public static void main(String[] args) throws Exception { Provider provider = Security.getProvider("SunJCE"); KeyGenerator kg; kg = KeyGenerator.getInstance("SunTlsRsaPremasterSecret", provider); try { kg.generateKey(); throw new Exception("no exception"); } catch (IllegalStateException e) { System.out.println("OK: " + e); } int[] protocolVersions = {0x0300, 0x0301, 0x0302, 0x0400}; for (int clientVersion : protocolVersions) { for (int serverVersion : protocolVersions) { test(kg, clientVersion, serverVersion); if (serverVersion >= clientVersion) { break; } } } System.out.println("Done."); }
@Override public void encryptData(String plaintext) { System.out.println("-------Encrypting data using AES algorithm-------"); try { KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); keyGenerator.init(128); SecretKey secretKey = keyGenerator.generateKey(); byte[] plaintTextByteArray = plaintext.getBytes("UTF8"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, secretKey); byte[] cipherText = cipher.doFinal(plaintTextByteArray); System.out.println("Original data: " + plaintext); System.out.println("Encrypted data:"); for (int i = 0; i < cipherText.length; i++) { System.out.print(cipherText[i] + " "); } } catch(Exception ex){ ex.printStackTrace(); } }
/** * Generates the authentication encryption key in a background thread (if necessary). */ private static void triggerMacKeyGeneration() { synchronized (sLock) { if (sKey != null || sMacKeyGenerator != null) { return; } sMacKeyGenerator = new FutureTask<SecretKey>(new Callable<SecretKey>() { // SecureRandomInitializer addresses the bug in SecureRandom that "TrulyRandom" // warns about, so this lint warning can safely be suppressed. @SuppressLint("TrulyRandom") @Override public SecretKey call() throws Exception { KeyGenerator generator = KeyGenerator.getInstance(MAC_ALGORITHM_NAME); SecureRandom random = new SecureRandom(); SecureRandomInitializer.initialize(random); generator.init(MAC_KEY_BYTE_COUNT * 8, random); return generator.generateKey(); } }); AsyncTask.THREAD_POOL_EXECUTOR.execute(sMacKeyGenerator); } }
public DESCipherWrapper(String algo, String mode, String pad) throws NoSuchAlgorithmException, NoSuchPaddingException { ci = Cipher.getInstance(algo + "/" + mode + "/" + pad); iv = new byte[8]; for (int i = 0; i < 8; i++) { iv[i] = (byte) (i & 0xff); } KeyGenerator kg = KeyGenerator.getInstance(algo); key = kg.generateKey(); keyStrength = algo.equalsIgnoreCase("DESede") ? 112 : key.getEncoded().length * 8; this.algo = algo; this.mode = mode; this.pad = pad; }
private static SecretKey getKey(byte[] seed) { try { KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG"); secureRandom.setSeed(seed); keyGenerator.init(128, secureRandom); // 128 is the safest one to // use for compatibility? SecretKey skey = keyGenerator.generateKey(); return skey; } catch (Exception ex) { Logger.debug(ex, Encryption.class); } return null; }
private void initFingerprintManager() throws Throwable { mFpManager = (FingerprintManager) mContext.getSystemService(Context.FINGERPRINT_SERVICE); if (!mFpManager.isHardwareDetected()) throw new IllegalStateException("Fingerprint hardware not present"); KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); KeyGenerator keyGenerator = KeyGenerator.getInstance( KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore"); keyStore.load(null); keyGenerator.init(new KeyGenParameterSpec.Builder( KEY_NAME, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_CBC) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7) .build()); keyGenerator.generateKey(); Cipher cipher = Cipher.getInstance( KeyProperties.KEY_ALGORITHM_AES + "/" + KeyProperties.BLOCK_MODE_CBC + "/" + KeyProperties.ENCRYPTION_PADDING_PKCS7); SecretKey key = (SecretKey) keyStore.getKey(KEY_NAME, null); cipher.init(Cipher.ENCRYPT_MODE, key); mFpHandler = new FingerprintHandler(cipher); if (DEBUG) log("Fingeprint manager initialized"); }
