Package org.iqtig.packer.shared.crypto
Class CryptographySupportShared
- java.lang.Object
-
- org.iqtig.packer.shared.crypto.CryptographySupportShared
-
public class CryptographySupportShared extends Object
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
CryptographySupportShared.EncryptionType
-
Field Summary
Fields Modifier and Type Field Description static String
FILE_TYPE_IDENTIFIER_CHARSET
static int
FILE_TYPE_IDENTIFIER_LENGTH
static String
FILE_TYPE_IDENTIFIER_NEW
static String
FILE_TYPE_IDENTIFIER_OLD
-
Constructor Summary
Constructors Constructor Description CryptographySupportShared()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description CryptographySupportShared.EncryptionType
checkEncryptionType(InputStream inputStream)
SecretKey
createRandomAESSessionKey()
SecretKey
createRandomAESSessionKey256Bit()
IvParameterSpec
createRandomIV()
byte[]
decrypt(byte[] payload, SecretKey secretKey)
void
decrypt(InputStream inputStream, OutputStream outputStream, Function<byte[],SecretKey> secretKeyUnwrapper)
Entschlüsselt den eigenhenden InputStream und schreibt das Resultat auf den gegebenen OutputStream.void
decrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey)
byte[]
decryptWithPassword(byte[] payload, String password)
byte[]
encrypt(byte[] payload, SecretKey secretKey)
void
encrypt(InputStream inputstream, OutputStream outputStream, SecretKey secretKey)
void
encrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey, Function<SecretKey,byte[]> secredKeyWrapper)
Verschlüsselt den Inhalt eines eingehenden InputStreams und schreibt das Resultat auf den gegebenen OutputStream.byte[]
encryptWithPassword(byte[] payload, String password)
SecretKey
getKeyFromBytesForAES(byte[] keyBytes)
PrivateKey
readPrivateKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias, String keyentryPassword)
PrivateKey
readPrivateKeyFromPem(InputStream inputStream)
PublicKey
readPublicKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias)
PublicKey
readPublicKeyFromPem(InputStream inputStream)
X509Certificate
readX509Certificate(InputStream certificateInputStream)
SecretKey
unwrapSecretKey(byte[] wrappedSecretKey, PrivateKey privateKey)
byte[]
wrapSecretKey(SecretKey secretKey, PublicKey publicKey)
-
-
-
Field Detail
-
FILE_TYPE_IDENTIFIER_OLD
public static final String FILE_TYPE_IDENTIFIER_OLD
- See Also:
- Constant Field Values
-
FILE_TYPE_IDENTIFIER_NEW
public static final String FILE_TYPE_IDENTIFIER_NEW
- See Also:
- Constant Field Values
-
FILE_TYPE_IDENTIFIER_LENGTH
public static final int FILE_TYPE_IDENTIFIER_LENGTH
- See Also:
- Constant Field Values
-
FILE_TYPE_IDENTIFIER_CHARSET
public static final String FILE_TYPE_IDENTIFIER_CHARSET
- See Also:
- Constant Field Values
-
-
Method Detail
-
createRandomAESSessionKey
public SecretKey createRandomAESSessionKey() throws CryptoException
- Throws:
CryptoException
-
createRandomAESSessionKey256Bit
public SecretKey createRandomAESSessionKey256Bit() throws CryptoException
- Throws:
CryptoException
-
getKeyFromBytesForAES
public SecretKey getKeyFromBytesForAES(byte[] keyBytes)
-
readPrivateKeyFromPem
public PrivateKey readPrivateKeyFromPem(InputStream inputStream) throws CryptoException
- Throws:
CryptoException
-
readPrivateKeyFromKeyStore
public PrivateKey readPrivateKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias, String keyentryPassword) throws CryptoException
- Throws:
CryptoException
-
readPublicKeyFromKeyStore
public PublicKey readPublicKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias) throws CryptoException
- Throws:
CryptoException
-
readPublicKeyFromPem
public PublicKey readPublicKeyFromPem(InputStream inputStream) throws CryptoException
- Throws:
CryptoException
-
readX509Certificate
public X509Certificate readX509Certificate(InputStream certificateInputStream) throws CryptoException
- Throws:
CryptoException
-
wrapSecretKey
public byte[] wrapSecretKey(SecretKey secretKey, PublicKey publicKey) throws CryptoException
- Throws:
CryptoException
-
unwrapSecretKey
public SecretKey unwrapSecretKey(byte[] wrappedSecretKey, PrivateKey privateKey) throws CryptoException
- Throws:
CryptoException
-
encryptWithPassword
public byte[] encryptWithPassword(byte[] payload, String password) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException
-
decryptWithPassword
public byte[] decryptWithPassword(byte[] payload, String password) throws NoSuchAlgorithmException, InvalidKeySpecException
-
encrypt
public byte[] encrypt(byte[] payload, SecretKey secretKey)
-
decrypt
public byte[] decrypt(byte[] payload, SecretKey secretKey)
-
encrypt
public void encrypt(InputStream inputstream, OutputStream outputStream, SecretKey secretKey) throws CryptoException
- Throws:
CryptoException
-
decrypt
public void decrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey) throws CryptoException
- Throws:
CryptoException
-
encrypt
public void encrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey, Function<SecretKey,byte[]> secredKeyWrapper) throws CryptoException
Verschlüsselt den Inhalt eines eingehenden InputStreams und schreibt das Resultat auf den gegebenen OutputStream. Es wird eine symmetrische Verschlüsselung (AES) durchgeführt. Als Betriebsmodus wird GCM (Galois Counter Mode) verwendet.Vor das Chiffrat werden das Salt und die IV gehangen. In alternativen Implementierungen könnte man über eine Base64 Kodierung des Salt und der IV nachdenken. Das ist hier aber unnötig. Salt+IV+Cipher
Zum Entschlüsseln müssen zuerst das Salt und die IV gelesen werden.
- Parameters:
inputStream
- die zu verschlüsselnden Daten als InputStreamoutputStream
- der OutputStream auf den das Verschlüsselungsergebnis geschrieben werden sollsecretKey
- derSecretKey
der zur Anwendung kommtsecredKeyWrapper
- eine Function, die das Wrapping des SecretKeys umsetzt- Throws:
CryptoException
-
decrypt
public void decrypt(InputStream inputStream, OutputStream outputStream, Function<byte[],SecretKey> secretKeyUnwrapper) throws CryptoException
Entschlüsselt den eigenhenden InputStream und schreibt das Resultat auf den gegebenen OutputStream.- Parameters:
inputStream
- die verschlüsselten Daten als InputStreamoutputStream
- der OutputStream auf den das Entschlüsselungsergebnis geschrieben werden sollsecretKeyUnwrapper
- Function die den extrahierten SecretKey unwrapped- Throws:
CryptoException
-
createRandomIV
public IvParameterSpec createRandomIV() throws CryptoException
- Throws:
CryptoException
-
checkEncryptionType
public CryptographySupportShared.EncryptionType checkEncryptionType(InputStream inputStream)
-
-