Java Code Examples for java.security.GeneralSecurityException#getMessage()

The following examples show how to use java.security.GeneralSecurityException#getMessage() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CipherHelper.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Obtains an initialized DES cipher.
 *
 * @param encryptMode true if encryption is desired, false is decryption
 * is desired.
 * @param key the bytes for the DES key
 * @param ivBytes the initial vector bytes
 */
private final Cipher getInitializedDes(boolean encryptMode, byte[] key,
                                      byte[] ivBytes)
    throws  GSSException  {


    try {
        IvParameterSpec iv = new IvParameterSpec(ivBytes);
        SecretKey jceKey = (SecretKey) (new SecretKeySpec(key, "DES"));

        Cipher desCipher = Cipher.getInstance("DES/CBC/NoPadding");
        desCipher.init(
            (encryptMode ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE),
            jceKey, iv);
        return desCipher;
    } catch (GeneralSecurityException e) {
        GSSException ge = new GSSException(GSSException.FAILURE, -1,
            e.getMessage());
        ge.initCause(e);
        throw ge;
    }
}
 
Example 2
Source File: BasicChecker.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Internal method to create a new key with inherited key parameters.
 *
 * @param keyValueKey key from which to obtain key value
 * @param keyParamsKey key from which to obtain key parameters
 * @return new public key having value and parameters
 * @throws CertPathValidatorException if keys are not appropriate types
 * for this operation
 */
static PublicKey makeInheritedParamsKey(PublicKey keyValueKey,
    PublicKey keyParamsKey) throws CertPathValidatorException
{
    if (!(keyValueKey instanceof DSAPublicKey) ||
        !(keyParamsKey instanceof DSAPublicKey))
        throw new CertPathValidatorException("Input key is not " +
                                             "appropriate type for " +
                                             "inheriting parameters");
    DSAParams params = ((DSAPublicKey)keyParamsKey).getParams();
    if (params == null)
        throw new CertPathValidatorException("Key parameters missing");
    try {
        BigInteger y = ((DSAPublicKey)keyValueKey).getY();
        KeyFactory kf = KeyFactory.getInstance("DSA");
        DSAPublicKeySpec ks = new DSAPublicKeySpec(y,
                                                   params.getP(),
                                                   params.getQ(),
                                                   params.getG());
        return kf.generatePublic(ks);
    } catch (GeneralSecurityException e) {
        throw new CertPathValidatorException("Unable to generate key with" +
                                             " inherited parameters: " +
                                             e.getMessage(), e);
    }
}
 
Example 3
Source File: PGPEncryptionUtil.java    From peer-os with Apache License 2.0 6 votes vote down vote up
public JCESigner( PrivateKey privateKey, String signatureAlgorithm )
{
    if ( !"SHA256withRSA".equals( signatureAlgorithm ) )
    {
        throw new IllegalArgumentException(
                "Signature algorithm \"" + signatureAlgorithm + "\" not yet supported" );
    }
    try
    {
        this.outputStream = new ByteArrayOutputStream();
        this.signature = Signature.getInstance( signatureAlgorithm );
        this.signature.initSign( privateKey );
    }
    catch ( GeneralSecurityException gse )
    {
        throw new IllegalArgumentException( gse.getMessage() );
    }
}
 
Example 4
Source File: ArcFourHmacEType.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public byte[] decrypt(byte[] cipher, byte[] key, byte[] ivec, int usage)
    throws KrbApErrException, KrbCryptoException {
    try {
        return ArcFourHmac.decrypt(key, usage, ivec, cipher, 0, cipher.length);
    } catch (GeneralSecurityException e) {
        KrbCryptoException ke = new KrbCryptoException(e.getMessage());
        ke.initCause(e);
        throw ke;
    }
}
 
Example 5
Source File: HmacSha1Aes256CksumType.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Calculates keyed checksum.
 * @param data the data used to generate the checksum.
 * @param size length of the data.
 * @param key the key used to encrypt the checksum.
 * @return keyed checksum.
 */
public byte[] calculateKeyedChecksum(byte[] data, int size, byte[] key,
    int usage) throws KrbCryptoException {

     try {
        return Aes256.calculateChecksum(key, usage, data, 0, size);
     } catch (GeneralSecurityException e) {
        KrbCryptoException ke = new KrbCryptoException(e.getMessage());
        ke.initCause(e);
        throw ke;
     }
}
 
