Note that it also contains methods for compressing and uncompressing data: while these are not strictly cryptographic operations, there are a lot of similarities and it is conceivable at some point that accelerated compression may be available just as it is for cryptographic operations.
Other components of CryptoManager:
@see org.opends.server.crypto.CryptoManagerSync
@see org.opends.server.crypto.GetSymmetricKeyExtendedOperation
*/
public class CryptoManagerImpl
implements ConfigurationChangeListener
Note that the generated key length is in some cases longer than requested
key length. For example, when a 56-bit key is requested for DES (or 168-bit
for DESede) the default provider for the Sun JRE produces an 8-byte (24-byte)
key, which embeds the generated key in an array with one parity bit per byte.
The requested key length is what is recorded in this object and in the
published key entry; hence, users of the actual key data must be sure to
operate on the full key byte array, and not truncate it to the key length.
*/
private static class SecretKeyEntry
{
/**
Construct an instance of {@code SecretKeyEntry} using the specified
parameters. This constructor is used for key generation.
Note the relationship between the secret key data array length and the
secret key length parameter described in {@link SecretKeyEntry}
@param algorithm The name of the secret key algorithm for which the key
entry is to be produced.
@param keyLengthBits The length of the requested key in bits.
@throws CryptoManagerException If there is a problem instantiating the key
generator.
*/
public SecretKeyEntry(final String algorithm, final int keyLengthBits)
throws CryptoManagerException {
KeyGenerator keyGen;
int maxAllowedKeyLengthBits;
try {
keyGen = KeyGenerator.getInstance(algorithm);
maxAllowedKeyLengthBits = Cipher.getMaxAllowedKeyLength(algorithm);
}
catch (NoSuchAlgorithmException ex) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_INVALID_SYMMETRIC_KEY_ALGORITHM.get(
algorithm, getExceptionMessage(ex)), ex);
}
//See if key length is beyond the permissible value.
if(maxAllowedKeyLengthBits < keyLengthBits)
{
throw new CryptoManagerException(
ERR_CRYPTOMGR_INVALID_SYMMETRIC_KEY_LENGTH.get(keyLengthBits,
maxAllowedKeyLengthBits));
}
keyGen.init(keyLengthBits, secureRandom);
final byte[] key = keyGen.generateKey().getEncoded();
this.fKeyID = new KeyEntryID();
this.fSecretKey = new SecretKeySpec(key, algorithm);
this.fKeyLengthBits = keyLengthBits;
this.fIsCompromised = false;
}
/**
Construct an instance of {@code SecretKeyEntry} using the specified
parameters. This constructor would typically be used for key entries
imported from ADS, for which the full set of paramters is known.
Note the relationship between the secret key data array length and the
secret key length parameter described in {@link SecretKeyEntry}
@param keyID The unique identifier of this algorithm/key pair.
@param secretKey The secret key.
@param secretKeyLengthBits The length in bits of the secret key.
@param isCompromised {@code false} if the key may be used
for operations on new data, or {@code true} if the key is being
retained only for use in validation.
*/
public SecretKeyEntry(final KeyEntryID keyID,
final SecretKey secretKey,
final int secretKeyLengthBits,
final boolean isCompromised) {
// copy arguments
this.fKeyID = new KeyEntryID(keyID);
this.fSecretKey = secretKey;
this.fKeyLengthBits = secretKeyLengthBits;
this.fIsCompromised = isCompromised;
}
/**
* The unique identifier of this algorithm/key pair.
*
* @return The unique identifier of this algorithm/key pair.
*/
public KeyEntryID getKeyID() {
return fKeyID;
}
/**
* The secret key spec containing the secret key.
*
* @return The secret key spec containing the secret key.
*/
public SecretKey getSecretKey() {
return fSecretKey;
}
/**
* Mark a key entry as compromised. The entry will no longer be
* eligible for use as an encryption key.
*
* There is no need to lock the entry to make this change: The
* only valid transition for this field is from false to true,
* the change is asynchronous across the topology (i.e., a key
* might continue to be used at this instance for at least the
* replication propagation delay after being marked compromised at
* another instance), and modifying a boolean is guaranteed to be
* atomic.
*/
public void setIsCompromised() {
fIsCompromised = true;
}
/**
Returns the length of the secret key in bits.
Note the relationship between the secret key data array length and the
secret key length parameter described in {@link SecretKeyEntry}
@return the length of the secret key in bits.
*/
public int getKeyLengthBits() {
return fKeyLengthBits;
}
/**
* Returns the status of the key.
* @return {@code false} if the key may be used for operations on
* new data, or {@code true} if the key is being retained only for
* use in validation.
*/
public boolean isCompromised() {
return fIsCompromised;
}
// state
private final KeyEntryID fKeyID;
private final SecretKey fSecretKey;
private final int fKeyLengthBits;
private boolean fIsCompromised = false;
}
/**
* This class corresponds to the cipher key entry in ADS. It is
* used in the local cache of key entries that have been requested
* by CryptoManager clients.