/** * 获取256位的加密密钥 * * @param seed * @return * @throws Exception */ private static byte[] getRawKey(byte[] seed) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom sr = null; // 在4.2以上版本中,SecureRandom获取方式发生了改变 if (android.os.Build.VERSION.SDK_INT >= JELLY_BEAN_4_2) { sr = SecureRandom.getInstance("SHA1PRNG", "Crypto"); } else { sr = SecureRandom.getInstance("SHA1PRNG"); } sr.setSeed(seed); // 256 bits or 128 bits,192bits kgen.init(256, sr); SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); return raw; }
public WrongAAD() throws Exception { // init a secret key KeyGenerator kg = KeyGenerator.getInstance("AES", PROVIDER); kg.init(KEY_SIZE); key = kg.generateKey(); // generate a plain text plainText = Helper.generateBytes(TEXT_SIZE); // init AADs byte[] AAD = Helper.generateBytes(AAD_SIZE); // init a cipher encryptCipher = createCipher(Cipher.ENCRYPT_MODE, null); encryptCipher.updateAAD(AAD); }
/** * 生成密钥 <br> * Java 6 只支持56bit密钥 <br> * Bouncy Castle 支持64bit密钥 <br> * * @return byte[] 二进制密钥 * @throws NoSuchAlgorithmException */ public static byte[] initKey() throws NoSuchAlgorithmException { /* * 实例化密钥生成器 * * 若要使用64bit密钥注意替换 将下述代码中的KeyGenerator.getInstance(CIPHER_ALGORITHM); * 替换为KeyGenerator.getInstance(CIPHER_ALGORITHM, "BC"); */ KeyGenerator kg = KeyGenerator.getInstance(KEY_ALGORITHM); /* * 初始化密钥生成器 若要使用64bit密钥注意替换 将下述代码kg.init(56); 替换为kg.init(64); */ kg.init(56, new SecureRandom()); // 生成秘密密钥 SecretKey secretKey = kg.generateKey(); // 获得密钥的二进制编码形式 return secretKey.getEncoded(); }
private SecretKey getOrCreateSecretKey(String alias) throws GeneralSecurityException, IOException { try { return getSymmetricKey(alias); } catch (FileNotFoundException fnfe) { Log.i(Constants.TAG, "no existing symmetric key for alias"); KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); //32bytes / 256bits AES key keyGenerator.init(256); SecretKey secretKey = keyGenerator.generateKey(); PublicKey publicKey = getOrCreatePublicKey(alias); Storage.writeValues(getContext(), Constants.SKS_KEY_FILENAME + alias, encryptRsaPlainText(publicKey, secretKey.getEncoded())); Log.i(Constants.TAG, "created new symmetric keys for alias"); return secretKey; } }
private void createCipherKeyGenerator(){ if(cipherKeyGenCreated){ return; } try { cipherKeyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, provider); cipherKeyGenerator.init(new KeyGenParameterSpec.Builder(keyName,KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_CBC) .setUserAuthenticationRequired(true) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7) .build()); cipherKeyGenCreated = true; } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidAlgorithmParameterException e) { throw new RuntimeException("Failed to create key generator", e); } }
/** * 生成密钥 <br> * Java 6 只支持56bit密钥 <br> * Bouncy Castle 支持64bit密钥 <br> * * @return byte[] 二进制密钥 * @throws NoSuchAlgorithmException * @throws Exception */ public static byte[] initKey() throws NoSuchAlgorithmException { /* * 实例化密钥生成器 * * 若要使用64bit密钥注意替换 将下述代码中的KeyGenerator.getInstance(CIPHER_ALGORITHM); * 替换为KeyGenerator.getInstance(CIPHER_ALGORITHM, "BC"); */ KeyGenerator kg = KeyGenerator.getInstance(KEY_ALGORITHM); /* * 初始化密钥生成器 若要使用64bit密钥注意替换 将下述代码kg.init(56); 替换为kg.init(64); */ kg.init(56, new SecureRandom()); // 生成秘密密钥 SecretKey secretKey = kg.generateKey(); // 获得密钥的二进制编码形式 return secretKey.getEncoded(); }
public EncryptByAes() { try { //生成key KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); keyGenerator.init(256); //产生秘钥 SecretKey secretKey = keyGenerator.generateKey(); //获取秘钥 byte[] keyBytes = secretKey.getEncoded(); // Logger.e("AES Key=" + Base64.encodeToString(keyBytes, Base64.URL_SAFE)); //还原秘钥 key = new SecretKeySpec(keyBytes, "AES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } }
/** * Create a new key in the Keystore */ private void createNewKey(){ try { final KeyStore keyStore = KeyStore.getInstance(AndroidKeyStore); keyStore.load(null); final KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, AndroidKeyStore); // Build one key to be used for encrypting and decrypting the file keyGenerator.init( new KeyGenParameterSpec.Builder(ALIAS, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_GCM) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE) .build()); keyGenerator.generateKey(); Log.i(TAG, "Key created in Keystore"); }catch (KeyStoreException | InvalidAlgorithmParameterException | NoSuchProviderException | NoSuchAlgorithmException | CertificateException | IOException kS){ Log.e(TAG, kS.getMessage()); } }
@Override public String getKeyHex() throws EncryptionException{ String hexKey = null; try { String aesCtrPassword = loadKeystorePasswordForAESCTRKey(); if(StringUtils.isBlank(aesCtrPassword)) { throw new Exception("Keystore password not found in security properties file"); } hexKey = KeyStoreProvider.getInstance().getPassword("AesCtrKey", aesCtrPassword); if (StringUtils.isBlank(hexKey)) { hexKey = DatatypeConverter.printHexBinary(KeyGenerator.getInstance("AES").generateKey().getEncoded()); KeyStoreProvider.getInstance().putPassword("AesCtrKey", hexKey, aesCtrPassword); } } catch (Exception e) { LOG.error("Error encrypting plainText", e); throw new EncryptionException("Failed to get encryption key", e); } return hexKey; }
/** * aes解密-128位 */ public static String AesDecrypt(String encryptContent, String password) { try { KeyGenerator keyGen = KeyGenerator.getInstance("AES"); SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG"); secureRandom.setSeed(password.getBytes()); keyGen.init(128, secureRandom); SecretKey secretKey = keyGen.generateKey(); byte[] enCodeFormat = secretKey.getEncoded(); SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.DECRYPT_MODE, key); return new String(cipher.doFinal(hex2Bytes(encryptContent))); } catch (Exception e) { logger.error("AesDecrypt exception", e); return null; } }
/** * AES解密 * @param encryptBytes 待解密的byte[] * @param decryptKey 解密密钥 * @return 解密后的String * @throws Exception */ public static String aesDecryptByBytes(byte[] encryptBytes, String decryptKey) { if (encryptBytes == null || decryptKey == null){ return null; } try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128, new SecureRandom(decryptKey.getBytes())); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(kgen.generateKey().getEncoded(), "AES")); byte[] decryptBytes = cipher.doFinal(encryptBytes); return new String(decryptBytes); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } return null ; }
/** * 初始化HmacMD5密钥 * * @return * @throws Exception */ public static byte[] initHmacMD5Key() throws Exception { // 初始化KeyGenerator KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacMD5"); // 产生秘密密钥 SecretKey secretKey = keyGenerator.generateKey(); // 获得密钥 return secretKey.getEncoded(); }
/** * 初始化HmacSHA384密钥 * * @return * @throws Exception */ public static byte[] initHmacSHA384Key() throws Exception { // 初始化KeyGenerator KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacSHA384"); // 产生秘密密钥 SecretKey secretKey = keyGenerator.generateKey(); // 获得密钥 return secretKey.getEncoded(); }
private void generateKey() throws FingerprintException { try { // Obtain a reference to the Keystore using the standard Android keystore container identifier (“AndroidKeystore”)// mKeyStore = KeyStore.getInstance("AndroidKeyStore"); //Generate the key// mKeyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore"); //Initialize an empty KeyStore// mKeyStore.load(null); //Initialize the KeyGenerator// if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) { mKeyGenerator.init(new //Specify the operation(s) this key can be used for// KeyGenParameterSpec.Builder(FINGER_PRINT_KEY, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_CBC) //Configure this key so that the user has to confirm their identity with a fingerprint each time they want to use it// .setUserAuthenticationRequired(true) .setEncryptionPaddings( KeyProperties.ENCRYPTION_PADDING_PKCS7) .build()); } //Generate the key// mKeyGenerator.generateKey(); } catch (KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | InvalidAlgorithmParameterException | CertificateException | IOException exc) { throw new FingerprintException(exc); } }
