org.keyczar.Crypter Java Examples

public String buildCookie(boolean ifNeeded) {
  try {
    long offset = System.currentTimeMillis() - this.ts;
    offset /= 1000;
    if (offset > (60*renewTime.get())) {    // Renew if it is time
      modified = true;
      ts = System.currentTimeMillis();
    }
    if (!ifNeeded || modified) {
      Crypter crypter = getCrypter();
      CookieAuth.cookie cookie = CookieAuth.cookie.newBuilder()
        .setUuid(this.userId)
        .setTs(this.ts)
        .setIsAdmin(this.isAdmin)
        .setIsReadOnly(this.isReadOnly).build();
      return Base64Coder.encode(crypter.encrypt(cookie.toByteArray()));
    } else {
      return null;
    }
  } catch (Exception e) {
    throw new RuntimeException(e);
  }
}
 

@Test
public void testSimple() throws KeyczarException {
	KeyczarReader reader = new KeyczarJsonReader(JSON_KEY);
	KeyMetadata metadata = KeyMetadata.read(reader.getMetadata());
	assertEquals(0, metadata.getPrimaryVersion().getVersionNumber());
	assertEquals(KeyPurpose.DECRYPT_AND_ENCRYPT, metadata.getPurpose());
	assertEquals("Imported AES", metadata.getName());
	assertEquals(1, metadata.getVersions().size());
	assertEquals(0, metadata.getVersions().get(0).getVersionNumber());
	assertFalse(metadata.getVersions().get(0).isExportable());

	Crypter crypter = new Crypter(reader);
	String plaintext = "hello world";
	String encrypted = crypter.encrypt(plaintext);
	assertTrue(!encrypted.equals(plaintext));

	String decrypted = crypter.decrypt(encrypted);
	assertEquals(plaintext, decrypted);

	// TODO: Add an old version of a key; test decrypting with it
}
 

@Test
public void testWriteEncrypted() throws KeyczarException {
  GenericKeyczar keyczar = makeKey();

  final String PASSWORD = "foopassword";
  StringBuilder builder = new StringBuilder();
  JsonWriter.writeEncrypted(keyczar, PASSWORD, builder);
  String serialized = builder.toString();

  JsonParser parser = new JsonParser();
  JsonElement element = parser.parse(serialized);
  String metadata = element.getAsJsonObject().getAsJsonPrimitive("meta").getAsString();
  element = parser.parse(metadata);
  JsonPrimitive p = element.getAsJsonObject().getAsJsonPrimitive("encrypted");
  assertTrue(p.getAsBoolean());

  KeyczarReader reader = new KeyczarJsonReader(serialized);
  KeyczarPBEReader pbeReader = new KeyczarPBEReader(reader, PASSWORD);
  Crypter c = new Crypter(pbeReader);
  assertEquals("hello", c.decrypt(c.encrypt("hello")));
}
 

@Test
public void testCreateExportKey() throws KeyczarException {
	// create the key, export the public key; 1024 bits is the smallest size
	GenericKeyczar keyczar = Util.createKey(
	    DefaultKeyType.RSA_PRIV, KeyPurpose.DECRYPT_AND_ENCRYPT, 1024);
	KeyczarReader publicKeyReader = Util.exportPublicKeys(keyczar);
	Encrypter encrypter = new Encrypter(publicKeyReader);

	// test that it works
	String ciphertext = encrypter.encrypt(MESSAGE);
	Crypter crypter = new Crypter(Util.readerFromKeyczar(keyczar));
	String decrypted = crypter.decrypt(ciphertext);
	assertEquals(MESSAGE, decrypted);

	// test a session
	StringBuilder longMessage = new StringBuilder("hello message ");
	while (longMessage.length() < 500) {
		longMessage.append(longMessage);
	}

	ciphertext = Util.encryptWithSession(encrypter, longMessage.toString());
	assertEquals(longMessage.toString(), Util.decryptWithSession(crypter, ciphertext));
}
 

/**
 * {@inheritDoc}
 *
 * <p>Uses Keyczar client to encrypt the byte array.
 *
 * @throws EncryptionException if any underlying component fails
 */
@Override
public byte[] encrypt(byte[] plain) throws EncryptionException {
  try {
    Crypter crypter = getCrypter();
    return crypter.encrypt(plain);
  } catch (KeyczarException e) {
    throw new EncryptionException(e);
  }
}
 

public static String decryptSession(String keyPath, String inPath, String expectedMessage) throws KeyczarException {
  KeyczarReader reader = Util.readJsonFromPath(keyPath);
  String input = Util.readFile(inPath);
  String output = Util.decryptWithSession(new Crypter(reader), input);

  if (expectedMessage != null && !output.equals(expectedMessage)) {
    System.err.println("Session decryption does not match?\n" + output);
    System.exit(1);
  }
  return output;
}
 

public static String decrypt(String keyPath, String encryptedPath, String expectedMessage,
    DefaultKeyType expectedType, String keyPassword) throws KeyczarException {
  // Read the key, possibly decrypting using a password
  KeyczarReader reader = Util.readJsonFromPath(keyPath);
  if (keyPassword != null) {
    reader = new KeyczarPBEReader(reader, keyPassword);
  }

  KeyMetadata metadata = KeyMetadata.read(reader.getMetadata());
  if (metadata.getType() != expectedType) {
    throw new RuntimeException("Unexpected key type: " + metadata.getType());
  }

