@Override public String getFormat() { return secretKey.getFormat(); }
private void populateDialog() { KeyInfo keyInfo = SecretKeyUtil.getKeyInfo(secretKey); String algorithm = keyInfo.getAlgorithm(); // Try and get friendly algorithm name SecretKeyType secretKeyType = SecretKeyType.resolveJce(algorithm); if (secretKeyType != null) { algorithm = secretKeyType.friendly(); } jtfAlgorithm.setText(algorithm); Integer keyLength = keyInfo.getSize(); if (keyLength != null) { jtfKeySize.setText(MessageFormat.format(res.getString("DViewSecretKey.jtfKeySize.text"), "" + keyLength)); } else { jtfKeySize.setText(MessageFormat.format(res.getString("DViewSecretKey.jtfKeySize.text"), "?")); } jtfFormat.setText(secretKey.getFormat()); jtaEncoded.setText(new BigInteger(1, secretKey.getEncoded()).toString(16).toUpperCase()); jtaEncoded.setCaretPosition(0); }
private static void updateDigest(MessageDigest md, byte[] pad1, byte[] pad2, SecretKey masterSecret) { // Digest the key bytes if available. // Otherwise (sensitive key), try digesting the key directly. // That is currently only implemented in SunPKCS11 using a private // reflection API, so we avoid that if possible. byte[] keyBytes = "RAW".equals(masterSecret.getFormat()) ? masterSecret.getEncoded() : null; if (keyBytes != null) { md.update(keyBytes); } else { digestKey(md, masterSecret); } md.update(pad1); byte[] temp = md.digest(); if (keyBytes != null) { md.update(keyBytes); } else { digestKey(md, masterSecret); } md.update(pad2); md.update(temp); }
private void createSecretKeyNodes(DefaultMutableTreeNode parentNode, SecretKey secretKey) { DefaultMutableTreeNode secretKeyNode = new DefaultMutableTreeNode( res.getString("DProperties.properties.SecretKey")); parentNode.add(secretKeyNode); KeyInfo keyInfo = SecretKeyUtil.getKeyInfo(secretKey); String keyAlg = keyInfo.getAlgorithm(); // Try and get friendly algorithm name for secret key SecretKeyType secretKeyType = SecretKeyType.resolveJce(keyAlg); if (secretKeyType != null) { keyAlg = secretKeyType.friendly(); } secretKeyNode.add(new DefaultMutableTreeNode(MessageFormat.format( res.getString("DProperties.properties.Algorithm"), keyAlg))); Integer keySize = keyInfo.getSize(); if (keySize != null) { secretKeyNode.add(new DefaultMutableTreeNode(MessageFormat.format( res.getString("DProperties.properties.KeySize"), "" + keyInfo.getSize()))); } else { secretKeyNode.add(new DefaultMutableTreeNode(MessageFormat.format( res.getString("DProperties.properties.KeySize"), "?"))); } String keyFormat = secretKey.getFormat(); secretKeyNode.add(new DefaultMutableTreeNode(MessageFormat.format( res.getString("DProperties.properties.Format"), keyFormat))); String keyEncoded = "0x" + new BigInteger(1, secretKey.getEncoded()).toString(16).toUpperCase(); secretKeyNode.add(new DefaultMutableTreeNode(MessageFormat.format( res.getString("DProperties.properties.Encoded"), keyEncoded))); }
/** * Get the information about the supplied secret key. * * @param secretKey * The secret key * @return Key information */ public static KeyInfo getKeyInfo(SecretKey secretKey) { String algorithm = secretKey.getAlgorithm(); if (algorithm.equals("RC4")) { algorithm = "ARC4"; // RC4 is trademarked so we never want to display it } if (secretKey.getFormat().equals("RAW")) { int keySize = secretKey.getEncoded().length * 8; return new KeyInfo(SYMMETRIC, algorithm, keySize); } else { // Key size unknown return new KeyInfo(SYMMETRIC, algorithm); } } }
