/* * CryptoKey.java * * * ==================================================== Professional Data Security (PDS) http://crypto.brettlee.com ==================================================== Copyright (c) 2009-2011, Brett Lee All rights reserved. Portions Copyright (C) 1995-2008, Sun Microsystems, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the ORGANIZATION nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ============================================================================= */ package com.brettlee.crypto; import java.security.Key; import java.security.KeyStore; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; public class CryptoKey { String newline = System.getProperty("line.separator"); public void createKey ( String ksFileName, char[] ksPass, String keyType, Integer keyBits, char[] keyPass, String keyAlias ) throws Exception { // [0]: Filename of KeyStore // [1]: Passphrase of KeyStore (optional) // [2]: Type of Key to Generate (AES,DES) // [3]: Bits in Key // [4]: Passphrase of Key (optional) // [5]: Key Alias // Begin // System.out.println(newline + "Beginning CryptoKey().createKey()..."); // Get KeyStore // System.out.println("Requesting KeyStore from CryptoKeyStore.loadKeyStore()..."); // System.out.println("KeyStore: " + ksFileName); KeyStore ks = CryptoKeyStore.loadKeyStore( ksFileName, ksPass ); // System.out.println("Returned from CryptoKeyStore.loadKeyStore()..."); // Get a key generator // System.out.println("Creating key generator..."); KeyGenerator kg = KeyGenerator.getInstance( keyType ); kg.init( keyBits ); // Generate a key // System.out.println("Creating key..."); SecretKey key = kg.generateKey(); // Add key to KeyStore // System.out.println("Putting key in KeyStore..."); ks.setKeyEntry( keyAlias, key, keyPass, null); // Write KeyStore to disk // System.out.println("Writing KeyStore to disk..."); CryptoKeyStore.saveKeyStore( ks, ksPass, ksFileName ); // Scrub the passwords // System.out.println("Scrubbing passwords in CryptoKey.createKey()..."); for ( int i=0; i < ksPass.length; i++ ) { ksPass[i] = '0'; } for ( int i=0; i < keyPass.length; i++ ) { keyPass[i] = '0'; } } public Key getKey( CryptoFile cryptoFile ) throws Exception { // Begin // System.out.println(newline + "Beginning CryptoKey().getKey()..."); // Get KeyStore // System.out.println("Requesting KeyStore from CryptoKeyStore.loadKeyStore()..."); // System.out.println("KeyStore is: " + cryptoFile.getKsName()); KeyStore ks = CryptoKeyStore.loadKeyStore( cryptoFile.getKsName(), cryptoFile.getKsPass() ); // System.out.println(newline + "Back in CryptoKey().getKey()..."); // Get Key // System.out.println("Checking if key alias is in KeyStore: " + cryptoFile.getKeyAlias() ); if ( ks.containsAlias( cryptoFile.getKeyAlias() )) { // alias exists // System.out.println("Getting key from KeyStore..."); Key keyFromStore = ks.getKey( cryptoFile.getKeyAlias(), cryptoFile.getKeyPass() ); // System.out.println("Key = " + formatKey(keyFromStore) ); return keyFromStore; } else { return null; } } public int checkKeyExists ( String ksFileName, char[] ksPass, String keyAlias ) throws Exception { int ret; // Get KeyStore // System.out.println("Requesting KeyStore from CryptoKeyStore.loadKeyStore..."); // System.out.println("KeyStore is: " + cryptoFile.getKsName()); KeyStore ks = CryptoKeyStore.loadKeyStore( ksFileName, ksPass ); // System.out.println(newline + "Back in CryptoKey().checkKeyExists()..."); if ( ks.containsAlias( keyAlias )) { // System.out.println("Alias exists."); // for ( int i=0; i < ksPass.length; i++ ) { ksPass[i] = '0'; } ret = 0; } else { // System.out.println("Alias does not exist."); ret = 1; } // Cannot scrub char[] ksPass here as the pass will be needed in the next // step (and we don't want to prompt twice.) // Instead, should look to scrub it if the user choses to cancel this // operation. return ret; } // // This method is **ONLY** for debug mode // private static String formatKey(Key key){ StringBuffer sb = new StringBuffer(); String algo = key.getAlgorithm(); String fmt = key.getFormat(); byte[] encoded = key.getEncoded(); sb.append( "Key[algorithm=" + algo + ", format=" + fmt + ", bytes=" + encoded.length + "]\n"); // Scrub the encoded key // System.out.println("Scrubbing encoded key in CryptoKey.formatKey()..."); for ( int i=0; i < encoded.length; i++ ) { encoded[i] = '0'; } return sb.toString(); } }