private static SecretKey getHMACKey(String algo) { try { return KeyGenerator.getInstance(algo).generateKey(); } catch (Exception e) { return null; } }
/** * A function that generates random AES & HMAC keys and prints out exceptions but * doesn't throw them since none should be encountered. If they are * encountered, the return value is null. * * @return The AES & HMAC keys. * @throws GeneralSecurityException if AES is not implemented on this system, * or a suitable RNG is not available */ public static SecretKeys generateKey() throws GeneralSecurityException { fixPrng(); KeyGenerator keyGen = KeyGenerator.getInstance(CIPHER); // No need to provide a SecureRandom or set a seed since that will // happen automatically. keyGen.init(AES_KEY_LENGTH_BITS); SecretKey confidentialityKey = keyGen.generateKey(); //Now make the HMAC key byte[] integrityKeyBytes = randomBytes(HMAC_KEY_LENGTH_BITS / 8);//to get bytes SecretKey integrityKey = new SecretKeySpec(integrityKeyBytes, HMAC_ALGORITHM); return new SecretKeys(confidentialityKey, integrityKey); }
/** * Generates a key material. * * @param size length of the key. * @param algorithm algorithm to use for generating the key. * @return the generated key. * @throws NoSuchAlgorithmException */ protected byte[] generateKey(int size, String algorithm) throws NoSuchAlgorithmException { algorithm = getAlgorithm(algorithm); KeyGenerator keyGenerator = KeyGenerator.getInstance(algorithm); keyGenerator.init(size); byte[] key = keyGenerator.generateKey().getEncoded(); return key; }
private static void test(KeyGenerator kg, int clientVersion, int serverVersion) throws Exception { System.out.printf( "Testing RSA pre-master secret key generation between " + "client (0x%04X) and server(0x%04X)%n", clientVersion, serverVersion); kg.init(new TlsRsaPremasterSecretParameterSpec( clientVersion, serverVersion)); SecretKey key = kg.generateKey(); byte[] encoded = key.getEncoded(); if (encoded != null) { // raw key material may be not extractable if (encoded.length != 48) { throw new Exception("length: " + encoded.length); } int v = versionOf(encoded[0], encoded[1]); if (clientVersion != v) { if (serverVersion != v || clientVersion >= 0x0302) { throw new Exception(String.format( "version mismatch: (0x%04X) rather than (0x%04X) " + "is used in pre-master secret", v, clientVersion)); } System.out.printf("Use compatible version (0x%04X)%n", v); } System.out.println("Passed, version matches!"); } else { System.out.println("Raw key material is not extractable"); } }
public static byte[] genAESKey() { try { KeyGenerator keyGen = KeyGenerator.getInstance("AES"); keyGen.init(128); SecretKey secretKey = keyGen.generateKey(); return secretKey.getEncoded(); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); return null; } }
/** * 產生金鑰 * KeyGenerator.getInstance * Returns a KeyGenerator object that generates secret keys for the specified algorithm. * SecretKey.getEncoded * Returns the key in its primary encoding format */ public static byte[] initKey() throws Exception { KeyGenerator kg = KeyGenerator.getInstance(KEY_ALGORTHM); //KeyGenerator.getInstance(algorithm); kg.init(128); //128, 192, 256 SecretKey secretKey = kg.generateKey(); return secretKey.getEncoded(); }
/** * 加密 * * @param content �?要加密的内容 * @return */ public static String encrypt(String content) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance(AES); SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); random.setSeed(KEY.getBytes()); kgen.init(AES_LENGTH, random); SecretKey secretKey = kgen.generateKey(); byte[] enCodeFormat = secretKey.getEncoded(); SecretKeySpec key = new SecretKeySpec(enCodeFormat, AES); Cipher cipher = Cipher.getInstance(AES);// 创建密码�? byte[] byteContent = content.getBytes(ENCODING_UTF8); cipher.init(Cipher.ENCRYPT_MODE, key);// 初始�? byte[] result = cipher.doFinal(byteContent); return new BASE64Encoder().encode(result); // 加密 }
