Search in sources :

Example 1 with CipherEngine

use of com.keepassdroid.crypto.engine.CipherEngine in project KeePassDX by Kunzisoft.

the class ImporterV4 method openDatabase.

@Override
public PwDatabaseV4 openDatabase(InputStream inStream, String password, InputStream keyInputStream, UpdateStatus status, long roundsFix) throws IOException, InvalidDBException {
    db = createDB();
    PwDbHeaderV4 header = new PwDbHeaderV4(db);
    db.binPool.clear();
    PwDbHeaderV4.HeaderAndHash hh = header.loadFromFile(inStream);
    version = header.version;
    hashOfHeader = hh.hash;
    pbHeader = hh.header;
    db.setMasterKey(password, keyInputStream);
    db.makeFinalKey(header.masterSeed, db.kdfParameters, roundsFix);
    CipherEngine engine;
    Cipher cipher;
    try {
        engine = CipherFactory.getInstance(db.dataCipher);
        db.dataEngine = engine;
        cipher = engine.getCipher(Cipher.DECRYPT_MODE, db.finalKey, header.encryptionIV);
    } catch (NoSuchAlgorithmException e) {
        throw new IOException("Invalid algorithm.");
    } catch (NoSuchPaddingException e) {
        throw new IOException("Invalid algorithm.");
    } catch (InvalidKeyException e) {
        throw new IOException("Invalid algorithm.");
    } catch (InvalidAlgorithmParameterException e) {
        throw new IOException("Invalid algorithm.");
    }
    InputStream isPlain;
    if (version < PwDbHeaderV4.FILE_VERSION_32_4) {
        InputStream decrypted = AttachCipherStream(inStream, cipher);
        LEDataInputStream dataDecrypted = new LEDataInputStream(decrypted);
        byte[] storedStartBytes = null;
        try {
            storedStartBytes = dataDecrypted.readBytes(32);
            if (storedStartBytes == null || storedStartBytes.length != 32) {
                throw new InvalidPasswordException();
            }
        } catch (IOException e) {
            throw new InvalidPasswordException();
        }
        if (!Arrays.equals(storedStartBytes, header.streamStartBytes)) {
            throw new InvalidPasswordException();
        }
        isPlain = new HashedBlockInputStream(dataDecrypted);
    } else {
        // KDBX 4
        LEDataInputStream isData = new LEDataInputStream(inStream);
        byte[] storedHash = isData.readBytes(32);
        if (!Arrays.equals(storedHash, hashOfHeader)) {
            throw new InvalidDBException();
        }
        byte[] hmacKey = db.hmacKey;
        byte[] headerHmac = PwDbHeaderV4.computeHeaderHmac(pbHeader, hmacKey);
        byte[] storedHmac = isData.readBytes(32);
        if (storedHmac == null || storedHmac.length != 32) {
            throw new InvalidDBException();
        }
        // Mac doesn't match
        if (!Arrays.equals(headerHmac, storedHmac)) {
            throw new InvalidDBException();
        }
        HmacBlockInputStream hmIs = new HmacBlockInputStream(isData, true, hmacKey);
        isPlain = AttachCipherStream(hmIs, cipher);
    }
    InputStream isXml;
    if (db.compressionAlgorithm == PwCompressionAlgorithm.Gzip) {
        isXml = new GZIPInputStream(isPlain);
    } else {
        isXml = isPlain;
    }
    if (version >= header.FILE_VERSION_32_4) {
        LoadInnerHeader(isXml, header);
    }
    if (header.innerRandomStreamKey == null) {
        assert (false);
        throw new IOException("Invalid stream key.");
    }
    randomStream = PwStreamCipherFactory.getInstance(header.innerRandomStream, header.innerRandomStreamKey);
    if (randomStream == null) {
        throw new ArcFourException();
    }
    ReadXmlStreamed(isXml);
    return db;
}
Also used : InvalidDBException(com.keepassdroid.database.exception.InvalidDBException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) GZIPInputStream(java.util.zip.GZIPInputStream) HashedBlockInputStream(com.keepassdroid.stream.HashedBlockInputStream) LEDataInputStream(com.keepassdroid.stream.LEDataInputStream) BetterCipherInputStream(com.keepassdroid.stream.BetterCipherInputStream) HmacBlockInputStream(com.keepassdroid.stream.HmacBlockInputStream) InputStream(java.io.InputStream) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) LEDataInputStream(com.keepassdroid.stream.LEDataInputStream) ArcFourException(com.keepassdroid.database.exception.ArcFourException) GZIPInputStream(java.util.zip.GZIPInputStream) HmacBlockInputStream(com.keepassdroid.stream.HmacBlockInputStream) PwDbHeaderV4(com.keepassdroid.database.PwDbHeaderV4) CipherEngine(com.keepassdroid.crypto.engine.CipherEngine) InvalidPasswordException(com.keepassdroid.database.exception.InvalidPasswordException) StreamCipher(org.spongycastle.crypto.StreamCipher) Cipher(javax.crypto.Cipher) HashedBlockInputStream(com.keepassdroid.stream.HashedBlockInputStream)