@Override public DataKey<JceMasterKey> encryptDataKey(final CryptoAlgorithm algorithm, final Map<String, String> encryptionContext, final DataKey<?> dataKey) { final SecretKey key = dataKey.getKey(); if (!key.getFormat().equals("RAW")) { throw new IllegalArgumentException("Can only re-encrypt data keys which are in RAW format, not " + dataKey.getKey().getFormat()); } if (!key.getAlgorithm().equalsIgnoreCase(algorithm.getDataKeyAlgo())) { throw new IllegalArgumentException("Incorrect key algorithm. Expected " + key.getAlgorithm() + " but got " + algorithm.getKeyAlgo()); } final byte[] rawKey = key.getEncoded(); final DataKey<JceMasterKey> result = encryptRawKey(key, rawKey, encryptionContext); Arrays.fill(rawKey, (byte) 0); return result; }
System.out.println(" Format: " + key.getFormat()); System.out.println(" Key length: " + key.getEncoded().length * 8); System.out.println(" SHA1 digest: " + getSecretKeyDigest(key));
IvParameterSpec ivSpec = new IvParameterSpec(iv); SecretKey secretKey = keyGenerator.generateKey(); System.out.println(secretKey.getFormat()); Cipher desCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");//algorithm/mode/padding System.out.format("Secret Key: %s--%s--%s%n", secretKey.getAlgorithm(), secretKey.getFormat(), secretKey.getEncoded());
@Override public boolean equals(Object o) { if (o == this) { return true; } if (!(o instanceof SecretKey)) { return false; } SecretKey other = (SecretKey) o; if (!algorithm.equals(other.getAlgorithm())) { return false; } if (o instanceof OpenSSLSecretKey) { OpenSSLSecretKey otherOpenSSL = (OpenSSLSecretKey) o; return key.equals(otherOpenSSL.getOpenSSLKey()); } else if (key.isEngineBased()) { return false; } if (!getFormat().equals(other.getFormat())) { return false; } return Arrays.equals(encoded, other.getEncoded()); }
@Override public boolean equals(Object o) { if (o == this) { return true; } if (!(o instanceof SecretKey)) { return false; } SecretKey other = (SecretKey) o; if (!algorithm.equals(other.getAlgorithm())) { return false; } if (o instanceof OpenSSLSecretKey) { OpenSSLSecretKey otherOpenSSL = (OpenSSLSecretKey) o; return key.equals(otherOpenSSL.getOpenSSLKey()); } else if (key.isEngineBased()) { return false; } if (!getFormat().equals(other.getFormat())) { return false; } return Arrays.equals(encoded, other.getEncoded()); }
try { SecretKey key= (SecretKey) ks.getKey(alias, ksPass.toCharArray()); sb.append(tr.translate(SECRET_KEY)).append(key.getAlgorithm()).append(' ').append(key.getFormat()); sb.append(" (").append(key.getEncoded().length * 8).append(')').append(eol); } catch (UnrecoverableKeyException | KeyStoreException | NoSuchAlgorithmException e) {
@Override public DataKey<KmsMasterKey> encryptDataKey(final CryptoAlgorithm algorithm, final Map<String, String> encryptionContext, final DataKey<?> dataKey) { final SecretKey key = dataKey.getKey(); if (!key.getFormat().equals("RAW")) { throw new IllegalArgumentException("Only RAW encoded keys are supported"); } try { final EncryptResult encryptResult = kms_.get().encrypt(updateUserAgent( new EncryptRequest() .withKeyId(id_) .withPlaintext(ByteBuffer.wrap(key.getEncoded())) .withEncryptionContext(encryptionContext) .withGrantTokens(grantTokens_))); final byte[] edk = new byte[encryptResult.getCiphertextBlob().remaining()]; encryptResult.getCiphertextBlob().get(edk); return new DataKey<>(dataKey.getKey(), edk, encryptResult.getKeyId().getBytes(StandardCharsets.UTF_8), this); } catch (final AmazonServiceException asex) { throw new AwsCryptoException(asex); } }
subresult.addReturn("keyAlgorithm", key.getAlgorithm()); subresult.addReturn("keyLength", key.getEncoded().length*8); subresult.addReturn("keyFormat", key.getFormat()); subresult.recordSuccess();