private Optional<String> validateRsaSha256(SecurityEnvironment env, InboundClientDefinition clientDefinition) { try { Signature signature = Signature.getInstance("SHA256withRSA"); signature.initVerify(clientDefinition.keyConfig() .orElseThrow(() -> new HttpSignatureException("RSA public key configuration is " + "required")) .publicKey() .orElseThrow(() -> new HttpSignatureException( "Public key is required, yet not configured"))); signature.update(getBytesToSign(env, null)); if (!signature.verify(this.signatureBytes)) { return Optional.of("Signature is not valid"); } return Optional.empty(); } catch (NoSuchAlgorithmException e) { LOGGER.log(Level.FINEST, "SHA256withRSA algorithm not found", e); return Optional.of("SHA256withRSA algorithm not found: " + e.getMessage()); } catch (InvalidKeyException e) { LOGGER.log(Level.FINEST, "Invalid RSA key", e); return Optional.of("Invalid RSA key: " + e.getMessage()); } catch (SignatureException e) { LOGGER.log(Level.FINEST, "Signature exception", e); return Optional.of("SignatureException: " + e.getMessage()); } }
protected Mac getMacInstance() throws SignatureException { try { return doGetMacInstance(); } catch (NoSuchAlgorithmException e) { String msg = "Unable to obtain JCA MAC algorithm '" + alg.getJcaName() + "': " + e.getMessage(); throw new SignatureException(msg, e); } catch (InvalidKeyException e) { String msg = "The specified signing key is not a valid " + alg.name() + " key: " + e.getMessage(); throw new SignatureException(msg, e); } }
@Override public byte[] sign(byte[] data) { try { return doSign(data); } catch (InvalidKeyException e) { throw new SignatureException("Invalid RSA PrivateKey. " + e.getMessage(), e); } catch (java.security.SignatureException e) { throw new SignatureException("Unable to calculate signature using RSA PrivateKey. " + e.getMessage(), e); } }
@Override public byte[] sign(byte[] data) { try { return doSign(data); } catch (InvalidKeyException e) { throw new SignatureException("Invalid Elliptic Curve PrivateKey. " + e.getMessage(), e); } catch (java.security.SignatureException e) { throw new SignatureException("Unable to calculate signature using Elliptic Curve PrivateKey. " + e.getMessage(), e); } catch (JwtException e) { throw new SignatureException("Unable to convert signature to JOSE format. " + e.getMessage(), e); } }
throw new IOException(MessageFormat.format(JGitText.get().noHMACsupport, HMAC, e.getMessage())); } catch (InvalidKeyException e) { throw new IOException(MessageFormat.format(JGitText.get().invalidKey, e.getMessage()));
+ e.getMessage() + "\r\nCertificate: " + DatatypeConverter.printHexBinary(pemCertificate), e); logger.error(ex.getMessage(), ex);
/** encrypt exactly 16 bytes using the session key * @param payload plaintext data, 16 bytes starting at inIndex * @param sessionKey private session key * @param out out parameter, 16 bytes starting at outIndex */ @Override public final void encryptBlock(byte payload[], int inIndex, SessionKey sessionKey, byte out[], int outIndex) { Object pkey = sessionKey.getPreparedKey(); if (pkey == null) { try { pkey = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16); sessionKey.setPreparedKey(pkey); } catch (InvalidKeyException ike) { _log.log(Log.CRIT, "Invalid key", ike); throw new IllegalArgumentException("invalid key? " + ike.getMessage()); } } CryptixRijndael_Algorithm.blockEncrypt(payload, out, inIndex, outIndex, pkey); }
/** decrypt exactly 16 bytes of data with the session key provided * @param payload encrypted data, 16 bytes starting at inIndex * @param sessionKey private session key * @param rv out parameter, 16 bytes starting at outIndex */ @Override public final void decryptBlock(byte payload[], int inIndex, SessionKey sessionKey, byte rv[], int outIndex) { // just let it throw NPE or IAE later for speed, you'll figure it out //if ( (payload == null) || (rv == null) ) // throw new IllegalArgumentException("null block args"); //if (payload.length - inIndex > rv.length - outIndex) // throw new IllegalArgumentException("bad block args [payload.len=" + payload.length // + " inIndex=" + inIndex + " rv.len=" + rv.length // + " outIndex="+outIndex); Object pkey = sessionKey.getPreparedKey(); if (pkey == null) { try { pkey = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16); sessionKey.setPreparedKey(pkey); } catch (InvalidKeyException ike) { _log.log(Log.CRIT, "Invalid key", ike); throw new IllegalArgumentException("invalid key? " + ike.getMessage()); } } CryptixRijndael_Algorithm.blockDecrypt(payload, rv, inIndex, outIndex, pkey); }
