Java Examples for org.bouncycastle.jce.provider.BouncyCastleProvider
The following java examples will help you to understand the usage of org.bouncycastle.jce.provider.BouncyCastleProvider. These source code samples are taken from different open source projects.
Example 1
| Project: cloudstore-master File: BouncyCastleRegistrationUtil.java View source code |
public static synchronized void registerBouncyCastleIfNeeded() {
Provider provider = Security.getProvider("BC");
if (provider != null)
return;
Security.addProvider(new BouncyCastleProvider());
provider = Security.getProvider("BC");
if (provider == null)
throw new IllegalStateException("Registration of BouncyCastleProvider failed!");
}Example 2
| Project: atlas-lb-master File: SignedFileProcessor.java View source code |
public static void main(String[] args) throws Exception {
Security.addProvider(new BouncyCastleProvider());
if (args[0].equals("-s")) {
if (args[1].equals("-a")) {
FileInputStream keyIn = new FileInputStream(args[3]);
FileOutputStream out = new FileOutputStream(args[2] + ".asc");
signFile(args[2], keyIn, out, args[4].toCharArray(), true);
} else {
FileInputStream keyIn = new FileInputStream(args[2]);
FileOutputStream out = new FileOutputStream(args[1] + ".bpg");
signFile(args[1], keyIn, out, args[3].toCharArray(), false);
}
} else if (args[0].equals("-v")) {
FileInputStream in = new FileInputStream(args[1]);
FileInputStream keyIn = new FileInputStream(args[2]);
verifyFile(in, keyIn);
} else {
System.err.println("usage: SignedFileProcessor -v|-s [-a] file keyfile [passPhrase]");
}
}Example 3
| Project: irma_future_id-master File: KeyPairGeneratorSpi.java View source code |
public void initialize(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof ECParameterSpec) {
ECParameterSpec p = (ECParameterSpec) params;
this.ecParams = p;
param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random);
engine.init(param);
initialised = true;
} else if (params instanceof ECNamedCurveGenParameterSpec) {
String curveName;
curveName = ((ECNamedCurveGenParameterSpec) params).getName();
ECDomainParameters ecP = ECGOST3410NamedCurves.getByName(curveName);
if (ecP == null) {
throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName);
}
this.ecParams = new ECNamedCurveParameterSpec(curveName, ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
param = new ECKeyGenerationParameters(new ECDomainParameters(ecParams.getCurve(), ecParams.getG(), ecParams.getN()), random);
engine.init(param);
initialised = true;
} else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() != null) {
ECParameterSpec p = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
this.ecParams = null;
param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random);
engine.init(param);
initialised = true;
} else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() == null) {
throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
} else {
throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName());
}
}Example 4
| Project: bc-java-master File: BasicTlsTest.java View source code |
public Exception call() throws Exception {
try {
TrustManagerFactory trustMgrFact = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
trustMgrFact.init(trustStore);
SSLContext clientContext = SSLContext.getInstance("TLS", BouncyCastleJsseProvider.PROVIDER_NAME);
clientContext.init(null, trustMgrFact.getTrustManagers(), SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
SSLSocketFactory fact = clientContext.getSocketFactory();
SSLSocket cSock = (SSLSocket) fact.createSocket(HOST, PORT_NO);
TestProtocolUtil.doClientProtocol(cSock, "Hello");
} finally {
latch.countDown();
}
return null;
}Example 5
| Project: dcache-master File: CertificateFactories.java View source code |
/**
* Returns an X.509 CertificateFactory.
*
* @throws RuntimeException if the factory could not be instantiated
*/
public static CertificateFactory newX509CertificateFactory() {
try {
return CertificateFactory.getInstance(X_509, BouncyCastleProvider.PROVIDER_NAME);
} catch (CertificateException e) {
throw new RuntimeException("Failed to create X.509 certificate factory: " + e.getMessage(), e);
} catch (NoSuchProviderException e) {
throw new RuntimeException("Failed to load bouncy castle provider: " + e.getMessage(), e);
}
}Example 6
| Project: oxAuth-master File: CertificateParser.java View source code |
public static X509Certificate parsePem(String pemEncodedCert) throws CertificateException {
StringReader sr = new StringReader(pemEncodedCert);
PEMParser pemReader = new PEMParser(sr);
try {
X509CertificateHolder certificateHolder = ((X509CertificateHolder) pemReader.readObject());
if (certificateHolder == null) {
return null;
}
X509Certificate cert = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(certificateHolder);
return cert;
} catch (IOException ex) {
throw new CertificateException(ex);
} finally {
IOUtils.closeQuietly(pemReader);
}
}Example 7
| Project: uma-master File: CertificateParser.java View source code |
public static X509Certificate parsePem(String pemEncodedCert) throws CertificateException {
StringReader sr = new StringReader(pemEncodedCert);
PEMParser pemReader = new PEMParser(sr);
try {
X509CertificateHolder certificateHolder = ((X509CertificateHolder) pemReader.readObject());
if (certificateHolder == null) {
return null;
}
X509Certificate cert = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(certificateHolder);
return cert;
} catch (IOException ex) {
throw new CertificateException(ex);
} finally {
IOUtils.closeQuietly(pemReader);
}
}Example 8
| Project: thundernetwork-master File: AuthenticationHandlerTest.java View source code |
@Before
public void prepare() throws PropertyVetoException, SQLException {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
node1.isServer = false;
node2.isServer = true;
contextFactory1 = new MockContextFactory(nodeServer1);
contextFactory2 = new MockContextFactory(nodeServer2);
node1.ephemeralKeyClient = node2.ephemeralKeyServer;
node2.ephemeralKeyClient = node1.ephemeralKeyServer;
node1.ecdhKeySet = ECDH.getSharedSecret(node1.ephemeralKeyServer, node1.ephemeralKeyClient);
node2.ecdhKeySet = ECDH.getSharedSecret(node2.ephemeralKeyServer, node2.ephemeralKeyClient);
channel1 = new EmbeddedChannel(new ProcessorHandler(contextFactory1.getAuthenticationProcessor(node1), "Encryption1"));
channel2 = new EmbeddedChannel(new ProcessorHandler(contextFactory2.getAuthenticationProcessor(node2), "Encryption2"));
Message m = (Message) channel2.readOutbound();
assertNull(m);
}Example 9
| Project: MSEC-master File: Tools.java View source code |
public static PrivateKey loadPrivKeyFromFile(String filename) {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
try {
FileReader fr = new FileReader(filename);
PEMReader pr = new PEMReader(fr);
KeyPair key = (KeyPair) (pr.readObject());
pr.close();
fr.close();
return key.getPrivate();
} catch (Exception e) {
e.printStackTrace();
return null;
}
}Example 10
| Project: AcademicTorrents-Downloader-master File: CryptoECCUtils.java View source code |
public static KeyPair createKeys() throws CryptoManagerException {
try {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
keyGen.initialize(ECCparam);
return keyGen.genKeyPair();
} catch (Throwable e) {
throw (new CryptoManagerException("Failed to create keys", e));
}
}Example 11
| Project: cryptoapplet-master File: ConexionTarjeta.java View source code |
/**
* @param args
*/
public static KeyStore conectar(char[] pin, String libreria) throws PKCS11Exception, ProviderException {
KeyStore ks = null;
try {
if (Security.getProvider(SUNPCKS11_TOKEN) != null)
Security.removeProvider(SUNPCKS11_TOKEN);
String pkcs11config = NAME_IGUAL_TOKEN + LIBRARY_IGUAL + libreria;
byte[] pkcs11configBytes = pkcs11config.getBytes();
ByteArrayInputStream configStream = new ByteArrayInputStream(pkcs11configBytes);
Provider pkcs11Provider = new SunPKCS11(configStream);
Security.addProvider(new BouncyCastleProvider());
Security.addProvider(pkcs11Provider);
ks = KeyStore.getInstance(PKCS11, pkcs11Provider);
ks.load(null, pin);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (IOException e) {
Throwable t = null;
if (e.getCause() != null) {
t = e.getCause();
if (t.getCause() != null && t.getCause() instanceof PKCS11Exception) {
PKCS11Exception pke = (PKCS11Exception) t.getCause();
throw new PKCS11Exception(pke.getErrorCode());
}
}
} catch (KeyStoreException e) {
throw new PKCS11Exception(-1);
} catch (ProviderException e) {
if (e.getCause() != null) {
Throwable t = e.getCause();
if (t instanceof PKCS11Exception) {
PKCS11Exception pke = (PKCS11Exception) t;
throw new PKCS11Exception(pke.getErrorCode());
} else
throw e;
} else {
throw new ProviderException(e.getMessage());
}
} catch (Throwable t) {
t.printStackTrace();
}
return ks;
}Example 12
| Project: fast-serialization-master File: I52.java View source code |
@Test
public void test() throws Exception {
// install BouncyCastle provider
Security.addProvider(new BouncyCastleProvider());
// generate a keypair
KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "BC");
RSAKeyGenParameterSpec params = new RSAKeyGenParameterSpec(STRENGTH, PUBLIC_EXP);
gen.initialize(params, new SecureRandom());
KeyPair keyPair = gen.generateKeyPair();
FSTConfiguration fst = FSTConfiguration.createDefaultConfiguration();
// serialize
byte[] serialized = fst.asByteArray(keyPair);
// deserialize --> crash
KeyPair deserialized = (KeyPair) fst.asObject(serialized);
}Example 13
| Project: TLS-Attacker-master File: ConfigHandler.java View source code |
/**
* Initializes TLS Attacker according to the config file. In addition, it
* adds the Bouncy Castle provider and removes the PKCS#11 security provider
* since there are some problems when handling ECC.
*
* @param config
*/
public void initialize(GeneralConfig config) {
// ECC does not work properly in the NSS provider
Security.removeProvider("SunPKCS11-NSS");
Security.addProvider(new BouncyCastleProvider());
LOGGER.debug("Using the following security providers");
for (Provider p : Security.getProviders()) {
LOGGER.debug("Provider {}, version, {}", p.getName(), p.getVersion());
}
LoggerContext ctx = (LoggerContext) LogManager.getContext(false);
Configuration ctxConfig = ctx.getConfiguration();
LoggerConfig loggerConfig = ctxConfig.getLoggerConfig(LogManager.ROOT_LOGGER_NAME);
if (config.isDebug()) {
loggerConfig.setLevel(Level.DEBUG);
ctx.updateLoggers();
} else if (config.isQuiet()) {
loggerConfig.setLevel(Level.OFF);
ctx.updateLoggers();
} else if (config.getLogLevel() != null) {
loggerConfig.setLevel(config.getLogLevel());
ctx.updateLoggers();
}
UnlimitedStrengthHelper.removeCryptoStrengthRestriction();
}Example 14
| Project: wso2-synapse-master File: RevocationVerificationTest.java View source code |
/**
* Tests CRL Path Validation with the use of a real certificate chain. The verification process will make
* HTTP calls to remote CRL server URLs extracted from the certificates in the chain. Usually these certificates
* will not be revoked. So the path validation must be successful to pass the test. In case they are revoked
* or expired, new certificates should be added to the resources directory and Constants should be modified
* accordingly. See the interface Constants for expiry dates of the certificates.
* @throws Exception
*/
public void testCRLPathValidation() throws Exception {
//Add BouncyCastle as Security Provider.
