@Override public String toString() { final ToStringBuilder builder = new ToStringBuilder(this); ToStringBuilder.setDefaultStyle(ToStringStyle.SHORT_PREFIX_STYLE); builder.append("Algorithm name", algorithm); builder.append("Requires unlimited strength JCE policy", unlimitedStrength); builder.append("Algorithm Provider", provider); builder.append("Compatible with strong KDFs", compatibleWithStrongKDFs); builder.append("Keyed cipher", isKeyedCipher()); return builder.toString(); }
public static boolean isKeyedCipher(String algorithm) { EncryptionMethod em = EncryptionMethod.forAlgorithm(algorithm); return em != null && em.isKeyedCipher(); }
if (!encryptionMethod.isKeyedCipher()) { throw new IllegalArgumentException(encryptionMethod.name() + " requires a PBECipherProvider");
public KeyedEncryptor(final EncryptionMethod encryptionMethod, final byte[] keyBytes, final byte[] iv) { super(); try { if (encryptionMethod == null) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with null encryption method"); } if (!encryptionMethod.isKeyedCipher()) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with encryption method " + encryptionMethod.name()); } this.encryptionMethod = encryptionMethod; if (keyBytes == null || keyBytes.length == 0) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with empty key"); } if (!CipherUtility.isValidKeyLengthForAlgorithm(keyBytes.length * 8, encryptionMethod.getAlgorithm())) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with key of length " + keyBytes.length); } String cipherName = CipherUtility.parseCipherFromAlgorithm(encryptionMethod.getAlgorithm()); this.key = new SecretKeySpec(keyBytes, cipherName); this.iv = iv; } catch (Exception e) { throw new ProcessException(e); } }
@Override protected Collection<ValidationResult> customValidate(final ValidationContext context) { final List<ValidationResult> validationResults = new ArrayList<>(super.customValidate(context)); final String methodValue = context.getProperty(ENCRYPTION_ALGORITHM).getValue(); final EncryptionMethod encryptionMethod = EncryptionMethod.valueOf(methodValue); final String algorithm = encryptionMethod.getAlgorithm(); final String password = context.getProperty(PASSWORD).getValue(); final KeyDerivationFunction kdf = KeyDerivationFunction.valueOf(context.getProperty(KEY_DERIVATION_FUNCTION).getValue()); final String keyHex = context.getProperty(RAW_KEY_HEX).getValue(); if (isPGPAlgorithm(algorithm)) { final boolean encrypt = context.getProperty(MODE).getValue().equalsIgnoreCase(ENCRYPT_MODE); final String publicKeyring = context.getProperty(PUBLIC_KEYRING).getValue(); final String publicUserId = context.getProperty(PUBLIC_KEY_USERID).getValue(); final String privateKeyring = context.getProperty(PRIVATE_KEYRING).getValue(); final String privateKeyringPassphrase = context.getProperty(PRIVATE_KEYRING_PASSPHRASE).evaluateAttributeExpressions().getValue(); validationResults.addAll(validatePGP(encryptionMethod, password, encrypt, publicKeyring, publicUserId, privateKeyring, privateKeyringPassphrase)); } else { // Not PGP if (encryptionMethod.isKeyedCipher()) { // Raw key validationResults.addAll(validateKeyed(encryptionMethod, kdf, keyHex)); } else { // PBE boolean allowWeakCrypto = context.getProperty(ALLOW_WEAK_CRYPTO).getValue().equalsIgnoreCase(WEAK_CRYPTO_ALLOWED_NAME); validationResults.addAll(validatePBE(encryptionMethod, kdf, password, allowWeakCrypto)); } } return validationResults; }
if (encryptionMethod.isKeyedCipher()) { continue;
@Override public String toString() { final ToStringBuilder builder = new ToStringBuilder(this); ToStringBuilder.setDefaultStyle(ToStringStyle.SHORT_PREFIX_STYLE); builder.append("Algorithm name", algorithm); builder.append("Requires unlimited strength JCE policy", unlimitedStrength); builder.append("Algorithm Provider", provider); builder.append("Compatible with strong KDFs", compatibleWithStrongKDFs); builder.append("Keyed cipher", isKeyedCipher()); return builder.toString(); }
public static boolean isKeyedCipher(String algorithm) { EncryptionMethod em = EncryptionMethod.forAlgorithm(algorithm); return em != null && em.isKeyedCipher(); }
if (!encryptionMethod.isKeyedCipher()) { throw new IllegalArgumentException(encryptionMethod.name() + " requires a PBECipherProvider");
public KeyedEncryptor(final EncryptionMethod encryptionMethod, final byte[] keyBytes, final byte[] iv) { super(); try { if (encryptionMethod == null) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with null encryption method"); } if (!encryptionMethod.isKeyedCipher()) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with encryption method " + encryptionMethod.name()); } this.encryptionMethod = encryptionMethod; if (keyBytes == null || keyBytes.length == 0) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with empty key"); } if (!CipherUtility.isValidKeyLengthForAlgorithm(keyBytes.length * 8, encryptionMethod.getAlgorithm())) { throw new IllegalArgumentException("Cannot instantiate a keyed encryptor with key of length " + keyBytes.length); } String cipherName = CipherUtility.parseCipherFromAlgorithm(encryptionMethod.getAlgorithm()); this.key = new SecretKeySpec(keyBytes, cipherName); this.iv = iv; } catch (Exception e) { throw new ProcessException(e); } }
@Override protected Collection<ValidationResult> customValidate(final ValidationContext context) { final List<ValidationResult> validationResults = new ArrayList<>(super.customValidate(context)); final String methodValue = context.getProperty(ENCRYPTION_ALGORITHM).getValue(); final EncryptionMethod encryptionMethod = EncryptionMethod.valueOf(methodValue); final String algorithm = encryptionMethod.getAlgorithm(); final String password = context.getProperty(PASSWORD).getValue(); final KeyDerivationFunction kdf = KeyDerivationFunction.valueOf(context.getProperty(KEY_DERIVATION_FUNCTION).getValue()); final String keyHex = context.getProperty(RAW_KEY_HEX).getValue(); if (isPGPAlgorithm(algorithm)) { final boolean encrypt = context.getProperty(MODE).getValue().equalsIgnoreCase(ENCRYPT_MODE); final String publicKeyring = context.getProperty(PUBLIC_KEYRING).getValue(); final String publicUserId = context.getProperty(PUBLIC_KEY_USERID).getValue(); final String privateKeyring = context.getProperty(PRIVATE_KEYRING).getValue(); final String privateKeyringPassphrase = context.getProperty(PRIVATE_KEYRING_PASSPHRASE).evaluateAttributeExpressions().getValue(); validationResults.addAll(validatePGP(encryptionMethod, password, encrypt, publicKeyring, publicUserId, privateKeyring, privateKeyringPassphrase)); } else { // Not PGP if (encryptionMethod.isKeyedCipher()) { // Raw key validationResults.addAll(validateKeyed(encryptionMethod, kdf, keyHex)); } else { // PBE boolean allowWeakCrypto = context.getProperty(ALLOW_WEAK_CRYPTO).getValue().equalsIgnoreCase(WEAK_CRYPTO_ALLOWED_NAME); validationResults.addAll(validatePBE(encryptionMethod, kdf, password, allowWeakCrypto)); } } return validationResults; }