Example 6
Source File: KeyProtector.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Unseals the sealed key.
 */
Key unseal(SealedObject so)
    throws NoSuchAlgorithmException, UnrecoverableKeyException
{
    try {
        // create PBE key from password
        PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password);
        SecretKey skey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES");
        pbeKeySpec.clearPassword();

        SealedObjectForKeyProtector soForKeyProtector = null;
        if (!(so instanceof SealedObjectForKeyProtector)) {
            soForKeyProtector = new SealedObjectForKeyProtector(so);
        } else {
            soForKeyProtector = (SealedObjectForKeyProtector)so;
        }
        AlgorithmParameters params = soForKeyProtector.getParameters();
        if (params == null) {
            throw new UnrecoverableKeyException("Cannot get " +
                                                "algorithm parameters");
        }
        PBEWithMD5AndTripleDESCipher cipherSpi;
        cipherSpi = new PBEWithMD5AndTripleDESCipher();
        Cipher cipher = new CipherForKeyProtector(cipherSpi,
                                                  SunJCE.getInstance(),
                                                  "PBEWithMD5AndTripleDES");
        cipher.init(Cipher.DECRYPT_MODE, skey, params);
        return (Key)soForKeyProtector.getObject(cipher);
    } catch (NoSuchAlgorithmException ex) {
        // Note: this catch needed to be here because of the
        // later catch of GeneralSecurityException
        throw ex;
    } catch (IOException ioe) {
        throw new UnrecoverableKeyException(ioe.getMessage());
    } catch (ClassNotFoundException cnfe) {
        throw new UnrecoverableKeyException(cnfe.getMessage());
    } catch (GeneralSecurityException gse) {
        throw new UnrecoverableKeyException(gse.getMessage());
    }
}
 
Example 7
Source File: HmacSha1Aes256CksumType.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Calculates keyed checksum.
 * @param data the data used to generate the checksum.
 * @param size length of the data.
 * @param key the key used to encrypt the checksum.
 * @return keyed checksum.
 */
public byte[] calculateKeyedChecksum(byte[] data, int size, byte[] key,
    int usage) throws KrbCryptoException {

     try {
        return Aes256.calculateChecksum(key, usage, data, 0, size);
     } catch (GeneralSecurityException e) {
        KrbCryptoException ke = new KrbCryptoException(e.getMessage());
        ke.initCause(e);
        throw ke;
     }
}
 
Example 8
Source File: Aes256CtsHmacSha1EType.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public byte[] decrypt(byte[] cipher, byte[] key, byte[] ivec, int usage)
    throws KrbApErrException, KrbCryptoException {
    try {
        return Aes256.decrypt(key, usage, ivec, cipher, 0, cipher.length);
    } catch (GeneralSecurityException e) {
        KrbCryptoException ke = new KrbCryptoException(e.getMessage());
        ke.initCause(e);
        throw ke;
    }
}
 
Example 9
Source File: Vault.java    From triplea with GNU General Public License v3.0 5 votes vote down vote up
private SecretKey bytesToKey(final byte[] bytes) {
  try {
    final DESKeySpec spec = new DESKeySpec(bytes);
    return secretKeyFactory.generateSecret(spec);
  } catch (final GeneralSecurityException e) {
    throw new IllegalStateException(e.getMessage());
  }
}
 
Example 10
Source File: HmacSha1Des3KdCksumType.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Verifies keyed checksum.
 * @param data the data.
 * @param size the length of data.
 * @param key the key used to encrypt the checksum.
 * @param checksum
 * @return true if verification is successful.
 */
public boolean verifyKeyedChecksum(byte[] data, int size,
    byte[] key, byte[] checksum, int usage) throws KrbCryptoException {

     try {
         byte[] newCksum = Des3.calculateChecksum(key, usage,
             data, 0, size);

         return isChecksumEqual(checksum, newCksum);
     } catch (GeneralSecurityException e) {
         KrbCryptoException ke = new KrbCryptoException(e.getMessage());
         ke.initCause(e);
         throw ke;
     }
 }
 
