private static Signature createSignature(PrivateKey privateKey, PublicKey publicKey) throws GeneralSecurityException { if (privateKey instanceof RSAPrivateKey && publicKey instanceof RSAPublicKey) { return Signature.getInstance("NONEwithRSA"); } if (privateKey instanceof ECPrivateKey && publicKey instanceof ECPublicKey) { return Signature.getInstance("NONEwithECDSA"); } if (privateKey instanceof DSAKey && publicKey instanceof DSAKey) { return Signature.getInstance("NONEwithDSA"); } throw new InvalidKeySpecException("Key type must be one of " + SUPPORTED_KEY_TYPES); }
public static PublicKey loadPublicKey(String publicKey) throws GeneralSecurityException { Matcher matcher = PUBLIC_KEY_PATTERN.matcher(publicKey); if (!matcher.find()) { throw new KeyStoreException("did not find a public key"); } String data = matcher.group(1); byte[] encodedKey = base64Decode(data); X509EncodedKeySpec encodedKeySpec = new X509EncodedKeySpec(encodedKey); for (String algorithm : SUPPORTED_KEY_TYPES) { try { KeyFactory keyFactory = KeyFactory.getInstance(algorithm); return keyFactory.generatePublic(encodedKeySpec); } catch (InvalidKeySpecException ignore) { } } throw new InvalidKeySpecException("Key type must be one of " + SUPPORTED_KEY_TYPES); }
<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException { if (keySpecType.isAssignableFrom(SaltedHashPasswordSpec.class)) { return keySpecType.cast(new SaltedHashPasswordSpec(hash.clone(), ByteBuffer.allocate(2).putShort(this.salt).array())); } throw new InvalidKeySpecException(); }
static byte[] dsaPkcs1ToPkcs8(byte[] pkcs1) throws InvalidKeySpecException { List<byte[]> elements = decodeSequence(pkcs1); if (elements.size() != 6) { throw new InvalidKeySpecException("Expected DSA key to have 6 elements"); } byte[] keyIdentifier = encodeSequence(DSA_KEY_OID, encodeSequence(elements.get(1), elements.get(2), elements.get(3))); return encodeSequence(VERSION_0_ENCODED, keyIdentifier, encodeOctetString(elements.get(5))); }
@Override <S extends KeySpec> S getKeySpec(Class<S> keySpecType) throws InvalidKeySpecException { if (keySpecType.isAssignableFrom(DigestPasswordSpec.class)) { return keySpecType.cast(new DigestPasswordSpec(username, realm, digest.clone())); } throw new InvalidKeySpecException(); }
@Override <S extends KeySpec> S getKeySpec(Class<S> keySpecType) throws InvalidKeySpecException { if (keySpecType.isAssignableFrom(OneTimePasswordSpec.class)) { return keySpecType.cast(new OneTimePasswordSpec(hash.clone(), seed, sequenceNumber)); } throw new InvalidKeySpecException(); }
static byte[] ecPkcs1ToPkcs8(byte[] pkcs1) throws InvalidKeySpecException { List<byte[]> elements = decodeSequence(pkcs1); if (elements.size() != 4) { throw new InvalidKeySpecException("Expected EC key to have 4 elements"); } byte[] curveOid = decodeSequenceOptionalElement(elements.get(2)); byte[] keyIdentifier = encodeSequence(EC_KEY_OID, curveOid); return encodeSequence(VERSION_0_ENCODED, keyIdentifier, encodeOctetString(encodeSequence(elements.get(0), elements.get(1), elements.get(3)))); }
@Override protected <S extends KeySpec> S engineGetKeySpec(final String algorithm, final Password password, final Class<S> keySpecType) throws InvalidKeySpecException { if (password instanceof AbstractPasswordImpl) { final AbstractPasswordImpl abstractPassword = (AbstractPasswordImpl) password; if (algorithm.equals(abstractPassword.getAlgorithm())) { return abstractPassword.getKeySpec(keySpecType); } } throw new InvalidKeySpecException(); }
@Override public final InvalidKeySpecException insufficientDataToFormDigestAndSalt() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), insufficientDataToFormDigestAndSalt$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidSalt2 = "ELY01054: Invalid salt \"%s%s\"";
