@Override public String decrypt(byte[] encrypted) { // Cipher cipher = null; String plain; try { // Security.addProvider(new BouncyCastlePQCProvider()); // cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", new BouncyCastlePQCProvider()); // cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(encryptionKey, "AES"), new IvParameterSpec(iv)); // plain = new String(cipher.doFinal(encrypted), "UTF-8"); KeyParameter keyParam = new KeyParameter(encryptionKey); CipherParameters params = new ParametersWithIV(keyParam, iv); BlockCipherPadding padding = new PKCS7Padding(); BufferedBlockCipher cipher = new PaddedBufferedBlockCipher( new CBCBlockCipher(new AESEngine()), padding); cipher.reset(); cipher.init(false, params); byte[] buffer = new byte[cipher.getOutputSize(encrypted.length)]; int len = cipher.processBytes(encrypted, 0, encrypted.length, buffer, 0); len += cipher.doFinal(buffer, len); byte[] out = Arrays.copyOfRange(buffer, 0, len); plain = new String(out, "UTF-8"); } catch (Exception e) { throw new RuntimeException("decrypt error in SimpleAesManaged", e); } return plain; }
private static byte[] scp03_kdf(byte[] key, byte constant, byte[] context, int blocklen_bits) { // 11 bytes byte[] label = new byte[]{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; ByteArrayOutputStream bo = new ByteArrayOutputStream(); try { bo.write(label); // 11 bytes of label bo.write(constant); // constant for the last byte bo.write(0x00); // separator bo.write((blocklen_bits >> 8) & 0xFF); // block size in two bytes bo.write(blocklen_bits & 0xFF); } catch (IOException ioe) { throw new RuntimeException(ioe); } byte[] blocka = bo.toByteArray(); byte[] blockb = context; BlockCipher cipher = new AESEngine(); CMac cmac = new CMac(cipher); KDFCounterBytesGenerator kdf = new KDFCounterBytesGenerator(cmac); kdf.init(new KDFCounterParameters(key, blocka, blockb, 8)); // counter size in bits byte[] cgram = new byte[blocklen_bits / 8]; kdf.generateBytes(cgram, 0, cgram.length); return cgram; }
static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm) throws CMSException { if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm) || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm) || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm)) { return new RFC3211WrapEngine(new AESEngine()); } else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm)) { return new RFC3211WrapEngine(new DESedeEngine()); } else if (OIWObjectIdentifiers.desCBC.equals(algorithm)) { return new RFC3211WrapEngine(new DESEngine()); } else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm)) { return new RFC3211WrapEngine(new RC2Engine()); } else { throw new CMSException("cannot recognise wrapper: " + algorithm); } }
public static byte[] aesEncrypt(byte[] plaintext, byte[] myPrivateKey, byte[] theirPublicKey, byte[] nonce) { try { byte[] dhSharedSecret = new byte[32]; Curve25519.curve(dhSharedSecret, myPrivateKey, theirPublicKey); for (int i = 0; i < 32; i++) { dhSharedSecret[i] ^= nonce[i]; } byte[] key = sha256().digest(dhSharedSecret); byte[] iv = new byte[16]; secureRandom.get().nextBytes(iv); PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(true, ivAndKey); byte[] output = new byte[aes.getOutputSize(plaintext.length)]; int ciphertextLength = aes.processBytes(plaintext, 0, plaintext.length, output, 0); ciphertextLength += aes.doFinal(output, ciphertextLength); byte[] result = new byte[iv.length + ciphertextLength]; System.arraycopy(iv, 0, result, 0, iv.length); System.arraycopy(output, 0, result, iv.length, ciphertextLength); return result; } catch (InvalidCipherTextException e) { throw new RuntimeException(e.getMessage(), e); } }
@Test public void compareModes() { BlockCipher engine = new AESEngine(); int blockSize = engine.getBlockSize(); BlockCipher ref = new SICBlockCipher(engine); // reference implementation BlockCipher uut = new CtrBlockCipher(engine); // unit under test PBEParametersGenerator gen = new PKCS5S2ParametersGenerator(); byte[] salt = new byte[blockSize]; // used as salt and cipher input new SecureRandom().nextBytes(salt); gen.init("top secret".getBytes(), salt, 1); ParametersWithIV param = (ParametersWithIV) gen.generateDerivedParameters( blockSize * 8, blockSize * 8); ref.init(true, param); uut.init(true, param); assertModes(ref, uut); ref.init(false, param); uut.init(false, param); assertModes(ref, uut); }