*/
private static class CipherKeyEntry extends SecretKeyEntry
{
/**
* This method generates a key according to the key parameters,
* and creates a key entry and registers it in the supplied map.
*
* @param cryptoManager The CryptoManager instance for which the
* key is to be generated. Pass {@code null} as the argument to
* this parameter in order to validate a proposed cipher
* transformation and key length without publishing the key.
*
* @param transformation The cipher transformation for which the
* key is to be produced. This argument is required.
*
* @param keyLengthBits The cipher key length in bits. This argument is
* required and must be suitable for the requested transformation.
*
* @return The key entry corresponding to the parameters.
*
* @throws CryptoManagerException If there is a problem
* instantiating a Cipher object in order to validate the supplied
* parameters when creating a new entry.
*
* @see MacKeyEntry#getKeyEntry(CryptoManagerImpl, String, int)
*/
public static CipherKeyEntry generateKeyEntry(
final CryptoManagerImpl cryptoManager,
final String transformation,
final int keyLengthBits)
throws CryptoManagerException {
final Map
* ADS is not searched in the case a key entry meeting the
* specifications is not found. Instead, the ADS monitoring thread
* is responsible for asynchronous updates to the key map.
*
* @param cryptoManager The CryptoManager instance with which the
* key entry is associated.
*
* @param transformation The cipher transformation for which the
* key was produced.
*
* @param keyLengthBits The cipher key length in bits.
*
* @return The key entry corresponding to the parameters, or
* {@code null} if no such entry exists.
*/
public static CipherKeyEntry getKeyEntry(
final CryptoManagerImpl cryptoManager,
final String transformation,
final int keyLengthBits) {
Reject.ifNull(cryptoManager, transformation);
Reject.ifFalse(0 < keyLengthBits);
CipherKeyEntry keyEntry = null;
// search for an existing key that satisfies the request
for (Map.Entry
* Although the existence of data tagged with the requested keyID
* implies the key entry exists in the system, it is possible for
* the distribution of the key entry to lag that of the data;
* hence this routine might return null. No attempt is made to
* query the other instances in the ADS topology (presumably at
* least the instance producing the key entry will have it), due
* to the presumed infrequency of key generation and expected low
* latency of replication, compared to the complexity of finding
* the set of instances and querying them. Instead, the caller
* must retry the operation requesting the decryption.
*
* @param cryptoManager The CryptoManager instance with which the
* key entry is associated.
*
* @param keyID The key identifier.
*
* @return The key entry associated with the key identifier, or
* {@code null} if no such entry exists.
*
* @see CryptoManagerImpl.MacKeyEntry
* #getKeyEntry(CryptoManagerImpl, String, int)
*/
public static CipherKeyEntry getKeyEntry(
CryptoManagerImpl cryptoManager,
final KeyEntryID keyID) {
return cryptoManager.cipherKeyEntryCache.get(keyID);
}
/**
In case a transformation is supplied instead of an algorithm:
E.g., AES/CBC/PKCS5Padding -> AES.
@param transformation The cipher transformation from which to
extract the cipher algorithm.
@return The algorithm prefix of the Cipher transformation. If
the transformation is supplied as an algorithm-only (no mode or
padding), return the transformation as-is.
*/
private static String keyAlgorithmFromTransformation(
String transformation){
final int separatorIndex = transformation.indexOf('/');
return (0 < separatorIndex)
? transformation.substring(0, separatorIndex)
: transformation;
}
/**
* Construct an instance of {@code CipherKeyEntry} using the
* specified parameters. This constructor would typically be used
* for key generation.
*
* @param transformation The name of the Cipher transformation
* for which the key entry is to be produced.
*
* @param keyLengthBits The length of the requested key in bits.
*
* @throws CryptoManagerException If there is a problem
* instantiating the key generator.
*/
private CipherKeyEntry(final String transformation, final int keyLengthBits)
throws CryptoManagerException {
// Generate a new key.
super(keyAlgorithmFromTransformation(transformation), keyLengthBits);
// copy arguments.
this.fType = transformation;
this.fIVLengthBits = -1; /* compute IV length */
}
/**
* Construct an instance of CipherKeyEntry using the specified
* parameters. This constructor would typically be used for key
* entries imported from ADS, for which the full set of paramters
* is known, and for a newly generated key entry, for which the
* initialization vector length might not yet be known, but which
* must be set prior to using the key.
*
* @param keyID The unique identifier of this cipher
* transformation/key pair.
*
* @param transformation The name of the secret-key cipher
* transformation for which the key entry is to be produced.
*
* @param secretKey The cipher key.
*
* @param secretKeyLengthBits The length of the secret key in
* bits.
*
* @param ivLengthBits The length in bits of a mandatory
* initialization vector or 0 if none is required. Set this
* parameter to -1 when generating a new encryption key and this
* method will attempt to compute the proper value by first using
* the cipher block size and then, if the cipher block size is
* non-zero, using 0 (i.e., no initialization vector).
*
* @param isCompromised {@code false} if the key may be used
* for encryption, or {@code true} if the key is being retained
* only for use in decrypting existing data.
