Search in sources :

Example 1 with BufferedBlockCipher

use of com.github.zhenwei.core.crypto.BufferedBlockCipher in project LinLong-Java by zhenwei1108.

the class BaseBlockCipher method engineSetMode.

protected void engineSetMode(String mode) throws NoSuchAlgorithmException {
    if (baseEngine == null) {
        throw new NoSuchAlgorithmException("no mode supported for this algorithm");
    }
    modeName = Strings.toUpperCase(mode);
    if (modeName.equals("ECB")) {
        ivLength = 0;
        cipher = new BufferedGenericBlockCipher(baseEngine);
    } else if (modeName.equals("CBC")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new CBCBlockCipher(baseEngine));
    } else if (modeName.startsWith("OFB")) {
        ivLength = baseEngine.getBlockSize();
        if (modeName.length() != 3) {
            int wordSize = Integer.parseInt(modeName.substring(3));
            cipher = new BufferedGenericBlockCipher(new OFBBlockCipher(baseEngine, wordSize));
        } else {
            cipher = new BufferedGenericBlockCipher(new OFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
        }
    } else if (modeName.startsWith("CFB")) {
        ivLength = baseEngine.getBlockSize();
        if (modeName.length() != 3) {
            int wordSize = Integer.parseInt(modeName.substring(3));
            cipher = new BufferedGenericBlockCipher(new CFBBlockCipher(baseEngine, wordSize));
        } else {
            cipher = new BufferedGenericBlockCipher(new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
        }
    } else if (modeName.startsWith("PGPCFB")) {
        boolean inlineIV = modeName.equals("PGPCFBWITHIV");
        if (!inlineIV && modeName.length() != 6) {
            throw new NoSuchAlgorithmException("no mode support for " + modeName);
        }
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new PGPCFBBlockCipher(baseEngine, inlineIV));
    } else if (modeName.equals("OPENPGPCFB")) {
        ivLength = 0;
        cipher = new BufferedGenericBlockCipher(new OpenPGPCFBBlockCipher(baseEngine));
    } else if (modeName.equals("FF1")) {
        ivLength = 0;
        cipher = new BufferedFPEBlockCipher(new FPEFF1Engine(baseEngine));
    } else if (modeName.equals("FF3-1")) {
        ivLength = 0;
        cipher = new BufferedFPEBlockCipher(new FPEFF3_1Engine(baseEngine));
    } else if (modeName.equals("SIC")) {
        ivLength = baseEngine.getBlockSize();
        if (ivLength < 16) {
            throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
        }
        fixedIv = false;
        cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new SICBlockCipher(baseEngine)));
    } else if (modeName.equals("CTR")) {
        ivLength = baseEngine.getBlockSize();
        fixedIv = false;
        if (baseEngine instanceof DSTU7624Engine) {
            cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new KCTRBlockCipher(baseEngine)));
        } else {
            cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new SICBlockCipher(baseEngine)));
        }
    } else if (modeName.equals("GOFB")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new GOFBBlockCipher(baseEngine)));
    } else if (modeName.equals("GCFB")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new GCFBBlockCipher(baseEngine)));
    } else if (modeName.equals("CTS")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new CTSBlockCipher(new CBCBlockCipher(baseEngine)));
    } else if (modeName.equals("CCM")) {
