/** * initialise a Twofish cipher. * * @param encrypting whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean encrypting, CipherParameters params) { if (params instanceof KeyParameter) { this.encrypting = encrypting; this.workingKey = ((KeyParameter)params).getKey(); this.k64Cnt = (this.workingKey.length / 8); // pre-padded ? setKey(this.workingKey); return; } throw new IllegalArgumentException("invalid parameter passed to Twofish init - " + params.getClass().getName()); }
protected KeyParameter extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey) throws CMSException { Wrapper keyEncryptionCipher = EnvelopedDataHelper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm()); keyEncryptionCipher.init(false, new ParametersWithIV(new KeyParameter(derivedKey), ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets())); try { return new KeyParameter(keyEncryptionCipher.unwrap(encryptedContentEncryptionKey, 0, encryptedContentEncryptionKey.length)); } catch (InvalidCipherTextException e) { throw new CMSException("unable to unwrap key: " + e.getMessage(), e); } }
/** * Generate a key with initialisation vector parameter derived from * the password, salt, and iteration count we are currently initialised * with. * * @param keySize the size of the key we want (in bits) * @param ivSize the size of the iv we want (in bits) * @return a ParametersWithIV object. * @exception IllegalArgumentException if keySize + ivSize is larger than the base hash size. */ public CipherParameters generateDerivedParameters( int keySize, int ivSize) { keySize = keySize / 8; ivSize = ivSize / 8; if ((keySize + ivSize) > digest.getDigestSize()) { throw new IllegalArgumentException( "Can't generate a derived key " + (keySize + ivSize) + " bytes long."); } byte[] dKey = generateDerivedKey(); return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize); }
static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key) { int length = key.getKey().length * 8; ASN1ObjectIdentifier wrapOid; if (length == 128) { wrapOid = NTTObjectIdentifiers.id_camellia128_wrap; } else if (length == 192) { wrapOid = NTTObjectIdentifiers.id_camellia192_wrap; } else if (length == 256) { wrapOid = NTTObjectIdentifiers.id_camellia256_wrap; } else { throw new IllegalArgumentException( "illegal keysize in Camellia"); } return new AlgorithmIdentifier(wrapOid); // parameters must be // absent }
static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key) { int length = key.getKey().length * 8; ASN1ObjectIdentifier wrapOid; if (length == 128) { wrapOid = NISTObjectIdentifiers.id_aes128_wrap; } else if (length == 192) { wrapOid = NISTObjectIdentifiers.id_aes192_wrap; } else if (length == 256) { wrapOid = NISTObjectIdentifiers.id_aes256_wrap; } else { throw new IllegalArgumentException("illegal keysize in AES"); } return new AlgorithmIdentifier(wrapOid); // parameters absent }
static CipherParameters createCipherParameters(ASN1ObjectIdentifier algorithm, ExtendedDigest digest, int blockSize, PKCS12PBEParams pbeParams, char[] password) { PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest); pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue()); CipherParameters params; if (PKCS12PBEUtils.hasNoIv(algorithm)) { params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm)); } else { params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm), blockSize * 8); if (PKCS12PBEUtils.isDesAlg(algorithm)) { DESedeParameters.setOddParity(((KeyParameter)((ParametersWithIV)params).getParameters()).getKey()); } } return params; }
/** * initialise an ISAAC cipher. * * @param forEncryption whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean forEncryption, CipherParameters params) { if (!(params instanceof KeyParameter)) { throw new IllegalArgumentException("invalid parameter passed to ISAAC init - " + params.getClass().getName()); } /* * ISAAC encryption and decryption is completely * symmetrical, so the 'forEncryption' is * irrelevant. */ KeyParameter p = (KeyParameter)params; setKey(p.getKey()); return; }
