wrappingKey).wrap(key, null, wrappingAlg); } else { Cipher cipher = Cipher.getInstance(wrappingAlg); cipher.init(Cipher.WRAP_MODE, wrappingKey, Utils.getRng()); byte[] encryptedKey = cipher.wrap(key); return encryptedKey; } }
private RecipientInfo toRecipientInfo(X509Certificate cert, SecretKey key) throws CertificateEncodingException, IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException { PublicKey pubKey = cert.getPublicKey(); TBSCertificateStructure tbs = TBSCertificateStructure.getInstance(ASN1Object.fromByteArray(cert.getTBSCertificate())); AlgorithmIdentifier keyEncAlg = tbs.getSubjectPublicKeyInfo().getAlgorithmId(); Cipher keyCipher = Cipher.getInstance("RSA"); keyCipher.init(Cipher.WRAP_MODE, pubKey); ASN1OctetString encKey = new DEROctetString(keyCipher.wrap(key)); ASN1InputStream aIn = new ASN1InputStream(cert.getTBSCertificate()); tbs = TBSCertificateStructure.getInstance(aIn.readObject()); IssuerAndSerialNumber encSid = new IssuerAndSerialNumber(tbs.getIssuer(), tbs.getSerialNumber().getValue()); return new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(encSid), keyEncAlg, encKey)); } }