        // CCM nonce 7..13 bytes
        ivLength = 12;
        if (baseEngine instanceof DSTU7624Engine) {
            cipher = new AEADGenericBlockCipher(new KCCMBlockCipher(baseEngine));
        } else {
            cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
        }
    } else if (modeName.equals("OCB")) {
        if (engineProvider != null) {
            /*
         * RFC 7253 4.2. Nonce is a string of no more than 120 bits
         */
            ivLength = 15;
            cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
        } else {
            throw new NoSuchAlgorithmException("can't support mode " + mode);
        }
    } else if (modeName.equals("EAX")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
    } else if (modeName.equals("GCM-SIV")) {
        ivLength = 12;
        cipher = new AEADGenericBlockCipher(new GCMSIVBlockCipher(baseEngine));
    } else if (modeName.equals("GCM")) {
        if (baseEngine instanceof DSTU7624Engine) {
            ivLength = baseEngine.getBlockSize();
            cipher = new AEADGenericBlockCipher(new KGCMBlockCipher(baseEngine));
        } else {
            ivLength = 12;
            cipher = new AEADGenericBlockCipher(new GCMBlockCipher(baseEngine));
        }
    } else {
        throw new NoSuchAlgorithmException("can't support mode " + mode);
    }
}
Also used : DSTU7624Engine(com.github.zhenwei.core.crypto.engines.DSTU7624Engine) GCFBBlockCipher(com.github.zhenwei.core.crypto.modes.GCFBBlockCipher) EAXBlockCipher(com.github.zhenwei.core.crypto.modes.EAXBlockCipher) CCMBlockCipher(com.github.zhenwei.core.crypto.modes.CCMBlockCipher) KCCMBlockCipher(com.github.zhenwei.core.crypto.modes.KCCMBlockCipher) SICBlockCipher(com.github.zhenwei.core.crypto.modes.SICBlockCipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KGCMBlockCipher(com.github.zhenwei.core.crypto.modes.KGCMBlockCipher) OpenPGPCFBBlockCipher(com.github.zhenwei.core.crypto.modes.OpenPGPCFBBlockCipher) CFBBlockCipher(com.github.zhenwei.core.crypto.modes.CFBBlockCipher) GCFBBlockCipher(com.github.zhenwei.core.crypto.modes.GCFBBlockCipher) PGPCFBBlockCipher(com.github.zhenwei.core.crypto.modes.PGPCFBBlockCipher) FPEFF1Engine(com.github.zhenwei.core.crypto.fpe.FPEFF1Engine) CBCBlockCipher(com.github.zhenwei.core.crypto.modes.CBCBlockCipher) GOFBBlockCipher(com.github.zhenwei.core.crypto.modes.GOFBBlockCipher) KCCMBlockCipher(com.github.zhenwei.core.crypto.modes.KCCMBlockCipher) OFBBlockCipher(com.github.zhenwei.core.crypto.modes.OFBBlockCipher) GOFBBlockCipher(com.github.zhenwei.core.crypto.modes.GOFBBlockCipher) OpenPGPCFBBlockCipher(com.github.zhenwei.core.crypto.modes.OpenPGPCFBBlockCipher) OCBBlockCipher(com.github.zhenwei.core.crypto.modes.OCBBlockCipher) GCMSIVBlockCipher(com.github.zhenwei.core.crypto.modes.GCMSIVBlockCipher) KCTRBlockCipher(com.github.zhenwei.core.crypto.modes.KCTRBlockCipher) BufferedBlockCipher(com.github.zhenwei.core.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(com.github.zhenwei.core.crypto.paddings.PaddedBufferedBlockCipher) CTSBlockCipher(com.github.zhenwei.core.crypto.modes.CTSBlockCipher) OpenPGPCFBBlockCipher(com.github.zhenwei.core.crypto.modes.OpenPGPCFBBlockCipher) PGPCFBBlockCipher(com.github.zhenwei.core.crypto.modes.PGPCFBBlockCipher) FPEFF3_1Engine(com.github.zhenwei.core.crypto.fpe.FPEFF3_1Engine) GCMBlockCipher(com.github.zhenwei.core.crypto.modes.GCMBlockCipher) KGCMBlockCipher(com.github.zhenwei.core.crypto.modes.KGCMBlockCipher)