private static byte[] EncryptAes256(byte[] data, byte[] encryptionKey) { try { KeyParameter keyParam = new KeyParameter(encryptionKey); BlockCipherPadding padding = new PKCS7Padding(); BufferedBlockCipher cipher = new PaddedBufferedBlockCipher( new CBCBlockCipher(new AESEngine()), padding); cipher.reset(); cipher.init(true, keyParam); byte[] buffer = new byte[cipher.getOutputSize(data.length)]; int len = cipher.processBytes(data, 0, data.length, buffer, 0); len += cipher.doFinal(buffer, len); return Arrays.copyOfRange(buffer, 0, len); } catch (Exception e) { throw new RuntimeException("decrypt error in SimpleAesManaged", e); } }
public static byte[] aesEncrypt(byte[] plaintext, byte[] myPrivateKey, byte[] theirPublicKey) { try { byte[] dhSharedSecret = new byte[32]; Curve25519.curve(dhSharedSecret, myPrivateKey, theirPublicKey); byte[] key = sha256().digest(dhSharedSecret); byte[] iv = new byte[16]; secureRandom.get().nextBytes(iv); PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(true, ivAndKey); byte[] output = new byte[aes.getOutputSize(plaintext.length)]; int ciphertextLength = aes.processBytes(plaintext, 0, plaintext.length, output, 0); ciphertextLength += aes.doFinal(output, ciphertextLength); byte[] result = new byte[iv.length + ciphertextLength]; System.arraycopy(iv, 0, result, 0, iv.length); System.arraycopy(output, 0, result, iv.length, ciphertextLength); return result; } catch (InvalidCipherTextException e) { throw new RuntimeException(e.getMessage(), e); } }
public static byte[] aesDecrypt(byte[] ivCiphertext, byte[] myPrivateKey, byte theirPublicKey[]) { try { if (ivCiphertext.length < 16 || ivCiphertext.length % 16 != 0) { throw new InvalidCipherTextException("invalid ciphertext"); } byte[] iv = Arrays.copyOfRange(ivCiphertext, 0, 16); byte[] ciphertext = Arrays.copyOfRange(ivCiphertext, 16, ivCiphertext.length); byte[] dhSharedSecret = new byte[32]; Curve25519.curve(dhSharedSecret, myPrivateKey, theirPublicKey); byte[] key = sha256().digest(dhSharedSecret); PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(false, ivAndKey); byte[] output = new byte[aes.getOutputSize(ciphertext.length)]; int plaintextLength = aes.processBytes(ciphertext, 0, ciphertext.length, output, 0); plaintextLength += aes.doFinal(output, plaintextLength); byte[] result = new byte[plaintextLength]; System.arraycopy(output, 0, result, 0, result.length); return result; } catch (InvalidCipherTextException e) { throw new RuntimeException(e.getMessage(), e); } }
private static void initBlockCipherEngines() { blockCipherEngines.put("MARS", MarsEngine.class); blockCipherEngines.put("AES", AESEngine.class); blockCipherEngines.put("Blowfish", BlowfishEngine.class); blockCipherEngines.put("Camellia", CamelliaEngine.class); blockCipherEngines.put("CAST5", CAST5Engine.class); blockCipherEngines.put("CAST6", CAST6Engine.class); blockCipherEngines.put("DESede", DESedeEngine.class); blockCipherEngines.put("DES", DESEngine.class); blockCipherEngines.put("GOST28147", GOST28147Engine.class); blockCipherEngines.put("IDEA", IDEAEngine.class); blockCipherEngines.put("Noekeon", NoekeonEngine.class); blockCipherEngines.put("RC2", RC2Engine.class); blockCipherEngines.put("RC5", RC532Engine.class); blockCipherEngines.put("RC6", RC6Engine.class); blockCipherEngines.put("SEED", SEEDEngine.class); blockCipherEngines.put("Serpent", SerpentEngine.class); blockCipherEngines.put("Shacal2", Shacal2Engine.class); blockCipherEngines.put("Skipjack", SkipjackEngine.class); blockCipherEngines.put("SM4", SM4Engine.class); blockCipherEngines.put("TEA", TEAEngine.class); blockCipherEngines.put("Twofish", TwofishEngine.class); blockCipherEngines.put("XTEA", XTEAEngine.class); blockCipherEngines.put("Threefish", ThreefishEngine.class); }
public void InitCiphers() { // create the ciphers // AES block cipher in CBC mode with padding encryptCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); decryptCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); // create the IV parameter ParametersWithIV parameterIV = new ParametersWithIV(new KeyParameter( key), IV); encryptCipher.init(true, parameterIV); decryptCipher.init(false, parameterIV); }