/** * initialise a RC4 cipher. * * @param forEncryption whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean forEncryption, CipherParameters params ) { if (params instanceof KeyParameter) { /* * RC4 encryption and decryption is completely * symmetrical, so the 'forEncryption' is * irrelevant. */ workingKey = ((KeyParameter)params).getKey(); setKey(workingKey); return; } throw new IllegalArgumentException("invalid parameter passed to RC4 init - " + params.getClass().getName()); }
/** * initialise a CAST cipher. * * @param encrypting whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean encrypting, CipherParameters params) { if (params instanceof KeyParameter) { _encrypting = encrypting; _workingKey = ((KeyParameter)params).getKey(); setKey(_workingKey); return; } throw new IllegalArgumentException("Invalid parameter passed to "+getAlgorithmName()+" init - " + params.getClass().getName()); }
/** * initialise * * @param forEncryption whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean forEncryption, CipherParameters params) { if (!(params instanceof KeyParameter)) { throw new IllegalArgumentException("invalid parameter passed to TEA init - " + params.getClass().getName()); } _forEncryption = forEncryption; _initialised = true; KeyParameter p = (KeyParameter)params; setKey(p.getKey()); }
/** * initialise a RC2 cipher. * * @param encrypting whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean encrypting, CipherParameters params) { this.encrypting = encrypting; if (params instanceof RC2Parameters) { RC2Parameters param = (RC2Parameters)params; workingKey = generateWorkingKey(param.getKey(), param.getEffectiveKeyBits()); } else if (params instanceof KeyParameter) { byte[] key = ((KeyParameter)params).getKey(); workingKey = generateWorkingKey(key, key.length * 8); } else { throw new IllegalArgumentException("invalid parameter passed to RC2 init - " + params.getClass().getName()); } }
/** * initialise a DES cipher. * * @param encrypting whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean encrypting, CipherParameters params) { if (params instanceof KeyParameter) { if (((KeyParameter)params).getKey().length > 8) { throw new IllegalArgumentException("DES key too long - should be 8 bytes"); } workingKey = generateWorkingKey(encrypting, ((KeyParameter)params).getKey()); return; } throw new IllegalArgumentException("invalid parameter passed to DES init - " + params.getClass().getName()); }
/** * Encrypt a plaintext using the given key and nonce. * * @param nonce a 24-byte nonce (cf. {@link #nonce(ByteString)}, {@link #nonce()}) * @param plaintext an arbitrary message * @return the ciphertext */ public ByteString seal(@Nonnull ByteString nonce, @Nonnull ByteString plaintext) { // initialize XSalsa20 final XSalsa20Engine xsalsa20 = new XSalsa20Engine(); xsalsa20.init(true, new ParametersWithIV(new KeyParameter(key), nonce.toByteArray())); // generate Poly1305 subkey final byte[] sk = new byte[32]; xsalsa20.processBytes(sk, 0, 32, sk, 0); // encrypt plaintext final byte[] out = new byte[plaintext.size() + 16]; xsalsa20.processBytes(plaintext.toByteArray(), 0, plaintext.size(), out, 16); // hash ciphertext and prepend mac to ciphertext final Poly1305 poly1305 = new Poly1305(); poly1305.init(new KeyParameter(sk)); poly1305.update(out, 16, plaintext.size()); poly1305.doFinal(out, 0); return ByteString.of(out); }
/** * initialise * * @param forEncryption whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception IllegalArgumentException if the params argument is * inappropriate. */ public void init( boolean forEncryption, CipherParameters params) { if (!(params instanceof KeyParameter)) { throw new IllegalArgumentException("invalid parameter passed to Noekeon init - " + params.getClass().getName()); } _forEncryption = forEncryption; _initialised = true; KeyParameter p = (KeyParameter)params; setKey(p.getKey()); }
public void init( boolean forWrapping, CipherParameters param) { this.forWrapping = forWrapping; if (param instanceof ParametersWithRandom) { param = ((ParametersWithRandom) param).getParameters(); } if (param instanceof KeyParameter) { this.param = (KeyParameter)param; } else if (param instanceof ParametersWithIV) { this.iv = ((ParametersWithIV)param).getIV(); this.param = (KeyParameter)((ParametersWithIV) param).getParameters(); if (this.iv.length != 8) { throw new IllegalArgumentException("IV not equal to 8"); } } }