*
* @throws CryptoManagerException If there is a problem
* instantiating a Cipher object in order to validate the supplied
* parameters when creating a new entry.
*/
private CipherKeyEntry(final KeyEntryID keyID,
final String transformation,
final SecretKey secretKey,
final int secretKeyLengthBits,
final int ivLengthBits,
final boolean isCompromised)
throws CryptoManagerException {
super(keyID, secretKey, secretKeyLengthBits, isCompromised);
// copy arguments
this.fType = transformation;
this.fIVLengthBits = ivLengthBits;
}
/**
* The cipher transformation for which the key entry was created.
*
* @return The cipher transformation.
*/
public String getType() {
return fType;
}
/**
* Set the algorithm/key pair's required initialization vector
* length in bits. Typically, this will be the cipher's block
* size, or 0 for a stream cipher or a block cipher mode that does
* not use an initialization vector (e.g., ECB).
*
* @param ivLengthBits The initiazliation vector length in bits.
*/
private void setIVLengthBits(int ivLengthBits) {
Reject.ifFalse(-1 == fIVLengthBits && 0 <= ivLengthBits);
fIVLengthBits = ivLengthBits;
}
/**
* The initialization vector length in bits: 0 is a stream cipher
* or a block cipher that does not use an IV (e.g., ECB); or a
* positive integer, typically the block size of the cipher.
*
* This method returns -1 if the object initialization has not
* been completed.
*
* @return The initialization vector length.
*/
public int getIVLengthBits() {
return fIVLengthBits;
}
// state
private final String fType;
private int fIVLengthBits = -1;
}
/**
* This method produces an initialized Cipher based on the supplied
* CipherKeyEntry's state.
*
* @param keyEntry The secret key entry containing the cipher
* transformation and secret key for which to instantiate
* the cipher.
*
* @param mode Either Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE.
*
* @param initializationVector For Cipher.DECRYPT_MODE, supply
* the initialzation vector used in the corresponding encryption
* cipher, or {@code null} if none.
*
* @return The initialized cipher object.
*
* @throws CryptoManagerException In case of a problem creating
* or initializing the requested cipher object. Possible causes
* include NoSuchAlgorithmException, NoSuchPaddingException,
* InvalidKeyException, and InvalidAlgorithmParameterException.
*/
private static Cipher getCipher(final CipherKeyEntry keyEntry,
final int mode,
final byte[] initializationVector)
throws CryptoManagerException {
Reject.ifFalse(Cipher.ENCRYPT_MODE == mode
|| Cipher.DECRYPT_MODE == mode);
Reject.ifFalse(Cipher.ENCRYPT_MODE != mode
|| null == initializationVector);
Reject.ifFalse(-1 != keyEntry.getIVLengthBits()
|| Cipher.ENCRYPT_MODE == mode);
Reject.ifFalse(null == initializationVector
|| initializationVector.length * Byte.SIZE
== keyEntry.getIVLengthBits());
Cipher cipher;
try {
String transformation = keyEntry.getType();
/* If a client specifies only an algorithm for a transformation, the
Cipher provider can supply default values for mode and padding. Hence
in order to avoid a decryption error due to mismatched defaults in the
provider implementation of JREs supplied by different vendors, the
{@code CryptoManager} configuration validator requires the mode and
padding be explicitly specified. Some cipher algorithms, including
RC4 and ARCFOUR, do not have a mode or padding, and hence must be
specified as {@code algorithm/NONE/NoPadding}. */
String fields[] = transformation.split("/",0);
if (1 < fields.length && "NONE".equals(fields[1])) {
assert "RC4".equals(fields[0]) || "ARCFOUR".equals(fields[0]);
assert "NoPadding".equals(fields[2]);
transformation = fields[0];
}
cipher = Cipher.getInstance(transformation);
}
catch (GeneralSecurityException ex) {
// NoSuchAlgorithmException, NoSuchPaddingException
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_GET_CIPHER_INVALID_CIPHER_TRANSFORMATION.get(
keyEntry.getType(), getExceptionMessage(ex)), ex);
}
try {
if (0 < keyEntry.getIVLengthBits()) {
byte[] iv;
if (Cipher.ENCRYPT_MODE == mode && null == initializationVector) {
iv = new byte[keyEntry.getIVLengthBits() / Byte.SIZE];
pseudoRandom.nextBytes(iv);
}
else {
iv = initializationVector;
}
// TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2471
cipher.init(mode, keyEntry.getSecretKey(), new IvParameterSpec(iv));
}
else {
cipher.init(mode, keyEntry.getSecretKey());
}
}
catch (GeneralSecurityException ex) {
// InvalidKeyException, InvalidAlgorithmParameterException
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_GET_CIPHER_CANNOT_INITIALIZE.get(
getExceptionMessage(ex)), ex);
}
return cipher;
}
/**
* This class corresponds to the MAC key entry in ADS. It is
* used in the local cache of key entries that have been requested
* by CryptoManager clients.
