use of org.bouncycastle.crypto.CipherParameters in project robovm by robovm.
the class SignatureSpi method engineInitSign.
protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
CipherParameters param = ECUtil.generatePrivateKeyParameter(privateKey);
digest.reset();
if (appRandom != null) {
signer.init(true, new ParametersWithRandom(param, appRandom));
} else {
signer.init(true, param);
}
}
use of org.bouncycastle.crypto.CipherParameters in project robovm by robovm.
the class DigestSignatureSpi method engineInitVerify.
protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
if (!(publicKey instanceof RSAPublicKey)) {
throw new InvalidKeyException("Supplied key (" + getType(publicKey) + ") is not a RSAPublicKey instance");
}
CipherParameters param = RSAUtil.generatePublicKeyParameter((RSAPublicKey) publicKey);
digest.reset();
cipher.init(false, param);
}
use of org.bouncycastle.crypto.CipherParameters in project robovm by robovm.
the class JCEStreamCipher method engineInit.
protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
CipherParameters param;
this.pbeSpec = null;
this.pbeAlgorithm = null;
this.engineParams = null;
//
if (!(key instanceof SecretKey)) {
throw new InvalidKeyException("Key for algorithm " + key.getAlgorithm() + " not suitable for symmetric enryption.");
}
if (key instanceof BCPBEKey) {
BCPBEKey k = (BCPBEKey) key;
if (k.getOID() != null) {
pbeAlgorithm = k.getOID().getId();
} else {
pbeAlgorithm = k.getAlgorithm();
}
if (k.getParam() != null) {
param = k.getParam();
pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());
} else if (params instanceof PBEParameterSpec) {
param = PBE.Util.makePBEParameters(k, params, cipher.getAlgorithmName());
pbeSpec = (PBEParameterSpec) params;
} else {
throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
}
if (k.getIvSize() != 0) {
ivParam = (ParametersWithIV) param;
}
} else if (params == null) {
param = new KeyParameter(key.getEncoded());
} else if (params instanceof IvParameterSpec) {
param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec) params).getIV());
ivParam = (ParametersWithIV) param;
} else {
throw new IllegalArgumentException("unknown parameter type.");
}
if ((ivLength != 0) && !(param instanceof ParametersWithIV)) {
SecureRandom ivRandom = random;
if (ivRandom == null) {
ivRandom = new SecureRandom();
}
if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE)) {
byte[] iv = new byte[ivLength];
ivRandom.nextBytes(iv);
param = new ParametersWithIV(param, iv);
ivParam = (ParametersWithIV) param;
} else {
throw new InvalidAlgorithmParameterException("no IV set when one expected");
}
}
switch(opmode) {
case Cipher.ENCRYPT_MODE:
case Cipher.WRAP_MODE:
cipher.init(true, param);
break;
case Cipher.DECRYPT_MODE:
case Cipher.UNWRAP_MODE:
cipher.init(false, param);
break;
default:
System.out.println("eeek!");
}
}
use of org.bouncycastle.crypto.CipherParameters in project oxAuth by GluuFederation.
the class JweEncrypterImpl method generateCipherTextAndIntegrityValue.