Example 11
Source File: HmacSha1Des3KdCksumType.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Verifies keyed checksum.
 * @param data the data.
 * @param size the length of data.
 * @param key the key used to encrypt the checksum.
 * @param checksum the checksum.
 * @return true if verification is successful.
 */
public boolean verifyChecksum(byte[] data, int size,
    byte[] key, byte[] checksum, int usage) throws KrbCryptoException {

     try {
         byte[] newCksum = Des3.calculateChecksum(key, usage,
             data, 0, size);

         return isChecksumEqual(checksum, newCksum);
     } catch (GeneralSecurityException e) {
         KrbCryptoException ke = new KrbCryptoException(e.getMessage());
         ke.initCause(e);
         throw ke;
     }
 }
 
Example 12
Source File: HmacMd5ArcFourCksumType.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Calculates keyed checksum.
 * @param data the data used to generate the checksum.
 * @param size length of the data.
 * @param key the key used to encrypt the checksum.
 * @return keyed checksum.
 */
public byte[] calculateKeyedChecksum(byte[] data, int size, byte[] key,
    int usage) throws KrbCryptoException {

     try {
         return ArcFourHmac.calculateChecksum(key, usage, data, 0, size);
     } catch (GeneralSecurityException e) {
         KrbCryptoException ke = new KrbCryptoException(e.getMessage());
         ke.initCause(e);
         throw ke;
     }
}
 
Example 13
Source File: HmacSha1Des3KdCksumType.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Calculates keyed checksum.
 * @param data the data used to generate the checksum.
 * @param size length of the data.
 * @param key the key used to encrypt the checksum.
 * @return keyed checksum.
 */
public byte[] calculateChecksum(byte[] data, int size, byte[] key,
    int usage) throws KrbCryptoException {

     try {
         return Des3.calculateChecksum(key, usage, data, 0, size);
     } catch (GeneralSecurityException e) {
         KrbCryptoException ke = new KrbCryptoException(e.getMessage());
         ke.initCause(e);
         throw ke;
     }
}
 
Example 14
Source File: HmacSha1Aes256CksumType.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Calculates keyed checksum.
 * @param data the data used to generate the checksum.
 * @param size length of the data.
 * @param key the key used to encrypt the checksum.
 * @return keyed checksum.
 */
public byte[] calculateKeyedChecksum(byte[] data, int size, byte[] key,
    int usage) throws KrbCryptoException {

     try {
        return Aes256.calculateChecksum(key, usage, data, 0, size);
     } catch (GeneralSecurityException e) {
        KrbCryptoException ke = new KrbCryptoException(e.getMessage());
        ke.initCause(e);
        throw ke;
     }
}
 
Example 15
Source File: SignatureFileVerifier.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Check if algorithm is permitted using the permittedAlgs Map.
 * If the algorithm is not in the map, check against disabled algorithms and
 * store the result. If the algorithm is in the map use that result.
 * False is returned for weak algorithm, true for good algorithms.
 */
boolean permittedCheck(String key, String algorithm) {
    Boolean permitted = permittedAlgs.get(algorithm);
    if (permitted == null) {
        try {
            JAR_DISABLED_CHECK.permits(algorithm,
                    new ConstraintsParameters(timestamp));
        } catch(GeneralSecurityException e) {
            permittedAlgs.put(algorithm, Boolean.FALSE);
            permittedAlgs.put(key.toUpperCase(), Boolean.FALSE);
            if (debug != null) {
                if (e.getMessage() != null) {
                    debug.println(key + ":  " + e.getMessage());
                } else {
                    debug.println("Debug info only. " +  key + ":  " +
                        algorithm +
                        " was disabled, no exception msg given.");
                    e.printStackTrace();
                }
            }
            return false;
        }

        permittedAlgs.put(algorithm, Boolean.TRUE);
        return true;
    }

    // Algorithm has already been checked, return the value from map.
    return permitted.booleanValue();
}
 
Example 16
Source File: Aes128CtsHmacSha1EType.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
public byte[] encrypt(byte[] data, byte[] key, byte[] ivec, int usage)
    throws KrbCryptoException {
    try {
        return Aes128.encrypt(key, usage, ivec, data, 0, data.length);
    } catch (GeneralSecurityException e) {
        KrbCryptoException ke = new KrbCryptoException(e.getMessage());
        ke.initCause(e);
        throw ke;
    }
}
 