Example 2 with BufferedBlockCipher

use of com.github.zhenwei.core.crypto.BufferedBlockCipher in project LinLong-Java by zhenwei1108.

the class BcRSAKeyTransEnvelopedRecipient method getRecipientOperator.

public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey) throws CMSException {
    CipherParameters secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
    final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
    return new RecipientOperator(new InputDecryptor() {

        public AlgorithmIdentifier getAlgorithmIdentifier() {
            return contentEncryptionAlgorithm;
        }

        public InputStream getInputStream(InputStream dataIn) {
            if (dataCipher instanceof BufferedBlockCipher) {
                return new CipherInputStream(dataIn, (BufferedBlockCipher) dataCipher);
            } else {
                return new CipherInputStream(dataIn, (StreamCipher) dataCipher);
            }
        }
    });
}
Also used : CipherParameters(com.github.zhenwei.core.crypto.CipherParameters) CipherInputStream(com.github.zhenwei.core.crypto.io.CipherInputStream) InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor) CipherInputStream(com.github.zhenwei.core.crypto.io.CipherInputStream) InputStream(java.io.InputStream) BufferedBlockCipher(com.github.zhenwei.core.crypto.BufferedBlockCipher) RecipientOperator(com.github.zhenwei.pkix.cms.RecipientOperator) StreamCipher(com.github.zhenwei.core.crypto.StreamCipher) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 3 with BufferedBlockCipher

use of com.github.zhenwei.core.crypto.BufferedBlockCipher in project LinLong-Java by zhenwei1108.

the class BcKEKEnvelopedRecipient method getRecipientOperator.

public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey) throws CMSException {
    KeyParameter secretKey = (KeyParameter) extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
    final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
    return new RecipientOperator(new InputDecryptor() {

        public AlgorithmIdentifier getAlgorithmIdentifier() {
            return contentEncryptionAlgorithm;
        }

        public InputStream getInputStream(InputStream dataOut) {
            if (dataCipher instanceof BufferedBlockCipher) {
                return new com.github.zhenwei.core.crypto.io.CipherInputStream(dataOut, (BufferedBlockCipher) dataCipher);
            } else {
                return new com.github.zhenwei.core.crypto.io.CipherInputStream(dataOut, (StreamCipher) dataCipher);
            }
        }
    });
}
Also used : InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor) InputStream(java.io.InputStream) BufferedBlockCipher(com.github.zhenwei.core.crypto.BufferedBlockCipher) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) RecipientOperator(com.github.zhenwei.pkix.cms.RecipientOperator) StreamCipher(com.github.zhenwei.core.crypto.StreamCipher) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 4 with BufferedBlockCipher

use of com.github.zhenwei.core.crypto.BufferedBlockCipher in project LinLong-Java by zhenwei1108.

the class BcPasswordEnvelopedRecipient method getRecipientOperator.

public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey) throws CMSException {
    KeyParameter secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, derivedKey, encryptedContentEncryptionKey);
    final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
    return new RecipientOperator(new InputDecryptor() {

        public AlgorithmIdentifier getAlgorithmIdentifier() {
            return contentEncryptionAlgorithm;
        }

        public InputStream getInputStream(InputStream dataOut) {
            if (dataCipher instanceof BufferedBlockCipher) {
                return new CipherInputStream(dataOut, (BufferedBlockCipher) dataCipher);
            } else {
                return new CipherInputStream(dataOut, (StreamCipher) dataCipher);
            }
        }
    });
}
Also used : CipherInputStream(com.github.zhenwei.core.crypto.io.CipherInputStream) InputDecryptor(com.github.zhenwei.pkix.operator.InputDecryptor) CipherInputStream(com.github.zhenwei.core.crypto.io.CipherInputStream) InputStream(java.io.InputStream) BufferedBlockCipher(com.github.zhenwei.core.crypto.BufferedBlockCipher) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) RecipientOperator(com.github.zhenwei.pkix.cms.RecipientOperator) StreamCipher(com.github.zhenwei.core.crypto.StreamCipher) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 5 with BufferedBlockCipher

use of com.github.zhenwei.core.crypto.BufferedBlockCipher in project LinLong-Java by zhenwei1108.

the class PEMUtilities method crypt.