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
Utils utils = new Utils();
X509Certificate[] certificates = utils.getRealCertificateChain();
Throwable throwable = null;
try {
crlPathValidation(certificates);
} catch (CertificateVerificationException e) {
throwable = e;
}
assertNull(throwable);
}Example 15
| Project: TwoFactorBtcWallet-master File: MakeCertificate.java View source code |
public static void generateSelfSignedCertificate(String hostname, File keystore, String keystorePassword) {
try {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
kpGen.initialize(1024, new SecureRandom());
KeyPair pair = kpGen.generateKeyPair();
// Generate self-signed certificate
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.CN, hostname);
Date notBefore = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000);
Date notAfter = new Date(System.currentTimeMillis() + 10 * 365 * 24 * 60 * 60 * 1000);
BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), serial, notBefore, notAfter, builder.build(), pair.getPublic());
ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(pair.getPrivate());
X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
cert.checkValidity(new Date());
cert.verify(cert.getPublicKey());
// Save to keystore
KeyStore store = KeyStore.getInstance("BKS");
if (keystore.exists()) {
FileInputStream fis = new FileInputStream(keystore);
store.load(fis, keystorePassword.toCharArray());
fis.close();
} else {
store.load(null);
}
store.setKeyEntry(hostname, pair.getPrivate(), keystorePassword.toCharArray(), new java.security.cert.Certificate[] { cert });
FileOutputStream fos = new FileOutputStream(keystore);
store.store(fos, keystorePassword.toCharArray());
fos.close();
} catch (Throwable t) {
t.printStackTrace();
throw new RuntimeException("Failed to generate self-signed certificate!", t);
}
}Example 16
| Project: android-backup-extractor-master File: Main.java View source code |
public static void main(String[] args) {
Security.addProvider(new BouncyCastleProvider());
if (args.length < 3) {
usage();
System.exit(1);
}
String mode = args[0];
if (!"pack".equals(mode) && !"unpack".equals(mode) && !"pack-kk".equals(mode)) {
usage();
System.exit(1);
}
boolean unpack = "unpack".equals(mode);
String backupFilename = unpack ? args[1] : args[2];
String tarFilename = unpack ? args[2] : args[1];
String password = null;
if (args.length > 3) {
password = args[3];
}
if (password == null) {
/* if password is not given, try to read it from environment */
password = System.getenv("ABE_PASSWD");
}
if (unpack) {
AndroidBackup.extractAsTar(backupFilename, tarFilename, password);
} else {
boolean isKitKat = "pack-kk".equals(mode);
AndroidBackup.packTar(tarFilename, backupFilename, password, isKitKat);
}
}Example 17
| Project: btpka3.github.com-master File: DESTest.java View source code |
public static void main(String[] args) throws InterruptedException, UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
// 请注æ„?é?¿å…?é‡?å¤?åŠ å…¥
Security.addProvider(new BouncyCastleProvider());
// 生��机秘钥
KeyGenerator keygenerator = KeyGenerator.getInstance("DES");
SecretKey desKey = keygenerator.generateKey();
// 生æˆ?åŠ å¯†å™¨
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS7Padding");
cipher.init(Cipher.ENCRYPT_MODE, desKey);
// 准备明文数�
String txt = "Hello World~";
// åŠ å¯†
byte[] encData = cipher.doFinal(txt.getBytes("UTF-8"));
System.out.println("ENC DATA : " + DatatypeConverter.printHexBinary(encData));
// 解密
cipher.init(Cipher.DECRYPT_MODE, desKey);
byte[] decData = cipher.doFinal(encData);
System.out.println("DEC DATA : " + new String(decData, "UTF-8"));
}Example 18
| Project: bugvm-master File: BaseCipherSpi.java View source code |
protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) throws InvalidKeyException {
byte[] encoded;
try {
if (wrapEngine == null) {
encoded = engineDoFinal(wrappedKey, 0, wrappedKey.length);
} else {
encoded = wrapEngine.unwrap(wrappedKey, 0, wrappedKey.length);
}
} catch (InvalidCipherTextException e) {
throw new InvalidKeyException(e.getMessage());
} catch (BadPaddingException e) {
throw new InvalidKeyException(e.getMessage());
} catch (IllegalBlockSizeException e2) {
throw new InvalidKeyException(e2.getMessage());
}
if (wrappedKeyType == Cipher.SECRET_KEY) {
return new SecretKeySpec(encoded, wrappedKeyAlgorithm);
} else if (wrappedKeyAlgorithm.equals("") && wrappedKeyType == Cipher.PRIVATE_KEY) {
/*
* The caller doesn't know the algorithm as it is part of
* the encrypted data.
*/
try {
PrivateKeyInfo in = PrivateKeyInfo.getInstance(encoded);
PrivateKey privKey = BouncyCastleProvider.getPrivateKey(in);
if (privKey != null) {
return privKey;
} else {
throw new InvalidKeyException("algorithm " + in.getPrivateKeyAlgorithm().getAlgorithm() + " not supported");
}
} catch (Exception e) {
throw new InvalidKeyException("Invalid key encoding.");
}
} else {
try {
KeyFactory kf = KeyFactory.getInstance(wrappedKeyAlgorithm, BouncyCastleProvider.PROVIDER_NAME);
if (wrappedKeyType == Cipher.PUBLIC_KEY) {
return kf.generatePublic(new X509EncodedKeySpec(encoded));
} else if (wrappedKeyType == Cipher.PRIVATE_KEY) {
return kf.generatePrivate(new PKCS8EncodedKeySpec(encoded));
}
} catch (NoSuchProviderException e) {
throw new InvalidKeyException("Unknown key type " + e.getMessage());
} catch (NoSuchAlgorithmException e) {
throw new InvalidKeyException("Unknown key type " + e.getMessage());
} catch (InvalidKeySpecException e2) {
throw new InvalidKeyException("Unknown key type " + e2.getMessage());
}
throw new InvalidKeyException("Unknown key type " + wrappedKeyType);
}
}Example 19
| Project: keywhiz-master File: CryptoFixtures.java View source code |
/** @return a content cryptographer initialized with the testing derivation key. */
public static ContentCryptographer contentCryptographer() {
if (cryptographer != null) {
return cryptographer;
}
Provider provider = new BouncyCastleProvider();
if (Security.getProvider(provider.getName()) == null) {
Security.addProvider(provider);
}
SecretKey baseKey;
char[] password = "CHANGE".toCharArray();
try (InputStream in = Resources.getResource("derivation.jceks").openStream()) {
KeyStore keyStore = KeyStore.getInstance("JCEKS");
keyStore.load(in, password);
baseKey = (SecretKey) keyStore.getKey("basekey", password);
} catch (CertificateExceptionUnrecoverableKeyException | KeyStoreException | NoSuchAlgorithmException | IOException | e) {
throw Throwables.propagate(e);
}
cryptographer = new ContentCryptographer(baseKey, provider, provider, FakeRandom.create());
return cryptographer;
}Example 20
| Project: OpenIDM-master File: Activator.java View source code |
@Override
public void start(BundleContext bundleContext) throws Exception {
Security.addProvider(new BouncyCastleProvider());
// Set System properties
if (System.getProperty("javax.net.ssl.keyStore") == null) {
System.setProperty("javax.net.ssl.keyStore", Param.getKeystoreLocation());
System.setProperty("javax.net.ssl.keyStorePassword", Param.getKeystorePassword(false));
System.setProperty("javax.net.ssl.keyStoreType", Param.getKeystoreType());
}
if (System.getProperty("javax.net.ssl.trustStore") == null) {
System.setProperty("javax.net.ssl.trustStore", Param.getTruststoreLocation());
System.setProperty("javax.net.ssl.trustStorePassword", Param.getTruststorePassword(false));
System.setProperty("javax.net.ssl.trustStoreType", Param.getTruststoreType());
}
}Example 21
| Project: oxalis-master File: CertificateValidationTest.java View source code |
public void validateCertificate(X509Certificate certificate) {
try {
List<X509Certificate> certificateList = new ArrayList<X509Certificate>();
certificateList.add(certificate);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
CertPath certPath = certificateFactory.generateCertPath(certificateList);
KeyStore trustStore = loadKeystore("security/oxalis-dummy-ca.jks", "peppol");
// Create the parameters for the validator
PKIXParameters params = new PKIXParameters(trustStore);
// Disable revocation checking as we trust our own truststore (and do not have a CRL and don't want OCSP)
params.setRevocationEnabled(false);
// Validate the certificate path
CertPathValidator pathValidator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
CertPathValidatorResult validatorResult = pathValidator.validate(certPath, params);
// Get the CA used to validate this path
PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult) validatorResult;
TrustAnchor ta = result.getTrustAnchor();
X509Certificate trustCert = ta.getTrustedCert();
} catch (Exception e) {
throw new IllegalStateException("Unable to trust the signer : " + e.getMessage(), e);
}
}Example 22
| Project: pdfbox-master File: SecurityProvider.java View source code |
/**
* Returns the provider to be used for advanced encrypting/decrypting. Default is the BouncyCastleProvider.
*
* @return the security provider
*
* @throws IOException if the default provider can't be instantiated
*/
public static Provider getProvider() throws IOException {
// TODO synchronize access
if (provider == null) {
try {
Class<Provider> providerClass = (Class<Provider>) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
provider = providerClass.getDeclaredConstructor().newInstance();
} catch (ClassNotFoundExceptionInstantiationException | IllegalAccessException | NoSuchMethodException | SecurityException | IllegalArgumentException | InvocationTargetException | ex) {
throw new IOException(ex);
}
}
return provider;
}Example 23
| Project: robovm-master File: KeyPairGeneratorSpi.java View source code |
public KeyPair generateKeyPair() {
if (!initialised) {
Integer paramStrength = Integers.valueOf(strength);
if (params.containsKey(paramStrength)) {
param = (DHKeyGenerationParameters) params.get(paramStrength);
} else {
DHParameterSpec dhParams = BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(strength);
if (dhParams != null) {
param = new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL()));
} else {
synchronized (lock) {
// our key size.
if (params.containsKey(paramStrength)) {
param = (DHKeyGenerationParameters) params.get(paramStrength);
} else {
DHParametersGenerator pGen = new DHParametersGenerator();
pGen.init(strength, certainty, random);
param = new DHKeyGenerationParameters(random, pGen.generateParameters());
params.put(paramStrength, param);
}
}
}
}
engine.init(param);
initialised = true;
}
AsymmetricCipherKeyPair pair = engine.generateKeyPair();
DHPublicKeyParameters pub = (DHPublicKeyParameters) pair.getPublic();
DHPrivateKeyParameters priv = (DHPrivateKeyParameters) pair.getPrivate();
return new KeyPair(new BCDHPublicKey(pub), new BCDHPrivateKey(priv));
}Example 24
| Project: SAMLRaider-master File: CloneCertificateChainTest.java View source code |
@Before
public void setUp() throws Exception {
Security.addProvider(new BouncyCastleProvider());
certificateTabController = new CertificateTabController(new CertificateTab());
certificateChain = certificateTabController.importCertificateChain("src/test/resources/hsr_chain.pem");
clonedCertificates = certificateTabController.cloneCertificateChain(certificateChain);
}Example 25
| Project: tesb-rt-se-master File: TextEncryptor.java View source code |
@Override
public Object execute() throws Exception {
StandardPBEStringEncryptor enc = new StandardPBEStringEncryptor();
EnvironmentStringPBEConfig env = new EnvironmentStringPBEConfig();
env.setProvider(new BouncyCastleProvider());
env.setProviderName(PROVIDER_NAME);
env.setAlgorithm(ALGORITHM);
if (encryptionPassword != null) {
env.setPassword(encryptionPassword);
System.out.println("Specified password for decryption should be set to " + PASSWORD_ENV_NAME + " env variable");
} else {
if (System.getenv(PASSWORD_ENV_NAME) != null) {
env.setPasswordEnvName(PASSWORD_ENV_NAME);
} else {
System.out.println(PASSWORD_ENV_NAME + " system variable is not specified. ");
System.out.println("Second parameter should be used to specify password.");
return null;
}
}
enc.setConfig(env);
System.out.println(PropertyValueEncryptionUtils.encrypt(textToEncrypt, enc));
return null;
}Example 26
| Project: token-crypt-master File: BouncyCastleKeyPairGenerator.java View source code |
@Override
public KeyPair generateKeyPair(Integer keyLength) {
final KeyPairGenerator kpg;
try {
kpg = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
} catch (NoSuchAlgorithmException e) {
throw new IllegalStateException("RSA support could not be found. There is a problem with this JVM.", e);
} catch (NoSuchProviderException e) {
throw new IllegalStateException("BounceCastle support could not be found. There is a problem with this JVM.", e);
}
kpg.initialize(keyLength);
return kpg.generateKeyPair();
}Example 27
| Project: nifi-master File: StringEncryptor.java View source code |
/**
* Creates an instance of the nifi sensitive property encryptor. Validates
* that the encryptor is actually working.