@Override public final InvalidKeySpecException invalidKeySpecUnknownCryptStringAlgorithm() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), invalidKeySpecUnknownCryptStringAlgorithm$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidKeySpecInvalidCharacterEncountered = "ELY08004: Invalid character encountered";
@Override <S extends KeySpec> S getKeySpec(Class<S> keySpecType) throws InvalidKeySpecException { if (keySpecType.isAssignableFrom(IteratedSaltedHashPasswordSpec.class)) { return keySpecType.cast(new IteratedSaltedHashPasswordSpec(this.getDigest(), this.getSalt(), this.getIterationCount())); } throw new InvalidKeySpecException(); }
@Override public final InvalidKeySpecException unknownLdapPasswordScheme() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), unknownLdapPasswordScheme$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } @Override
@Override public final InvalidKeySpecException invalidKeySpecUnrecognizedKeySpecAlgorithm() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), invalidKeySpecUnrecognizedKeySpecAlgorithm$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidKeySpecPasswordSpecCannotBeRenderedAsString = "ELY08002: Password spec cannot be rendered as a string";
@Override public final InvalidKeySpecException invalidKeySpecInvalidMinorVersion() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), invalidKeySpecInvalidMinorVersion$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidKeySpecCostMustBeTwoDigitInteger = "ELY08012: Invalid cost: must be a two digit integer";
@Override public final InvalidKeySpecException invalidKeySpecCostMustBeTwoDigitInteger() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), invalidKeySpecCostMustBeTwoDigitInteger$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidKeySpecNoSuchMessageDigestAlgorithm = "ELY08013: No such MessageDigest algorithm for \"%s\"";
@Override <S extends KeySpec> S getKeySpec(Class<S> keySpecType) throws InvalidKeySpecException { if (keySpecType.isAssignableFrom(IteratedSaltedHashPasswordSpec.class)) { return keySpecType.cast(new IteratedSaltedHashPasswordSpec(this.getHash(), this.getSalt(), this.getIterationCount())); } throw new InvalidKeySpecException(); }
@Override public final InvalidKeySpecException invalidKeySpecPasswordSpecCannotBeRenderedAsString() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), invalidKeySpecPasswordSpecCannotBeRenderedAsString$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidKeySpecUnknownCryptStringAlgorithm = "ELY08003: Unknown crypt string algorithm";
@Override public final InvalidKeySpecException invalidKeySpecUnexpectedEndOfPasswordString() { final InvalidKeySpecException result = new InvalidKeySpecException(String.format(getLoggingLocale(), invalidKeySpecUnexpectedEndOfPasswordString$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidKeySpecUnexpectedEndOfPasswordStringWithCause = "ELY08010: Unexpected end of password string";
<S extends KeySpec> S getKeySpec(final Class<S> keySpecType) throws InvalidKeySpecException { if (keySpecType.isAssignableFrom(MaskedPasswordSpec.class)) { return keySpecType.cast(new MaskedPasswordSpec(initialKeyMaterial.clone(), iterationCount, salt.clone(), maskedPasswordBytes.clone())); } else if (keySpecType.isAssignableFrom(ClearPasswordSpec.class)) { return keySpecType.cast(new ClearPasswordSpec(unmask(algorithm, initialKeyMaterial, iterationCount, salt, maskedPasswordBytes))); } else { throw new InvalidKeySpecException(); } }
private static byte[] mask(final String algorithm, final char[] initialKeyMaterial, final int iterationCount, final byte[] salt, final char[] chars) throws InvalidKeySpecException { final Cipher cipher = getCipher(algorithm, initialKeyMaterial, iterationCount, salt, Cipher.ENCRYPT_MODE); try { return cipher.doFinal(CodePointIterator.ofChars(chars).asUtf8().drain()); } catch (IllegalBlockSizeException | BadPaddingException e) { throw new InvalidKeySpecException(e); } }