Search in sources :

Example 76 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project sonarqube by SonarSource.

the class AesGCMCipher method decrypt.

@Override
public String decrypt(String encryptedText) {
    try {
        javax.crypto.Cipher cipher = javax.crypto.Cipher.getInstance(CRYPTO_ALGO);
        ByteBuffer byteBuffer = ByteBuffer.wrap(Base64.decodeBase64(StringUtils.trim(encryptedText)));
        byte[] iv = new byte[GCM_IV_LENGTH_IN_BYTES];
        byteBuffer.get(iv);
        byte[] cipherText = new byte[byteBuffer.remaining()];
        byteBuffer.get(cipherText);
        cipher.init(javax.crypto.Cipher.DECRYPT_MODE, loadSecretFile(), new GCMParameterSpec(GCM_TAG_LENGTH_IN_BITS, iv));
        byte[] cipherData = cipher.doFinal(cipherText);
        return new String(cipherData, StandardCharsets.UTF_8);
    } catch (RuntimeException e) {
        throw e;
    } catch (Exception e) {
        throw new IllegalStateException(e);
    }
}
Also used : GCMParameterSpec(javax.crypto.spec.GCMParameterSpec) ByteBuffer(java.nio.ByteBuffer)

Example 77 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project grpc-java by grpc.

the class AesGcmAeadCrypter method decryptAad.

private void decryptAad(ByteBuffer plaintext, ByteBuffer ciphertext, @Nullable ByteBuffer aad, byte[] nonce) throws GeneralSecurityException {
    checkArgument(nonce.length == NONCE_LENGTH);
    cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(this.key, AES), new GCMParameterSpec(TAG_LENGTH * 8, nonce));
    if (aad != null) {
        cipher.updateAAD(aad);
    }
    cipher.doFinal(ciphertext, plaintext);
}
Also used : SecretKeySpec(javax.crypto.spec.SecretKeySpec) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec)

Example 78 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project qpid-broker-j by apache.

the class AESGCMKeyFileEncrypter method encrypt.

@Override
public String encrypt(final String unencrypted) {
    final byte[] unencryptedBytes = unencrypted.getBytes(StandardCharsets.UTF_8);
    try {
        final byte[] initializationVectorBytes = new byte[GCM_INITIALIZATION_VECTOR_LENGTH];
        _random.nextBytes(initializationVectorBytes);
        final Cipher cipher = Cipher.getInstance(CIPHER_NAME);
        final GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(GCM_TAG_LENGTH, initializationVectorBytes);
        cipher.init(Cipher.ENCRYPT_MODE, _secretKey, gcmParameterSpec);
        final byte[] encryptedBytes = EncryptionHelper.readFromCipherStream(unencryptedBytes, cipher);
        final byte[] output = new byte[GCM_INITIALIZATION_VECTOR_LENGTH + encryptedBytes.length];
        System.arraycopy(initializationVectorBytes, 0, output, 0, GCM_INITIALIZATION_VECTOR_LENGTH);
        System.arraycopy(encryptedBytes, 0, output, GCM_INITIALIZATION_VECTOR_LENGTH, encryptedBytes.length);
        return Base64.getEncoder().encodeToString(output);
    } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
        throw new IllegalArgumentException("Unable to encrypt secret", e);
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) Cipher(javax.crypto.Cipher) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException)

Example 79 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project armadillo by patrickfav.

the class AesGcmEncryption method encrypt.

@Override
public byte[] encrypt(byte[] rawEncryptionKey, byte[] rawData, @Nullable byte[] associatedData) throws AuthenticatedEncryptionException {
    if (rawEncryptionKey.length < 16) {
        throw new IllegalArgumentException("key length must be longer than 16 bytes");
    }
    byte[] iv = null;
    byte[] encrypted = null;
    try {
        iv = new byte[IV_LENGTH_BYTE];
        secureRandom.nextBytes(iv);
        final Cipher cipherEnc = getCipher();
        cipherEnc.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(rawEncryptionKey, "AES"), new GCMParameterSpec(TAG_LENGTH_BIT, iv));
        if (associatedData != null) {
            cipherEnc.updateAAD(associatedData);
        }
        encrypted = cipherEnc.doFinal(rawData);
        ByteBuffer byteBuffer = ByteBuffer.allocate(1 + iv.length + encrypted.length);
        byteBuffer.put((byte) iv.length);
        byteBuffer.put(iv);
        byteBuffer.put(encrypted);
        return byteBuffer.array();
    } catch (Exception e) {
        throw new AuthenticatedEncryptionException("could not encrypt", e);
    } finally {
        Bytes.wrapNullSafe(iv).mutable().secureWipe();
        Bytes.wrapNullSafe(encrypted).mutable().secureWipe();
    }
}
Also used : SecretKeySpec(javax.crypto.spec.SecretKeySpec) Cipher(javax.crypto.Cipher) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec) ByteBuffer(java.nio.ByteBuffer)

Example 80 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project armadillo by patrickfav.

the class AesGcmEncryption method decrypt.

@Override
public byte[] decrypt(byte[] rawEncryptionKey, byte[] encryptedData, @Nullable byte[] associatedData) throws AuthenticatedEncryptionException {
    try {
        int initialOffset = 1;
        int ivLength = encryptedData[0];
        if (ivLength != 12 && ivLength != 16) {
            throw new IllegalStateException("Unexpected iv length");
        }
        final Cipher cipherDec = getCipher();
        cipherDec.init(Cipher.DECRYPT_MODE, new SecretKeySpec(rawEncryptionKey, "AES"), new GCMParameterSpec(TAG_LENGTH_BIT, encryptedData, initialOffset, ivLength));
        if (associatedData != null) {
            cipherDec.updateAAD(associatedData);
        }
        return cipherDec.doFinal(encryptedData, initialOffset + ivLength, encryptedData.length - (initialOffset + ivLength));
    } catch (Exception e) {
        throw new AuthenticatedEncryptionException("could not decrypt", e);
    }
}
Also used : SecretKeySpec(javax.crypto.spec.SecretKeySpec) Cipher(javax.crypto.Cipher) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec)

Aggregations

GCMParameterSpec (javax.crypto.spec.GCMParameterSpec)101 Cipher (javax.crypto.Cipher)71 SecretKeySpec (javax.crypto.spec.SecretKeySpec)46 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)32 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)31 InvalidKeyException (java.security.InvalidKeyException)30 BadPaddingException (javax.crypto.BadPaddingException)29 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)29 SecretKey (javax.crypto.SecretKey)21 GeneralSecurityException (java.security.GeneralSecurityException)12 AEADBadTagException (javax.crypto.AEADBadTagException)12 Key (java.security.Key)11 ByteBuffer (java.nio.ByteBuffer)7 IOException (java.io.IOException)6 Test (org.junit.Test)6 ExcludedTest (com.google.security.wycheproof.WycheproofRunner.ExcludedTest)5 NoPresubmitTest (com.google.security.wycheproof.WycheproofRunner.NoPresubmitTest)5 SlowTest (com.google.security.wycheproof.WycheproofRunner.SlowTest)5 FileNotFoundException (java.io.FileNotFoundException)5