*
* @param niFiProperties properties
* @return encryptor
* @throws EncryptionException if any issues arise initializing or
* validating the encryptor
*/
public static StringEncryptor createEncryptor(final NiFiProperties niFiProperties) throws EncryptionException {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
final String sensitivePropAlgorithmVal = niFiProperties.getProperty(NF_SENSITIVE_PROPS_ALGORITHM);
final String sensitivePropProviderVal = niFiProperties.getProperty(NF_SENSITIVE_PROPS_PROVIDER);
final String sensitivePropValueNifiPropVar = niFiProperties.getProperty(NF_SENSITIVE_PROPS_KEY, DEFAULT_SENSITIVE_PROPS_KEY);
if (StringUtils.isBlank(sensitivePropAlgorithmVal)) {
throw new EncryptionException(NF_SENSITIVE_PROPS_ALGORITHM + "must bet set");
}
if (StringUtils.isBlank(sensitivePropProviderVal)) {
throw new EncryptionException(NF_SENSITIVE_PROPS_PROVIDER + "must bet set");
}
if (StringUtils.isBlank(sensitivePropValueNifiPropVar)) {
throw new EncryptionException(NF_SENSITIVE_PROPS_KEY + "must bet set");
}
final StringEncryptor nifiEncryptor;
try {
nifiEncryptor = new StringEncryptor(sensitivePropAlgorithmVal, sensitivePropProviderVal, sensitivePropValueNifiPropVar);
//test that we can infact encrypt and decrypt something
if (!nifiEncryptor.decrypt(nifiEncryptor.encrypt(TEST_PLAINTEXT)).equals(TEST_PLAINTEXT)) {
throw new EncryptionException("NiFi property encryptor does appear to be working - decrypt/encrypt return invalid results");
}
} catch (final EncryptionInitializationExceptionEncryptionOperationNotPossibleException | ex) {
throw new EncryptionException("Cannot initialize sensitive property encryptor", ex);
}
return nifiEncryptor;
}Example 28
| Project: Assignments-master File: XadesTest.java View source code |
@Test
public void XadesBesRsaCert() throws Exception {
(new File(DestDirBes)).mkdirs();
super.initialize();
String filename = "xfa.signed.xades-bes.pdf";
String output = DestDirBes + filename;
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
CertificateFactory cf = CertificateFactory.getInstance("X509");
Certificate cert = cf.generateCertificate(new FileInputStream(CERTIFICATE));
Certificate[] chain = new Certificate[] { cert };
// Read Private Key.
File filePrivateKey = new File(KEYSTORE);
FileInputStream fis = new FileInputStream(KEYSTORE);
byte[] encodedPrivateKey = new byte[(int) filePrivateKey.length()];
fis.read(encodedPrivateKey);
fis.close();
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(encodedPrivateKey);
PrivateKey pk = keyFactory.generatePrivate(privateKeySpec);
signXadesWithCertificate(Src, output, pk, chain, DigestAlgorithms.SHA1, provider.getName(), false);
String cmp = saveXmlFromResult(output);
Assert.assertTrue("Verification", verifyXmlDSig(cmp));
}Example 29
| Project: billing-ng-master File: PublicKeyProfile.java View source code |
public KeyPair generateKey() {
KeyPairGenerator keyGen;
try {
keyGen = KeyPairGenerator.getInstance(identifier, BouncyCastleProvider.PROVIDER_NAME);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("Key generator algorithm not supported by the JCE provider.");
} catch (NoSuchProviderException e) {
throw new RuntimeException("BouncyCastle JCE provider not configured or not loaded.");
}
if (keysize != null)
keyGen.initialize(keysize);
return new KeyPair(keyGen.generateKeyPair());
}Example 30
| Project: canl-java-master File: KeyStoreHelper.java View source code |
/**
* Creates an instance of KeyStore which should be used as a truststore,
* using our custom logic for choosing a provider: BC for PKCS12 and default for others.
* Usage of default provider for PKCS12 makes it not usable as a trust anchor store (bug/'feature' in JDK?).
* BC-created Keystore is universal but in many cases requires the unlimited strength crypto policy.
* @param type keystore type, usually PKCS12 or JKS
* @return keystore object instance. It is not loaded/initialized.
* @throws KeyStoreException if there is no provider supporting keystore type
*/
public static KeyStore getInstanceForTrust(String type) throws KeyStoreException {
KeyStore ks;
try {
if (type.equalsIgnoreCase("PKCS12"))
ks = KeyStore.getInstance(type, BouncyCastleProvider.PROVIDER_NAME);
else
ks = KeyStore.getInstance(type);
return ks;
} catch (NoSuchProviderException e) {
throw new IllegalStateException("Bouncy Castle provider is not " + "available in JDKFSTrustAnchorStore. This is a BUG.", e);
}
}Example 31
| Project: commons-eid-master File: CMSTest.java View source code |
@Test
public void testCMSSignature() throws Exception {
Security.addProvider(new BeIDProvider());
Security.addProvider(new BouncyCastleProvider());
KeyStore keyStore = KeyStore.getInstance("BeID");
keyStore.load(null);
PrivateKey privateKey = (PrivateKey) keyStore.getKey("Authentication", null);
X509Certificate certificate = (X509Certificate) keyStore.getCertificate("Authentication");
CMSTypedData msg = new CMSProcessableByteArray("Hello world!".getBytes());
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, certificate));
CMSSignedData sigData = gen.generate(msg, false);
}Example 32
| Project: diqube-master File: BouncyCastleUtil.java View source code |
/**
* @return The java security {@link Provider} of bouncycastle, if available. Make sure to add the dependency to the
* projects pom.
* @throws BouncyCastleUnavailableException
* if BC is unavailable.
*/
public static Provider getProvider() throws BouncyCastleUnavailableException {
Provider res = Security.getProvider(BC_PROVIDER_NAME);
if (res == null) {
synchronized (BouncyCastleUtil.class) {
res = Security.getProvider(BC_PROVIDER_NAME);
if (res == null) {
// disable BC "EC MQV" (patent issues).
System.setProperty("org.bouncycastle.ec.disable_mqv", "true");
try {
@SuppressWarnings("unchecked") Class<? extends Provider> providerClass = (Class<? extends Provider>) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
Provider bcProvider = providerClass.newInstance();
Security.addProvider(bcProvider);
res = Security.getProvider(BC_PROVIDER_NAME);
} catch (ClassNotFoundExceptionInstantiationException | IllegalAccessException | e) {
throw new BouncyCastleUnavailableException(e);
}
}
}
}
return res;
}Example 33
| Project: docker-java-master File: CertificateUtils.java View source code |
/**
* "cert.pem" from reader
*/
public static List<Certificate> loadCertificates(final Reader reader) throws IOException, CertificateException {
try (PEMParser pemParser = new PEMParser(reader)) {
List<Certificate> certificates = new ArrayList<>();
JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
Object certObj = pemParser.readObject();
if (certObj instanceof X509CertificateHolder) {
X509CertificateHolder certificateHolder = (X509CertificateHolder) certObj;
certificates.add(certificateConverter.getCertificate(certificateHolder));
}
return certificates;
}
}Example 34
| Project: eid-applet-master File: SignatureServiceImpl.java View source code |
public void postSign(byte[] signatureValue, List<X509Certificate> signingCertificateChain) {
LOG.debug("postSign");
String signatureValueStr = new String(Hex.encodeHex(signatureValue));
HttpSession session = getHttpSession();
session.setAttribute("SignatureValue", signatureValueStr);
session.setAttribute("SigningCertificateChain", signingCertificateChain);
boolean signatureValid = false;
String toBeSigned = (String) session.getAttribute("toBeSigned");
LOG.debug("to be signed: " + toBeSigned);
String digestAlgo = (String) session.getAttribute("digestAlgo");
String signAlgo = digestAlgoToSignAlgo.get(digestAlgo);
try {
Signature signature = Signature.getInstance(signAlgo, BouncyCastleProvider.PROVIDER_NAME);
signature.initVerify(signingCertificateChain.get(0).getPublicKey());
signature.update(toBeSigned.getBytes());
signatureValid = signature.verify(signatureValue);
} catch (Exception e) {
LOG.error("error validating the signature: " + e.getMessage(), e);
}
session.setAttribute("SignatureValid", signatureValid);
}Example 35
| Project: encryption-jvm-bootcamp-master File: TestBCPGP.java View source code |
@Test
public // @Ignore //Doesn't return the expected provider unless explicitly requested with BC as the 2nd param
void testBCPGPProviderRegistration() throws NoSuchAlgorithmException, GeneralSecurityException {
//Test the algorithm brought back before the BC provider is inserted
Cipher cipherSunRSA = Cipher.getInstance("RSA/ECB/PKCS1Padding");
Assert.assertEquals("SunJCE version 1.6", cipherSunRSA.getProvider().toString());
//Add the BC provider. If no position it given, provider adds to end of list
int positionAdded = Security.insertProviderAt(new BouncyCastleProvider(), 1);
Assert.assertEquals(1, positionAdded);
//Now that the BC provider is inserted at position 1, an unconstrained request for RSA will
// still come from BC
Cipher cipherDefaultRSA = Cipher.getInstance("RSA/ECB/PKCS1Padding");
Assert.assertEquals("BC version 1.45", cipherDefaultRSA.getProvider().toString());
//When specifically requested via "BC", then BouncyCastle is returned.
Cipher cipherBCRSA = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
Assert.assertEquals("BC version 1.45", cipherBCRSA.getProvider().toString());
}Example 36
| Project: ExemplosDemoiselle-master File: TesteLeituraAssinaturaPKCS7.java View source code |
public static void main(String[] args) {
String nomeArquivo = "/tmp/arquivo.txt.pkcs7.software";
// String nomeArquivo = "/tmp/arquivo.chain.enc.txt.pkcs7";
// String nomeArquivo = "/tmp/arquivo.chain.noenc.txt.pkcs7";
// String nomeArquivo = "/tmp/arquivo.nochain.enc.txt.pkcs7";
// String nomeArquivo = "/tmp/arquivo.nochain.noenc.txt.pkcs7";
Security.addProvider(new BouncyCastleProvider());
try {
TabeliaoAssinaturaPKCS7 tabAssinatura = new TabeliaoAssinaturaPKCS7(new FileInputStream("/tmp/arquivo.txt"), new FileInputStream(nomeArquivo));
TabeliaoCertificate tc = new TabeliaoCertificate(tabAssinatura.getCertificadoAssinante());
System.out.println(tc.getCadeiaCertificados().size());
TabeliaoResultadoValidacao trvCert = tc.valida();
System.out.println("Carregando o certificado assinante");
X509Certificate cert = tabAssinatura.getCertificadoAssinante();
System.out.println(cert);
TabeliaoResultadoValidacao trvAss = tabAssinatura.valida();
System.out.println("*** Validação do certificado utilizado na assinatura: ");
System.out.println(trvCert);
System.out.println("*** Validação da assinatura: ");
System.out.println(trvAss);
} catch (Exception e) {
e.printStackTrace();
}
}Example 37
| Project: fred-master File: ECDHTest.java View source code |
public static void main(String[] args) throws InvalidKeyException, IllegalStateException, NoSuchAlgorithmException {
Security.addProvider(new BouncyCastleProvider());
ECDH alice = new ECDH(Curves.P256);
ECDH bob = new ECDH(Curves.P256);
PublicKey bobP = bob.getPublicKey();
PublicKey aliceP = alice.getPublicKey();
System.out.println("Alice C: " + alice.curve);
System.out.println("Bob C: " + bob.curve);
System.out.println("Alice P: " + toHex(aliceP.getEncoded()));
System.out.println("Bob P: " + toHex(bobP.getEncoded()));
System.out.println("Alice S: " + toHex(alice.getAgreedSecret(bob.getPublicKey())));
System.out.println("Bob S: " + toHex(bob.getAgreedSecret(alice.getPublicKey())));
}Example 38
| Project: gobblin-master File: GPGFileDecryptor.java View source code |
public static InputStream decryptFile(InputStream inputStream, String passPhrase) throws IOException {
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
Security.addProvider(new BouncyCastleProvider());
}
inputStream = PGPUtil.getDecoderStream(inputStream);
JcaPGPObjectFactory pgpF = new JcaPGPObjectFactory(inputStream);
PGPEncryptedDataList enc;
Object pgpfObject = pgpF.nextObject();
if (pgpfObject instanceof PGPEncryptedDataList) {
enc = (PGPEncryptedDataList) pgpfObject;
} else {
enc = (PGPEncryptedDataList) pgpF.nextObject();
}
PGPPBEEncryptedData pbe = (PGPPBEEncryptedData) enc.get(0);
InputStream clear;
try {
clear = pbe.getDataStream(new JcePBEDataDecryptorFactoryBuilder(new JcaPGPDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build()).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(passPhrase.toCharArray()));
JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(clear);
pgpfObject = pgpFact.nextObject();
if (pgpfObject instanceof PGPCompressedData) {
PGPCompressedData cData = (PGPCompressedData) pgpfObject;
pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
pgpfObject = pgpFact.nextObject();
}
PGPLiteralData ld = (PGPLiteralData) pgpfObject;