*/
private static class MacKeyEntry extends SecretKeyEntry
{
/**
* This method generates a key according to the key parameters,
* creates a key entry, and optionally registers it in the
* supplied CryptoManager context.
*
* @param cryptoManager The CryptoManager instance for which the
* key is to be generated. Pass {@code null} as the argument to
* this parameter in order to validate a proposed MAC algorithm
* and key length, but not publish the key entry.
*
* @param algorithm The MAC algorithm for which the
* key is to be produced. This argument is required.
*
* @param keyLengthBits The MAC key length in bits. The argument is
* required and must be suitable for the requested algorithm.
*
* @return The key entry corresponding to the parameters.
*
* @throws CryptoManagerException If there is a problem
* instantiating a Mac object in order to validate the supplied
* parameters when creating a new entry.
*
* @see CipherKeyEntry#getKeyEntry(CryptoManagerImpl, String, int)
*/
public static MacKeyEntry generateKeyEntry(
final CryptoManagerImpl cryptoManager,
final String algorithm,
final int keyLengthBits)
throws CryptoManagerException {
Reject.ifNull(algorithm);
final Map
* ADS is not searched in the case a key entry meeting the
* specifications is not found. Instead, the ADS monitoring thread
* is responsible for asynchronous updates to the key map.
*
* @param cryptoManager The CryptoManager instance with which the
* key entry is associated.
*
* @param algorithm The MAC algorithm for which the key was
* produced.
*
* @param keyLengthBits The MAC key length in bits.
*
* @return The key entry corresponding to the parameters, or
* {@code null} if no such entry exists.
*/
public static MacKeyEntry getKeyEntry(
final CryptoManagerImpl cryptoManager,
final String algorithm,
final int keyLengthBits) {
Reject.ifNull(cryptoManager, algorithm);
Reject.ifFalse(0 < keyLengthBits);
MacKeyEntry keyEntry = null;
// search for an existing key that satisfies the request
for (Map.Entry
* Although the existence of data tagged with the requested keyID
* implies the key entry exists in the system, it is possible for
* the distribution of the key entry to lag that of the data;
* hence this routine might return null. No attempt is made to
* query the other instances in the ADS topology (presumably at
* least the instance producing the key entry will have it), due
* to the presumed infrequency of key generation and expected low
* latency of replication, compared to the complexity of finding
* the set of instances and querying them. Instead, the caller
* must retry the operation requesting the decryption.
*
* @param cryptoManager The CryptoManager instance with which the
* key entry is associated.
*
* @param keyID The key identifier.
*
* @return The key entry associated with the key identifier, or
* {@code null} if no such entry exists.
*
* @see CryptoManagerImpl.CipherKeyEntry
* #getKeyEntry(CryptoManagerImpl, String, int)
*/
public static MacKeyEntry getKeyEntry(
final CryptoManagerImpl cryptoManager,
final KeyEntryID keyID) {
return cryptoManager.macKeyEntryCache.get(keyID);
}
/**
* Construct an instance of {@code MacKeyEntry} using the
* specified parameters. This constructor would typically be used
* for key generation.
*
* @param algorithm The name of the MAC algorithm for which the
* key entry is to be produced.
*
* @param keyLengthBits The length of the requested key in bits.
*
* @throws CryptoManagerException If there is a problem
* instantiating the key generator.
*/
private MacKeyEntry(final String algorithm,
final int keyLengthBits)
throws CryptoManagerException {
// Generate a new key.
super(algorithm, keyLengthBits);
// copy arguments
this.fType = algorithm;
}
/**
* Construct an instance of MacKeyEntry using the specified
* parameters. This constructor would typically be used for key
* entries imported from ADS, for which the full set of paramters
* is known.
*
* @param keyID The unique identifier of this MAC algorithm/key
* pair.
*
* @param algorithm The name of the MAC algorithm for which the
* key entry is to be produced.
*
* @param secretKey The MAC key.
*
* @param secretKeyLengthBits The length of the secret key in
* bits.
*
* @param isCompromised {@code false} if the key may be used
* for signing, or {@code true} if the key is being retained only
* for use in signature verification.
*/
private MacKeyEntry(final KeyEntryID keyID,
final String algorithm,
final SecretKey secretKey,
final int secretKeyLengthBits,
final boolean isCompromised) {
super(keyID, secretKey, secretKeyLengthBits, isCompromised);
// copy arguments
this.fType = algorithm;
}
/**
* The algorithm for which the key entry was created.
*
* @return The algorithm.
*/
public String getType() {
return fType;
}
// state
private final String fType;
}
/**
* This method produces an initialized MAC engine based on the
* supplied MacKeyEntry's state.
*
* @param keyEntry The MacKeyEntry specifying the Mac properties.
*
* @return An initialized Mac object.
*
* @throws CryptoManagerException In case there was a error
* instantiating the Mac object.