@Override
public Pair<String, String> generateCipherTextAndIntegrityValue(byte[] contentMasterKey, byte[] initializationVector, byte[] additionalAuthenticatedData, byte[] plainText) throws InvalidJweException {
if (getBlockEncryptionAlgorithm() == null) {
throw new InvalidJweException("The block encryption algorithm is null");
}
if (contentMasterKey == null) {
throw new InvalidJweException("The content master key (CMK) is null");
}
if (initializationVector == null) {
throw new InvalidJweException("The initialization vector is null");
}
if (additionalAuthenticatedData == null) {
throw new InvalidJweException("The additional authentication data is null");
}
if (plainText == null) {
throw new InvalidJweException("The plain text to encrypt is null");
}
try {
if (getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A128GCM || getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A256GCM) {
SecretKey secretKey = new SecretKeySpec(contentMasterKey, "AES");
KeyParameter key = new KeyParameter(contentMasterKey);
final int MAC_SIZE_BITS = 128;
AEADParameters aeadParameters = new AEADParameters(key, MAC_SIZE_BITS, initializationVector, additionalAuthenticatedData);
final int macSize = aeadParameters.getMacSize() / 8;
BlockCipher blockCipher = new AESEngine();
CipherParameters params = new KeyParameter(secretKey.getEncoded());
blockCipher.init(true, params);
GCMBlockCipher aGCMBlockCipher = new GCMBlockCipher(blockCipher);
aGCMBlockCipher.init(true, aeadParameters);
int len = aGCMBlockCipher.getOutputSize(plainText.length);
byte[] out = new byte[len];
int outOff = aGCMBlockCipher.processBytes(plainText, 0, plainText.length, out, 0);
outOff += aGCMBlockCipher.doFinal(out, outOff);
byte[] cipherText = new byte[outOff - macSize];
System.arraycopy(out, 0, cipherText, 0, cipherText.length);
byte[] authenticationTag = new byte[macSize];
System.arraycopy(out, outOff - macSize, authenticationTag, 0, authenticationTag.length);
String encodedCipherText = Base64Util.base64urlencode(cipherText);
String encodedAuthenticationTag = Base64Util.base64urlencode(authenticationTag);
return new Pair<String, String>(encodedCipherText, encodedAuthenticationTag);
} else if (getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A128CBC_PLUS_HS256 || getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A256CBC_PLUS_HS512) {
byte[] cek = KeyDerivationFunction.generateCek(contentMasterKey, getBlockEncryptionAlgorithm());
IvParameterSpec parameters = new IvParameterSpec(initializationVector);
Cipher cipher = Cipher.getInstance(getBlockEncryptionAlgorithm().getAlgorithm(), "BC");
//Cipher cipher = Cipher.getInstance(getBlockEncryptionAlgorithm().getAlgorithm());
SecretKeySpec secretKeySpec = new SecretKeySpec(cek, "AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, parameters);
byte[] cipherText = cipher.doFinal(plainText);
String encodedCipherText = Base64Util.base64urlencode(cipherText);
String securedInputValue = new String(additionalAuthenticatedData, Charset.forName(Util.UTF8_STRING_ENCODING)) + "." + encodedCipherText;
byte[] cik = KeyDerivationFunction.generateCik(contentMasterKey, getBlockEncryptionAlgorithm());
SecretKey secretKey = new SecretKeySpec(cik, getBlockEncryptionAlgorithm().getIntegrityValueAlgorithm());
Mac mac = Mac.getInstance(getBlockEncryptionAlgorithm().getIntegrityValueAlgorithm());
mac.init(secretKey);
byte[] integrityValue = mac.doFinal(securedInputValue.getBytes(Util.UTF8_STRING_ENCODING));
String encodedIntegrityValue = Base64Util.base64urlencode(integrityValue);
return new Pair<String, String>(encodedCipherText, encodedIntegrityValue);
} else {
throw new InvalidJweException("The block encryption algorithm is not supported");
}
} catch (InvalidCipherTextException e) {
throw new InvalidJweException(e);
} catch (NoSuchAlgorithmException e) {
throw new InvalidJweException(e);
} catch (UnsupportedEncodingException e) {
throw new InvalidJweException(e);
} catch (NoSuchProviderException e) {
throw new InvalidJweException(e);
} catch (IllegalBlockSizeException e) {
throw new InvalidJweException(e);
} catch (InvalidKeyException e) {
throw new InvalidJweException(e);
} catch (BadPaddingException e) {
throw new InvalidJweException(e);
} catch (InvalidAlgorithmParameterException e) {
throw new InvalidJweException(e);
} catch (NoSuchPaddingException e) {
throw new InvalidJweException(e);
} catch (InvalidParameterException e) {
throw new InvalidJweException(e);
}
}
use of org.bouncycastle.crypto.CipherParameters in project nem2-sdk-java by nemtech.
the class Ed25519BlockCipher method setupBlockCipher.
private BufferedBlockCipher setupBlockCipher(final byte[] sharedKey, final byte[] ivData, final boolean forEncryption) {
// Setup cipher parameters with key and IV.
final KeyParameter keyParam = new KeyParameter(sharedKey);
final CipherParameters params = new ParametersWithIV(keyParam, ivData);
// Setup AES cipher in CBC mode with PKCS7 padding.
final BlockCipherPadding padding = new PKCS7Padding();
final BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
cipher.reset();
cipher.init(forEncryption, params);
return cipher;
}
Aggregations