return ld.getInputStream();
} catch (PGPException e) {
throw new IOException(e);
}
}Example 39
| Project: java_security-master File: DESTest.java View source code |
// 用bouncy castle实现:
public static void bcDES() {
try {
Security.addProvider(new BouncyCastleProvider());
// 生�KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES", "BC");
keyGenerator.getProvider();
keyGenerator.init(56);
// 产生密钥
SecretKey secretKey = keyGenerator.generateKey();
// 获�密钥
byte[] bytesKey = secretKey.getEncoded();
// KEY转�
DESKeySpec desKeySpec = new DESKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
Key convertSecretKey = factory.generateSecret(desKeySpec);
// åŠ å¯†
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("bc des encrypt:" + Hex.encodeHexString(result));
// 解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
result = cipher.doFinal(result);
System.out.println("bc des decrypt:" + new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}Example 40
| Project: JGlobus-master File: SimpleMemoryKeyStoreTest.java View source code |
@BeforeClass
public static void loadBouncyCastleProvider() throws Exception {
Security.addProvider(new BouncyCastleProvider());
CertificateFactory factory = CertificateFactory.getInstance("X.509");
cert = (X509Certificate) factory.generateCertificate(new GlobusPathMatchingResourcePatternResolver().getResource("classpath:/validatorTest/testca.pem").getInputStream());
}Example 41
| Project: jts-tanks-master File: RSAEngine.java View source code |
/**
* @param data - входной маÑ?Ñ?ив закриптованных данных
* @param from
* @param length
* @return - маÑ?Ñ?ив раÑ?шифрованных данных
*/
private byte[] decrypt0(byte[] data, int from, int length) {
ByteBuf buf = Unpooled.buffer().order(ByteOrder.LITTLE_ENDIAN);
PrivateKey privateKey = KeyStore.getInstance().getPrivateKey();
try {
Cipher rsa = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", BouncyCastleProvider.PROVIDER_NAME);
rsa.init(Cipher.DECRYPT_MODE, privateKey);
final int blockSize = rsa.getBlockSize();
for (int i = from; i < length; i += blockSize) {
if (i + blockSize > length) {
byte[] tempData = rsa.doFinal(data, i, length - i);
buf.writeBytes(tempData);
} else {
byte[] tempData = rsa.doFinal(data, i, blockSize);
buf.writeBytes(tempData);
}
}
} catch (NoSuchAlgorithmExceptionNoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException | NoSuchProviderException | e) {
e.printStackTrace();
}
return buf.array();
}Example 42
| Project: ksi-java-sdk-master File: CalendarAuthenticationRecordSignatureVerificationRule.java View source code |
public VerificationResultCode verifySignature(VerificationContext context) throws KSIException {
CalendarAuthenticationRecord authenticationRecord = context.getCalendarAuthenticationRecord();
SignatureData signatureData = authenticationRecord.getSignatureData();
Certificate certificate = context.getCertificate(signatureData.getCertificateId());
try {
Signature sig = Signature.getInstance(((X509Certificate) certificate).getSigAlgName(), BouncyCastleProvider.PROVIDER_NAME);
sig.initVerify(certificate);
sig.update(authenticationRecord.getPublicationData().getEncoded());
if (!sig.verify(signatureData.getSignatureValue())) {
LOGGER.info("Invalid calendar authentication record signature.");
return VerificationResultCode.FAIL;
}
} catch (GeneralSecurityException e) {
LOGGER.warn("General PKI security exception occurred when verifying KSI signature. " + e.getMessage(), e);
return VerificationResultCode.FAIL;
}
return VerificationResultCode.OK;
}Example 43
| Project: mtools-master File: InitServlet.java View source code |
public void init() throws ServletException {
try {
//自定义log4j�置
if (!FuncUtil.isEmpty(log4j)) {
PropertyConfigurator.configure(SpringUtil.cfgPath(log4j));
}
log.info("�始化spring容器");
log.info("SpringUtil init");
ServletContext context = getServletContext();
// WebApplicationContext webAppContext = WebApplicationContextUtils
// .getWebApplicationContext(context);
ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
SpringUtil.initCxt(ctx);
CoreDao dao = (CoreDao) SpringUtil.getAnoBean("dao");
// CoreDao daoExt = (CoreDao) SpringUtil.getAnoBean("daoExt");
// CoreDao daoExt = (CoreDao) SpringUtil.getBean("daoExt");
List<String> values = dao.search("select 1 from dual", String.class, null);
// values = daoExt.search("select 1 from dual", String.class,
// null);
//使用BouncyCastleProvideræ??供的安全ç–ç•¥ 需è¦?引入bcprov-jdk16-1.46.jar
Security.addProvider(new BouncyCastleProvider());
log.info("åŠ è½½ç³»ç»Ÿå?‚æ•°æˆ?功");
} catch (Exception e) {
log.error("�始化�务应用�生异常", e);
e.printStackTrace();
}
}Example 44
| Project: nimbus_ezpz_ca-master File: CertDN.java View source code |
public static String dnFromPath(String path) throws IOException {
final File certFile = new File(path);
if (!certFile.canRead()) {
final String msg = "File '" + path + "' can not be read.";
throw new IOException(msg);
}
final FileReader fr = new FileReader(certFile);
try {
final PEMReader reader = new PEMReader(fr, null, BouncyCastleProvider.PROVIDER_NAME);
try {
final X509Certificate cert = (X509Certificate) reader.readObject();
final X500Principal principal = cert.getSubjectX500Principal();
final String DN = principal.getName(X500Principal.RFC2253);
return CertUtil.toGlobusID(DN, false);
} finally {
reader.close();
}
} finally {
fr.close();
}
}Example 45
| Project: nomulus-master File: GetKeyringSecretCommand.java View source code |
@Override
public void run() throws Exception {
OutputStream out = outputPath != null ? new FileOutputStream(outputPath.toFile()) : System.out;
Security.addProvider(new BouncyCastleProvider());
switch(keyringKeyName) {
case BRAINTREE_PRIVATE_KEY:
out.write(KeySerializer.serializeString(keyring.getBraintreePrivateKey()));
break;
case BRDA_RECEIVER_PUBLIC_KEY:
out.write(KeySerializer.serializePublicKey(keyring.getBrdaReceiverKey()));
break;
case BRDA_SIGNING_KEY_PAIR:
out.write(KeySerializer.serializeKeyPair(keyring.getBrdaSigningKey()));
break;
case ICANN_REPORTING_PASSWORD:
out.write(KeySerializer.serializeString(keyring.getIcannReportingPassword()));
break;
case JSON_CREDENTIAL:
out.write(KeySerializer.serializeString(keyring.getJsonCredential()));
break;
case MARKSDB_DNL_LOGIN:
out.write(KeySerializer.serializeString(keyring.getMarksdbDnlLogin()));
break;
case MARKSDB_LORDN_PASSWORD:
out.write(KeySerializer.serializeString(keyring.getMarksdbLordnPassword()));
break;
case MARKSDB_SMDRL_LOGIN:
out.write(KeySerializer.serializeString(keyring.getMarksdbSmdrlLogin()));
break;
case RDE_RECEIVER_PUBLIC_KEY:
out.write(KeySerializer.serializePublicKey(keyring.getRdeReceiverKey()));
break;
case RDE_SIGNING_KEY_PAIR:
out.write(KeySerializer.serializeKeyPair(keyring.getRdeSigningKey()));
break;
case RDE_SSH_CLIENT_PRIVATE_KEY:
out.write(KeySerializer.serializeString(keyring.getRdeSshClientPrivateKey()));
break;
case RDE_SSH_CLIENT_PUBLIC_KEY:
out.write(KeySerializer.serializeString(keyring.getRdeSshClientPublicKey()));
break;
case RDE_STAGING_KEY_PAIR:
// Note that we're saving a key pair rather than just the private key because we can't
// serialize a private key on its own. See {@link KeySerializer}.
out.write(KeySerializer.serializeKeyPair(new PGPKeyPair(keyring.getRdeStagingEncryptionKey(), keyring.getRdeStagingDecryptionKey())));
break;
case RDE_STAGING_PUBLIC_KEY:
out.write(KeySerializer.serializePublicKey(keyring.getRdeStagingEncryptionKey()));
break;
}
}Example 46
| Project: qi4j-libraries-master File: X509CredentialsPKIXPathMatcher.java View source code |
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
try {
X509AuthenticationToken x509AuthToken = (X509AuthenticationToken) token;
X509AuthenticationInfo x509AuthInfo = (X509AuthenticationInfo) info;
ExtendedPKIXBuilderParameters params = new ExtendedPKIXBuilderParameters(x509AuthInfo.getGrantedTrustAnchors(), x509AuthToken.getClientX509CertSelector());
params.addStore(x509AuthToken.getClientCertChainStore());
params.setRevocationEnabled(false);
CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
CertPathBuilderResult result = pathBuilder.build(params);
if (LOGGER.isDebugEnabled()) {
PKIXCertPathReviewer reviewer = new PKIXCertPathReviewer(result.getCertPath(), params);
String certPathEnd = ((X509Certificate) reviewer.getCertPath().getCertificates().get(reviewer.getCertPathSize() - 1)).getSubjectX500Principal().getName();
LOGGER.debug("A valid ({}) certification path (length: {}) was found for the following certificate: '{}' ending on: '{}'", new Object[] { reviewer.isValidCertPath(), reviewer.getCertPathSize(), x509AuthToken.getClientX509Certificate().getSubjectX500Principal().getName(), certPathEnd });
}
return true;
} catch (GeneralSecurityException ex) {
LOGGER.trace("Unable to do credentials matching", ex);
return false;
} catch (CertPathReviewerException ex) {
LOGGER.trace("Unable to do credentials matching", ex);
return false;
}
}Example 47
| Project: Resteasy-master File: GrantTest.java View source code |
@Test
public void testPem() throws Exception {
System.out.println("*******************");
if (Security.getProvider("BC") == null)
Security.addProvider(new BouncyCastleProvider());
KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
StringWriter writer = new StringWriter();
PEMWriter pemWriter = new PEMWriter(writer);
pemWriter.writeObject(keyPair.getPublic());
pemWriter.flush();
String s = writer.toString();
System.out.println(s);
s = PemUtils.removeBeginEnd(s);
PublicKey pk = PemUtils.decodePublicKey(s);
Assert.assertEquals(pk, keyPair.getPublic());
}Example 48
| Project: sandboxes-master File: LoadPublicKeyFromKnownHosts_Test.java View source code |
private void doStuff(String lineFromKnownHosts) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
OpenSSHKnownHosts.HostEntry hostEntry = OpenSSHKnownHosts.EntryFactory.parseEntry(lineFromKnownHosts);
KeyFactory dsa = KeyFactory.getInstance("DSA", new BouncyCastleProvider());
KeySpec spec = new DSAPublicKeySpec(y, p, q, g);
PublicKey publicKey = dsa.generatePublic(spec);
System.out.println(hostEntry.getLine());
assertThat(hostEntry.verify(publicKey), is(true));
assertThat(hostEntry.appliesTo(KeyType.DSA, "[localhost]:2022"), is(true));
}Example 49
| Project: sikker-digital-post-klient-java-master File: CreateCMSDocument.java View source code |
public CMSDocument createCMS(byte[] bytes, Sertifikat sertifikat) {
try {
JceKeyTransRecipientInfoGenerator recipientInfoGenerator = new JceKeyTransRecipientInfoGenerator(sertifikat.getX509Certificate(), keyEncryptionScheme).setProvider(BouncyCastleProvider.PROVIDER_NAME);
CMSEnvelopedDataGenerator envelopedDataGenerator = new CMSEnvelopedDataGenerator();
envelopedDataGenerator.addRecipientInfoGenerator(recipientInfoGenerator);
OutputEncryptor contentEncryptor = new JceCMSContentEncryptorBuilder(cmsEncryptionAlgorithm).build();
CMSEnvelopedData cmsData = envelopedDataGenerator.generate(new CMSProcessableByteArray(bytes), contentEncryptor);
return new CMSDocument(cmsData.getEncoded());
} catch (CertificateEncodingException e) {
throw new KonfigurasjonException("Feil med mottakers sertifikat", e);
} catch (CMSException e) {
throw new KonfigurasjonException("Kunne ikke generere Cryptographic Message Syntax for dokumentpakke", e);
} catch (IOException e) {
throw new RuntimeIOException(e);
}
}Example 50
| Project: steamchat-master File: RSA.java View source code |
private void init(BigInteger mod, BigInteger exp, boolean oaep) {
try {
final RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(mod, exp);
final KeyFactory factory = KeyFactory.getInstance("RSA");
RSAkey = (RSAPublicKey) factory.generatePublic(publicKeySpec);
Security.addProvider(new BouncyCastleProvider());
if (oaep) {
cipher = Cipher.getInstance("RSA/None/OAEPWithSHA1AndMGF1Padding", "BC");
} else {
cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
}
cipher.init(Cipher.ENCRYPT_MODE, RSAkey);
} catch (final NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (final NoSuchPaddingException e) {
e.printStackTrace();
} catch (final InvalidKeyException e) {
e.printStackTrace();
} catch (final InvalidKeySpecException e) {
e.printStackTrace();
} catch (final NoSuchProviderException e) {
e.printStackTrace();
}
}Example 51
| Project: stickypunch-master File: PackageZipSigner.java View source code |
@Override
public byte[] sign(byte[] data) throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyStore inStore = KeyStore.getInstance("PKCS12");
