1 /*
2 * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
335 SecretKey sKey = null;
336 Cipher cipher;
337 try {
338 sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES", false);
339 pbeKeySpec.clearPassword();
340
341 // seal key
342 PBEWithMD5AndTripleDESCipher cipherSpi;
343 cipherSpi = new PBEWithMD5AndTripleDESCipher();
344 cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(),
345 "PBEWithMD5AndTripleDES");
346 cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec);
347 } finally {
348 if (sKey != null) sKey.destroy();
349 }
350 return new SealedObjectForKeyProtector(key, cipher);
351 }
352
353 /**
354 * Unseals the sealed key.
355 */
356 Key unseal(SealedObject so)
357 throws NoSuchAlgorithmException, UnrecoverableKeyException {
358 SecretKey sKey = null;
359 try {
360 // create PBE key from password
361 PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password);
362 sKey = new PBEKey(pbeKeySpec,
363 "PBEWithMD5AndTripleDES", false);
364 pbeKeySpec.clearPassword();
365
366 SealedObjectForKeyProtector soForKeyProtector = null;
367 if (!(so instanceof SealedObjectForKeyProtector)) {
368 soForKeyProtector = new SealedObjectForKeyProtector(so);
369 } else {
370 soForKeyProtector = (SealedObjectForKeyProtector)so;
371 }
372 AlgorithmParameters params = soForKeyProtector.getParameters();
373 if (params == null) {
374 throw new UnrecoverableKeyException("Cannot get " +
375 "algorithm parameters");
376 }
377 PBEParameterSpec pbeSpec;
378 try {
379 pbeSpec = params.getParameterSpec(PBEParameterSpec.class);
380 } catch (InvalidParameterSpecException ipse) {
381 throw new IOException("Invalid PBE algorithm parameters");
382 }
383 if (pbeSpec.getIterationCount() > MAX_ITERATION_COUNT) {
384 throw new IOException("PBE iteration count too large");
385 }
386 PBEWithMD5AndTripleDESCipher cipherSpi;
387 cipherSpi = new PBEWithMD5AndTripleDESCipher();
388 Cipher cipher = new CipherForKeyProtector(cipherSpi,
389 SunJCE.getInstance(),
390 "PBEWithMD5AndTripleDES");
391 cipher.init(Cipher.DECRYPT_MODE, sKey, params);
392 return soForKeyProtector.getKey(cipher);
393 } catch (NoSuchAlgorithmException ex) {
394 // Note: this catch needed to be here because of the
395 // later catch of GeneralSecurityException
396 throw ex;
397 } catch (IOException ioe) {
398 throw new UnrecoverableKeyException(ioe.getMessage());
399 } catch (ClassNotFoundException cnfe) {
400 throw new UnrecoverableKeyException(cnfe.getMessage());
401 } catch (GeneralSecurityException gse) {
402 throw new UnrecoverableKeyException(gse.getMessage());
403 } finally {
404 if (sKey != null) {
405 try {
406 sKey.destroy();
407 } catch (DestroyFailedException e) {
408 //shouldn't happen
409 }
410 }
411 }
412 }
|
1 /*
2 * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
335 SecretKey sKey = null;
336 Cipher cipher;
337 try {
338 sKey = new PBEKey(pbeKeySpec, "PBEWithMD5AndTripleDES", false);
339 pbeKeySpec.clearPassword();
340
341 // seal key
342 PBEWithMD5AndTripleDESCipher cipherSpi;
343 cipherSpi = new PBEWithMD5AndTripleDESCipher();
344 cipher = new CipherForKeyProtector(cipherSpi, SunJCE.getInstance(),
345 "PBEWithMD5AndTripleDES");
346 cipher.init(Cipher.ENCRYPT_MODE, sKey, pbeSpec);
347 } finally {
348 if (sKey != null) sKey.destroy();
349 }
350 return new SealedObjectForKeyProtector(key, cipher);
351 }
352
353 /**
354 * Unseals the sealed key.
355 *
356 * @param maxLength Maximum possible length of so.
357 * If bigger, must be illegal.
358 */
359 Key unseal(SealedObject so, int maxLength)
360 throws NoSuchAlgorithmException, UnrecoverableKeyException {
361 SecretKey sKey = null;
362 try {
363 // create PBE key from password
364 PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password);
365 sKey = new PBEKey(pbeKeySpec,
366 "PBEWithMD5AndTripleDES", false);
367 pbeKeySpec.clearPassword();
368
369 SealedObjectForKeyProtector soForKeyProtector = null;
370 if (!(so instanceof SealedObjectForKeyProtector)) {
371 soForKeyProtector = new SealedObjectForKeyProtector(so);
372 } else {
373 soForKeyProtector = (SealedObjectForKeyProtector)so;
374 }
375 AlgorithmParameters params = soForKeyProtector.getParameters();
376 if (params == null) {
377 throw new UnrecoverableKeyException("Cannot get " +
378 "algorithm parameters");
379 }
380 PBEParameterSpec pbeSpec;
381 try {
382 pbeSpec = params.getParameterSpec(PBEParameterSpec.class);
383 } catch (InvalidParameterSpecException ipse) {
384 throw new IOException("Invalid PBE algorithm parameters");
385 }
386 if (pbeSpec.getIterationCount() > MAX_ITERATION_COUNT) {
387 throw new IOException("PBE iteration count too large");
388 }
389 PBEWithMD5AndTripleDESCipher cipherSpi;
390 cipherSpi = new PBEWithMD5AndTripleDESCipher();
391 Cipher cipher = new CipherForKeyProtector(cipherSpi,
392 SunJCE.getInstance(),
393 "PBEWithMD5AndTripleDES");
394 cipher.init(Cipher.DECRYPT_MODE, sKey, params);
395 return soForKeyProtector.getKey(cipher, maxLength);
396 } catch (NoSuchAlgorithmException ex) {
397 // Note: this catch needed to be here because of the
398 // later catch of GeneralSecurityException
399 throw ex;
400 } catch (IOException ioe) {
401 throw new UnrecoverableKeyException(ioe.getMessage());
402 } catch (ClassNotFoundException cnfe) {
403 throw new UnrecoverableKeyException(cnfe.getMessage());
404 } catch (GeneralSecurityException gse) {
405 throw new UnrecoverableKeyException(gse.getMessage());
406 } finally {
407 if (sKey != null) {
408 try {
409 sKey.destroy();
410 } catch (DestroyFailedException e) {
411 //shouldn't happen
412 }
413 }
414 }
415 }
|