Search in sources :

Example 1 with BufferedBlockCipher

use of org.bouncycastle.crypto.BufferedBlockCipher in project robovm by robovm.

the class BaseBlockCipher method engineSetMode.

protected void engineSetMode(String mode) throws NoSuchAlgorithmException {
    modeName = Strings.toUpperCase(mode);
    if (modeName.equals("ECB")) {
        ivLength = 0;
        cipher = new BufferedGenericBlockCipher(baseEngine);
    } else if (modeName.equals("CBC")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new CBCBlockCipher(baseEngine));
    } else if (modeName.startsWith("OFB")) {
        ivLength = baseEngine.getBlockSize();
        if (modeName.length() != 3) {
            int wordSize = Integer.parseInt(modeName.substring(3));
            cipher = new BufferedGenericBlockCipher(new OFBBlockCipher(baseEngine, wordSize));
        } else {
            cipher = new BufferedGenericBlockCipher(new OFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
        }
    } else if (modeName.startsWith("CFB")) {
        ivLength = baseEngine.getBlockSize();
        if (modeName.length() != 3) {
            int wordSize = Integer.parseInt(modeName.substring(3));
            cipher = new BufferedGenericBlockCipher(new CFBBlockCipher(baseEngine, wordSize));
        } else {
            cipher = new BufferedGenericBlockCipher(new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
        }
    } else // END android-removed
    if (modeName.startsWith("SIC")) {
        ivLength = baseEngine.getBlockSize();
        if (ivLength < 16) {
            throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
        }
        cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new SICBlockCipher(baseEngine)));
    } else if (modeName.startsWith("CTR")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new SICBlockCipher(baseEngine)));
    } else // END android-removed
    if (modeName.startsWith("CTS")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new CTSBlockCipher(new CBCBlockCipher(baseEngine)));
    } else if (modeName.startsWith("CCM")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
    } else // END android-removed
    if (modeName.startsWith("GCM")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new AEADGenericBlockCipher(new GCMBlockCipher(baseEngine));
    } else {
        throw new NoSuchAlgorithmException("can't support mode " + mode);
    }
}
Also used : OFBBlockCipher(org.bouncycastle.crypto.modes.OFBBlockCipher) CCMBlockCipher(org.bouncycastle.crypto.modes.CCMBlockCipher) SICBlockCipher(org.bouncycastle.crypto.modes.SICBlockCipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CFBBlockCipher(org.bouncycastle.crypto.modes.CFBBlockCipher) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) CTSBlockCipher(org.bouncycastle.crypto.modes.CTSBlockCipher) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)

Example 2 with BufferedBlockCipher

use of org.bouncycastle.crypto.BufferedBlockCipher in project ProxProx by GoMint.

the class EncryptionHandler method createCipher.

private BufferedBlockCipher createCipher(boolean encryptor, byte[] key, byte[] iv) {
    BufferedBlockCipher cipher = new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8));
    cipher.init(encryptor, new ParametersWithIV(new KeyParameter(key), iv));
    return cipher;
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) CFBBlockCipher(org.bouncycastle.crypto.modes.CFBBlockCipher) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) AESFastEngine(org.bouncycastle.crypto.engines.AESFastEngine)

Example 3 with BufferedBlockCipher

use of org.bouncycastle.crypto.BufferedBlockCipher in project inbot-utils by Inbot.

the class AESUtils method decryptBouncyCastle.

private static String decryptBouncyCastle(SecretKey secret, String input) {
    try {
        // Convert url-safe base64 to normal base64, remove carriage returns
        input = input.replaceAll("-", "+").replaceAll("_", "/").replaceAll("\r", "").replaceAll("\n", "");
        String[] splitInput = SPLIT_PATTERN.split(input);
        byte[] iv = hexStringToByteArray(splitInput[0]);
        byte[] encrypted = Base64.decodeBase64(splitInput[1]);
        // get raw key from password and salt
        byte[] key = secret.getEncoded();
        // setup cipher parameters with key and IV
        KeyParameter keyParam = new KeyParameter(key);
        CipherParameters params = new ParametersWithIV(keyParam, iv);
        // setup AES cipher in CBC mode with PKCS7 padding
        BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), new PKCS7Padding());
        cipher.reset();
        cipher.init(false, params);
        // create a temporary buffer to decode into (it'll include padding)
        byte[] buf = new byte[cipher.getOutputSize(encrypted.length)];
        int len = cipher.processBytes(encrypted, 0, encrypted.length, buf, 0);
        len += cipher.doFinal(buf, len);
        // lose the padding
        byte[] out = new byte[len];
        System.arraycopy(buf, 0, out, 0, len);
        // lose the salt
        String plaintext = new String(out, StandardCharsets.UTF_8);
        String md5Hash = plaintext.substring(0, 22);
        String plainTextWithoutHash = plaintext.substring(22);
        if (md5Hash.equals(HashUtils.md5(plainTextWithoutHash))) {
            return plainTextWithoutHash;
        } else {
            // it's possible to decrypt to garbage with the wrong key; the md5 check helps detecting that
            throw new IllegalArgumentException("wrong aes key - incorrect content hash");
        }
    } catch (DataLengthException e) {
        throw new IllegalStateException("buffer not big enough", e);
    } catch (InvalidCipherTextException e) {
        throw new IllegalArgumentException("wrong password");
    }
}
Also used : PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) AESEngine(org.bouncycastle.crypto.engines.AESEngine) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) PKCS7Padding(org.bouncycastle.crypto.paddings.PKCS7Padding) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) DataLengthException(org.bouncycastle.crypto.DataLengthException) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)

