Refine search
@Override public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher); }
/** * Creates a new AES cipher. * * @param secretKey The AES key. Must not be {@code null}. * @param forEncryption If {@code true} creates an AES encryption * cipher, else creates an AES decryption * cipher. * * @return The AES cipher. */ public static AESEngine createCipher(final SecretKey secretKey, final boolean forEncryption) { AESEngine cipher = new AESEngine(); CipherParameters cipherParams = new KeyParameter(secretKey.getEncoded()); cipher.init(forEncryption, cipherParams); return cipher; }
byte[] keyBytes = ((KeyParameter)cipherParameters).getKey(); mac.init( new KeyParameter(authenticationCodeBytes) ); this.aesCipher = new SICBlockCipher(new AESEngine()); this.blockSize = aesCipher.getBlockSize();
private byte[] decryptWithLWCrypto(byte[] cipher, String password, byte[] salt, final int iterationCount) throws Exception { PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(new SHA256Digest()); char[] passwordChars = password.toCharArray(); final byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS12PasswordToBytes(passwordChars); pGen.init(pkcs12PasswordBytes, salt, iterationCount); CBCBlockCipher aesCBC = new CBCBlockCipher(new AESEngine()); ParametersWithIV aesCBCParams = (ParametersWithIV) pGen.generateDerivedParameters(256, 128); aesCBC.init(false, aesCBCParams); PaddedBufferedBlockCipher aesCipher = new PaddedBufferedBlockCipher(aesCBC, new PKCS7Padding()); byte[] plainTemp = new byte[aesCipher.getOutputSize(cipher.length)]; int offset = aesCipher.processBytes(cipher, 0, cipher.length, plainTemp, 0); int last = aesCipher.doFinal(plainTemp, offset); final byte[] plain = new byte[offset + last]; System.arraycopy(plainTemp, 0, plain, 0, plain.length); return plain; }
KeyParameter aesKey = new KeyParameter(aesSecret.toArrayUnsafe()); SICBlockCipher decryptionCipher = new SICBlockCipher(new AESEngine()); decryptionCipher.init(false, new ParametersWithIV(aesKey, IV)); macEncryptionEngine.processBlock(frameMacSeed.toArrayUnsafe(), 0, newFrameMac.toArrayUnsafe(), 0); Bytes expectedFrameMac = updateIngress(newFrameMac.xor(frameMacSeed.slice(0, 16))).slice(0, 16); if (!expectedFrameMac.equals(frameMac)) {
/** For unit tests only */ static AEADOutputStream innerCreateAES(OutputStream os, byte[] key, Random random) throws IOException { AESEngine mainCipher = new AESEngine(); AESLightEngine hashCipher = new AESLightEngine(); byte[] nonce = new byte[mainCipher.getBlockSize()]; random.nextBytes(nonce); nonce[0] &= 0x7F; return new AEADOutputStream(os, key, nonce, hashCipher, mainCipher); }
unpackBlock(in, inOff); encryptBlock(WorkingKey); packBlock(out, outOff); unpackBlock(in, inOff); decryptBlock(WorkingKey); packBlock(out, outOff);
byte[] keyBytes = ((KeyParameter)cipherParameters).getKey(); mac.init( new KeyParameter(authenticationCodeBytes) ); this.aesCipher = new SICBlockCipher(new AESEngine()); this.blockSize = aesCipher.getBlockSize();
/** * Create a regular AESWrapEngine specifying the encrypt for wrapping, decrypt for unwrapping. */ public AESWrapEngine() { super(new AESEngine()); }
KeyParameter aesKey = new KeyParameter(aesSecret.toArrayUnsafe()); SICBlockCipher encryptionCipher = new SICBlockCipher(new AESEngine()); encryptionCipher.init(true, new ParametersWithIV(aesKey, IV)); macEncryptionEngine.processBlock(payloadMacSeed.toArrayUnsafe(), 0, payloadMac.toArrayUnsafe(), 0); payloadMac = updateEgress(payloadMacSeed.xor(payloadMac)).slice(0, 16);
unpackBlock(in, inOff); encryptBlock(WorkingKey); packBlock(out, outOff); unpackBlock(in, inOff); decryptBlock(WorkingKey); packBlock(out, outOff);
@Override public InputStream newCipherInputStream(InputStream underlyingInputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(false, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherInputStream(underlyingInputStream, cipher); } }