*/
private static Mac getMacEngine(MacKeyEntry keyEntry)
throws CryptoManagerException
{
Mac mac;
try {
mac = Mac.getInstance(keyEntry.getType());
}
catch (NoSuchAlgorithmException ex){
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_GET_MAC_ENGINE_INVALID_MAC_ALGORITHM.get(
keyEntry.getType(), getExceptionMessage(ex)),
ex);
}
try {
mac.init(keyEntry.getSecretKey());
}
catch (InvalidKeyException ex) {
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_GET_MAC_ENGINE_CANNOT_INITIALIZE.get(
getExceptionMessage(ex)), ex);
}
return mac;
}
/** {@inheritDoc} */
@Override
public String getPreferredMessageDigestAlgorithm()
{
return preferredDigestAlgorithm;
}
/** {@inheritDoc} */
@Override
public MessageDigest getPreferredMessageDigest()
throws NoSuchAlgorithmException
{
return MessageDigest.getInstance(preferredDigestAlgorithm);
}
/** {@inheritDoc} */
@Override
public MessageDigest getMessageDigest(String digestAlgorithm)
throws NoSuchAlgorithmException
{
return MessageDigest.getInstance(digestAlgorithm);
}
/** {@inheritDoc} */
@Override
public byte[] digest(byte[] data)
throws NoSuchAlgorithmException
{
return MessageDigest.getInstance(preferredDigestAlgorithm).
digest(data);
}
/** {@inheritDoc} */
@Override
public byte[] digest(String digestAlgorithm, byte[] data)
throws NoSuchAlgorithmException
{
return MessageDigest.getInstance(digestAlgorithm).digest(data);
}
/** {@inheritDoc} */
@Override
public byte[] digest(InputStream inputStream)
throws IOException, NoSuchAlgorithmException
{
MessageDigest digest =
MessageDigest.getInstance(preferredDigestAlgorithm);
byte[] buffer = new byte[8192];
while (true)
{
int bytesRead = inputStream.read(buffer);
if (bytesRead < 0)
{
break;
}
digest.update(buffer, 0, bytesRead);
}
return digest.digest();
}
/** {@inheritDoc} */
@Override
public byte[] digest(String digestAlgorithm,
InputStream inputStream)
throws IOException, NoSuchAlgorithmException
{
MessageDigest digest = MessageDigest.getInstance(digestAlgorithm);
byte[] buffer = new byte[8192];
while (true)
{
int bytesRead = inputStream.read(buffer);
if (bytesRead < 0)
{
break;
}
digest.update(buffer, 0, bytesRead);
}
return digest.digest();
}
/** {@inheritDoc} */
@Override
public String getMacEngineKeyEntryID()
throws CryptoManagerException
{
return getMacEngineKeyEntryID(preferredMACAlgorithm,
preferredMACAlgorithmKeyLengthBits);
}
/** {@inheritDoc} */
@Override
public String getMacEngineKeyEntryID(final String macAlgorithm,
final int keyLengthBits)
throws CryptoManagerException {
Reject.ifNull(macAlgorithm);
MacKeyEntry keyEntry = MacKeyEntry.getKeyEntry(this, macAlgorithm,
keyLengthBits);
if (null == keyEntry) {
keyEntry = MacKeyEntry.generateKeyEntry(this, macAlgorithm,
keyLengthBits);
}
return keyEntry.getKeyID().getStringValue();
}
/** {@inheritDoc} */
@Override
public Mac getMacEngine(String keyEntryID)
throws CryptoManagerException
{
final MacKeyEntry keyEntry = MacKeyEntry.getKeyEntry(this,
new KeyEntryID(keyEntryID));
return (null == keyEntry) ? null : getMacEngine(keyEntry);
}
/** {@inheritDoc} */
@Override
public byte[] encrypt(byte[] data)
throws GeneralSecurityException, CryptoManagerException
{
return encrypt(preferredCipherTransformation,
preferredCipherTransformationKeyLengthBits, data);
}
/** {@inheritDoc} */
@Override
public byte[] encrypt(String cipherTransformation,
int keyLengthBits,
byte[] data)
throws GeneralSecurityException, CryptoManagerException
{
Reject.ifNull(cipherTransformation, data);
CipherKeyEntry keyEntry = CipherKeyEntry.getKeyEntry(this,
cipherTransformation, keyLengthBits);
if (null == keyEntry) {
keyEntry = CipherKeyEntry.generateKeyEntry(this, cipherTransformation,
keyLengthBits);
}
final Cipher cipher = getCipher(keyEntry, Cipher.ENCRYPT_MODE, null);
final byte[] keyID = keyEntry.getKeyID().getByteValue();
final byte[] iv = cipher.getIV();
final int prologueLength
= /* version */ 1 + keyID.length + ((null == iv) ? 0 : iv.length);
final int dataLength = cipher.getOutputSize(data.length);