inStore.load(new FileInputStream(packageZipConfiguration.pushPackageSignerCertPath), packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
Key key = inStore.getKey(packageZipConfiguration.pushPackageSignerCertName, packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
PrivateKey privateKey = RSAPrivateKeyImpl.parseKey(new DerValue(key.getEncoded()));
Certificate certificate = inStore.getCertificate(packageZipConfiguration.pushPackageSignerCertName);
X509CertificateHolder certificateHolder = new X509CertificateHolder(certificate.getEncoded());
List certList = new ArrayList();
//Data to sign
CMSTypedData msg = new CMSProcessableByteArray(data);
//Adding the X509 Certificate
certList.add(certificateHolder);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
//Initializing the the BC's Signer
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, certificateHolder));
//adding the certificate
gen.addCertificates(certs);
//Getting the signed data
CMSSignedData sigData = gen.generate(msg, false);
return sigData.getEncoded();
}Example 52
| Project: webpasswordsafe-master File: JasyptBCAESEncryptionTest.java View source code |
@Test
public void testEncrypt() {
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
encryptor.setProvider(new BouncyCastleProvider());
encryptor.setAlgorithm("PBEWITHSHA256AND256BITAES-CBC-BC");
encryptor.setPassword("w3bp@$$w0rd$@f3k3y");
encryptor.setKeyObtentionIterations(1000);
String clearText = "1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890";
System.out.println("clearText.length=" + clearText.length());
System.out.println("clearText=" + clearText);
String encryptedText1 = encryptor.encrypt(clearText);
System.out.println("encryptedText1.length=" + encryptedText1.length());
System.out.println("encryptedText1=" + encryptedText1);
assertEquals(encryptedText1.length(), 172);
String decryptedText1 = encryptor.decrypt(encryptedText1);
assertEquals(decryptedText1, clearText);
String encryptedText2 = encryptor.encrypt(clearText);
System.out.println("encryptedText2.length=" + encryptedText2.length());
System.out.println("encryptedText2=" + encryptedText2);
assertEquals(encryptedText2.length(), 172);
String decryptedText2 = encryptor.decrypt(encryptedText2);
assertEquals(decryptedText2, clearText);
String clearText2 = "1234567890123456";
System.out.println("clearText2.length=" + clearText2.length());
System.out.println("clearText2=" + clearText2);
String encryptedText3 = encryptor.encrypt(clearText2);
System.out.println("encryptedText3.length=" + encryptedText3.length());
System.out.println("encryptedText3=" + encryptedText3);
}Example 53
| Project: moxie-master File: MakeCertificate.java View source code |
public static void generateSelfSignedCertificate(String hostname, File keystore, String keystorePassword) {
try {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
kpGen.initialize(1024, new SecureRandom());
KeyPair pair = kpGen.generateKeyPair();
// Generate self-signed certificate
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.OU, Constants.getName());
builder.addRDN(BCStyle.O, Constants.getName());
builder.addRDN(BCStyle.CN, hostname);
Date notBefore = new Date(System.currentTimeMillis() - ONEDAY);
Date notAfter = new Date(System.currentTimeMillis() + 10 * ONEYEAR);
BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), serial, notBefore, notAfter, builder.build(), pair.getPublic());
ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(pair.getPrivate());
X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
cert.checkValidity(new Date());
cert.verify(cert.getPublicKey());
// Save to keystore
KeyStore store = KeyStore.getInstance("JKS");
if (keystore.exists()) {
FileInputStream fis = new FileInputStream(keystore);
store.load(fis, keystorePassword.toCharArray());
fis.close();
} else {
store.load(null);
}
store.setKeyEntry(hostname, pair.getPrivate(), keystorePassword.toCharArray(), new java.security.cert.Certificate[] { cert });
FileOutputStream fos = new FileOutputStream(keystore);
store.store(fos, keystorePassword.toCharArray());
fos.close();
} catch (Throwable t) {
t.printStackTrace();
throw new RuntimeException("Failed to generate self-signed certificate!", t);
}
}Example 54
| Project: alien4cloud-master File: SSHUtil.java View source code |
private static KeyPair loadKeyPair(String pemFile) {
try {
Security.addProvider(new BouncyCastleProvider());
PEMParser pemParser = new PEMParser(new FileReader(pemFile));
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
Object object = pemParser.readObject();
return converter.getKeyPair((PEMKeyPair) object);
} catch (Exception e) {
log.error("Could not load key pair", e);
throw new RuntimeException("Could not load key pair", e);
}
}Example 55
| Project: android-privacy-guard-master File: AskForSecretKeyPassPhrase.java View source code |
public void onClick(DialogInterface dialog, int id) {
activity.removeDialog(Id.dialog.pass_phrase);
String passPhrase = "" + input.getText();
long keyId;
if (secretKey != null) {
try {
PGPPrivateKey testKey = secretKey.extractPrivateKey(passPhrase.toCharArray(), new BouncyCastleProvider());
} catch (PGPException e) {
Toast.makeText(activity, R.string.wrongPassPhrase, Toast.LENGTH_SHORT).show();
return;
}
keyId = secretKey.getKeyID();
} else {
keyId = Id.key.symmetric;
}
cb.passPhraseCallback(keyId, passPhrase);
}Example 56
| Project: cagrid2-master File: CreateHostCertificate.java View source code |
public static void main(String[] args) {
try {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
String cert = org.cagrid.core.commandline.IOUtils.readLine("Please enter the location of the CA's certificate", true);
String key = org.cagrid.core.commandline.IOUtils.readLine("Please enter the location of the CA's private key", true);
String cn = org.cagrid.core.commandline.IOUtils.readLine("Please enter the hostname of the host you are requesting a certificate for", true);
String syears = org.cagrid.core.commandline.IOUtils.readLine("Please enter the number of years the host certificate will be valid for", true);
int years = Integer.valueOf(syears);
PrivateKey cakey = KeyUtil.loadPrivateKey(new File(key), null);
X509Certificate cacert = CertUtil.loadCertificate("BC", new File(cert));
KeyPair pair = KeyUtil.generateRSAKeyPair1024("BC");
String rootSub = cacert.getSubjectDN().toString();
int index = rootSub.lastIndexOf(",");
String subject = rootSub.substring(0, index) + ",CN=" + cn;
GregorianCalendar date = new GregorianCalendar(TimeZone.getTimeZone("GMT"));
Date start = new Date(date.getTimeInMillis());
Date end = null;
date.add(Calendar.YEAR, years);
Date d = new Date(date.getTimeInMillis());
if (cacert.getNotAfter().before(d)) {
throw new GeneralSecurityException("Cannot create a certificate that expires after issuing certificate.");
}
end = d;
X509Certificate userCert = CertUtil.generateCertificate("BC", new X509Name(subject), start, end, pair.getPublic(), cacert, cakey, CertUtil.SHA2_SIGNATURE_ALGORITHM, null);
System.out.println("Successfully created the host certificate:");
System.out.println(userCert.getSubjectDN().toString());
System.out.println("Host certificate issued by:");
System.out.println(cacert.getSubjectDN().toString());
System.out.println("Host certificate valid till:");
System.out.println(userCert.getNotAfter());
String certOut = org.cagrid.core.commandline.IOUtils.readLine("Please enter a location/filename to write the certificate to", true);
String keyOut = org.cagrid.core.commandline.IOUtils.readLine("Please enter a location/filename to write the private key to", true);
KeyUtil.writePrivateKey(pair.getPrivate(), new File(keyOut));
CertUtil.writeCertificate(userCert, new File(certOut));
System.out.println("Host private key written to:");
System.out.println(keyOut);
System.out.println("Host certificate written to:");
System.out.println(certOut);
} catch (Exception e) {
e.printStackTrace();
System.exit(1);
}
}Example 57
| Project: ccnx-master File: KeyLocatorTest.java View source code |
@BeforeClass
public static void setUpBeforeClass() throws Exception {
try {
name = new ContentName(baseName, subName2, document2);
Security.addProvider(new BouncyCastleProvider());
// generate key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
// go for fast
kpg.initialize(512);
pair = kpg.generateKeyPair();
MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
cert = mg.sign(null, pair.getPrivate());
pubID = new PublisherID(pair.getPublic(), false);
} catch (Exception ex) {
XMLEncodableTester.handleException(ex);
System.out.println("Unable To Initialize Test!!!");
}
}Example 58
| Project: CloudStack-archive-master File: RSAHelper.java View source code |
private static RSAPublicKey readKey(String key) throws Exception {
byte[] encKey = Base64.decodeBase64(key.split(" ")[1]);
DataInputStream dis = new DataInputStream(new ByteArrayInputStream(encKey));
byte[] header = readElement(dis);
String pubKeyFormat = new String(header);
if (!pubKeyFormat.equals("ssh-rsa"))
throw new RuntimeException("Unsupported format");
byte[] publicExponent = readElement(dis);
byte[] modulus = readElement(dis);
KeySpec spec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent));
KeyFactory keyFactory = KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(spec);
return pubKey;
}Example 59
| Project: cloudstack-master File: RSAHelper.java View source code |
private static RSAPublicKey readKey(String key) throws Exception {
byte[] encKey = Base64.decodeBase64(key.split(" ")[1]);
DataInputStream dis = new DataInputStream(new ByteArrayInputStream(encKey));
byte[] header = readElement(dis);
String pubKeyFormat = new String(header);
if (!pubKeyFormat.equals("ssh-rsa"))
throw new RuntimeException("Unsupported format");
byte[] publicExponent = readElement(dis);
byte[] modulus = readElement(dis);
KeySpec spec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent));
KeyFactory keyFactory = KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(spec);
return pubKey;
}Example 60
| Project: cosigner-master File: Aes.java View source code |
/**
* Generate a key from a password and salt.
*/
public static byte[] generateKey(String password, byte[] salt) {
try {
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, 50, 256);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithSHA256And256BitAES-CBC-BC", new BouncyCastleProvider());
SecretKeySpec secretKey = new SecretKeySpec(keyFactory.generateSecret(pbeKeySpec).getEncoded(), "AES");
return secretKey.getEncoded();
} catch (InvalidKeySpecExceptionNoSuchAlgorithmException | e) {
LOGGER.error(null, e);
return new byte[0];
}
}Example 61
| Project: digipost-api-client-java-master File: FallbackTilPrintEksempel.java View source code |
public static void main(final String[] args) {
// 1. For å kunne kryptere brevet som skal sendes trenger vi
// BouncyCastle
Security.addProvider(new BouncyCastleProvider());
// 2. Vi leser inn sertifikatet du har knyttet til din Digipost-konto (i
// .p12-formatet)
InputStream sertifikatInputStream = lesInnSertifikat();
// 3. Vi oppretter en DigipostClient
DigipostClient client = new DigipostClient(newBuilder().build(), "https://api.digipost.no", AVSENDERS_KONTOID, sertifikatInputStream, SERTIFIKAT_PASSORD);
// 4. Vi oppretter et fødselsnummerobjekt som skal brukes til å
// identifisere mottaker i Digipost
PersonalIdentificationNumber pin = new PersonalIdentificationNumber("26079833787");
// 5. Vi oppretter en forsendelse for sending av brevet i Digipost og med adresseinformasjon som vil
// benyttes dersom mottaker ikke er Digipostbruker
Document primaryDocument = new Document(UUID.randomUUID().toString(), "Dokumentets emne", PDF, null, new SmsNotification(), null, PASSWORD, NORMAL);
PrintDetails printDetails = new PrintDetails(new PrintRecipient("Mottakers navn", new NorwegianAddress("postnummer", "Mottakers poststed")), new PrintRecipient("Avsenders navn", new NorwegianAddress("postnummer", "Avsenders poststed")), B, MONOCHROME, RETURN_TO_SENDER);
String dinForsendelseId = UUID.randomUUID().toString();
Message message = newMessage(dinForsendelseId, primaryDocument).recipient(new MessageRecipient(pin, printDetails)).build();
// 7. Foreløpig støtter Digipost kun å sende krypterte brev til print. Kaller du på
// encrypt() så vil klientbiblioteket krypterer filen for
// deg før den oversendes Digipost.
primaryDocument.encrypt();
// 8. Vi oppretter forsendelsen, legger til innhold og alternativt
// innhold for print, og til slutt sender forsendelsen. Alt håndteres
// av klientbiblioteket.
