Permalink
Browse files

get the content key encryption part working.

  • Loading branch information...
Albert Cheng
Albert Cheng committed Dec 13, 2012
1 parent e9e52f7 commit 6a0a9304fdeca47bffc790483f8e46a8df933339
@@ -21,16 +21,16 @@
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
-import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
-import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
-import java.security.spec.X509EncodedKeySpec;
import java.util.Random;
import javax.crypto.BadPaddingException;
@@ -70,8 +70,7 @@ public static void RSAOAEP() throws NoSuchAlgorithmException, NoSuchProviderExce
System.out.println("plain : " + new String(plainText));
}
- public static byte[] create256BitRandomVector() {
- int numberOfBits = 256;
+ public static byte[] createRandomVector(int numberOfBits) {
int numberOfBytes = numberOfBits / 8;
byte[] aesKey = new byte[numberOfBytes];
Random random = new Random();
@@ -117,12 +116,22 @@ public static void AESCTR() throws NoSuchAlgorithmException, NoSuchProviderExcep
System.out.println("plain : " + new String(bOut.toByteArray()));
}
- public static byte[] EncryptSymmetricKey(String publicKeyString, byte[] inputData) throws InvalidKeySpecException,
+ public static byte[] EncryptSymmetricKey(String protectionKey, byte[] inputData) throws InvalidKeySpecException,
NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, NoSuchPaddingException,
- IllegalBlockSizeException, BadPaddingException {
- PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(
- new X509EncodedKeySpec(Base64.decode(publicKeyString)));
- return EncryptSymmetricKey(publicKey, inputData);
+ IllegalBlockSizeException, BadPaddingException, CertificateException {
+
+ X509Certificate x509Certificate = createX509CertificateFromString(protectionKey);
+ //X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.decode(publicKeyString));
+ // PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(x509EncodedKeySpec);
+ return EncryptSymmetricKey(x509Certificate.getPublicKey(), inputData);
+
+ }
+
+ private static X509Certificate createX509CertificateFromString(String protectionKey) throws CertificateException {
+ CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
+ ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(protectionKey));
+ X509Certificate x509cert = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
+ return x509cert;
}
@@ -23,6 +23,8 @@
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
+import java.security.Security;
+import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.UUID;
@@ -44,6 +46,7 @@
import com.microsoft.windowsazure.services.media.models.ContentKey;
import com.microsoft.windowsazure.services.media.models.ContentKeyInfo;
import com.microsoft.windowsazure.services.media.models.ContentKeyType;
+import com.microsoft.windowsazure.services.media.models.EncryptionOption;
import com.microsoft.windowsazure.services.media.models.ProtectionKey;
public class EncryptionIntegrationTest extends IntegrationTestBase {
@@ -79,16 +82,19 @@ private String getProtectionKey(ContentKeyType contentKeyType) {
@Test
public void uploadAesProtectedAssetAndDownloadSuccess() throws Exception {
// Arrange
+ Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
InputStream smallWMVInputStream = getClass().getResourceAsStream("/media/SmallWMV.wmv");
// Act
- byte[] aesKey = EncryptionHelper.create256BitRandomVector();
- byte[] initializationVector = EncryptionHelper.create256BitRandomVector();
+ byte[] aesKey = EncryptionHelper.createRandomVector(128);
+ byte[] initializationVector = EncryptionHelper.createRandomVector(128);
- AssetInfo assetInfo = service.create(Asset.create().setName("uploadAesProtectedAssetSuccess"));
+ AssetInfo assetInfo = service.create(Asset.create().setName("uploadAesProtectedAssetSuccess")
+ .setOptions(EncryptionOption.StorageEncrypted));
String protectionKeyId = (String) service.action(ProtectionKey
.getProtectionKeyId(ContentKeyType.StorageEncryption));
- ContentKeyInfo contentKeyInfo = createContentKey(aesKey, ContentKeyType.StorageEncryption, protectionKeyId);
+ String protectionKey = (String) service.action(ProtectionKey.getProtectionKey(protectionKeyId));
+ ContentKeyInfo contentKeyInfo = createContentKey(aesKey, ContentKeyType.StorageEncryption, protectionKey);
URI contentKeyUri = createContentKeyUri(service.getRestServiceUri(), contentKeyInfo.getId());
service.action(Asset.linkContentKey(assetInfo.getId(), contentKeyUri));
@@ -110,7 +116,7 @@ private AssetFileInfo uploadEncryptedAssetFile(AssetInfo assetInfo, String prote
}
private URI createContentKeyUri(URI rootUri, String contentKeyId) {
- return URI.create(String.format("%s/ContentKeys('%s')", contentKeyId));
+ return URI.create(String.format("%s/ContentKeys('%s')", rootUri, contentKeyId));
}
private byte[] EncryptFile(InputStream inputStream, byte[] aesKey, byte[] initializationVector)
@@ -136,11 +142,12 @@ private URI createContentKeyUri(URI rootUri, String contentKeyId) {
return cipherText;
}
- private ContentKeyInfo createContentKey(byte[] aesKey, ContentKeyType contentKeyType, String protectionKeyId)
+ private ContentKeyInfo createContentKey(byte[] aesKey, ContentKeyType contentKeyType, String protectionKey)
throws InvalidKeyException, InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException,
- NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, ServiceException {
+ NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, ServiceException,
+ CertificateException {
String contentKeyId = createRandomContentKeyId();
- byte[] encryptedContentKey = EncryptionHelper.EncryptSymmetricKey(protectionKeyId, aesKey);
+ byte[] encryptedContentKey = EncryptionHelper.EncryptSymmetricKey(protectionKey, aesKey);
ContentKeyInfo contentKeyInfo = service.create(ContentKey.create(contentKeyId, contentKeyType,
Base64.encode(encryptedContentKey)));
return contentKeyInfo;

0 comments on commit 6a0a930

Please sign in to comment.