private void handleInvalidKeyException(final InvalidKeyException e) { if ((e.getMessage() != null) && ((e.getMessage().toUpperCase().indexOf("KEY SIZE") != -1))) { throw new EncryptionOperationNotPossibleException( "Encryption raised an exception. A possible cause is " + "you are using strong encryption algorithms and " + "you have not installed the Java Cryptography " + "Extension (JCE) Unlimited Strength Jurisdiction " + "Policy Files in this Java Virtual Machine"); } }
private void handleInvalidKeyException(final InvalidKeyException e) { if ((e.getMessage() != null) && ((e.getMessage().toUpperCase().indexOf("KEY SIZE") != -1))) { throw new EncryptionOperationNotPossibleException( "Encryption raised an exception. A possible cause is " + "you are using strong encryption algorithms and " + "you have not installed the Java Cryptography " + "Extension (JCE) Unlimited Strength Jurisdiction " + "Policy Files in this Java Virtual Machine"); } }
private void handleInvalidKeyException(final InvalidKeyException e) { if ((e.getMessage() != null) && ((e.getMessage().toUpperCase().indexOf("KEY SIZE") != -1))) { throw new EncryptionOperationNotPossibleException( "Encryption raised an exception. A possible cause is " + "you are using strong encryption algorithms and " + "you have not installed the Java Cryptography " + "Extension (JCE) Unlimited Strength Jurisdiction " + "Policy Files in this Java Virtual Machine"); } }
private Cipher getAndInitializeCipher(final int mode, final byte[] nonce) { try { Cipher cipher = CIPHER.get(); cipher.init(mode, key, gcmParameterSpec(nonce)); return cipher; } catch (InvalidKeyException e) { throw OException.wrapException(new OInvalidStorageEncryptionKeyException(e.getMessage()), e); } catch (InvalidAlgorithmParameterException e) { throw new IllegalArgumentException("Invalid or re-used nonce.", e); } }
public String toString() { try { return GOSTUtil.privateKeyToString("GOST3410", x, ((GOST3410PrivateKeyParameters)GOST3410Util.generatePrivateKeyParameter(this)).getParameters()); } catch (InvalidKeyException e) { throw new IllegalStateException(e.getMessage()); // should not be possible } }
public String toString() { try { return GOSTUtil.publicKeyToString("GOST3410", y, ((GOST3410PublicKeyParameters)GOST3410Util.generatePublicKeyParameter(this)).getParameters()); } catch (InvalidKeyException e) { throw new IllegalStateException(e.getMessage()); // should not be possible } }
protected Mac getMacInstance() throws SignatureException { try { return doGetMacInstance(); } catch (NoSuchAlgorithmException e) { String msg = "Unable to obtain JCA MAC algorithm '" + alg.getJcaName() + "': " + e.getMessage(); throw new SignatureException(msg, e); } catch (InvalidKeyException e) { String msg = "The specified signing key is not a valid " + alg.name() + " key: " + e.getMessage(); throw new SignatureException(msg, e); } }
protected Mac getMacInstance() throws SignatureException { try { return doGetMacInstance(); } catch (NoSuchAlgorithmException e) { String msg = "Unable to obtain JCA MAC algorithm '" + alg.getJcaName() + "': " + e.getMessage(); throw new SignatureException(msg, e); } catch (InvalidKeyException e) { String msg = "The specified signing key is not a valid " + alg.name() + " key: " + e.getMessage(); throw new SignatureException(msg, e); } }
@Override public byte[] sign(byte[] data) { try { return doSign(data); } catch (InvalidKeyException e) { throw new SignatureException("Invalid RSA PrivateKey. " + e.getMessage(), e); } catch (java.security.SignatureException e) { throw new SignatureException("Unable to calculate signature using RSA PrivateKey. " + e.getMessage(), e); } }
@Override public byte[] sign(byte[] data) { try { return doSign(data); } catch (InvalidKeyException e) { throw new SignatureException("Invalid RSA PrivateKey. " + e.getMessage(), e); } catch (java.security.SignatureException e) { throw new SignatureException("Unable to calculate signature using RSA PrivateKey. " + e.getMessage(), e); } }
@Override public byte[] sign(byte[] data) { try { return doSign(data); } catch (InvalidKeyException e) { throw new SignatureException("Invalid Elliptic Curve PrivateKey. " + e.getMessage(), e); } catch (java.security.SignatureException e) { throw new SignatureException("Unable to calculate signature using Elliptic Curve PrivateKey. " + e.getMessage(), e); } catch (JwtException e) { throw new SignatureException("Unable to convert signature to JOSE format. " + e.getMessage(), e); } }
@Override public byte[] sign(byte[] data) { try { return doSign(data); } catch (InvalidKeyException e) { throw new SignatureException("Invalid Elliptic Curve PrivateKey. " + e.getMessage(), e); } catch (java.security.SignatureException e) { throw new SignatureException("Unable to calculate signature using Elliptic Curve PrivateKey. " + e.getMessage(), e); } catch (JwtException e) { throw new SignatureException("Unable to convert signature to JOSE format. " + e.getMessage(), e); } }