static byte[] crypt(boolean encrypt, byte[] bytes, char[] password, String dekAlgName, byte[] iv) throws PEMException {
    byte[] ivValue = iv;
    String blockMode = "CBC";
    BlockCipher engine;
    BlockCipherPadding padding = new PKCS7Padding();
    KeyParameter sKey;
    // Figure out block mode and padding.
    if (dekAlgName.endsWith("-CFB")) {
        blockMode = "CFB";
        padding = null;
    }
    if (dekAlgName.endsWith("-ECB") || "DES-EDE".equals(dekAlgName) || "DES-EDE3".equals(dekAlgName)) {
        // ECB is actually the default (though seldom used) when OpenSSL
        // uses DES-EDE (des2) or DES-EDE3 (des3).
        blockMode = "ECB";
        ivValue = null;
    }
    if (dekAlgName.endsWith("-OFB")) {
        blockMode = "OFB";
        padding = null;
    }
    // Figure out algorithm and key size.
    if (dekAlgName.startsWith("DES-EDE")) {
        // "DES-EDE" is actually des2 in OpenSSL-speak!
        // "DES-EDE3" is des3.
        boolean des2 = !dekAlgName.startsWith("DES-EDE3");
        sKey = getKey(password, 24, iv, des2);
        engine = new DESedeEngine();
    } else if (dekAlgName.startsWith("DES-")) {
        sKey = getKey(password, 8, iv);
        engine = new DESEngine();
    } else if (dekAlgName.startsWith("BF-")) {
        sKey = getKey(password, 16, iv);
        engine = new BlowfishEngine();
    } else if (dekAlgName.startsWith("RC2-")) {
        int keyBits = 128;
        if (dekAlgName.startsWith("RC2-40-")) {
            keyBits = 40;
        } else if (dekAlgName.startsWith("RC2-64-")) {
            keyBits = 64;
        }
        sKey = new RC2Parameters(getKey(password, keyBits / 8, iv).getKey(), keyBits);
        ;
        engine = new RC2Engine();
    } else if (dekAlgName.startsWith("AES-")) {
        byte[] salt = iv;
        if (salt.length > 8) {
            salt = new byte[8];
            System.arraycopy(iv, 0, salt, 0, 8);
        }
        int keyBits;
        if (dekAlgName.startsWith("AES-128-")) {
            keyBits = 128;
        } else if (dekAlgName.startsWith("AES-192-")) {
            keyBits = 192;
        } else if (dekAlgName.startsWith("AES-256-")) {
            keyBits = 256;
        } else {
            throw new EncryptionException("unknown AES encryption with private key: " + dekAlgName);
        }
        sKey = getKey(password, keyBits / 8, salt);
        engine = new AESEngine();
    } else {
        throw new EncryptionException("unknown encryption with private key: " + dekAlgName);
    }
    if (blockMode.equals("CBC")) {
        engine = new CBCBlockCipher(engine);
    } else if (blockMode.equals("CFB")) {
        engine = new CFBBlockCipher(engine, engine.getBlockSize() * 8);
    } else if (blockMode.equals("OFB")) {
        engine = new OFBBlockCipher(engine, engine.getBlockSize() * 8);
    }
    try {
        BufferedBlockCipher c;
        if (padding == null) {
            c = new BufferedBlockCipher(engine);
        } else {
            c = new PaddedBufferedBlockCipher(engine, padding);
        }
        if (// ECB block mode
        ivValue == null) {
            c.init(encrypt, sKey);
        } else {
            c.init(encrypt, new ParametersWithIV(sKey, ivValue));
        }
        byte[] out = new byte[c.getOutputSize(bytes.length)];
        int procLen = c.processBytes(bytes, 0, bytes.length, out, 0);
        procLen += c.doFinal(out, procLen);
        if (procLen == out.length) {
            return out;
        } else {
            byte[] rv = new byte[procLen];
            System.arraycopy(out, 0, rv, 0, procLen);
            return rv;
        }
    } catch (Exception e) {
        throw new EncryptionException("exception using cipher - please check password and data.", e);
    }
}
Also used : RC2Parameters(com.github.zhenwei.core.crypto.params.RC2Parameters) AESEngine(com.github.zhenwei.core.crypto.engines.AESEngine) OFBBlockCipher(com.github.zhenwei.core.crypto.modes.OFBBlockCipher) PaddedBufferedBlockCipher(com.github.zhenwei.core.crypto.paddings.PaddedBufferedBlockCipher) CBCBlockCipher(com.github.zhenwei.core.crypto.modes.CBCBlockCipher) CFBBlockCipher(com.github.zhenwei.core.crypto.modes.CFBBlockCipher) BufferedBlockCipher(com.github.zhenwei.core.crypto.BufferedBlockCipher) BlockCipher(com.github.zhenwei.core.crypto.BlockCipher) PaddedBufferedBlockCipher(com.github.zhenwei.core.crypto.paddings.PaddedBufferedBlockCipher) OFBBlockCipher(com.github.zhenwei.core.crypto.modes.OFBBlockCipher) KeyParameter(com.github.zhenwei.core.crypto.params.KeyParameter) BlowfishEngine(com.github.zhenwei.core.crypto.engines.BlowfishEngine) RC2Engine(com.github.zhenwei.core.crypto.engines.RC2Engine) EncryptionException(com.github.zhenwei.pkix.openssl.EncryptionException) PEMException(com.github.zhenwei.pkix.openssl.PEMException) ParametersWithIV(com.github.zhenwei.core.crypto.params.ParametersWithIV) PKCS7Padding(com.github.zhenwei.core.crypto.paddings.PKCS7Padding) CFBBlockCipher(com.github.zhenwei.core.crypto.modes.CFBBlockCipher) DESEngine(com.github.zhenwei.core.crypto.engines.DESEngine) BlockCipherPadding(com.github.zhenwei.core.crypto.paddings.BlockCipherPadding) BufferedBlockCipher(com.github.zhenwei.core.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(com.github.zhenwei.core.crypto.paddings.PaddedBufferedBlockCipher) EncryptionException(com.github.zhenwei.pkix.openssl.EncryptionException) CBCBlockCipher(com.github.zhenwei.core.crypto.modes.CBCBlockCipher) DESedeEngine(com.github.zhenwei.core.crypto.engines.DESedeEngine)