Example 17
Source File: ArcFourHmacEType.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
public byte[] decrypt(byte[] cipher, byte[] key, byte[] ivec, int usage)
    throws KrbApErrException, KrbCryptoException {
    try {
        return ArcFourHmac.decrypt(key, usage, ivec, cipher, 0, cipher.length);
    } catch (GeneralSecurityException e) {
        KrbCryptoException ke = new KrbCryptoException(e.getMessage());
        ke.initCause(e);
        throw ke;
    }
}
 
Example 18
Source File: CipherHelper.java    From jdk8u60 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Computes the DesCbc checksum based on the algorithm published in FIPS
 * Publication 113. This involves applying padding to the data passed
 * in, then performing DesCbc encryption on the data with a zero initial
 * vector, and finally returning the last 8 bytes of the encryption
 * result.
 *
 * @param key the bytes for the DES key
 * @param header a header to process first before the data is.
 * @param data the data to checksum
 * @param offset the offset where the data begins
 * @param len the length of the data
 * @throws GSSException when an error occuse in the encryption
 */
private byte[] getDesCbcChecksum(byte key[],
                                 byte[] header,
                                 byte[] data, int offset, int len)
    throws GSSException {

    Cipher des = getInitializedDes(true, key, ZERO_IV);

    int blockSize = des.getBlockSize();

    /*
     * Here the data need not be a multiple of the blocksize
     * (8). Encrypt and throw away results for all blocks except for
     * the very last block.
     */

    byte[] finalBlock = new byte[blockSize];

    int numBlocks = len / blockSize;
    int lastBytes = len % blockSize;
    if (lastBytes == 0) {
        // No need for padding. Save last block from application data
        numBlocks -= 1;
        System.arraycopy(data, offset + numBlocks*blockSize,
                         finalBlock, 0, blockSize);
    } else {
        System.arraycopy(data, offset + numBlocks*blockSize,
                         finalBlock, 0, lastBytes);
        // Zero padding automatically done
    }

    try {
        byte[] temp = new byte[Math.max(blockSize,
            (header == null? blockSize : header.length))];

        if (header != null) {
            // header will be null when doing DES-MD5 Checksum
            des.update(header, 0, header.length, temp, 0);
        }

        // Iterate over all but the last block
        for (int i = 0; i < numBlocks; i++) {
            des.update(data, offset, blockSize,
                       temp, 0);
            offset += blockSize;
        }

        // Now process the final block
        byte[] retVal = new byte[blockSize];
        des.update(finalBlock, 0, blockSize, retVal, 0);
        des.doFinal();

        return retVal;
    } catch (GeneralSecurityException e) {
        GSSException ge = new GSSException(GSSException.FAILURE, -1,
            "Could not use DES Cipher - " + e.getMessage());
        ge.initCause(e);
        throw ge;
    }
}
 
Example 19
Source File: KeyProtector.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
Key recover(EncryptedPrivateKeyInfo encrInfo)
    throws UnrecoverableKeyException, NoSuchAlgorithmException
{
    byte[] plain;

    try {
        String encrAlg = encrInfo.getAlgorithm().getOID().toString();
        if (!encrAlg.equals(PBE_WITH_MD5_AND_DES3_CBC_OID)
            && !encrAlg.equals(KEY_PROTECTOR_OID)) {
            throw new UnrecoverableKeyException("Unsupported encryption "
                                                + "algorithm");
        }

        if (encrAlg.equals(KEY_PROTECTOR_OID)) {
            // JDK 1.2 style recovery
            plain = recover(encrInfo.getEncryptedData());
        } else {
            byte[] encodedParams =
                encrInfo.getAlgorithm().getEncodedParams();

            // parse the PBE parameters into the corresponding spec
            AlgorithmParameters pbeParams =
                AlgorithmParameters.getInstance("PBE");
            pbeParams.init(encodedParams);
            PBEParameterSpec pbeSpec =
                    pbeParams.getParameterSpec(PBEParameterSpec.class);

            // create PBE key from password
            PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password);
            SecretKey sKey =
                new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES");
            pbeKeySpec.clearPassword();

            // decrypt private key
            PBEWithMD5AndTripleDESCipher cipher;
            cipher = new PBEWithMD5AndTripleDESCipher();
            cipher.engineInit(Cipher.DECRYPT_MODE, sKey, pbeSpec, null);
            plain=cipher.engineDoFinal(encrInfo.getEncryptedData(), 0,
                                       encrInfo.getEncryptedData().length);
        }