  Crypter key = new Crypter(reader);
  String data = Util.readFile(encryptedPath);
  String output = key.decrypt(data);

  if (expectedMessage != null) {
    if (output.equals(expectedMessage)) {
      System.out.println(encryptedPath + " decrypts successfully");
    } else {
      System.err.println("Decryption does not match?\n" + output);
      System.exit(1);
    }
  }
  return output;
}
 

@Test
public void testSymmetricKeyToFromJson() throws KeyczarException {
  GenericKeyczar keyczar = Util.createKey(DefaultKeyType.AES, KeyPurpose.DECRYPT_AND_ENCRYPT);
  String json = JsonWriter.toString(keyczar);
  Crypter roundtripped = Util.crypterFromJson(json);
  verifyKeyCompatibility(keyczar, roundtripped);
}
 

protected void verifyKeyCompatibility(GenericKeyczar keyczar,
    Crypter roundtripped) throws KeyczarException {
  
  String ciphertext = roundtripped.encrypt(MESSAGE);
Crypter original = new Crypter(Util.readerFromKeyczar(keyczar));
String decrypted = original.decrypt(ciphertext);
assertEquals(MESSAGE, decrypted);

  ciphertext = original.encrypt(MESSAGE);
  decrypted = roundtripped.decrypt(ciphertext);
  assertEquals(MESSAGE, decrypted);
  
}
 

@Test
public void testWriteReadSymmetricKey() throws KeyczarException {
	GenericKeyczar keyczar = Util.createKey(DefaultKeyType.AES, KeyPurpose.DECRYPT_AND_ENCRYPT);

   String path = tempFolder.getRoot().getAbsolutePath() + "/out.json";
   Util.writeJsonToPath(keyczar, path);
   
   Crypter roundtripped = new Crypter(Util.readJsonFromPath(path));
	verifyKeyCompatibility(keyczar, roundtripped);
}
 

@Test
public void testGenerateKeyczarReader() throws KeyczarException {
  KeyczarReader reader = Util.generateKeyczarReader(DefaultKeyType.AES, KeyPurpose.DECRYPT_AND_ENCRYPT);
  Crypter crypter = new Crypter(reader);

  // test that it works
  String ciphertext = crypter.encrypt(MESSAGE);
  String decrypted = crypter.decrypt(ciphertext);
  assertEquals(MESSAGE, decrypted);
}
 

public KeyczarPrivateKey(KeyczarReader encryptionReader, KeyczarReader signingReader)
    throws KeyczarException {
  super(encryptionReader, signingReader);

  crypter = new Crypter(encryptionReader);
  signer = new Signer(signingReader);
}
 

public static String decryptWithSession(Crypter crypter, String ciphertext) throws KeyczarException {
	try {
		return new String(decryptWithSession(crypter, Base64Coder.decodeWebSafe(ciphertext)), "UTF-8");
	} catch (UnsupportedEncodingException e) {
		throw new RuntimeException("Should not happen", e);
	}
}
 

/**
 * {@inheritDoc}
 *
 * <p>Uses local Keyczar client to decrypt the byte array.
 *
 * @throws EncryptionException if any underlying component fails
 */
@Override
public byte[] decrypt(byte[] encrypted) throws EncryptionException {
  try {
    Crypter crypter = getCrypter();
    return crypter.decrypt(encrypted);
  } catch (KeyczarException e) {
    throw new EncryptionException(e);
  }
}
 

/**
 * Decrypts message as a session by unpacking the encrypted session key, decrypting it with crypter,
 * then decrypting the message.
 */
public static byte[] decryptWithSession(Crypter crypter, byte[] ciphertext) throws KeyczarException {
	byte[][] unpacked = org.keyczar.util.Util.lenPrefixUnpack(ciphertext);
	SessionCrypter session = new SessionCrypter(crypter, unpacked[0]);
	return session.decrypt(unpacked[1]);
}
 

public static Crypter crypterFromJson(String json) throws KeyczarException {
  KeyczarReader key = new KeyczarJsonReader(json);
  return new Crypter(key);
}
 

private static String decrypt(String ciphertext) throws KeyczarException {
    Crypter crypter = new Crypter(KEYSET_PATH);
    return crypter.decrypt(ciphertext);
}
 

private static String decrypt(String ciphertext) throws KeyczarException {
    Crypter crypter = new Crypter(KEYSET_PATH);
    return crypter.decrypt(ciphertext);
}
 

/**
 * The encrypted String (ciphertext) returned is already encoded in Base64.
 *
 * @param initialText The text to encrypt (in UTF-8)
 * @return The encrypted text (in Base64)
 * @throws KeyczarException General Keyczar exception
 */
private static String encrypt(String initialText) throws KeyczarException {
    Crypter crypter = new Crypter(KEYSET_PATH);
    return crypter.encrypt(initialText);
}
 

/**
 * The encrypted String (ciphertext) returned is already encoded in Base64.
 *
 * @param initialText The text to encrypt (in UTF-8)
 * @return The encrypted text (in Base64)
 * @throws KeyczarException General Keyczar exception
 */
private static String encrypt(String initialText) throws KeyczarException {
    Crypter crypter = new Crypter(KEYSET_PATH);
    return crypter.encrypt(initialText);
}