final byte[] cipherText = new byte[prologueLength + dataLength];
int writeIndex = 0;
cipherText[writeIndex++] = CIPHERTEXT_PROLOGUE_VERSION;
System.arraycopy(keyID, 0, cipherText, writeIndex, keyID.length);
writeIndex += keyID.length;
if (null != iv) {
System.arraycopy(iv, 0, cipherText, writeIndex, iv.length);
writeIndex += iv.length;
}
System.arraycopy(cipher.doFinal(data), 0, cipherText,
prologueLength, dataLength);
return cipherText;
}
/** {@inheritDoc} */
@Override
public CipherOutputStream getCipherOutputStream(
OutputStream outputStream) throws CryptoManagerException
{
return getCipherOutputStream(preferredCipherTransformation,
preferredCipherTransformationKeyLengthBits, outputStream);
}
/** {@inheritDoc} */
@Override
public CipherOutputStream getCipherOutputStream(
String cipherTransformation, int keyLengthBits,
OutputStream outputStream)
throws CryptoManagerException
{
Reject.ifNull(cipherTransformation, outputStream);
CipherKeyEntry keyEntry = CipherKeyEntry.getKeyEntry(
this, cipherTransformation, keyLengthBits);
if (null == keyEntry) {
keyEntry = CipherKeyEntry.generateKeyEntry(this, cipherTransformation,
keyLengthBits);
}
final Cipher cipher = getCipher(keyEntry, Cipher.ENCRYPT_MODE, null);
final byte[] keyID = keyEntry.getKeyID().getByteValue();
try {
outputStream.write((byte)CIPHERTEXT_PROLOGUE_VERSION);
outputStream.write(keyID);
if (null != cipher.getIV()) {
outputStream.write(cipher.getIV());
}
}
catch (IOException ex) {
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_GET_CIPHER_STREAM_PROLOGUE_WRITE_ERROR.get(
getExceptionMessage(ex)), ex);
}
return new CipherOutputStream(outputStream, cipher);
}
/** {@inheritDoc} */
@Override
public byte[] decrypt(byte[] data)
throws GeneralSecurityException,
CryptoManagerException
{
int readIndex = 0;
int version;
try {
version = data[readIndex++];
}
catch (Exception ex) {
// IndexOutOfBoundsException, ArrayStoreException, ...
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_FAILED_TO_READ_PROLOGUE_VERSION.get(
ex.getMessage()), ex);
}
switch (version) {
case CIPHERTEXT_PROLOGUE_VERSION:
// Encryption key identifier only in the data prologue.
break;
default:
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_UNKNOWN_PROLOGUE_VERSION.get(version));
}
KeyEntryID keyID;
try {
final byte[] keyIDBytes
= new byte[KeyEntryID.getByteValueLength()];
System.arraycopy(data, readIndex, keyIDBytes, 0, keyIDBytes.length);
readIndex += keyIDBytes.length;
keyID = new KeyEntryID(keyIDBytes);
}
catch (Exception ex) {
// IndexOutOfBoundsException, ArrayStoreException, ...
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_FAILED_TO_READ_KEY_IDENTIFIER.get(
ex.getMessage()), ex);
}
CipherKeyEntry keyEntry = CipherKeyEntry.getKeyEntry(this, keyID);
if (null == keyEntry) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_UNKNOWN_KEY_IDENTIFIER.get());
}
byte[] iv = null;
if (0 < keyEntry.getIVLengthBits()) {
iv = new byte[keyEntry.getIVLengthBits()/Byte.SIZE];
try {
System.arraycopy(data, readIndex, iv, 0, iv.length);
readIndex += iv.length;
}
catch (Exception ex) {
// IndexOutOfBoundsException, ArrayStoreException, ...
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_FAILED_TO_READ_IV.get(), ex);
}
}
final Cipher cipher = getCipher(keyEntry, Cipher.DECRYPT_MODE, iv);
if(data.length - readIndex > 0)
return cipher.doFinal(data, readIndex, data.length - readIndex);
else {
//IBM Java 6 throws an IllegalArgumentException when there's n
// data to process.
return cipher.doFinal();
}
}
/** {@inheritDoc} */
@Override
public CipherInputStream getCipherInputStream(
InputStream inputStream) throws CryptoManagerException
{
int version;
CipherKeyEntry keyEntry;
byte[] iv = null;
try {
final byte[] rawVersion = new byte[1];
if (rawVersion.length != inputStream.read(rawVersion)) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_FAILED_TO_READ_PROLOGUE_VERSION.get(
"stream underflow"));
}
version = rawVersion[0];
switch (version) {
case CIPHERTEXT_PROLOGUE_VERSION:
// Encryption key identifier only in the data prologue.