        // determine the private-key algorithm, and parse private key
        // using the appropriate key factory
        String oidName = new AlgorithmId
            (new PrivateKeyInfo(plain).getAlgorithm().getOID()).getName();
        KeyFactory kFac = KeyFactory.getInstance(oidName);
        return kFac.generatePrivate(new PKCS8EncodedKeySpec(plain));

    } catch (NoSuchAlgorithmException ex) {
        // Note: this catch needed to be here because of the
        // later catch of GeneralSecurityException
        throw ex;
    } catch (IOException ioe) {
        throw new UnrecoverableKeyException(ioe.getMessage());
    } catch (GeneralSecurityException gse) {
        throw new UnrecoverableKeyException(gse.getMessage());
    }
}
 
Example 20
Source File: CipherHelper.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Helper routine to decrypt from an InputStream and write the
 * application data straight to an output array with minimal
 * buffer copies. The confounder and the padding are stored
 * separately and not copied into this output array.
 * @param key the DES key to use
 * @param is the InputStream from which the cipher text should be
 * read
 * @param len the length of the ciphertext data
 * @param dataOutBuf the output buffer where the application data
 * should be writte
 * @param dataOffset the offser where the application data should
 * be written.
 * @throws GSSException is an error occurs while decrypting the
 * data
 */
private void desCbcDecrypt(WrapToken token, byte[] key,
    InputStream is, int len, byte[] dataOutBuf, int dataOffset)
    throws GSSException, IOException {

    int temp = 0;

    Cipher des = getInitializedDes(false, key, ZERO_IV);

    WrapTokenInputStream truncatedInputStream =
        new WrapTokenInputStream(is, len);
    CipherInputStream cis = new CipherInputStream(truncatedInputStream,
                                                  des);
    /*
     * Remove the counfounder first.
     * CONFOUNDER_SIZE is one DES block ie 8 bytes.
     */
    temp = cis.read(token.confounder);

    len -= temp;
    // temp should be CONFOUNDER_SIZE
    // debug("Got " + temp + " bytes; CONFOUNDER_SIZE is "
    //     + CONFOUNDER_SIZE + "\n");
    // debug("Confounder is " + getHexBytes(confounder) + "\n");


    /*
     * len is a multiple of 8 due to padding.
     * Decrypt all blocks directly into the output buffer except for
     * the very last block. Remove the trailing padding bytes from the
     * very last block and copy that into the output buffer.
     */

    int blockSize = des.getBlockSize();
    int numBlocks = len / blockSize - 1;

    // Iterate over all but the last block
    for (int i = 0; i < numBlocks; i++) {
        // debug("dataOffset is " + dataOffset + "\n");
        temp = cis.read(dataOutBuf, dataOffset, blockSize);

        // temp should be blockSize
        // debug("Got " + temp + " bytes and blockSize is "
        //    + blockSize + "\n");
        // debug("Bytes are: "
        //    + getHexBytes(dataOutBuf, dataOffset, temp) + "\n");
        dataOffset += blockSize;
    }

    // Now process the last block
    byte[] finalBlock = new byte[blockSize];
    // debug("Will call read on finalBlock" + "\n");
    temp = cis.read(finalBlock);
    // temp should be blockSize
    /*
      debug("Got " + temp + " bytes and blockSize is "
      + blockSize + "\n");
      debug("Bytes are: "
      + getHexBytes(finalBlock, 0, temp) + "\n");
      debug("Will call doFinal" + "\n");
    */
    try {
        des.doFinal();
    } catch (GeneralSecurityException e) {
        GSSException ge = new GSSException(GSSException.FAILURE, -1,
            "Could not use DES cipher - " + e.getMessage());
        ge.initCause(e);
        throw ge;
    }

    /*
     * There is always at least one padding byte. The padding bytes
     * are all the value of the number of padding bytes.
     */

    int padSize = finalBlock[blockSize - 1];
    if (padSize < 1  || padSize > 8)
        throw new GSSException(GSSException.DEFECTIVE_TOKEN, -1,
                               "Invalid padding on Wrap Token");
    token.padding = WrapToken.pads[padSize];
    blockSize -= padSize;

    // Copy this last block into the output buffer
    System.arraycopy(finalBlock, 0, dataOutBuf, dataOffset,
                     blockSize);
}