/** * A password-based data decryption using a constant salt value "<b>constantSalt</b>" * @param cipher * @param password * @param salt * @param iterationCount * @return * @throws Exception */ public static byte[] decrypt(byte[] cipher, String password) throws Exception { PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(new SHA256Digest()); char[] passwordChars = password.toCharArray(); final byte[] pkcs12PasswordBytes = PBEParametersGenerator.PKCS12PasswordToBytes(passwordChars); pGen.init(pkcs12PasswordBytes, constantSalt.getBytes(), iterations); CBCBlockCipher aesCBC = new CBCBlockCipher(new AESEngine()); ParametersWithIV aesCBCParams = (ParametersWithIV) pGen.generateDerivedParameters(256, 128); aesCBC.init(false, aesCBCParams); PaddedBufferedBlockCipher aesCipher = new PaddedBufferedBlockCipher(aesCBC, new PKCS7Padding()); byte[] plainTemp = new byte[aesCipher.getOutputSize(cipher.length)]; int offset = aesCipher.processBytes(cipher, 0, cipher.length, plainTemp, 0); int last = aesCipher.doFinal(plainTemp, offset); final byte[] plain = new byte[offset + last]; System.arraycopy(plainTemp, 0, plain, 0, plain.length); return plain; }
private static final byte[] encrypt(byte[] key, byte[] data) throws Exception { PaddedBufferedBlockCipher c = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine())); CipherParameters p = new KeyParameter(key); try { SecretByteArrayOutputStream ba = new SecretByteArrayOutputStream(); try { XCipherOutputStream out = new XCipherOutputStream(c, p, ba); out.write(data); out.close(); byte[] b = ba.toByteArray(); return b; } finally { CKit.close(ba); } } finally { Crypto.zero(p); } }
public EAXEncryptStream(byte[] key, byte[] nonce, byte[] associatedData, OutputStream os) { if(key.length != KEY_LENGTH_BYTES) { throw new IllegalArgumentException("key must be " + KEY_LENGTH_BYTES*8 + " bits"); } this.cipher = new EAXBlockCipher(new AESEngine()); this.os = os; keyParameter = new KeyParameter(key); AEADParameters par = new AEADParameters(keyParameter, EAXDecryptStream.MAC_LEN_BITS, nonce, associatedData); cipher.init(true, par); out = new byte[BUFFER_SIZE]; }
public EAXDecryptStream(byte[] key, byte[] nonce, byte[] associatedData, InputStream in) { if(key.length != KEY_LENGTH_BYTES) { throw new IllegalArgumentException("key must be " + KEY_LENGTH_BYTES*8 + " bits"); } this.in = in; this.cipher = new EAXBlockCipher(new AESEngine()); keyParameter = new KeyParameter(key); AEADParameters par = new AEADParameters(keyParameter, MAC_LEN_BITS, nonce, associatedData); cipher.init(false, par); out = new byte[BUFFER_SIZE]; buf = new byte[BUFFER_SIZE]; }
@Override public OutputStream encryptedOutputStream(final Path path, final String password) throws IOException, EncryptionFailedException { try { final byte[] salt = generateSalt(); final byte[] key = generateKey(password, salt); final byte[] iv = generateIV(); final byte[] fileInitBlock = generateOutputInitBlock(salt, iv); final PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher( new CBCBlockCipher(new AESEngine()), new PKCS7Padding()); final KeyParameter keyParam = new KeyParameter(key); final CipherParameters params = new ParametersWithIV(keyParam, iv); cipher.init(true, params); final BufferedOutputStream out = new BufferedOutputStream(Files.newOutputStream(path)); out.write(fileInitBlock); return new CipherOutputStream(out, cipher); } catch (InvalidKeySpecException | NoSuchAlgorithmException e) { throw new EncryptionFailedException(e); } }
@Override public InputStream decryptedInputStream(final Path path, final String password) throws IOException, DecryptionFailedException { try { InputStream in = new BufferedInputStream(Files.newInputStream(path)); byte[] initBlock = readInitBlock(in); byte[] salt = extractSalt(initBlock); byte[] iv = extractIV(initBlock); byte[] key = generateKey(password, salt); PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), new PKCS7Padding()); KeyParameter keyParam = new KeyParameter(key); CipherParameters params = new ParametersWithIV(keyParam, iv); cipher.init(false, params); return new CipherInputStream(in, cipher); } catch (InvalidKeySpecException | NoSuchAlgorithmException e) { throw new DecryptionFailedException(e); } }