client.createMessage(message).addContent(primaryDocument, getMessageContent(), getPrintContent()).send();
}Example 62
| Project: dss-master File: CRLGenerator.java View source code |
public X509CRL generateCRL(X509Certificate certToRevoke, MockPrivateKeyEntry issuerEntry, Date dateOfRevoke, int reason) throws Exception {
Date now = new Date();
X500Name x500nameIssuer = new JcaX509CertificateHolder(issuerEntry.getCertificate().getCertificate()).getSubject();
X509v2CRLBuilder crlGen = new X509v2CRLBuilder(x500nameIssuer, now);
crlGen.setNextUpdate(new Date(now.getTime() + (60 * 60 * 1000)));
crlGen.addCRLEntry(certToRevoke.getSerialNumber(), dateOfRevoke, reason);
JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(issuerEntry.getCertificate().getPublicKey()));
X509CRLHolder crlHolder = crlGen.build(new JcaContentSignerBuilder(issuerEntry.getCertificate().getCertificate().getSigAlgName()).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(issuerEntry.getPrivateKey()));
JcaX509CRLConverter converter = new JcaX509CRLConverter();
return converter.getCRL(crlHolder);
}Example 63
| Project: frostwire-common-master File: SESecurityManagerBC.java View source code |
protected static void initialise() {
try {
Security.addProvider(new org.minicastle.jce.provider.BouncyCastleProvider());
KeyFactory kf = KeyFactory.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
if (Constants.IS_CVS_VERSION) {
String where = "";
try {
where = BouncyCastleProvider.class.getClassLoader().getResource("org/bouncycastle/jce/provider/BouncyCastleProvider.class").toExternalForm();
} catch (Throwable e) {
ClassLoader cl = BouncyCastleProvider.class.getClassLoader();
if (cl == null) {
where = "<bootstrap>";
} else {
where = cl.toString();
}
}
if (!where.contains("Azureus2")) {
Debug.outNoStack("BC Provider '" + BouncyCastleProvider.PROVIDER_NAME + "' initialised successfully (loaded from " + where + ")");
}
}
} catch (Throwable e) {
Debug.out("BC Provider initialisation failed", e);
}
}Example 64
| Project: geoserver-master File: GeoserverWicketEncrypterFactory.java View source code |
protected ICrypt getEncrypterFromSession(HttpSession s) {
ICrypt result = (ICrypt) s.getAttribute(ICRYPT_ATTR_NAME);
if (result != null)
return result;
GeoServerSecurityManager manager = GeoServerApplication.get().getSecurityManager();
char[] key = manager.getRandomPassworddProvider().getRandomPasswordWithDefaultLength();
StandardPBEByteEncryptor enc = new StandardPBEByteEncryptor();
enc.setPasswordCharArray(key);
// since the password is copied, we can scramble it
manager.disposePassword(key);
if (manager.isStrongEncryptionAvailable()) {
enc.setProvider(new BouncyCastleProvider());
enc.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC");
} else
// US export restrictions
enc.setAlgorithm("PBEWITHMD5ANDDES");
result = new CryptImpl(enc);
s.setAttribute(ICRYPT_ATTR_NAME, result);
return result;
}Example 65
| Project: GNDMS-master File: PemReaderTest.java View source code |
public static void main(String[] args) throws Exception {
if (args.length != 2) {
System.err.println("usage: PemReaderTest <pem-location> <pk-pass-phase>");
System.exit(1);
}
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
CertStuffHolder certStuff = readKeyPair(new File(args[0]), args[1].toCharArray());
System.out.println(certStuff.getKeyPair());
// System.out.println( keyPair.getPrivate() );
System.exit(0);
}Example 66
| Project: Hive2Hive-master File: SerializerTest.java View source code |
@Test
public void testKeyPair() throws IOException, ClassNotFoundException {
// install the provider anyway because probably key pairs need to be generated
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
Security.addProvider(new BouncyCastleProvider());
}
KeyPair keyPair = generateRSAKeyPair(RSA_KEYLENGTH.BIT_512);
byte[] encoded = serializer.serialize(keyPair);
KeyPair decoded = (KeyPair) serializer.deserialize(encoded);
assertEquals(keyPair.getPrivate(), decoded.getPrivate());
assertEquals(keyPair.getPublic(), decoded.getPublic());
}Example 67
| Project: hudson_plugins-master File: EC2PrivateKey.java View source code |
/**
* Obtains the fingerprint of the key in the "ab:cd:ef:...:12" format.
*/
public String getFingerprint() throws IOException {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
Reader r = new BufferedReader(new StringReader(privateKey.toString()));
PEMReader pem = new PEMReader(r);
KeyPair pair = (KeyPair) pem.readObject();
if (pair == null)
return null;
PrivateKey key = pair.getPrivate();
return digest(key);
}Example 68
| Project: Izou-master File: SecurityFunctions.java View source code |
/**
* Applies an AES decryption on the byte array {@code cipherBytes} with they given key. The key has to be the same
* key used during encryption, else null is returned
*
* @param cipherBytes the byte array to decrypt
* @param key the key to use during the decryption
* @return the decrypted string if everything was successful, else null
*/
public String decryptAES(byte[] cipherBytes, SecretKey key) {
String plainText = null;
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
try {
Cipher cipher = Cipher.getInstance("AES", "BC");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] bytePlainText = cipher.doFinal(cipherBytes);
plainText = new String(bytePlainText, "UTF-8");
} catch (IllegalBlockSizeExceptionInvalidKeyException | NoSuchAlgorithmException | BadPaddingException | NoSuchPaddingException | UnsupportedEncodingException | NoSuchProviderException | e) {
logger.error("Unable to apply AES decryption", e);
}
return plainText;
}Example 69
| Project: java-csp-master File: TestSignature.java View source code |
@BeforeClass
public static void setUpBeforeClass() throws Exception {
// new NativeLibraryLoader().loadLibraries();
LoadNative.loadProvider();
if (Security.getProvider(CSP_PROVIDER) == null)
Security.addProvider(new CSPProvider());
if (Security.getProperty(BC_PROVIDER) == null)
Security.addProvider(new BouncyCastleProvider());
}Example 70
| Project: jrs-rest-java-client-master File: EncryptionUtils.java View source code |
private static String getEncryptedPassword(PublicKey publicKey, String pwd) throws Exception {
byte[] encryptedUtfPass;
Cipher enc = Cipher.getInstance("RSA/NONE/NoPadding", new BouncyCastleProvider());
enc.init(Cipher.ENCRYPT_MODE, publicKey);
String utfPass = URLEncoder.encode(pwd, CharEncoding.UTF_8);
encryptedUtfPass = enc.doFinal(utfPass.getBytes());
return byteArrayToHexString(encryptedUtfPass);
}Example 71
| Project: jsign-master File: PrivateKeyUtils.java View source code |
private static PrivateKey readPrivateKeyPEM(File file, String password) throws IOException, GeneralSecurityException, OperatorCreationException, PKCSException {
try (FileReader reader = new FileReader(file)) {
PEMParser parser = new PEMParser(reader);
Object object = parser.readObject();
if (object == null) {
throw new IllegalArgumentException("No key found in " + file);
}
BouncyCastleProvider provider = new BouncyCastleProvider();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(provider);
if (object instanceof PEMEncryptedKeyPair) {
// PKCS1 encrypted key
PEMDecryptorProvider decryptionProvider = new JcePEMDecryptorProviderBuilder().setProvider(provider).build(password.toCharArray());
PEMKeyPair keypair = ((PEMEncryptedKeyPair) object).decryptKeyPair(decryptionProvider);
return converter.getPrivateKey(keypair.getPrivateKeyInfo());
} else if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
// PKCS8 encrypted key
InputDecryptorProvider decryptionProvider = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(provider).build(password.toCharArray());
PrivateKeyInfo info = ((PKCS8EncryptedPrivateKeyInfo) object).decryptPrivateKeyInfo(decryptionProvider);
return converter.getPrivateKey(info);
} else if (object instanceof PEMKeyPair) {
// PKCS1 unencrypted key
return converter.getKeyPair((PEMKeyPair) object).getPrivate();
} else if (object instanceof PrivateKeyInfo) {
// PKCS8 unencrypted key
return converter.getPrivateKey((PrivateKeyInfo) object);
} else {
throw new UnsupportedOperationException("Unsupported PEM object: " + object.getClass().getSimpleName());
}
}
}Example 72
| Project: launchkey-java-master File: ApacheHttpTransportTestBase.java View source code |
@Before
public void setUp() throws Exception {
httpClient = mock(HttpClient.class);
crypto = mock(Crypto.class);
publicKeyCache = mock(Cache.class);
jwtService = mock(JWTService.class);
jweService = mock(JWEService.class);
entityKeyMap = mock(EntityKeyMap.class);
httpResponse = mock(HttpResponse.class);
when(httpResponse.getFirstHeader("Content-Type")).thenReturn(new BasicHeader("Content-Type", "application/jose"));
BasicHttpEntity entity = new BasicHttpEntity();
entity.setContent(new ByteArrayInputStream("Hello World!".getBytes()));
when(httpResponse.getEntity()).thenReturn(entity);
when(httpResponse.getStatusLine()).thenReturn(new BasicStatusLine(new ProtocolVersion("HTTP", 1, 1), 200, "OK"));
when(httpClient.execute(any(HttpUriRequest.class))).thenReturn(httpResponse);
provider = new BouncyCastleProvider();
objectMapper = mock(ObjectMapper.class);
baseUrl = "https://base.url";
issuer = mock(EntityIdentifier.class);
audience = "Expected Audience";
transport = new ApacheHttpTransport(httpClient, crypto, objectMapper, publicKeyCache, baseUrl, issuer, jwtService, jweService, 0, 0, entityKeyMap);
}Example 73
| Project: mqtt-spy-master File: SecureSocketUtilsTest.java View source code |
@Test
public void testLoadingKeyStores() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
testKeyStore("src/test/resources/keystores/public_brokers.jks");
testKeyStore("src/test/resources/keystores/public_brokers.jceks");
testKeyStore("src/test/resources/keystores/public_brokers.p12");
Security.addProvider(new BouncyCastleProvider());
testKeyStore("src/test/resources/keystores/public_brokers.bks");
}Example 74
| Project: opencit-master File: StartHttpServer.java View source code |
@Override
public void execute(String[] args) throws Exception {
configuration = TrustagentConfiguration.loadConfiguration();
System.setProperty("org.eclipse.jetty.ssl.password", configuration.getTrustagentKeystorePassword());
System.setProperty("org.eclipse.jetty.ssl.keypassword", configuration.getTrustagentKeystorePassword());
Security.addProvider(new BouncyCastleProvider());
server = createServer();
server.start();
addShutdownHook();
server.join();
}Example 75
| Project: picketlink-master File: RSA1_5.java View source code |
/**
* Encrypts the specified Content Encryption Key (CEK).
*
* @param pub The public RSA key. Must not be {@code null}.
* @param cek The Content Encryption Key (CEK) to encrypt. Must not be {@code null}.
*
* @return The encrypted Content Encryption Key (CEK).
*
* @throws RuntimeException If encryption failed.
