/** * Returns true if the provided key length is a valid key length for the provided cipher family. Does not reflect if the Unlimited Strength Cryptography Jurisdiction Policies are installed. * Does not reflect if the key length is correct for a specific combination of cipher and PBE-derived key length. * <p/> * Ex: * <p/> * 256 is valid for {@code AES/CBC/PKCS7Padding} but not {@code PBEWITHMD5AND128BITAES-CBC-OPENSSL}. However, this method will return {@code true} for both because it only gets the cipher * family, {@code AES}. * <p/> * 64, AES -> false * [128, 192, 256], AES -> true * * @param keyLength the key length in bits * @param cipher the cipher family * @return true if this key length is valid */ public static boolean isValidKeyLength(int keyLength, final String cipher) { if (StringUtils.isEmpty(cipher)) { return false; } return getValidKeyLengthsForAlgorithm(cipher).contains(keyLength); }
/** * Returns true if the provided key length is a valid key length for the provided algorithm. Does not reflect if the Unlimited Strength Cryptography Jurisdiction Policies are installed. * <p/> * Ex: * <p/> * 256 is valid for {@code AES/CBC/PKCS7Padding} but not {@code PBEWITHMD5AND128BITAES-CBC-OPENSSL}. * <p/> * 64, AES/CBC/PKCS7Padding -> false * [128, 192, 256], AES/CBC/PKCS7Padding -> true * <p/> * 128, PBEWITHMD5AND128BITAES-CBC-OPENSSL -> true * [192, 256], PBEWITHMD5AND128BITAES-CBC-OPENSSL -> false * * @param keyLength the key length in bits * @param algorithm the specific algorithm * @return true if this key length is valid */ public static boolean isValidKeyLengthForAlgorithm(int keyLength, final String algorithm) { if (StringUtils.isEmpty(algorithm)) { return false; } return getValidKeyLengthsForAlgorithm(algorithm).contains(keyLength); }
private boolean keyIsValid(SecretKeySpec key, String algorithm) { return key != null && CipherUtility.getValidKeyLengthsForAlgorithm(algorithm).contains(key.getEncoded().length * 8); }
List<Integer> validKeyLengths = CipherUtility.getValidKeyLengthsForAlgorithm(encryptionMethod.getAlgorithm()); validationResults.add(new ValidationResult.Builder().subject(RAW_KEY_HEX.getName()) .explanation("Key must be valid length [" + StringUtils.join(validKeyLengths, ", ") + "]. See Admin Guide.").build());
/** * Returns true if the provided key length is a valid key length for the provided algorithm. Does not reflect if the Unlimited Strength Cryptography Jurisdiction Policies are installed. * <p/> * Ex: * <p/> * 256 is valid for {@code AES/CBC/PKCS7Padding} but not {@code PBEWITHMD5AND128BITAES-CBC-OPENSSL}. * <p/> * 64, AES/CBC/PKCS7Padding -> false * [128, 192, 256], AES/CBC/PKCS7Padding -> true * <p/> * 128, PBEWITHMD5AND128BITAES-CBC-OPENSSL -> true * [192, 256], PBEWITHMD5AND128BITAES-CBC-OPENSSL -> false * * @param keyLength the key length in bits * @param algorithm the specific algorithm * @return true if this key length is valid */ public static boolean isValidKeyLengthForAlgorithm(int keyLength, final String algorithm) { if (StringUtils.isEmpty(algorithm)) { return false; } return getValidKeyLengthsForAlgorithm(algorithm).contains(keyLength); }
/** * Returns true if the provided key length is a valid key length for the provided cipher family. Does not reflect if the Unlimited Strength Cryptography Jurisdiction Policies are installed. * Does not reflect if the key length is correct for a specific combination of cipher and PBE-derived key length. * <p/> * Ex: * <p/> * 256 is valid for {@code AES/CBC/PKCS7Padding} but not {@code PBEWITHMD5AND128BITAES-CBC-OPENSSL}. However, this method will return {@code true} for both because it only gets the cipher * family, {@code AES}. * <p/> * 64, AES -> false * [128, 192, 256], AES -> true * * @param keyLength the key length in bits * @param cipher the cipher family * @return true if this key length is valid */ public static boolean isValidKeyLength(int keyLength, final String cipher) { if (StringUtils.isEmpty(cipher)) { return false; } return getValidKeyLengthsForAlgorithm(cipher).contains(keyLength); }
List<Integer> validKeyLengths = CipherUtility.getValidKeyLengthsForAlgorithm(encryptionMethod.getAlgorithm()); validationResults.add(new ValidationResult.Builder().subject(RAW_KEY_HEX.getName()) .explanation("Key must be valid length [" + StringUtils.join(validKeyLengths, ", ") + "]. See Admin Guide.").build());