/** * Returns the decrypted private key * * @param keyPhrase Key phrase used to derive the encryption key * @return Private key * @throws ECException Unable to complete a cryptographic function */ public BigInteger getPrivKey(String keyPhrase) throws ECException { KeyParameter aesKey = deriveKey(keyPhrase, salt); // // Decrypt the private key using the generated AES key // BigInteger privKey; try { ParametersWithIV keyWithIV = new ParametersWithIV(aesKey, iv); CBCBlockCipher blockCipher = new CBCBlockCipher(new AESEngine()); BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blockCipher); cipher.init(false, keyWithIV); int bufferLength = cipher.getOutputSize(encKeyBytes.length); byte[] outputBytes = new byte[bufferLength]; int length1 = cipher.processBytes(encKeyBytes, 0, encKeyBytes.length, outputBytes, 0); int length2 = cipher.doFinal(outputBytes, length1); int actualLength = length1 + length2; byte[] privKeyBytes = new byte[actualLength]; System.arraycopy(outputBytes, 0, privKeyBytes, 0, actualLength); privKey = new BigInteger(privKeyBytes); } catch (Exception exc) { throw new ECException("Unable to decrypt the private key", exc); } return privKey; }
private byte[] process(byte[] data, boolean encryption) throws DataLengthException { BlockCipher cipher = new AESEngine(); BlockCipherPadding padding = new ZeroBytePadding(); BufferedBlockCipher bufferedCipher = new PaddedBufferedBlockCipher(cipher, padding); bufferedCipher.init(encryption, key); byte[] output = new byte[bufferedCipher.getOutputSize(data.length)]; int bytesProcessed = bufferedCipher.processBytes(data, 0, data.length, output, 0); try { bufferedCipher.doFinal(output, bytesProcessed); return output; } catch (IllegalStateException | InvalidCipherTextException e) { e.printStackTrace(); } return null; }
private static byte[] processAESCipher(boolean encrypt, byte[] data, SecretKey key, byte[] initVector) throws DataLengthException, IllegalStateException, InvalidCipherTextException { // seat up engine, block cipher mode and padding AESEngine aesEngine = new AESEngine(); CBCBlockCipher cbc = new CBCBlockCipher(aesEngine); PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(cbc); // apply parameters CipherParameters parameters = new ParametersWithIV(new KeyParameter(key.getEncoded()), initVector); cipher.init(encrypt, parameters); // process ciphering byte[] output = new byte[cipher.getOutputSize(data.length)]; int bytesProcessed1 = cipher.processBytes(data, 0, data.length, output, 0); int bytesProcessed2 = cipher.doFinal(output, bytesProcessed1); byte[] result = new byte[bytesProcessed1 + bytesProcessed2]; System.arraycopy(output, 0, result, 0, result.length); return result; }
private static byte[] crypt(final boolean encrypt, final byte[] bytes, final String password, final byte[] salt) throws InvalidCipherTextException { final PBEParametersGenerator keyGenerator = new PKCS12ParametersGenerator(new SHA256Digest()); keyGenerator.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password.toCharArray()), salt, 20); final CipherParameters keyParams = keyGenerator.generateDerivedParameters(256, 128); final BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), new PKCS7Padding()); cipher.init(encrypt, keyParams); final byte[] processed = new byte[cipher.getOutputSize(bytes.length)]; int outputLength = cipher.processBytes(bytes, 0, bytes.length, processed, 0); outputLength += cipher.doFinal(processed, outputLength); final byte[] results = new byte[outputLength]; System.arraycopy(processed, 0, results, 0, outputLength); return results; }
/** * @return AES(BCrypt(clear_password, 10), SHA256(master_password_key)) */ public byte[] getHashedPassword(String clear_password) throws SecurityException { String tested_password = testIfPasswordIsStrong(clear_password); try { byte[] hashed = (BCrypt.hashpw(tested_password, BCrypt.gensalt(10))).getBytes("UTF-8"); BlockCipherPadding padding = new PKCS7Padding(); BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding); cipher.reset(); cipher.init(true, params); byte[] buf = new byte[cipher.getOutputSize(hashed.length)]; int len = cipher.processBytes(hashed, 0, hashed.length, buf, 0); len += cipher.doFinal(buf, len); byte[] out = new byte[len]; System.arraycopy(buf, 0, out, 0, len); return out; } catch (Exception e) { Loggers.Auth.error("Can't prepare password", e); } return null; }