*/
public static byte[] encryptCEK(final RSAPublicKey pub, final SecretKey cek) {
try {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", new BouncyCastleProvider());
cipher.init(Cipher.ENCRYPT_MODE, pub);
return cipher.doFinal(cek.getEncoded());
} catch (Exception e) {
throw new RuntimeException("Couldn't encrypt Content Encryption Key (CEK): " + e.getMessage(), e);
}
}Example 76
| Project: QRCode-APG-master File: AskForSecretKeyPassPhrase.java View source code |
public void onClick(DialogInterface dialog, int id) {
activity.removeDialog(Id.dialog.pass_phrase);
String passPhrase = "" + input.getText();
long keyId;
if (secretKey != null) {
try {
PGPPrivateKey testKey = secretKey.extractPrivateKey(passPhrase.toCharArray(), new BouncyCastleProvider());
if (testKey == null) {
Toast.makeText(activity, R.string.error_couldNotExtractPrivateKey, Toast.LENGTH_SHORT).show();
return;
}
} catch (PGPException e) {
Toast.makeText(activity, R.string.wrongPassPhrase, Toast.LENGTH_SHORT).show();
return;
}
keyId = secretKey.getKeyID();
} else {
keyId = Id.key.symmetric;
}
cb.passPhraseCallback(keyId, passPhrase);
}Example 77
| Project: shiro-ext-master File: X509CredentialsPKIXPathMatcher.java View source code |
@Override
public boolean doX509CredentialsMatch(X509AuthenticationToken token, X509AuthenticationInfo info) {
try {
ExtendedPKIXBuilderParameters params = new ExtendedPKIXBuilderParameters(info.getGrantedTrustAnchors(), token.getX509CertSelector());
params.addStore(token.getX509CertChainStore());
params.setRevocationEnabled(false);
CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
CertPathBuilderResult result = pathBuilder.build(params);
if (LOGGER.isDebugEnabled()) {
PKIXCertPathReviewer reviewer = new PKIXCertPathReviewer(result.getCertPath(), params);
String certPathEnd = ((X509Certificate) reviewer.getCertPath().getCertificates().get(reviewer.getCertPathSize() - 1)).getSubjectX500Principal().getName();
LOGGER.debug("A valid ({}) certification path (length: {}) was found for the following certificate: '{}' ending on: '{}'", new Object[] { reviewer.isValidCertPath(), reviewer.getCertPathSize(), token.getX509Certificate().getSubjectX500Principal().getName(), certPathEnd });
}
return true;
} catch (GeneralSecurityException ex) {
LOGGER.trace("Unable to do credentials matching", ex);
return false;
} catch (CertPathReviewerException ex) {
LOGGER.trace("Unable to do credentials matching", ex);
return false;
}
}Example 78
| Project: symmetric-ds-master File: BouncyCastleSecurityService.java View source code |
@Override
public void installDefaultSslCert(String host) {
synchronized (BouncyCastleSecurityService.class) {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
try {
KeyStore keyStore = getKeyStore(getKeyStorePassword());
KeyStore.ProtectionParameter param = new KeyStore.PasswordProtection(getKeyStorePassword().toCharArray());
String alias = System.getProperty(SecurityConstants.SYSPROP_KEYSTORE_CERT_ALIAS, SecurityConstants.ALIAS_SYM_PRIVATE_KEY);
Entry entry = keyStore.getEntry(alias, param);
if (entry == null) {
KeyPair pair = generateRSAKeyPair();
X509Certificate cert = generateV1Certificate(host, pair);
X509Certificate[] serverChain = new X509Certificate[] { cert };
keyStore.setEntry(alias, new KeyStore.PrivateKeyEntry(pair.getPrivate(), serverChain), param);
saveKeyStore(keyStore, getKeyStorePassword());
}
} catch (RuntimeException e) {
throw e;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}Example 79
| Project: Tank-master File: ProxyWrapper.java View source code |
private void initializeProxy() {
Security.addProvider(new BouncyCastleProvider());
File certAuthority = new File(workspacePath + "/auto_generated_ca.p12");
if (!certAuthority.exists()) {
generateCertificate(certAuthority);
}
File tankScript = new File(workspacePath + "/tank-script.xml");
if (tankScript.exists()) {
LogPrinter.print("Tank Script found in workspace, deleting", logger);
boolean deleted = tankScript.delete();
LogPrinter.print("Tank Script Deleted? " + deleted, logger);
}
FixedProxyConfiguration config = new FixedProxyConfiguration(proxyPort, tankScript.getAbsolutePath());
config.setCertificateAuthorityPath(certAuthority.getAbsolutePath());
this.config = config;
proxy = new EmbeddedProxy(config);
}Example 80
| Project: UNH_NDN-master File: KeyLocatorTest.java View source code |
@BeforeClass
public static void setUpBeforeClass() throws Exception {
try {
name = ContentName.fromURI(new String[] { baseName, subName2, document2 });
Security.addProvider(new BouncyCastleProvider());
// generate key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
// go for fast
kpg.initialize(512);
pair = kpg.generateKeyPair();
MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
cert = mg.sign(null, pair.getPrivate());
pubID = new PublisherID(pair.getPublic(), false);
} catch (Exception ex) {
XMLEncodableTester.handleException(ex);
System.out.println("Unable To Initialize Test!!!");
}
}Example 81
| Project: wss4j-master File: SKITest.java View source code |
@Test
public void testBouncyCastlePKCS12() throws Exception {
try {
Security.addProvider(new BouncyCastleProvider());
// Load the keystore
Crypto crypto = CryptoFactory.getInstance("alice_bouncycastle.properties");
assertNotNull(crypto);
} finally {
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
}
}Example 82
| Project: authentication-master File: KeyCodec.java View source code |
/**
* Decode based on X, Y 32 byte integers
*
* @param pubKey
* @param curveName
* - Example secp256r1
* @return
* @throws InvalidKeySpecException
* @throws NoSuchAlgorithmException
* @throws NoSuchProviderException
*/
public static PublicKey getPubKeyFromCurve(byte[] pubKey, String curveName) throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(curveName);
KeyFactory kf = KeyFactory.getInstance("ECDSA", new BouncyCastleProvider());
ECNamedCurveSpec params = new ECNamedCurveSpec(curveName, spec.getCurve(), spec.getG(), spec.getN());
ECPoint point = ECPointUtil.decodePoint(params.getCurve(), pubKey);
ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(point, params);
ECPublicKey pk = (ECPublicKey) kf.generatePublic(pubKeySpec);
return pk;
}Example 83
| Project: ivotingverification-master File: BruteForceActivity.java View source code |
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
requestWindowFeature(Window.FEATURE_NO_TITLE);
if (!Util.SpecialModels.contains(Util.getDeviceName())) {
getWindow().setFlags(WindowManager.LayoutParams.FLAG_SECURE, WindowManager.LayoutParams.FLAG_SECURE);
}
Security.removeProvider(ext.org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME);
Security.addProvider(new ext.org.bouncycastle.jce.provider.BouncyCastleProvider());
setContentView(R.layout.bruteforce_activity);
countDownTimer = new CustomCountDownTimer(C.closeTimeout, C.closeInterval);
Intent intent = getIntent();
qrCode = intent.getStringExtra(Util.QR_CODE);
webResult = intent.getStringExtra(Util.WEB_RESULT);
versionNumber = intent.getStringExtra(Util.VERSION_NUMBER);
list = (ListView) findViewById(R.id.list);
lblChoice = (TextView) findViewById(R.id.choice_title_label);
lblChoice.setText(C.lblChoice);
lblChoice.setTypeface(C.typeFace);
lblChoice.setTextColor(Util.generateHexColorValue(C.lblForeground));
lblChoice.setBackgroundColor(Util.generateHexColorValue(C.lblBackground));
lblShadow = (View) findViewById(R.id.choice_title_label_shadow);
lblShadow.setBackgroundColor(Util.generateHexColorValue(C.lblShadow));
lblCloseTimeout = (TextView) findViewById(R.id.close_timeout_label);
lblCloseTimeout.setTypeface(C.typeFace);
lblCloseTimeout.setText(C.lblCloseTimeout);
lblCloseTimeout.setTextColor(Util.generateHexColorValue(C.lblCloseTimeoutForeground));
int colors[] = new int[3];
colors[0] = Util.generateHexColorValue(C.lblCloseTimeoutBackgroundStart);
colors[1] = Util.generateHexColorValue(C.lblCloseTimeoutBackgroundCenter);
colors[2] = Util.generateHexColorValue(C.lblCloseTimeoutBackgroundEnd);
GradientDrawable bgCloseTimeoutShape = new GradientDrawable(GradientDrawable.Orientation.TOP_BOTTOM, colors);
bgCloseTimeoutShape.setCornerRadius(5);
lblCloseTimeout.setBackgroundDrawable(bgCloseTimeoutShape);
lblcloseTimeoutShadow = (View) findViewById(R.id.close_timeout_label_shadow);
GradientDrawable bgCloseTimeoutShadowShape = (GradientDrawable) lblcloseTimeoutShadow.getBackground();
bgCloseTimeoutShadowShape.setColor(Util.generateHexColorValue(C.lblCloseTimeoutShadow));
bgCloseTimeoutShadowShape.setCornerRadius(5);
lblChoice.setVisibility(View.INVISIBLE);
lblShadow.setVisibility(View.INVISIBLE);
lblCloseTimeout.setVisibility(View.INVISIBLE);
lblcloseTimeoutShadow.setVisibility(View.INVISIBLE);
publicKey = C.publicKey;
doBruteForce();
}Example 84
| Project: openclouddb-master File: SecurityUtil.java View source code |
/**
* åŠ å¯†
* @param privateKey ç§?é’¥
* @param srcBytes 明文
* @return
*/
public byte[] encrypt(PrivateKey privateKey, byte[] srcBytes) {
if (privateKey != null) {
try {
//Cipher.getInstance("RSA/ECB/PKCS1Padding");
Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(srcBytes);
} catch (Exception ex) {
ex.printStackTrace();
}
}
return null;
}Example 85
| Project: pades_signing_2.1.5-master File: CMSVerifier.java View source code |
public static boolean verify(SignerInformation signer, Store certStore) throws CMSException, IOException, NoSuchAlgorithmException, NoSuchProviderException, CertStoreException, OperatorCreationException, CertificateException {
Collection certCollection = certStore.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
Certificate x509Cert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
JcaSimpleSignerInfoVerifierBuilder sigVerifBuilder = new JcaSimpleSignerInfoVerifierBuilder();
SignerInformationVerifier signerInfoVerif = sigVerifBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(x509Cert.getPublicKey());
//the digest verification is included // Verif on public key so that cert verifications are not performed (done in dssl layer)
boolean rawVerif = signer.verify(signerInfoVerif);
// If RFC 3852 non-conformity -> CMSException
log.debug(Channel.TECH, "Raw signature verification results in '%1$s'", rawVerif);
// TODO : also done in dssl layer. Should this verification be removed from here ?
