private static boolean supportsClone(Mac mac) { try { mac.clone(); return true; } catch (CloneNotSupportedException e) { return false; } }
@Override public int read(byte[] buffer, int offset, int length) throws IOException { return _cipherIn.read(buffer, offset, length); }
@Override public void write(byte[] buffer, int offset, int length) throws IOException { _cipherOut.write(buffer, offset, length); }
public CombinedCipherOutputStream(OutputStream out, Cipher asym, String algorithm) throws IOException, GeneralSecurityException { super(out); // create a new symmetric cipher key used for this stream String keyAlgorithm = getKeyAlgorithm(algorithm); SecretKey symKey = KeyGenerator.getInstance(keyAlgorithm).generateKey(); // place the symmetric key by encrypting it with asymmetric cipher out.write(asym.doFinal(symKey.getEncoded())); // the rest of the data will be encrypted by this symmetric cipher Cipher sym = Secret.getCipher(algorithm); sym.init(Cipher.ENCRYPT_MODE,symKey, keyAlgorithm.equals(algorithm) ? null : new IvParameterSpec(symKey.getEncoded())); super.out = new CipherOutputStream(out,sym); }
/** * Upgrades a connection with transport encryption by the specified symmetric cipher. * * @return * A new {@link Connection} object that includes the transport encryption. */ public Connection encryptConnection(SecretKey sessionKey, String algorithm) throws IOException, GeneralSecurityException { Cipher cout = Cipher.getInstance(algorithm); cout.init(Cipher.ENCRYPT_MODE, sessionKey, new IvParameterSpec(sessionKey.getEncoded())); CipherOutputStream o = new CipherOutputStream(out, cout); Cipher cin = Cipher.getInstance(algorithm); cin.init(Cipher.DECRYPT_MODE, sessionKey, new IvParameterSpec(sessionKey.getEncoded())); CipherInputStream i = new CipherInputStream(in, cin); return new Connection(i,o); }
private static Cipher toCipher(RSAKey key, int mode) throws GeneralSecurityException { Cipher cipher = Cipher.getInstance("RSA"); cipher.init(mode, (Key)key); return cipher; }
private byte[] generateKey() throws NoSuchAlgorithmException { KeyGenerator keygen = KeyGenerator.getInstance("AES"); keygen.init(128); byte[] key = keygen.generateKey().getEncoded(); return key; }
/** * Workaround for JENKINS-6459 / http://java.net/jira/browse/GLASSFISH-11862 * This method uses specific provider selected via hudson.util.Secret.provider system property * to provide a workaround for the above bug where default provide gives an unusable instance. * (Glassfish Enterprise users should set value of this property to "SunJCE") */ public static Cipher getCipher(String algorithm) throws GeneralSecurityException { return PROVIDER != null ? Cipher.getInstance(algorithm, PROVIDER) : Cipher.getInstance(algorithm); }
/* Derive the key, given password and salt. */ SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); KeySpec spec = new PBEKeySpec(password, salt, 65536, 256); SecretKey tmp = factory.generateSecret(spec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
@Override public void write(byte[] buffer, int offset, int length) throws IOException { _bodyOut.write(buffer, offset, length); _mac.update(buffer, offset, length); }
@Override public byte[] createIV() throws NoSuchAlgorithmException { KeyGenerator keygen = KeyGenerator.getInstance("AES"); keygen.init(128); return keygen.generateKey().getEncoded(); } }
@Override public int read() throws IOException { int ch = _bodyIn.read(); if (ch < 0) return ch; _mac.update((byte) ch); return ch; }
@Override public void write(int ch) throws IOException { _cipherOut.write(ch); }
@Override public int read() throws IOException { return _cipherIn.read(); }
private static boolean supportsClone(Mac mac) { try { mac.clone(); return true; } catch (CloneNotSupportedException e) { return false; } }
@Override public void write(int ch) throws IOException { _bodyOut.write(ch); _mac.update((byte) ch); }
@Override public int read(byte[] buffer, int offset, int length) throws IOException { int len = _bodyIn.read(buffer, offset, length); if (len < 0) return len; _mac.update(buffer, offset, len); return len; }
@Override protected void update(byte[] b, int off, int len) { checkNotDone(); mac.update(b, off, len); }
@Override protected void update(byte b) { checkNotDone(); mac.update(b); }
@Override protected void update(byte[] b) { checkNotDone(); mac.update(b); }