public void init( String pwStr, int keySize, byte[] salt, byte[] pwVerification ) throws ZipException { byte[] pwBytes = pwStr.getBytes(); super.saltBytes = salt; PBEParametersGenerator generator = new PKCS5S2ParametersGenerator(); generator.init( pwBytes, salt, ITERATION_COUNT ); cipherParameters = generator.generateDerivedParameters(KEY_SIZE_BIT*2 + 16); byte[] keyBytes = ((KeyParameter)cipherParameters).getKey(); this.cryptoKeyBytes = new byte[ KEY_SIZE_BYTE ]; System.arraycopy( keyBytes, 0, cryptoKeyBytes, 0, KEY_SIZE_BYTE ); this.authenticationCodeBytes = new byte[ KEY_SIZE_BYTE ]; System.arraycopy( keyBytes, KEY_SIZE_BYTE, authenticationCodeBytes, 0, KEY_SIZE_BYTE ); // based on SALT + PASSWORD (password is probably correct) this.pwVerificationBytes = new byte[ 2 ]; System.arraycopy( keyBytes, KEY_SIZE_BYTE*2, this.pwVerificationBytes, 0, 2 ); if( !ByteArrayHelper.isEqual( this.pwVerificationBytes, pwVerification ) ) { throw new ZipException("wrong password - " + ByteArrayHelper.toString(this.pwVerificationBytes) + "/ " + ByteArrayHelper.toString(pwVerification)); } // create the first 16 bytes of the key sequence again (using pw+salt) generator.init( pwBytes, salt, ITERATION_COUNT ); cipherParameters = generator.generateDerivedParameters(KEY_SIZE_BIT); // checksum added to the end of the encrypted data, update on each encryption call this.mac = new HMac( new SHA1Digest() ); mac.init( new KeyParameter(authenticationCodeBytes) ); this.aesCipher = new SICBlockCipher(new AESEngine()); this.blockSize = aesCipher.getBlockSize(); // incremented on each 16 byte block and used as encryption NONCE (ivBytes) nonce = 1; }
/** * Create an AESWrapEngine where the underlying cipher is set to decrypt for wrapping, encrypt for unwrapping. * * @param useReverseDirection true if underlying cipher should be used in decryption mode, false otherwise. */ public AESWrapEngine(boolean useReverseDirection) { super(new AESEngine(), useReverseDirection); } }
/** * Creates a new AES cipher. * * @param secretKey The AES key. Must not be {@code null}. * @param forEncryption If {@code true} creates an AES encryption cipher, else creates an AES decryption cipher. * * @return The AES cipher. */ public static AESEngine createCipher(final SecretKey secretKey, final boolean forEncryption) { AESEngine cipher = new AESEngine(); CipherParameters cipherParams = new KeyParameter(secretKey.getEncoded()); cipher.init(forEncryption, cipherParams); return cipher; }
new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(false, ivAndKey); return cipherData(aes, cipher); new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(true, ivAndKey); return cipherData(aes, plain);
public void init( String pwStr, int keySize, byte[] salt, byte[] pwVerification ) throws ZipException { byte[] pwBytes = pwStr.getBytes(); super.saltBytes = salt; PBEParametersGenerator generator = new PKCS5S2ParametersGenerator(); generator.init( pwBytes, salt, ITERATION_COUNT ); cipherParameters = generator.generateDerivedParameters(KEY_SIZE_BIT*2 + 16); byte[] keyBytes = ((KeyParameter)cipherParameters).getKey(); this.cryptoKeyBytes = new byte[ KEY_SIZE_BYTE ]; System.arraycopy( keyBytes, 0, cryptoKeyBytes, 0, KEY_SIZE_BYTE ); this.authenticationCodeBytes = new byte[ KEY_SIZE_BYTE ]; System.arraycopy( keyBytes, KEY_SIZE_BYTE, authenticationCodeBytes, 0, KEY_SIZE_BYTE ); // based on SALT + PASSWORD (password is probably correct) this.pwVerificationBytes = new byte[ 2 ]; System.arraycopy( keyBytes, KEY_SIZE_BYTE*2, this.pwVerificationBytes, 0, 2 ); if( !ByteArrayHelper.isEqual( this.pwVerificationBytes, pwVerification ) ) { throw new ZipException("wrong password - " + ByteArrayHelper.toString(this.pwVerificationBytes) + "/ " + ByteArrayHelper.toString(pwVerification)); } // create the first 16 bytes of the key sequence again (using pw+salt) generator.init( pwBytes, salt, ITERATION_COUNT ); cipherParameters = generator.generateDerivedParameters(KEY_SIZE_BIT); // checksum added to the end of the encrypted data, update on each encryption call this.mac = new HMac( new SHA1Digest() ); mac.init( new KeyParameter(authenticationCodeBytes) ); this.aesCipher = new SICBlockCipher(new AESEngine()); this.blockSize = aesCipher.getBlockSize(); // incremented on each 16 byte block and used as encryption NONCE (ivBytes) nonce = 1; }
public AESWrapPadEngine() { super(new AESEngine()); } }