Example 4 with BufferedBlockCipher

use of org.bouncycastle.crypto.BufferedBlockCipher in project samourai-wallet-android by Samourai-Wallet.

the class AESUtil method decryptWithSetMode.

public static String decryptWithSetMode(String ciphertext, CharSequenceX password, int iterations, int mode, @Nullable BlockCipherPadding padding) throws InvalidCipherTextException, UnsupportedEncodingException, DecryptionException {
    final int AESBlockSize = 4;
    byte[] cipherdata = Base64.decodeBase64(ciphertext.getBytes());
    // Separate the IV and cipher data
    byte[] iv = copyOfRange(cipherdata, 0, AESBlockSize * 4);
    byte[] input = copyOfRange(cipherdata, AESBlockSize * 4, cipherdata.length);
    PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
    generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
    KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
    CipherParameters params = new ParametersWithIV(keyParam, iv);
    BlockCipher cipherMode;
    if (mode == MODE_CBC) {
        cipherMode = new CBCBlockCipher(new AESEngine());
    } else {
        // mode == MODE_OFB
        cipherMode = new OFBBlockCipher(new AESEngine(), 128);
    }
    BufferedBlockCipher cipher;
    if (padding != null) {
        cipher = new PaddedBufferedBlockCipher(cipherMode, padding);
    } else {
        cipher = new BufferedBlockCipher(cipherMode);
    }
    cipher.reset();
    cipher.init(false, params);
    // create a temporary buffer to decode into (includes padding)
    byte[] buf = new byte[cipher.getOutputSize(input.length)];
    int len = cipher.processBytes(input, 0, input.length, buf, 0);
    len += cipher.doFinal(buf, len);
    // remove padding
    byte[] out = new byte[len];
    System.arraycopy(buf, 0, out, 0, len);
    // return string representation of decoded bytes
    String result = new String(out, "UTF-8");
    if (result.isEmpty()) {
        throw new DecryptionException("Decrypted string is empty.");
    }
    return result;
}
Also used : AESEngine(org.bouncycastle.crypto.engines.AESEngine) OFBBlockCipher(org.bouncycastle.crypto.modes.OFBBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) BlockCipher(org.bouncycastle.crypto.BlockCipher) OFBBlockCipher(org.bouncycastle.crypto.modes.OFBBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) PBEParametersGenerator(org.bouncycastle.crypto.PBEParametersGenerator)

Example 5 with BufferedBlockCipher

use of org.bouncycastle.crypto.BufferedBlockCipher in project photon-model by vmware.

the class EncryptorService method decrypt.

/**
 * Decrypts the provided byte array.
 * @param input
 *         Byte array (in base 64) to be decrypted
 * @return The decrypted version of the input byte array.
 */
public byte[] decrypt(final byte[] input) {
    if (input == null || input.length == 0) {
        return input;
    }
    try {
        BufferedBlockCipher cipher = getCipher(false);
        byte[] bytes = Base64.getDecoder().decode(input);
        byte[] output = new byte[cipher.getOutputSize(bytes.length)];
        int length = cipher.processBytes(bytes, 0, bytes.length, output, 0);
        length += cipher.doFinal(output, length);
        return Arrays.copyOfRange(output, 0, length);
    } catch (Exception e) {
        throw new LocalizableValidationException(e, "Decryption error!", "common.dercyption.error");
    }
}
Also used : LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) IOException(java.io.IOException) LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Aggregations

BufferedBlockCipher (org.bouncycastle.crypto.BufferedBlockCipher)24 PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)19 CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)15 AESEngine (org.bouncycastle.crypto.engines.AESEngine)14 ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)14 KeyParameter (org.bouncycastle.crypto.params.KeyParameter)10 CipherParameters (org.bouncycastle.crypto.CipherParameters)7 SICBlockCipher (org.bouncycastle.crypto.modes.SICBlockCipher)6 InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)5 IOException (java.io.IOException)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 SecureRandom (java.security.SecureRandom)4 DataLengthException (org.bouncycastle.crypto.DataLengthException)4 PBEParametersGenerator (org.bouncycastle.crypto.PBEParametersGenerator)4 ECDHBasicAgreement (org.bouncycastle.crypto.agreement.ECDHBasicAgreement)4 SHA256Digest (org.bouncycastle.crypto.digests.SHA256Digest)4 PKCS5S2ParametersGenerator (org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)4 HMac (org.bouncycastle.crypto.macs.HMac)4 OFBBlockCipher (org.bouncycastle.crypto.modes.OFBBlockCipher)4 AESFastEngine (org.bouncycastle.crypto.engines.AESFastEngine)3