@Override public InputStream newCipherInputStream(InputStream underlyingInputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new TwofishEngine()); cipher.init(false, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherInputStream(underlyingInputStream, cipher); } }
@Override public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher); }
@Override public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new TwofishEngine()); cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher); }
@Override public InputStream newCipherInputStream(InputStream underlyingInputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(false, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherInputStream(underlyingInputStream, cipher); } }
CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(false, ivAndKey); return cipherData(aes, cipher); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(true, ivAndKey); return cipherData(aes, plain);
private static String encrypt(byte[] key, String plainText) throws CryptoException { try { PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESEngine())); KeyParameter keyParameter = new KeyParameter(key); cipher.init(true, keyParameter); byte[] plainTextBytes = plainText.getBytes(); byte[] cipherTextBytes = new byte[cipher.getOutputSize(plainTextBytes.length)]; int outputLength = cipher.processBytes(plainTextBytes, 0, plainTextBytes.length, cipherTextBytes, 0); cipher.doFinal(cipherTextBytes, outputLength); return ENCODER.encodeToString(cipherTextBytes).trim(); } catch (Exception e) { throw new CryptoException(e); } }
public static byte[] hmacSha512(byte[] key, byte[] input) { HMac hMac = new HMac(new SHA512Digest()); hMac.init(new KeyParameter(key)); hMac.update(input, 0, input.length); byte[] out = new byte[64]; hMac.doFinal(out, 0); return out; }
private static String decrypt(byte[] key, String cipherText) throws CryptoException { try { PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESEngine())); cipher.init(false, new KeyParameter(key)); byte[] cipherTextBytes = DECODER.decode(cipherText); byte[] plainTextBytes = new byte[cipher.getOutputSize(cipherTextBytes.length)]; int outputLength = cipher.processBytes(cipherTextBytes, 0, cipherTextBytes.length, plainTextBytes, 0); cipher.doFinal(plainTextBytes, outputLength); int paddingStarts = plainTextBytes.length - 1; for (; paddingStarts >= 0; paddingStarts--) { if (plainTextBytes[paddingStarts] != 0) { break; } } return new String(plainTextBytes, 0, paddingStarts + 1); } catch (Exception e) { throw new CryptoException(e); } }
@Test public void testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException { // Encrypt (not interesting in this example) byte[] randomKey = createRandomArray(16); byte[] randomIv = createRandomArray(16); byte[] originalPlaintext = createRandomArray(4080); // <<<< 4080 bytes fails, 4079 bytes works! byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv); // Decrypt with BouncyCastle implementation of CipherInputStream AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv)); try { readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(originalCiphertext), cipher)); // ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^ // // In this example, the BouncyCastle implementation of the CipherInputStream throws an ArrayIndexOutOfBoundsException. // The only difference to the example above is that the plaintext is now 4080 bytes long! For 4079 bytes plaintexts, // everything works just fine. System.out.println("Test E: org.bouncycastle.crypto.io.CipherInputStream: OK, throws no exception"); } catch (IOException e) { fail("Test E: org.bouncycastle.crypto.io.CipherInputStream: NOT OK throws: "+e.getMessage()); } }
cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
/** * Creates a new AES cipher. * * @param secretKey The AES key. Must not be {@code null}. * @param forEncryption If {@code true} creates an AES encryption * cipher, else creates an AES decryption * cipher. * * @return The AES cipher. */ public static AESEngine createCipher(final SecretKey secretKey, final boolean forEncryption) { AESEngine cipher = new AESEngine(); CipherParameters cipherParams = new KeyParameter(secretKey.getEncoded()); cipher.init(forEncryption, cipherParams); return cipher; }
/** * Creates a new AES/GCM/NoPadding cipher. * * @param secretKey The AES key. Must not be {@code null}. * @param forEncryption If {@code true} creates an encryption cipher, * else creates a decryption cipher. * @param iv The initialisation vector (IV). Must not be * {@code null}. * @param authData The authenticated data. Must not be * {@code null}. * * @return The AES/GCM/NoPadding cipher. */ private static GCMBlockCipher createAESGCMCipher(final SecretKey secretKey, final boolean forEncryption, final byte[] iv, final byte[] authData) { // Initialise AES cipher BlockCipher cipher = AES.createCipher(secretKey, forEncryption); // Create GCM cipher with AES GCMBlockCipher gcm = new GCMBlockCipher(cipher); AEADParameters aeadParams = new AEADParameters(new KeyParameter(secretKey.getEncoded()), AUTH_TAG_BIT_LENGTH, iv, authData); gcm.init(forEncryption, aeadParams); return gcm; }
KeyParameter keyParam = new KeyParameter(key); CipherParameters params = new ParametersWithIV(keyParam, ivData);
protected KeyParameter generateRecordMACKey(StreamCipher cipher) { byte[] firstBlock = new byte[64]; cipher.processBytes(firstBlock, 0, firstBlock.length, firstBlock, 0); KeyParameter macKey = new KeyParameter(firstBlock, 0, 32); Arrays.fill(firstBlock, (byte)0); return macKey; }
private void E(byte[] key, byte[] s, int sOff, byte[] in, int inOff) { cipher.init(true, new KeyParameter(key)); cipher.processBlock(in, inOff, s, sOff); }
/** * Creates a new instance of AESCipher */ public AESCipherCBCnoPad(boolean forEncryption, byte[] key) { BlockCipher aes = new AESFastEngine(); cbc = new CBCBlockCipher(aes); KeyParameter kp = new KeyParameter(key); cbc.init(forEncryption, kp); }
protected KeyParameter generateKey(BigInteger n, BigInteger r, int keyLen) { byte[] R = BigIntegers.asUnsignedByteArray((n.bitLength() + 7) / 8, r); // Initialise the KDF kdf.init(new KDFParameters(R, null)); // Generate the secret key byte[] K = new byte[keyLen]; kdf.generateBytes(K, 0, K.length); return new KeyParameter(K); } }
/** {@inheritDoc} */ @Override public void signSymm(SecurityPolicy policy, byte[] key, byte[] input, int inputOffset, int verifyLen, byte[] output, int outputOffset) throws ServiceResultException { HMac hmac = createMac(policy.getSymmetricSignatureAlgorithm(), new KeyParameter(key)); hmac.update(input, inputOffset, verifyLen); hmac.doFinal(output, outputOffset); }
private BufferedBlockCipher getCipher(boolean forEncryption) { BufferedBlockCipher cipher = new PaddedBufferedBlockCipher( new CBCBlockCipher(new AESEngine()), new PKCS7Padding()); cipher.init(forEncryption, new ParametersWithIV(new KeyParameter(this.keyBytes, IV_LENGTH, this.keyBytes.length - IV_LENGTH), this.keyBytes, 0, IV_LENGTH)); return cipher; } }
@Override public byte[] hmacSha384(byte[] m, byte[] key) { validateHmacSha384(m, key); Digest digest = new SHA384Digest(); HMac hmac = new HMac(digest); hmac.init(new KeyParameter(key)); byte[] out = new byte[hmac.getMacSize()]; hmac.update(m, 0, m.length); hmac.doFinal(out, 0); return out; }