@Override public void main(Provider provider) throws Exception { if (provider.getService( "KeyGenerator", "SunTlsRsaPremasterSecret") == null) { System.out.println("Not supported by provider, skipping"); return; } KeyGenerator kg; kg = KeyGenerator.getInstance("SunTlsRsaPremasterSecret", provider); try { kg.generateKey(); throw new Exception("no exception"); } catch (IllegalStateException e) { System.out.println("OK: " + e); } int[] protocolVersions = {0x0300, 0x0301, 0x0302}; for (int clientVersion : protocolVersions) { for (int serverVersion : protocolVersions) { test(kg, clientVersion, serverVersion); if (serverVersion >= clientVersion) { break; } } } System.out.println("Done."); }
/** * AES加密 * @param content 待加密的内容 * @param encryptKey 加密密钥 * @return 加密后的byte[] * @throws Exception */ public static byte[] AesEncryptToBytes(byte[] content,byte[] encryptKey) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG"); secureRandom.setSeed(encryptKey); kgen.init(128,secureRandom); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(kgen.generateKey().getEncoded(), "AES")); return cipher.doFinal(content); }
/** * 初始化HmacSHA224密钥 * * @return byte[] 密钥 * @throws Exception */ public static byte[] initHmacSHA224Key() throws Exception { // 初始化KeyGenerator KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacSHA224"); // 产生秘密密钥 SecretKey secretKey = keyGenerator.generateKey(); // 获得密钥 return secretKey.getEncoded(); }
/** * 初始化HmacSHA512密钥 * * @return * @throws Exception */ public static byte[] initHmacSHA512Key() throws Exception { // 初始化KeyGenerator KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacSHA512"); // 产生秘密密钥 SecretKey secretKey = keyGenerator.generateKey(); // 获得密钥 return secretKey.getEncoded(); }
private static byte[] aesEncryptToBytes(String content, String encryptKey) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128, new SecureRandom(encryptKey.getBytes())); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(kgen.generateKey().getEncoded(), "AES")); return cipher.doFinal(content.getBytes("utf-8")); }
/** * 初始化HmacSHA256密钥 * * @return * @throws Exception */ public static byte[] initHmacSHA256Key() throws Exception { // 初始化KeyGenerator KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacSHA256"); // 产生秘密密钥 SecretKey secretKey = keyGenerator.generateKey(); // 获得密钥 return secretKey.getEncoded(); }
/** * generate an enveloped object that contains an CMS Enveloped Data * object using the given provider. * @deprecated use OutputEncryptor method. */ public CMSEnvelopedData generate( CMSProcessable content, String encryptionOID, Provider provider) throws NoSuchAlgorithmException, CMSException { KeyGenerator keyGen = CMSEnvelopedHelper.INSTANCE.createSymmetricKeyGenerator(encryptionOID, provider); return generate(content, encryptionOID, -1, keyGen.getProvider(), provider); }
/** * 生成密钥 * @throws Exception */ public static byte[] initKey() throws Exception { //密钥生成器 KeyGenerator keyGen = KeyGenerator.getInstance("AES"); //初始化密钥生成器 keyGen.init(128); //默认128,获得无政策权限后可用192或256 //生成密钥 SecretKey secretKey = keyGen.generateKey(); return secretKey.getEncoded(); }
/** * 初始化HmacMD2密钥 * * @return byte[] 密钥 * @throws Exception */ public static byte[] initHmacMD2Key() throws Exception { // 初始化KeyGenerator KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacMD2"); // 产生秘密密钥 SecretKey secretKey = keyGenerator.generateKey(); // 获得密钥 return secretKey.getEncoded(); }
/** * generate an authenticated object that contains an CMS Authenticated Data * object using the given provider * @deprecated use addRecipientInfoGenerator method.. */ public CMSAuthenticatedData generate( CMSProcessable content, String encryptionOID, Provider provider) throws NoSuchAlgorithmException, CMSException { KeyGenerator keyGen = CMSEnvelopedHelper.INSTANCE.createSymmetricKeyGenerator(encryptionOID, provider); return generate(content, encryptionOID, keyGen, provider); }