static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out) { HMac mac = new HMac(digest); KeyParameter param = new KeyParameter(secret); byte[] a = seed; int size = digest.getDigestSize(); int iterations = (out.length + size - 1) / size; byte[] buf = new byte[mac.getMacSize()]; byte[] buf2 = new byte[mac.getMacSize()]; for (int i = 0; i < iterations; i++) { mac.init(param); mac.update(a, 0, a.length); mac.doFinal(buf, 0); a = buf; mac.init(param); mac.update(a, 0, a.length); mac.update(seed, 0, seed.length); mac.doFinal(buf2, 0); System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i))); } }
public static byte[] aesEncrypt(byte[] plaintext, byte[] myPrivateKey, byte[] theirPublicKey, byte[] nonce) { try { byte[] dhSharedSecret = new byte[32]; Curve25519.curve(dhSharedSecret, myPrivateKey, theirPublicKey); for (int i = 0; i < 32; i++) { dhSharedSecret[i] ^= nonce[i]; } byte[] key = sha256().digest(dhSharedSecret); byte[] iv = new byte[16]; secureRandom.get().nextBytes(iv); PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(true, ivAndKey); byte[] output = new byte[aes.getOutputSize(plaintext.length)]; int ciphertextLength = aes.processBytes(plaintext, 0, plaintext.length, output, 0); ciphertextLength += aes.doFinal(output, ciphertextLength); byte[] result = new byte[iv.length + ciphertextLength]; System.arraycopy(iv, 0, result, 0, iv.length); System.arraycopy(output, 0, result, iv.length, ciphertextLength); return result; } catch (InvalidCipherTextException e) { throw new RuntimeException(e.getMessage(), e); } }
public void init(CipherParameters params) throws IllegalArgumentException { if (!(params instanceof KeyParameter)) { throw new IllegalArgumentException("'params' must be an instance of KeyParameter"); } KeyParameter keyParameter = (KeyParameter)params; byte[] key = keyParameter.getKey(); if (key.length != 16) { throw new IllegalArgumentException("'params' must be a 128-bit key"); } this.k0 = Pack.littleEndianToLong(key, 0); this.k1 = Pack.littleEndianToLong(key, 8); reset(); }
/** * Initialises the GMAC - requires a {@link ParametersWithIV} providing a {@link KeyParameter} * and a nonce. */ public void init(final CipherParameters params) throws IllegalArgumentException { if (params instanceof ParametersWithIV) { final ParametersWithIV param = (ParametersWithIV)params; final byte[] iv = param.getIV(); final KeyParameter keyParam = (KeyParameter)param.getParameters(); // GCM is always operated in encrypt mode to calculate MAC cipher.init(true, new AEADParameters(keyParam, macSizeBits, iv)); } else { throw new IllegalArgumentException("GMAC requires ParametersWithIV"); } }
private void CTR_DRBG_Update(byte[] seed, byte[] key, byte[] v) { byte[] temp = new byte[seed.length]; byte[] outputBlock = new byte[_engine.getBlockSize()]; int i=0; int outLen = _engine.getBlockSize(); _engine.init(true, new KeyParameter(expandKey(key))); while (i*outLen < seed.length) { addOneTo(v); _engine.processBlock(v, 0, outputBlock, 0); int bytesToCopy = ((temp.length - i * outLen) > outLen) ? outLen : (temp.length - i * outLen); System.arraycopy(outputBlock, 0, temp, i * outLen, bytesToCopy); ++i; } XOR(temp, seed, temp, 0); System.arraycopy(temp, 0, key, 0, key.length); System.arraycopy(temp, key.length, v, 0, v.length); }
private void BCC(byte[] bccOut, byte[] k, byte[] iV, byte[] data) { int outlen = _engine.getBlockSize(); byte[] chainingValue = new byte[outlen]; // initial values = 0 int n = data.length / outlen; byte[] inputBlock = new byte[outlen]; _engine.init(true, new KeyParameter(expandKey(k))); _engine.processBlock(iV, 0, chainingValue, 0); for (int i = 0; i < n; i++) { XOR(inputBlock, chainingValue, data, i*outlen); _engine.processBlock(inputBlock, 0, chainingValue, 0); } System.arraycopy(chainingValue, 0, bccOut, 0, bccOut.length); }
private void hmac_DRBG_Update_Func(byte[] seedMaterial, byte vValue) { _hMac.init(new KeyParameter(_K)); _hMac.update(_V, 0, _V.length); _hMac.update(vValue); if (seedMaterial != null) { _hMac.update(seedMaterial, 0, seedMaterial.length); } _hMac.doFinal(_K, 0); _hMac.init(new KeyParameter(_K)); _hMac.update(_V, 0, _V.length); _hMac.doFinal(_V, 0); }