Example 2 with CipherEngine

use of com.keepassdroid.crypto.engine.CipherEngine in project KeePassDX by Kunzisoft.

the class CipherTest method testCipherFactory.

public void testCipherFactory() throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
    byte[] key = new byte[32];
    byte[] iv = new byte[16];
    byte[] plaintext = new byte[1024];
    rand.nextBytes(key);
    rand.nextBytes(iv);
    rand.nextBytes(plaintext);
    CipherEngine aes = CipherFactory.getInstance(AesEngine.CIPHER_UUID);
    Cipher encrypt = aes.getCipher(Cipher.ENCRYPT_MODE, key, iv);
    Cipher decrypt = aes.getCipher(Cipher.DECRYPT_MODE, key, iv);
    byte[] secrettext = encrypt.doFinal(plaintext);
    byte[] decrypttext = decrypt.doFinal(secrettext);
    assertArrayEquals("Encryption and decryption failed", plaintext, decrypttext);
}
Also used : CipherEngine(com.keepassdroid.crypto.engine.CipherEngine) Cipher(javax.crypto.Cipher)

Example 3 with CipherEngine

use of com.keepassdroid.crypto.engine.CipherEngine in project KeePassDX by Kunzisoft.

the class CipherTest method testCipherStreams.

public void testCipherStreams() throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException {
    final int MESSAGE_LENGTH = 1024;
    byte[] key = new byte[32];
    byte[] iv = new byte[16];
    byte[] plaintext = new byte[MESSAGE_LENGTH];
    rand.nextBytes(key);
    rand.nextBytes(iv);
    rand.nextBytes(plaintext);
    CipherEngine aes = CipherFactory.getInstance(AesEngine.CIPHER_UUID);
    Cipher encrypt = aes.getCipher(Cipher.ENCRYPT_MODE, key, iv);
    Cipher decrypt = aes.getCipher(Cipher.DECRYPT_MODE, key, iv);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    CipherOutputStream cos = new CipherOutputStream(bos, encrypt);
    cos.write(plaintext);
    cos.close();
    byte[] secrettext = bos.toByteArray();
    ByteArrayInputStream bis = new ByteArrayInputStream(secrettext);
    BetterCipherInputStream cis = new BetterCipherInputStream(bis, decrypt);
    LEDataInputStream lis = new LEDataInputStream(cis);
    byte[] decrypttext = lis.readBytes(MESSAGE_LENGTH);
    assertArrayEquals("Encryption and decryption failed", plaintext, decrypttext);
}
Also used : CipherOutputStream(javax.crypto.CipherOutputStream) BetterCipherInputStream(com.keepassdroid.stream.BetterCipherInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) CipherEngine(com.keepassdroid.crypto.engine.CipherEngine) Cipher(javax.crypto.Cipher) ByteArrayOutputStream(java.io.ByteArrayOutputStream) LEDataInputStream(com.keepassdroid.stream.LEDataInputStream)

Aggregations

CipherEngine (com.keepassdroid.crypto.engine.CipherEngine)3 Cipher (javax.crypto.Cipher)3 BetterCipherInputStream (com.keepassdroid.stream.BetterCipherInputStream)2 LEDataInputStream (com.keepassdroid.stream.LEDataInputStream)2 PwDbHeaderV4 (com.keepassdroid.database.PwDbHeaderV4)1 ArcFourException (com.keepassdroid.database.exception.ArcFourException)1 InvalidDBException (com.keepassdroid.database.exception.InvalidDBException)1 InvalidPasswordException (com.keepassdroid.database.exception.InvalidPasswordException)1 HashedBlockInputStream (com.keepassdroid.stream.HashedBlockInputStream)1 HmacBlockInputStream (com.keepassdroid.stream.HmacBlockInputStream)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 GZIPInputStream (java.util.zip.GZIPInputStream)1 CipherOutputStream (javax.crypto.CipherOutputStream)1 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1