Package org.iqtig.packer.shared.crypto
Class CryptographySupportShared
- java.lang.Object
-
- org.iqtig.packer.shared.crypto.CryptographySupportShared
-
public class CryptographySupportShared extends Object
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classCryptographySupportShared.EncryptionType
-
Field Summary
Fields Modifier and Type Field Description static StringFILE_TYPE_IDENTIFIER_CHARSETstatic intFILE_TYPE_IDENTIFIER_LENGTHstatic StringFILE_TYPE_IDENTIFIER_NEWstatic StringFILE_TYPE_IDENTIFIER_OLD
-
Constructor Summary
Constructors Constructor Description CryptographySupportShared()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description CryptographySupportShared.EncryptionTypecheckEncryptionType(InputStream inputStream)SecretKeycreateRandomAESSessionKey()SecretKeycreateRandomAESSessionKey256Bit()IvParameterSpeccreateRandomIV()byte[]decrypt(byte[] payload, SecretKey secretKey)voiddecrypt(InputStream inputStream, OutputStream outputStream, Function<byte[],SecretKey> secretKeyUnwrapper)Entschlüsselt den eigenhenden InputStream und schreibt das Resultat auf den gegebenen OutputStream.voiddecrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey)byte[]decryptWithPassword(byte[] payload, String password)byte[]encrypt(byte[] payload, SecretKey secretKey)voidencrypt(InputStream inputstream, OutputStream outputStream, SecretKey secretKey)voidencrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey, Function<SecretKey,byte[]> secredKeyWrapper)Verschlüsselt den Inhalt eines eingehenden InputStreams und schreibt das Resultat auf den gegebenen OutputStream.byte[]encryptWithPassword(byte[] payload, String password)SecretKeygetKeyFromBytesForAES(byte[] keyBytes)PrivateKeyreadPrivateKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias, String keyentryPassword)PrivateKeyreadPrivateKeyFromPem(InputStream inputStream)PublicKeyreadPublicKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias)PublicKeyreadPublicKeyFromPem(InputStream inputStream)X509CertificatereadX509Certificate(InputStream certificateInputStream)SecretKeyunwrapSecretKey(byte[] wrappedSecretKey, PrivateKey privateKey)byte[]wrapSecretKey(SecretKey secretKey, PublicKey publicKey)
-
-
-
Field Detail
-
FILE_TYPE_IDENTIFIER_OLD
public static final String FILE_TYPE_IDENTIFIER_OLD
- See Also:
- Constant Field Values
-
FILE_TYPE_IDENTIFIER_NEW
public static final String FILE_TYPE_IDENTIFIER_NEW
- See Also:
- Constant Field Values
-
FILE_TYPE_IDENTIFIER_LENGTH
public static final int FILE_TYPE_IDENTIFIER_LENGTH
- See Also:
- Constant Field Values
-
FILE_TYPE_IDENTIFIER_CHARSET
public static final String FILE_TYPE_IDENTIFIER_CHARSET
- See Also:
- Constant Field Values
-
-
Method Detail
-
createRandomAESSessionKey
public SecretKey createRandomAESSessionKey() throws CryptoException
- Throws:
CryptoException
-
createRandomAESSessionKey256Bit
public SecretKey createRandomAESSessionKey256Bit() throws CryptoException
- Throws:
CryptoException
-
getKeyFromBytesForAES
public SecretKey getKeyFromBytesForAES(byte[] keyBytes)
-
readPrivateKeyFromPem
public PrivateKey readPrivateKeyFromPem(InputStream inputStream) throws CryptoException
- Throws:
CryptoException
-
readPrivateKeyFromKeyStore
public PrivateKey readPrivateKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias, String keyentryPassword) throws CryptoException
- Throws:
CryptoException
-
readPublicKeyFromKeyStore
public PublicKey readPublicKeyFromKeyStore(InputStream keyStoreStream, String keystorePassword, String keyAlias) throws CryptoException
- Throws:
CryptoException
-
readPublicKeyFromPem
public PublicKey readPublicKeyFromPem(InputStream inputStream) throws CryptoException
- Throws:
CryptoException
-
readX509Certificate
public X509Certificate readX509Certificate(InputStream certificateInputStream) throws CryptoException
- Throws:
CryptoException
-
wrapSecretKey
public byte[] wrapSecretKey(SecretKey secretKey, PublicKey publicKey) throws CryptoException
- Throws:
CryptoException
-
unwrapSecretKey
public SecretKey unwrapSecretKey(byte[] wrappedSecretKey, PrivateKey privateKey) throws CryptoException
- Throws:
CryptoException
-
encryptWithPassword
public byte[] encryptWithPassword(byte[] payload, String password) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException
-
decryptWithPassword
public byte[] decryptWithPassword(byte[] payload, String password) throws NoSuchAlgorithmException, InvalidKeySpecException
-
encrypt
public byte[] encrypt(byte[] payload, SecretKey secretKey)
-
decrypt
public byte[] decrypt(byte[] payload, SecretKey secretKey)
-
encrypt
public void encrypt(InputStream inputstream, OutputStream outputStream, SecretKey secretKey) throws CryptoException
- Throws:
CryptoException
-
decrypt
public void decrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey) throws CryptoException
- Throws:
CryptoException
-
encrypt
public void encrypt(InputStream inputStream, OutputStream outputStream, SecretKey secretKey, Function<SecretKey,byte[]> secredKeyWrapper) throws CryptoException
Verschlüsselt den Inhalt eines eingehenden InputStreams und schreibt das Resultat auf den gegebenen OutputStream. Es wird eine symmetrische Verschlüsselung (AES) durchgeführt. Als Betriebsmodus wird GCM (Galois Counter Mode) verwendet.Vor das Chiffrat werden das Salt und die IV gehangen. In alternativen Implementierungen könnte man über eine Base64 Kodierung des Salt und der IV nachdenken. Das ist hier aber unnötig. Salt+IV+Cipher
Zum Entschlüsseln müssen zuerst das Salt und die IV gelesen werden.
- Parameters:
inputStream- die zu verschlüsselnden Daten als InputStreamoutputStream- der OutputStream auf den das Verschlüsselungsergebnis geschrieben werden sollsecretKey- derSecretKeyder zur Anwendung kommtsecredKeyWrapper- eine Function, die das Wrapping des SecretKeys umsetzt- Throws:
CryptoException
-
decrypt
public void decrypt(InputStream inputStream, OutputStream outputStream, Function<byte[],SecretKey> secretKeyUnwrapper) throws CryptoException
Entschlüsselt den eigenhenden InputStream und schreibt das Resultat auf den gegebenen OutputStream.- Parameters:
inputStream- die verschlüsselten Daten als InputStreamoutputStream- der OutputStream auf den das Entschlüsselungsergebnis geschrieben werden sollsecretKeyUnwrapper- Function die den extrahierten SecretKey unwrapped- Throws:
CryptoException
-
createRandomIV
public IvParameterSpec createRandomIV() throws CryptoException
- Throws:
CryptoException
-
checkEncryptionType
public CryptographySupportShared.EncryptionType checkEncryptionType(InputStream inputStream)
-
-