Search in sources :

Example 11 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project platform_frameworks_base by android.

the class LockSettingsService method getDecryptedPasswordForTiedProfile.

private String getDecryptedPasswordForTiedProfile(int userId) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, CertificateException, IOException {
    if (DEBUG)
        Slog.v(TAG, "Get child profile decrytped key");
    byte[] storedData = mStorage.readChildProfileLock(userId);
    if (storedData == null) {
        throw new FileNotFoundException("Child profile lock file not found");
    }
    byte[] iv = Arrays.copyOfRange(storedData, 0, PROFILE_KEY_IV_SIZE);
    byte[] encryptedPassword = Arrays.copyOfRange(storedData, PROFILE_KEY_IV_SIZE, storedData.length);
    byte[] decryptionResult;
    java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
    keyStore.load(null);
    SecretKey decryptionKey = (SecretKey) keyStore.getKey(LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + userId, null);
    Cipher cipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/" + KeyProperties.BLOCK_MODE_GCM + "/" + KeyProperties.ENCRYPTION_PADDING_NONE);
    cipher.init(Cipher.DECRYPT_MODE, decryptionKey, new GCMParameterSpec(128, iv));
    decryptionResult = cipher.doFinal(encryptedPassword);
    return new String(decryptionResult, StandardCharsets.UTF_8);
}
Also used : SecretKey(javax.crypto.SecretKey) FileNotFoundException(java.io.FileNotFoundException) Cipher(javax.crypto.Cipher) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec)

Example 12 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project robovm by robovm.

the class GCMParameterSpecTest method testGetIV_Subarray_Success.

public void testGetIV_Subarray_Success() throws Exception {
    GCMParameterSpec spec = new GCMParameterSpec(8, TEST_IV, 2, 4);
    assertEquals(Arrays.toString(Arrays.copyOfRange(TEST_IV, 2, 6)), Arrays.toString(spec.getIV()));
}
Also used : GCMParameterSpec(javax.crypto.spec.GCMParameterSpec)

Example 13 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project keywhiz by square.

the class GCMEncryptor method gcm.

private byte[] gcm(boolean encrypt, byte[] input, byte[] nonce) throws AEADBadTagException {
    try {
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
        SecretKey secretKey = new SecretKeySpec(key, KEY_ALGORITHM);
        GCMParameterSpec gcmParameters = new GCMParameterSpec(TAG_BITS, nonce);
        cipher.init(encrypt ? ENCRYPT_MODE : DECRYPT_MODE, secretKey, gcmParameters);
        return cipher.doFinal(input);
    } catch (NoSuchAlgorithmException | NoSuchPaddingException | BadPaddingException | IllegalBlockSizeException | InvalidAlgorithmParameterException | InvalidKeyException e) {
        Throwables.propagateIfInstanceOf(e, AEADBadTagException.class);
        throw Throwables.propagate(e);
    }
}
Also used : SecretKey(javax.crypto.SecretKey) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) SecretKeySpec(javax.crypto.spec.SecretKeySpec) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) Cipher(javax.crypto.Cipher) GCMParameterSpec(javax.crypto.spec.GCMParameterSpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) AEADBadTagException(javax.crypto.AEADBadTagException)

Example 14 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project jdk8u_jdk by JetBrains.

the class GCMParameters method engineInit.

protected void engineInit(AlgorithmParameterSpec paramSpec) throws InvalidParameterSpecException {
    if (!(paramSpec instanceof GCMParameterSpec)) {
        throw new InvalidParameterSpecException("Inappropriate parameter specification");
    }
    GCMParameterSpec gps = (GCMParameterSpec) paramSpec;
    // need to convert from bits to bytes for ASN.1 encoding
    this.tLen = gps.getTLen() / 8;
    this.iv = gps.getIV();
}
Also used : GCMParameterSpec(javax.crypto.spec.GCMParameterSpec) InvalidParameterSpecException(java.security.spec.InvalidParameterSpecException)

Example 15 with GCMParameterSpec

use of javax.crypto.spec.GCMParameterSpec in project jdk8u_jdk by JetBrains.

the class CipherBox method applyExplicitNonce.

/*
     * Applies the explicit nonce/IV to this cipher. This method is used to
     * decrypt an SSL/TLS input record.
     *
     * The returned value is the SecurityParameters.record_iv_length in
     * RFC 4346/5246.  It is the size of explicit IV for CBC mode, and the
     * size of explicit nonce for AEAD mode.
     *
     * @param  authenticator the authenticator to get the additional
     *         authentication data
     * @param  contentType the content type of the input record
     * @param  bb the byte buffer to get the explicit nonce from
     *
     * @return the explicit nonce size of the cipher.
     */
int applyExplicitNonce(Authenticator authenticator, byte contentType, ByteBuffer bb) throws BadPaddingException {
    switch(cipherType) {
        case BLOCK_CIPHER:
            // sanity check length of the ciphertext
            int tagLen = (authenticator instanceof MAC) ? ((MAC) authenticator).MAClen() : 0;
            if (tagLen != 0) {
                if (!sanityCheck(tagLen, bb.remaining())) {
                    throw new BadPaddingException("ciphertext sanity check failed");
                }
            }
            // the SecurityParameters.block_size.
            if (protocolVersion.v >= ProtocolVersion.TLS11.v) {
                return cipher.getBlockSize();
            }
            break;
        case AEAD_CIPHER:
            if (bb.remaining() < (recordIvSize + tagSize)) {
                throw new BadPaddingException("invalid AEAD cipher fragment");
            }
            // initialize the AEAD cipher for the unique IV
            byte[] iv = Arrays.copyOf(fixedIv, fixedIv.length + recordIvSize);
            bb.get(iv, fixedIv.length, recordIvSize);
            bb.position(bb.position() - recordIvSize);
            GCMParameterSpec spec = new GCMParameterSpec(tagSize * 8, iv);
            try {
                cipher.init(mode, key, spec, random);
            } catch (InvalidKeyException | InvalidAlgorithmParameterException ikae) {
                // unlikely to happen
                throw new RuntimeException("invalid key or spec in GCM mode", ikae);
            }
            // update the additional authentication data
            byte[] aad = authenticator.acquireAuthenticationBytes(contentType, bb.remaining() - recordIvSize - tagSize);
            cipher.updateAAD(aad);
            return recordIvSize;
    }
    return 0;
}
Also used : GCMParameterSpec(javax.crypto.spec.GCMParameterSpec)

Aggregations

GCMParameterSpec (javax.crypto.spec.GCMParameterSpec)17 Cipher (javax.crypto.Cipher)8 SecretKey (javax.crypto.SecretKey)8 FileNotFoundException (java.io.FileNotFoundException)5 InvalidKeyException (java.security.InvalidKeyException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 AEADBadTagException (javax.crypto.AEADBadTagException)3 BadPaddingException (javax.crypto.BadPaddingException)3 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)3 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)3 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)2 InvalidParameterSpecException (java.security.spec.InvalidParameterSpecException)2 NoSuchProviderException (java.security.NoSuchProviderException)1 Random (java.util.Random)1 KeyGenerator (javax.crypto.KeyGenerator)1 ShortBufferException (javax.crypto.ShortBufferException)1 SecretKeySpec (javax.crypto.spec.SecretKeySpec)1