diff options
author | Abhishek Koneru <akoneru@redhat.com> | 2014-03-27 04:14:01 -0400 |
---|---|---|
committer | Abhishek Koneru <akoneru@redhat.com> | 2014-03-31 03:01:28 -0400 |
commit | 86f4022cc0598353d16901fa2d1ef90f474baaca (patch) | |
tree | afd5728380709c6bce5c1141bcf67186bb0badde /base/util | |
parent | a75e0f80e79804e36e5d0a67039bbe89c26807e4 (diff) | |
download | pki-86f4022cc0598353d16901fa2d1ef90f474baaca.tar.gz pki-86f4022cc0598353d16901fa2d1ef90f474baaca.tar.xz pki-86f4022cc0598353d16901fa2d1ef90f474baaca.zip |
Refactoring KeyClient class and crypto classes.
Diffstat (limited to 'base/util')
-rw-r--r-- | base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java | 38 |
1 files changed, 27 insertions, 11 deletions
diff --git a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java index d3eafd7f5..ee077872f 100644 --- a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java +++ b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java @@ -1551,12 +1551,11 @@ public class CryptoUtil { return iv; } - public static String unwrapUsingPassphrase(String wrappedRecoveredKey, String recoveryPassphrase) + public static byte[] unwrapUsingPassphrase(byte[] wrappedRecoveredKey, String recoveryPassphrase) throws IOException, InvalidBERException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, NotInitializedException, TokenException, IllegalBlockSizeException, BadPaddingException { EncryptedContentInfo cInfo = null; - String unwrappedData = null; //We have to do this to get the decoding to work. @SuppressWarnings("unused") @@ -1566,20 +1565,16 @@ public class CryptoUtil { PasswordConverter passConverter = new PasswordConverter(); - byte[] encoded = Utils.base64decode(wrappedRecoveredKey); - - ByteArrayInputStream inStream = new ByteArrayInputStream(encoded); + ByteArrayInputStream inStream = new ByteArrayInputStream(wrappedRecoveredKey); cInfo = (EncryptedContentInfo) new EncryptedContentInfo.Template().decode(inStream); byte[] decodedData = cInfo.decrypt(pass, passConverter); - unwrappedData = Utils.base64encode(decodedData); - - return unwrappedData; + return decodedData; } - public static String unwrapUsingSymmetricKey(CryptoToken token, IVParameterSpec IV, byte[] wrappedRecoveredKey, + public static byte[] unwrapUsingSymmetricKey(CryptoToken token, IVParameterSpec IV, byte[] wrappedRecoveredKey, SymmetricKey recoveryKey, EncryptionAlgorithm alg) throws NoSuchAlgorithmException, TokenException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException, InvalidAlgorithmParameterException { @@ -1587,9 +1582,8 @@ public class CryptoUtil { Cipher decryptor = token.getCipherContext(alg); decryptor.initDecrypt(recoveryKey, IV); byte[] unwrappedData = decryptor.doFinal(wrappedRecoveredKey); - String unwrappedS = Utils.base64encode(unwrappedData); - return unwrappedS; + return unwrappedData; } public static byte[] wrapPassphrase(CryptoToken token, String passphrase, IVParameterSpec IV, SymmetricKey sk, @@ -1622,6 +1616,28 @@ public class CryptoUtil { return session_data; } + /** + * Wrap a symmetric Key with a SymmetricKey + * + * @param token + * @param secret + * @param wrapper + * @return + * @throws TokenException + * @throws NoSuchAlgorithmException + * @throws InvalidAlgorithmParameterException + * @throws InvalidKeyException + */ + public static byte[] wrapSymmetricKey(CryptoToken token, SymmetricKey secret, SymmetricKey wrapper, + IVParameterSpec IV) throws NoSuchAlgorithmException, TokenException, InvalidKeyException, + InvalidAlgorithmParameterException { + KeyWrapper wrapper1 = token.getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD); + wrapper1.initWrap(wrapper, IV); + byte[] keyData = wrapper1.wrap(secret); + + return keyData; + } + public static byte[] createPKIArchiveOptions(CryptoManager manager, CryptoToken token, String transportCert, SymmetricKey vek, String passphrase, KeyGenAlgorithm keyGenAlg, int symKeySize, IVParameterSpec IV) throws TokenException, CharConversionException, |