public boolean checkPassword(String candidate_password, byte[] raw_password) { try { BlockCipherPadding padding = new PKCS7Padding(); BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding); cipher.reset(); cipher.init(false, params); byte[] buf = new byte[cipher.getOutputSize(raw_password.length)]; int len = cipher.processBytes(raw_password, 0, raw_password.length, buf, 0); len += cipher.doFinal(buf, len); return BCrypt.checkpw(candidate_password, new String(buf, 0, len)); } catch (Exception e) { Loggers.Auth.error("Can't extract hashed password", e); } return false; }
public static byte[] AES(boolean encrypt, Object buf, int offset, int size, byte[] key, byte[] iv) throws DataLengthException, IllegalStateException, InvalidCipherTextException { BufferedBlockCipher cipher = new BufferedBlockCipher(new IGEBlockCipher(new AESEngine())); cipher.init(encrypt, new ParametersWithIV(new KeyParameter(key), iv)); byte[] answer = new byte[cipher.getOutputSize(size)]; byte[] buffer = null; if (buf instanceof byte[]) { buffer = (byte[]) buf; } else { buffer = new byte[((ByteBuffer) buf).capacity()]; ((ByteBuffer) buf).rewind(); ((ByteBuffer) buf).get(buffer); } int len = cipher.processBytes(buffer, offset, size, answer, 0); cipher.doFinal(answer, len); return answer; }
/** * AES [FIPS 197] SHALL be used in CMAC-mode [SP 800-38B] with a MAC length of 8 bytes. * * @param data the data to MAC * @param key the key to use * @return the 8 byte MAC of the data */ public static byte[] performCBC8(byte[] data, byte[] key) { // mac size in bits (64 bits = 8 bytes) final Mac cbc8 = new CMac(new AESEngine(), 64); CipherParameters params = new KeyParameter(key); cbc8.init(params); byte[] result = new byte[8]; cbc8.update(data, 0, data.length); cbc8.doFinal(result, 0); return result; }
public IESwithAES() { super(new IESEngine(new DHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(new AESEngine()))); }
public ECIESwithAES() { super(new IESEngine(new ECDHBasicAgreement(), new KDF2BytesGenerator(new SHA1Digest()), new HMac(new SHA1Digest()), new PaddedBufferedBlockCipher(new AESEngine()))); }
public static byte[] aesDecrypt(byte[] ivCiphertext, byte[] myPrivateKey, byte[] theirPublicKey, byte[] nonce) { try { if (ivCiphertext.length < 16 || ivCiphertext.length % 16 != 0) { throw new InvalidCipherTextException("invalid ciphertext"); } byte[] iv = Arrays.copyOfRange(ivCiphertext, 0, 16); byte[] ciphertext = Arrays.copyOfRange(ivCiphertext, 16, ivCiphertext.length); byte[] dhSharedSecret = new byte[32]; Curve25519.curve(dhSharedSecret, myPrivateKey, theirPublicKey); for (int i = 0; i < 32; i++) { dhSharedSecret[i] ^= nonce[i]; } byte[] key = sha256().digest(dhSharedSecret); PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher( new AESEngine())); CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv); aes.init(false, ivAndKey); byte[] output = new byte[aes.getOutputSize(ciphertext.length)]; int plaintextLength = aes.processBytes(ciphertext, 0, ciphertext.length, output, 0); plaintextLength += aes.doFinal(output, plaintextLength); byte[] result = new byte[plaintextLength]; System.arraycopy(output, 0, result, 0, result.length); return result; } catch (InvalidCipherTextException e) { throw new RuntimeException(e.getMessage(), e); } }
private X931TestVector[] createTestVectorData() { return new X931TestVector[] { new X931TestVector( new AESEngine(), new AES128EntropyProvider(), "f7d36762b9915f1ed585eb8e91700eb2", "259e67249288597a4d61e7c0e690afae", false, new String[] { "15f013af5a8e9df9a8e37500edaeac43", "a9d74bb1c90a222adc398546d64879cf", "0379e404042d58180764fb9e6c5d94bb", "3c74603e036d28c79947ffb56fee4e51", "e872101a4df81ebbe1e632fc87195d52", "26a6b3d33b8e7e68b75d9630ec036314" }), new X931TestVector( new DESedeEngine(), new TDESEntropyProvider(), "ef16ec643e5db5892cbc6eabba310b3410e6f8759e3e382c", "55df103deaf68dc4", false, new String[] { "9c960bb9662ce6de", "d9d0e527fd0931da", "3e2db9994e9e6995", "0e3868aef8218cf7", "7b0b0ca137f8fd81", "f657df270ad12265" }) }; }