public void init(DerivationParameters param) { if (!(param instanceof HKDFParameters)) { throw new IllegalArgumentException( "HKDF parameters required for HKDFBytesGenerator"); } HKDFParameters params = (HKDFParameters)param; if (params.skipExtract()) { // use IKM directly as PRK hMacHash.init(new KeyParameter(params.getIKM())); } else { hMacHash.init(extract(params.getSalt(), params.getIKM())); } info = params.getInfo(); generatedBytes = 0; currentT = new byte[hashLen]; }
/** * Generate a key parameter derived from the password, salt, and iteration * count we are currently initialised with. * * @param keySize the size of the key we want (in bits) * @return a KeyParameter object. * @exception IllegalArgumentException if the key length larger than the base hash size. */ public CipherParameters generateDerivedParameters( int keySize) { keySize = keySize / 8; if (keySize > digest.getDigestSize()) { throw new IllegalArgumentException( "Can't generate a derived key " + keySize + " bytes long."); } byte[] dKey = generateDerivedKey(); return new KeyParameter(dKey, 0, keySize); }
protected RecipientOperator getRecipientOperator(Recipient recipient) throws CMSException, IOException { PasswordRecipient pbeRecipient = (PasswordRecipient)recipient; AlgorithmIdentifier kekAlg = AlgorithmIdentifier.getInstance(info.getKeyEncryptionAlgorithm()); AlgorithmIdentifier kekAlgParams = AlgorithmIdentifier.getInstance(kekAlg.getParameters()); byte[] passwordBytes = getPasswordBytes(pbeRecipient.getPasswordConversionScheme(), pbeRecipient.getPassword()); PBKDF2Params params = PBKDF2Params.getInstance(info.getKeyDerivationAlgorithm().getParameters()); PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(); gen.init(passwordBytes, params.getSalt(), params.getIterationCount().intValue()); int keySize = ((Integer)KEYSIZES.get(kekAlgParams.getAlgorithm())).intValue(); byte[] derivedKey = ((KeyParameter)gen.generateDerivedParameters(keySize)).getKey(); return pbeRecipient.getRecipientOperator(kekAlgParams, messageAlgorithm, derivedKey, info.getEncryptedKey().getOctets()); }
/** * AES [FIPS 197] SHALL be used in CMAC-mode [SP 800-38B] with a MAC length of 8 bytes. * * @param data the data to MAC * @param key the key to use * @return the 8 byte MAC of the data */ public static byte[] performCBC8(byte[] data, byte[] key) { // mac size in bits (64 bits = 8 bytes) final Mac cbc8 = new CMac(new AESEngine(), 64); CipherParameters params = new KeyParameter(key); cbc8.init(params); byte[] result = new byte[8]; cbc8.update(data, 0, data.length); cbc8.doFinal(result, 0); return result; }
@Override protected void _init(boolean isEncrypt, byte[] iv) { String keyStr = new String(key.getEncoded()); ParametersWithIV params = new ParametersWithIV( new KeyParameter(KeyHelper.generateKeyDigest(keyLength, keyStr)), iv ); cipher.init(isEncrypt, params); }
public void setDecParameters(byte[] Encrypted, int alg, String pwd, int KeySize, String mode) throws InvalidKeySpecException, NoSuchAlgorithmException { switch (alg) { case 7: case 8: case 1: this.ivData = new byte[KeySize/8]; System.arraycopy(Encrypted, 0, this.ivData, 0, blockSize/8); break; default: this.ivData = new byte[128/8]; System.arraycopy(Encrypted, 0, this.ivData, 0, 128/8); break; } byte[] salt = new byte[16]; System.arraycopy(Encrypted, Encrypted.length - 16 , salt, 0, 16); switch (mode) { case "Q": factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); break; default: factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512"); break; } spec = new PBEKeySpec (pwd.toCharArray(), salt, 65536, KeySize); tmp = factory.generateSecret(spec); keyParam = new KeyParameter(tmp.getEncoded()); }
public byte[] generateEncryptedBytes(AlgorithmIdentifier keyEncryptionAlgorithm, byte[] derivedKey, GenericKey contentEncryptionKey) throws CMSException { byte[] contentEncryptionKeySpec = ((KeyParameter)CMSUtils.getBcKey(contentEncryptionKey)).getKey(); Wrapper keyEncryptionCipher = EnvelopedDataHelper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm()); keyEncryptionCipher.init(true, new ParametersWithIV(new KeyParameter(derivedKey), ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets())); return keyEncryptionCipher.wrap(contentEncryptionKeySpec, 0, contentEncryptionKeySpec.length); }