Aggregations

BufferedBlockCipher (com.github.zhenwei.core.crypto.BufferedBlockCipher)6 StreamCipher (com.github.zhenwei.core.crypto.StreamCipher)4 KeyParameter (com.github.zhenwei.core.crypto.params.KeyParameter)4 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)3 PaddedBufferedBlockCipher (com.github.zhenwei.core.crypto.paddings.PaddedBufferedBlockCipher)3 RecipientOperator (com.github.zhenwei.pkix.cms.RecipientOperator)3 InputDecryptor (com.github.zhenwei.pkix.operator.InputDecryptor)3 InputStream (java.io.InputStream)3 CipherInputStream (com.github.zhenwei.core.crypto.io.CipherInputStream)2 CBCBlockCipher (com.github.zhenwei.core.crypto.modes.CBCBlockCipher)2 CFBBlockCipher (com.github.zhenwei.core.crypto.modes.CFBBlockCipher)2 OFBBlockCipher (com.github.zhenwei.core.crypto.modes.OFBBlockCipher)2 ParametersWithIV (com.github.zhenwei.core.crypto.params.ParametersWithIV)2 RC2Parameters (com.github.zhenwei.core.crypto.params.RC2Parameters)2 ASN1Null (com.github.zhenwei.core.asn1.ASN1Null)1 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)1 ASN1Primitive (com.github.zhenwei.core.asn1.ASN1Primitive)1 CAST5CBCParameters (com.github.zhenwei.core.asn1.misc.CAST5CBCParameters)1 RC2CBCParameter (com.github.zhenwei.core.asn1.pkcs.RC2CBCParameter)1 BlockCipher (com.github.zhenwei.core.crypto.BlockCipher)1