break;
default:
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_UNKNOWN_PROLOGUE_VERSION.get(version));
}
final byte[] keyID = new byte[KeyEntryID.getByteValueLength()];
if (keyID.length != inputStream.read(keyID)) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_FAILED_TO_READ_KEY_IDENTIFIER.get(
"stream underflow"));
}
keyEntry = CipherKeyEntry.getKeyEntry(this,
new KeyEntryID(keyID));
if (null == keyEntry) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_UNKNOWN_KEY_IDENTIFIER.get());
}
if (0 < keyEntry.getIVLengthBits()) {
iv = new byte[keyEntry.getIVLengthBits() / Byte.SIZE];
if (iv.length != inputStream.read(iv)) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_FAILED_TO_READ_IV.get());
}
}
}
catch (IOException ex) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECRYPT_CIPHER_INPUT_STREAM_ERROR.get(
getExceptionMessage(ex)), ex);
}
return new CipherInputStream(inputStream,
getCipher(keyEntry, Cipher.DECRYPT_MODE, iv));
}
/** {@inheritDoc} */
@Override
public int compress(byte[] src, int srcOff, int srcLen,
byte[] dst, int dstOff, int dstLen)
{
Deflater deflater = new Deflater();
try
{
deflater.setInput(src, srcOff, srcLen);
deflater.finish();
int compressedLength = deflater.deflate(dst, dstOff, dstLen);
if (deflater.finished())
{
return compressedLength;
}
else
{
return -1;
}
}
finally
{
deflater.end();
}
}
/** {@inheritDoc} */
@Override
public int uncompress(byte[] src, int srcOff, int srcLen,
byte[] dst, int dstOff, int dstLen)
throws DataFormatException
{
Inflater inflater = new Inflater();
try
{
inflater.setInput(src, srcOff, srcLen);
int decompressedLength = inflater.inflate(dst, dstOff, dstLen);
if (inflater.finished())
{
return decompressedLength;
}
else
{
int totalLength = decompressedLength;
while (! inflater.finished())
{
totalLength += inflater.inflate(dst, dstOff, dstLen);
}
return -totalLength;
}
}
finally
{
inflater.end();
}
}
/** {@inheritDoc} */
@Override
public SSLContext getSslContext(String sslCertNickname)
throws ConfigException
{
SSLContext sslContext;
try
{
TrustStoreBackend trustStoreBackend = getTrustStoreBackend();
KeyManager[] keyManagers = trustStoreBackend.getKeyManagers();
TrustManager[] trustManagers =
trustStoreBackend.getTrustManagers();
sslContext = SSLContext.getInstance("TLS");
if (sslCertNickname == null)
{
sslContext.init(keyManagers, trustManagers, null);
}
else
{
X509ExtendedKeyManager[] extendedKeyManagers =
SelectableCertificateKeyManager.wrap(
keyManagers,
sslCertNickname);
sslContext.init(extendedKeyManagers, trustManagers, null);
}
}
catch (Exception e)
{
logger.traceException(e);
LocalizableMessage message =
ERR_CRYPTOMGR_SSL_CONTEXT_CANNOT_INITIALIZE.get(
getExceptionMessage(e));
throw new ConfigException(message, e);
}
return sslContext;
}
/** {@inheritDoc} */
@Override
public String getSslCertNickname()
{
return sslCertNickname;
}
/** {@inheritDoc} */
@Override
public boolean isSslEncryption()
{
return sslEncryption;
}
/** {@inheritDoc} */
@Override
public SortedSet
* wrappingKeyID:wrappingTransformation:wrappedKeyAlgorithm:\
* wrappedKeyType:hexWrappedKey
*
* wrappingKeyID ::= hexBytes[16]
* wrappingTransformation
* ::= e.g., RSA/ECB/OAEPWITHSHA-1ANDMGF1PADDING
* wrappedKeyAlgorithm ::= e.g., DESede
* hexifiedwrappedKey ::= 0123456789abcdef01...
*
*
* @param wrappingKeyID The key identifier of the wrapping key. This
* parameter is the first field in the encoded value and identifies
* the instance that will be able to unwrap the secret key.
*
* @param wrappingKeyCertificateData The public key certificate used
* to derive the wrapping key.
*
* @param secretKey The secret key value to be wrapped for the
* encoded value.
*
* @return The encoded representation of the ds-cfg-symmetric-key
* attribute with the secret key wrapped with the supplied public
* key.
*
* @throws CryptoManagerException If there is a problem wrapping
* the secret key.
*/
private String encodeSymmetricKeyAttribute(
final String wrappingKeyID,
final byte[] wrappingKeyCertificateData,
final SecretKey secretKey)
throws CryptoManagerException {
return encodeSymmetricKeyAttribute(
preferredKeyWrappingTransformation,
wrappingKeyID,
wrappingKeyCertificateData,
secretKey);
}
/**
* Encodes a ds-cfg-symmetric-key attribute value with a specified
* key wrapping transformation and using the supplied arguments.
*
* @param wrappingTransformationName The name of the key wrapping
* transformation.
*
* @param wrappingKeyID The key identifier of the wrapping key. This
* parameter is the first field in the encoded value and identifies
* the instance that will be able to unwrap the secret key.
*
* @param wrappingKeyCertificateData The public key certificate used
* to derive the wrapping key.
*
* @param secretKey The secret key value to be wrapped for the
* encoded value.
*
* @return The encoded representation of the ds-cfg-symmetric-key
* attribute with the secret key wrapped with the supplied public
* key.
*
* @throws CryptoManagerException If there is a problem wrapping
* the secret key.
*/
private String encodeSymmetricKeyAttribute(
final String wrappingTransformationName,
final String wrappingKeyID,
final byte[] wrappingKeyCertificateData,
final SecretKey secretKey)
throws CryptoManagerException {
// Wrap secret key.