boolean signerCertRefVerif = signingCertificateAttributeVerif(signer, x509Cert);
log.debug(Channel.TECH, "Signer-cert-ref verification results in '%1$s'", signerCertRefVerif);
return rawVerif && signerCertRefVerif;
}Example 86
| Project: rainbow-master File: SecurityUtil.java View source code |
/**
* åŠ å¯†
* @param privateKey ç§?é’¥
* @param srcBytes 明文
* @return
*/
public byte[] encrypt(PrivateKey privateKey, byte[] srcBytes) {
if (privateKey != null) {
try {
//Cipher.getInstance("RSA/ECB/PKCS1Padding");
Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(srcBytes);
} catch (Exception ex) {
ex.printStackTrace();
}
}
return null;
}Example 87
| Project: alien-ofelia-conet-ccnx-master File: KeyLocatorTest.java View source code |
@BeforeClass
public static void setUpBeforeClass() throws Exception {
try {
name = new ContentName(baseName, subName2, document2);
Security.addProvider(new BouncyCastleProvider());
// generate key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
// go for fast
kpg.initialize(512);
pair = kpg.generateKeyPair();
MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
cert = mg.sign(null, pair.getPrivate());
pubID = new PublisherID(pair.getPublic(), false);
} catch (Exception ex) {
XMLEncodableTester.handleException(ex);
System.out.println("Unable To Initialize Test!!!");
}
}Example 88
| Project: appverse-web-master File: JWSJerseyFilter.java View source code |
@Override
public //RequestFilter
void filter(final ClientRequestContext requestContext) throws IOException {
try {
/*
//It doesn't work
// use ServiceLocatorClientProvider to extract HK2 ServiceLocator from request
final ServiceLocator locator = ServiceLocatorClientProvider
.getServiceLocator(requestContext);
// and ask for MyInjectedService:
CertService certService = locator.getService(CertService.class);
*/
KeyStore keyStore = certService.getKeyStore("certificates/client/client.pfx", "PKCS12", "export");
String keyPassword = "export";
Key key = keyStore.getKey("client.restservices.gbs.db.com", keyPassword.toCharArray());
//Create RSA-signer with the private key
JWSSigner signer = new RSASSASigner((RSAPrivateKey) key);
signer.setProvider(new BouncyCastleProvider());
/*
// RSA signatures require a public and private RSA key pair,
// the public key must be made known to the JWS recipient in
// order to verify the signatures
*/
// Prepare JWS object with simple string as payload
String reqUri = requestContext.getUri().toString();
if (logger.isDebugEnabled())
logger.debug("URI:: " + reqUri);
// buffer into which myBean will be serialized
ByteArrayOutputStream baos = new ByteArrayOutputStream();
Object object = requestContext.getEntity();
Payload objectPay = null;
if (object != null) {
Class<Object> type = (Class<Object>) requestContext.getEntityClass();
GenericType<Object> genericType = new GenericType<Object>(type) {
};
// get most appropriate MBW
final MessageBodyWriter<Object> messageBodyWriter = workers.getMessageBodyWriter(type, type, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE);
try {
// use the MBW to serialize myBean into baos
messageBodyWriter.writeTo(object, object.getClass(), genericType.getType(), new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MultivaluedHashMap<String, Object>(), baos);
} catch (IOException e) {
throw new RuntimeException("Error while serializing MyBean.", e);
}
String stringJsonOutput = baos.toString();
if (logger.isDebugEnabled())
logger.debug("Entity.toString():: " + stringJsonOutput);
//Same logic is applied in server side
if (stringJsonOutput != null && stringJsonOutput.length() > JWSAuthenticationProcessingFilter.PAYLOAD_HEADER_MAX_SIZE)
stringJsonOutput = stringJsonOutput.substring(0, JWSAuthenticationProcessingFilter.PAYLOAD_HEADER_MAX_SIZE);
objectPay = new Payload(stringJsonOutput);
} else
//If request entity is null (usually GET methods) use URI as payload
objectPay = new Payload(reqUri);
JWSObject jwsObject = new JWSObject(new JWSHeader(JWSAlgorithm.RS256), objectPay);
// Compute the RSA signature
jwsObject.sign(signer);
String s = jwsObject.serialize();
if (logger.isDebugEnabled())
logger.debug("serialized compact form: " + s);
requestContext.getHeaders().add("Authorization", "Bearer " + s);
} catch (Exception e) {
logger.error("Error signing message", e);
requestContext.abortWith(Response.status(Response.Status.BAD_REQUEST).entity("Error signing message").build());
}
}Example 89
| Project: Asynchronous-SSHD-master File: SecurityUtils.java View source code |
public void run() throws Exception {
if (java.security.Security.getProvider(BOUNCY_CASTLE) == null) {
LOG.info("Trying to register BouncyCastle as a JCE provider");
java.security.Security.addProvider(new BouncyCastleProvider());
MessageDigest.getInstance("MD5", BOUNCY_CASTLE);
KeyAgreement.getInstance("DH", BOUNCY_CASTLE);
LOG.info("Registration succeeded");
} else {
LOG.info("BouncyCastle already registered as a JCE provider");
}
securityProvider = BOUNCY_CASTLE;
}Example 90
| Project: BitNomen-master File: KeyLocatorTest.java View source code |
@BeforeClass
public static void setUpBeforeClass() throws Exception {
try {
name = ContentName.fromURI(new String[] { baseName, subName2, document2 });
Security.addProvider(new BouncyCastleProvider());
// generate key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
// go for fast
kpg.initialize(512);
pair = kpg.generateKeyPair();
MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
cert = mg.sign(null, pair.getPrivate());
pubID = new PublisherID(pair.getPublic(), false);
} catch (Exception ex) {
XMLEncodableTester.handleException(ex);
System.out.println("Unable To Initialize Test!!!");
}
}Example 91
| Project: blynk-server-master File: ServerLauncher.java View source code |
public static void main(String[] args) throws Exception {
Map<String, String> cmdProperties = ArgumentsParser.parse(args);
ServerProperties serverProperties = new ServerProperties(cmdProperties);
LoggerUtil.configureLogging(serverProperties);
//required for logging dynamic context
System.setProperty("data.folder", serverProperties.getProperty("data.folder"));
//required to avoid dependencies within model to server.properties
System.setProperty("terminal.strings.pool.size", serverProperties.getProperty("terminal.strings.pool.size", "25"));
System.setProperty("initial.energy", serverProperties.getProperty("initial.energy", "2000"));
boolean isUnpacked = JarUtil.unpackStaticFiles("static/");
ServerProperties mailProperties = new MailProperties(cmdProperties);
ServerProperties smsProperties = new SmsProperties(cmdProperties);
ServerProperties gcmProperties = new GCMProperties(cmdProperties);
Security.addProvider(new BouncyCastleProvider());
boolean restore = Boolean.parseBoolean(cmdProperties.get(ArgumentsParser.RESTORE_OPTION));
start(serverProperties, mailProperties, smsProperties, gcmProperties, isUnpacked, restore);
}Example 92
| Project: cloud-storage-vault-master File: Processor.java View source code |
public static void main(String[] args) throws Exception {
Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);
if (args.length < 5 || args.length > 5 || args[0].equalsIgnoreCase("-h") || args[0].equalsIgnoreCase("--help")) {
printHelp();
System.exit(0);
}
JobConf conf = new JobConf(Processor.class);
conf.setJobName("dictionaryattack");
int[] dict_metadata = getDictionaryMetadata(args[0], conf);
int MAPPERS = 0;
try {
MAPPERS = Integer.parseInt(args[3]);
} catch (Exception e) {
System.out.println("ERROR: The number of server nodes given is not a number.");
System.exit(1);
}
int THREADS = 0;
try {
THREADS = Integer.parseInt(args[4]);
if (THREADS > 0) {
conf.setInt("THREADS", THREADS);
} else {
throw new Exception();
}
if (dict_metadata[1] >= THREADS) {
conf.setInt("PASSWORDS_PER_LINE", dict_metadata[1]);
} else {
throw new Exception();
}
} catch (Exception e) {
System.out.println("ERROR: The number of threads given is not a valid number. Make sure that the number of threads is greater than or equal to the number of passwords, per line, in the dictionary.\n\n Use the -h or --help option for more information.");
System.exit(1);
}
conf.setOutputKeyClass(Text.class);
conf.setOutputValueClass(LongWritable.class);
conf.setMapperClass(CDAMapper.class);
conf.setInputFormat(NLineInputFormat.class);
conf.setOutputFormat(TextOutputFormat.class);
FileInputFormat.setInputPaths(conf, new Path(args[0]));
FileOutputFormat.setOutputPath(conf, new Path(args[1]));
conf.setNumReduceTasks(0);
conf.setNumMapTasks(MAPPERS);
conf.setCompressMapOutput(true);
int dict_lines = dict_metadata[0];
double lines_per_mapper = dict_lines / MAPPERS;
if (Math.floor(lines_per_mapper) == lines_per_mapper) {
conf.setInt("mapred.line.input.format.linespermap", dict_lines / MAPPERS);
} else {
conf.setInt("mapred.line.input.format.linespermap", (dict_lines / MAPPERS) + 1);
}
DistributedCache.addCacheFile(new URI(args[2]), conf);
JobClient.runJob(conf);
}Example 93
| Project: dasein-cloud-joyent-master File: SignatureHttpAuth.java View source code |
@Override
public void addPreemptiveAuth(@Nonnull HttpRequest request) throws CloudException, InternalException {
if (provider.getContext() == null) {
throw new CloudException("No context was defined for this request");
}
Date date = Calendar.getInstance(TimeZone.getTimeZone("UTC")).getTime();
String now = RFC1123_DATE_FORMAT.format(date);
request.setHeader("Date", now);
try {
Security.addProvider(new BouncyCastleProvider());
Signature signature = Signature.getInstance(SIGN_ALGORITHM);
List<ContextRequirements.Field> fields = provider.getContextRequirements().getConfigurableValues();
String keyName = "";
String privateKey = "";
char[] keyPassword = null;
for (ContextRequirements.Field f : fields) {
if (f.type.equals(ContextRequirements.FieldType.KEYPAIR)) {
byte[][] keyPair = (byte[][]) provider.getContext().getConfigurationValue(f);
keyName = new String(keyPair[0], "utf-8");
privateKey = new String(keyPair[1], "utf-8");
} else if (f.type.equals(ContextRequirements.FieldType.PASSWORD)) {
byte[] password = (byte[]) provider.getContext().getConfigurationValue(f);
if (password != null) {
keyPassword = new String(password, "utf-8").toCharArray();
}
}
}
KeyPair keyPair = getKeyPair(privateKey, keyPassword);
if (keyPair == null) {
throw new InternalException("Unable to generate a key-pair from key data.");
}
signature.initSign(keyPair.getPrivate());
String signingString = String.format(AUTH_SIGN, now);
signature.update(signingString.getBytes("UTF-8"));
byte[] signedDate = signature.sign();
byte[] encodedSignedDate = Base64.encode(signedDate);
request.addHeader("Authorization", String.format(AUTH_HEADER, provider.getContext().getAccountNumber(), keyName, new String(encodedSignedDate)));
} catch (NoSuchAlgorithmException e) {
throw new InternalException(e);
} catch (UnsupportedEncodingException e) {
throw new InternalException(e);
} catch (SignatureException e) {
throw new InternalException(e);
} catch (InvalidKeyException e) {
throw new InternalException(e);
} catch (IOException e) {
throw new InternalException(e);
}
}Example 94
| Project: differ-master File: DifferApplication.java View source code |
/**
* Called by the server to run the application and begin the session
* FIXME: move same parts to firstApplicationStartup()
*/
@Override
public void applicationInit() {
//Setup Apache Log4j Configuration
BasicConfigurator.configure();
//BouncyCastle Setup
Security.addProvider(new BouncyCastleProvider());
//Set to custom differ theme
setTheme(DIFFER_THEME_NAME);
LOGGER.trace("Loaded Vaadin theme: " + DIFFER_THEME_NAME);
//Get Application Context
WebApplicationContext context = (WebApplicationContext) getContext();
//Set Context Locale to Browser Locale
Locale locale = context.getBrowser().getLocale();
setLocale(locale);
LOGGER.trace("Session Locale: " + locale.getDisplayName());
//Add this as a listener to the context transaction event pump
context.addTransactionListener(this);
ServletContext servletContext = ((WebApplicationContext) this.getContext()).getHttpSession().getServletContext();
applicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
userManager = (UserManager) applicationContext.getBean("userManager");
imageManager = (ImageManager) applicationContext.getBean("imageManager");
resultManager = (ResultManager) applicationContext.getBean("resultManager");
MainDifferWindow mainWindow = new MainDifferWindow();
mainWindow.setSizeUndefined();
setMainWindow(mainWindow);
}Example 95
| Project: download-hls-master File: Crypto.java View source code |
private void initCipher() throws CryptoException {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
try {
SecretKey secretKey = new SecretKeySpec(key, "AES");
cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
} catch (Exception e) {
throw new CryptoException(e);
}
}Example 96
| Project: dristhi-master File: HttpAgent.java View source code |
private SocketFactory sslSocketFactoryWithDrishtiCertificate() {
try {
Security.addProvider(new BouncyCastleProvider());
KeyStore trustedKeystore = KeyStore.getInstance("BKS");
InputStream inputStream = this.getClass().getResourceAsStream("/drishti_client.keystore");
try {
trustedKeystore.load(inputStream, "phone red pen".toCharArray());
} finally {
inputStream.close();
}
SSLSocketFactory socketFactory = new SSLSocketFactory(trustedKeystore);
final X509HostnameVerifier oldVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
socketFactory.setHostnameVerifier(oldVerifier);
return socketFactory;
} catch (Exception e) {
throw new AssertionError(e);
}
}Example 97
| Project: ebics-java-master File: InitializationRequestElement.java View source code |
/**
* Generates the upload transaction key
* @return the transaction key
*/
protected byte[] generateTransactionKey() throws EbicsException {
try {
Cipher cipher;
cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", BouncyCastleProvider.PROVIDER_NAME);
cipher.init(Cipher.ENCRYPT_MODE, session.getBankE002Key());
return cipher.doFinal(nonce);
} catch (Exception e) {
throw new EbicsException(e.getMessage());
}
}Example 98
| Project: ebics-master File: InitializationRequestElement.java View source code |
/**
* Generates the upload transaction key
* @return the transaction key
*/
protected byte[] generateTransactionKey() throws EbicsException {
try {
Cipher cipher;
cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", BouncyCastleProvider.PROVIDER_NAME);
cipher.init(Cipher.ENCRYPT_MODE, session.getBankE002Key());
return cipher.doFinal(nonce);
} catch (Exception e) {
throw new EbicsException(e.getMessage());
}
}Example 99
| Project: federation-master File: ProvidersUtil.java View source code |
/**
* No-op call such that the default system properties are set
*/
public static synchronized void ensure() {
AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
public Boolean run() {
// register Apache Santuario 1.5.x XMLDSig version
addXMLDSigRI();
// register BC provider if available (to have additional encryption algorithms, etc.)
addJceProvider("BC", "org.bouncycastle.jce.provider.BouncyCastleProvider");
return true;
}
});
}Example 100
| Project: fiware-sdc-master File: RSASignerImpl.java View source code |
public String sign(String message, File pemFile) {
try {
Security.addProvider(new BouncyCastleProvider());
PrivateKey privateKey = readKeyPair(pemFile, "".toCharArray()).getPrivate();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
byte[] digest = cipher.doFinal(message.getBytes());
return Base64.encodeBase64String(digest);
} catch (IOException e) {
throw new SdcRuntimeException(e);
} catch (NoSuchAlgorithmException e) {
throw new SdcRuntimeException(e);
} catch (InvalidKeyException e) {
throw new SdcRuntimeException(e);
} catch (NoSuchPaddingException e) {
throw new SdcRuntimeException(e);
} catch (IllegalBlockSizeException e) {
throw new SdcRuntimeException(e);
} catch (BadPaddingException e) {
throw new SdcRuntimeException(e);
}
}Example 101
| Project: flashback-master File: AbstractX509CertificateService.java View source code |
protected X509Certificate createCertificate(PrivateKey privateKey, X509v3CertificateBuilder x509v3CertificateBuilder) throws OperatorCreationException, CertificateException {
ContentSigner contentSigner = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(privateKey);
X509Certificate x509Certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(x509v3CertificateBuilder.build(contentSigner));
return x509Certificate;
}