public void init( CipherParameters params) { digest.reset(); byte[] key = ((KeyParameter)params).getKey(); if (key.length > blockLength) { digest.update(key, 0, key.length); digest.doFinal(inputPad, 0); for (int i = digestSize; i < inputPad.length; i++) { inputPad[i] = 0; } } else { System.arraycopy(key, 0, inputPad, 0, key.length); for (int i = key.length; i < inputPad.length; i++) { inputPad[i] = 0; } } outputPad = new byte[inputPad.length]; System.arraycopy(inputPad, 0, outputPad, 0, inputPad.length); for (int i = 0; i < inputPad.length; i++) { inputPad[i] ^= IPAD; } for (int i = 0; i < outputPad.length; i++) { outputPad[i] ^= OPAD; } digest.update(inputPad, 0, inputPad.length); }
/** * Generate a key parameter derived from the password, salt, and iteration * count we are currently initialised with. * * @param keySize the size of the key we want (in bits) * @return a KeyParameter object. */ public CipherParameters generateDerivedParameters( int keySize) { keySize = keySize / 8; byte[] dKey = generateDerivedKey(KEY_MATERIAL, keySize); return new KeyParameter(dKey, 0, keySize); }
/** * Generate a key parameter for use with a MAC derived from the password, * salt, and iteration count we are currently initialised with. * * @param keySize the size of the key we want (in bits) * @return a KeyParameter object. */ public CipherParameters generateDerivedMacParameters( int keySize) { keySize = keySize / 8; byte[] dKey = generateDerivedKey(MAC_MATERIAL, keySize); return new KeyParameter(dKey, 0, keySize); }
public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey) throws CMSException { KeyParameter secretKey = (KeyParameter)extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey); final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm); return new RecipientOperator(new InputDecryptor() { public AlgorithmIdentifier getAlgorithmIdentifier() { return contentEncryptionAlgorithm; } public InputStream getInputStream(InputStream dataOut) { if (dataCipher instanceof BufferedBlockCipher) { return new org.bouncycastle.crypto.io.CipherInputStream(dataOut, (BufferedBlockCipher)dataCipher); } else { return new org.bouncycastle.crypto.io.CipherInputStream(dataOut, (StreamCipher)dataCipher); } } }); }
/** * Generate a key parameter derived from the password, salt, and iteration * count we are currently initialised with. * * @param keySize the size of the key we want (in bits) * @return a KeyParameter object. * @exception IllegalArgumentException if the key length larger than the base hash size. */ public CipherParameters generateDerivedParameters( int keySize) { keySize = keySize / 8; byte[] dKey = generateDerivedKey(keySize); return new KeyParameter(dKey, 0, keySize); }
public static byte[] aesDecrypt(byte[] ivCiphertext, byte[] myPrivateKey, byte[] theirPublicKey, byte[] nonce) { try { if (ivCiphertext.length < 16 || ivCiphertext.length % 16 != 0) { throw new InvalidCipherTextException("invalid ciphertext"); } byte[] iv = Arrays.copyOfRange(ivCiphertext, 0, 16); byte[] ciphertext = Arrays.copyOfRange(ivCiphertext, 16, ivCiphertext.length); byte[] dhSharedSecret = new byte[32]; Curve25519.curve(dhSharedSecret, myPrivateKey, theirPublicKey); for (int i = 0; i < 32; i++) { dhSharedSecret[i] ^= nonce[i]; } byte[] key = sha256().digest(dhSharedSecret); PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(false, ivAndKey); byte[] output = new byte[aes.getOutputSize(ciphertext.length)]; int plaintextLength = aes.processBytes(ciphertext, 0, ciphertext.length, output, 0); plaintextLength += aes.doFinal(output, plaintextLength); byte[] result = new byte[plaintextLength]; System.arraycopy(output, 0, result, 0, result.length); return result; } catch (InvalidCipherTextException e) { throw new RuntimeException(e.getMessage(), e); } }
/** * Generate a key parameter derived from the password, salt, and iteration * count we are currently initialised with. * * @param keySize the size of the key we want (in bits) * @return a KeyParameter object. */ public CipherParameters generateDerivedParameters( int keySize) { keySize = keySize / 8; byte[] dKey = generateDerivedKey(keySize); return new KeyParameter(dKey, 0, keySize); }