String wrappedKeyElement;
try {
final CertificateFactory cf
= CertificateFactory.getInstance("X.509");
final Certificate certificate = cf.generateCertificate(
new ByteArrayInputStream(wrappingKeyCertificateData));
final Cipher wrapper
= Cipher.getInstance(wrappingTransformationName);
wrapper.init(Cipher.WRAP_MODE, certificate);
byte[] wrappedKey = wrapper.wrap(secretKey);
wrappedKeyElement = StaticUtils.bytesToHexNoSpace(wrappedKey);
}
catch (GeneralSecurityException ex) {
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_FAILED_TO_ENCODE_SYMMETRIC_KEY_ATTRIBUTE.get(
getExceptionMessage(ex)), ex);
}
// Compose ds-cfg-symmetric-key value.
return wrappingKeyID + ":" + wrappingTransformationName + ":"
+ secretKey.getAlgorithm() + ":" + wrappedKeyElement;
}
/**
* Takes an encoded ds-cfg-symmetric-key attribute value and the
* associated key algorithm name, and returns an initialized
* {@code java.security.Key} object.
* @param symmetricKeyAttribute The encoded
* ds-cfg-symmetric-key-attribute value.
* @return A SecretKey object instantiated with the key data,
* algorithm, and Ciper.SECRET_KEY type, or {@code null} if the
* supplied symmetricKeyAttribute was encoded for another instance.
* @throws CryptoManagerException If there is a problem decomposing
* the supplied attribute value or unwrapping the encoded key.
*/
private SecretKey decodeSymmetricKeyAttribute(
final String symmetricKeyAttribute)
throws CryptoManagerException {
// Initial decomposition.
String[] elements = symmetricKeyAttribute.split(":", 0);
if (4 != elements.length) {
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECODE_SYMMETRIC_KEY_ATTRIBUTE_FIELD_COUNT.get(
symmetricKeyAttribute));
}
// Parse individual fields.
String wrappingKeyIDElement;
String wrappingTransformationElement;
String wrappedKeyAlgorithmElement;
byte[] wrappedKeyCipherTextElement;
String fieldName = null;
try {
fieldName = "instance key identifier";
wrappingKeyIDElement = elements[0];
fieldName = "key wrapping transformation";
wrappingTransformationElement = elements[1];
fieldName = "wrapped key algorithm";
wrappedKeyAlgorithmElement = elements[2];
fieldName = "wrapped key data";
wrappedKeyCipherTextElement
= StaticUtils.hexStringToByteArray(elements[3]);
}
catch (ParseException ex) {
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECODE_SYMMETRIC_KEY_ATTRIBUTE_SYNTAX.get(
symmetricKeyAttribute, fieldName,
ex.getErrorOffset()), ex);
}
// Confirm key can be unwrapped at this instance.
final String instanceKeyID = getInstanceKeyID();
if (! wrappingKeyIDElement.equals(instanceKeyID)) {
return null;
}
// Retrieve instance-key-pair private key part.
PrivateKey privateKey;
try {
privateKey = (PrivateKey)getTrustStoreBackend()
.getKey(ConfigConstants.ADS_CERTIFICATE_ALIAS);
}
catch (IdentifiedException ex) {
// ConfigException, DirectoryException
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECODE_SYMMETRIC_KEY_ATTRIBUTE_NO_PRIVATE.get(
getExceptionMessage(ex)), ex);
}
// Unwrap secret key.
SecretKey secretKey;
try {
final Cipher unwrapper
= Cipher.getInstance(wrappingTransformationElement);
unwrapper.init(Cipher.UNWRAP_MODE, privateKey);
secretKey = (SecretKey)unwrapper.unwrap(wrappedKeyCipherTextElement,
wrappedKeyAlgorithmElement, Cipher.SECRET_KEY);
} catch(GeneralSecurityException ex) {
logger.traceException(ex);
throw new CryptoManagerException(
ERR_CRYPTOMGR_DECODE_SYMMETRIC_KEY_ATTRIBUTE_DECIPHER.get(
getExceptionMessage(ex)), ex);
}
return secretKey;
}
/**
* Decodes the supplied symmetric key attribute value and re-encodes
* it with the public key referred to by the requested instance key
* identifier. The symmetric key attribute must be wrapped in this
* instance's instance-key-pair public key.
* @param symmetricKeyAttribute The symmetric key attribute value to
* unwrap and rewrap.
* @param requestedInstanceKeyID The key identifier of the public
* key to use in the re-wrapping.
* @return The symmetric key attribute value with the symmetric key
* re-wrapped in the requested public key.
* @throws CryptoManagerException If there is a problem decoding
* the supplied symmetric key attribute value, unwrapping the
* embedded secret key, or retrieving the requested public key.
*/
String reencodeSymmetricKeyAttribute(
final String symmetricKeyAttribute,
final String requestedInstanceKeyID)
throws CryptoManagerException {
final SecretKey secretKey
= decodeSymmetricKeyAttribute(symmetricKeyAttribute);
final Map