Example 31 with InvalidCipherTextException
use of org.bouncycastle.crypto.InvalidCipherTextException in project inbot-utils by Inbot.
the class AESUtils method encryptBouncyCastle.
private static String encryptBouncyCastle(SecretKey secret, String plainText) {
try {
// prepending with md5 hash allows us to do an integrity check on decrypt to prevent returning garbage if the decrypt key is incorrect
String md5 = HashUtils.md5(plainText);
plainText = md5 + plainText;
// the iv acts as a per use salt, this ensures things encrypted with the same key always have a unique salt
// 128 bit iv because NIST AES is standardized with 128 bit blocks and iv needs to match block size, even when using 256 bit key
byte[] iv = new byte[16];
SECURE_RANDOM.nextBytes(iv);
// setup cipher parameters with key and IV
byte[] key = secret.getEncoded();
// setup AES cipher in CBC mode with PKCS7 padding
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), new PKCS7Padding());
cipher.reset();
cipher.init(true, new ParametersWithIV(new KeyParameter(key), iv));
byte[] plainTextBuf = plainText.getBytes(StandardCharsets.UTF_8);
byte[] buf = new byte[cipher.getOutputSize(plainTextBuf.length)];
int len = cipher.processBytes(plainTextBuf, 0, plainTextBuf.length, buf, 0);
len += cipher.doFinal(buf, len);
// copy the encrypted part of the buffer to out
byte[] out = new byte[len];
System.arraycopy(buf, 0, out, 0, len);
// iv$encrypted
return byteArrayToHexString(iv) + "$" + new String(Base64.encodeBase64URLSafe(out), StandardCharsets.UTF_8);
} catch (DataLengthException | InvalidCipherTextException e) {
throw new IllegalStateException("cannot encrypt", e);
}
}
Also used :
PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)
PKCS7Padding(org.bouncycastle.crypto.paddings.PKCS7Padding)
BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher)
PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)
DataLengthException(org.bouncycastle.crypto.DataLengthException)
CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)
Example 32 with InvalidCipherTextException
use of org.bouncycastle.crypto.InvalidCipherTextException in project elastic-core-maven by OrdinaryDude.
the class Crypto method aesGCMDecrypt.
public static byte[] aesGCMDecrypt(byte[] ivCiphertext, byte[] key) {
try {
if (ivCiphertext.length < 16) {
throw new InvalidCipherTextException("invalid ivCiphertext length");
}
byte[] iv = Arrays.copyOfRange(ivCiphertext, 0, 16);
byte[] ciphertext = Arrays.copyOfRange(ivCiphertext, 16, ivCiphertext.length);
GCMBlockCipher aes = new GCMBlockCipher(new AESEngine());
CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv);
aes.init(false, ivAndKey);
byte[] output = new byte[aes.getOutputSize(ciphertext.length)];
int plaintextLength = aes.processBytes(ciphertext, 0, ciphertext.length, output, 0);
plaintextLength += aes.doFinal(output, plaintextLength);
byte[] result = new byte[plaintextLength];
System.arraycopy(output, 0, result, 0, result.length);
return result;
} catch (InvalidCipherTextException e) {
throw new RuntimeException(e.getMessage(), e);
}
}
Also used :
CipherParameters(org.bouncycastle.crypto.CipherParameters)
ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)
InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException)
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
Example 33 with InvalidCipherTextException
use of org.bouncycastle.crypto.InvalidCipherTextException in project elastic-core-maven by OrdinaryDude.
the class Crypto method aesEncrypt.
public static byte[] aesEncrypt(byte[] plaintext, byte[] key) {
try {
byte[] iv = new byte[16];
secureRandom.get().nextBytes(iv);
PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()));
CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv);
aes.init(true, ivAndKey);
byte[] output = new byte[aes.getOutputSize(plaintext.length)];
int ciphertextLength = aes.processBytes(plaintext, 0, plaintext.length, output, 0);
ciphertextLength += aes.doFinal(output, ciphertextLength);
byte[] result = new byte[iv.length + ciphertextLength];
System.arraycopy(iv, 0, result, 0, iv.length);
System.arraycopy(output, 0, result, iv.length, ciphertextLength);
return result;
} catch (InvalidCipherTextException e) {
throw new RuntimeException(e.getMessage(), e);
}
}
Also used :
CipherParameters(org.bouncycastle.crypto.CipherParameters)
ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)
PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)
Example 34 with InvalidCipherTextException
use of org.bouncycastle.crypto.InvalidCipherTextException in project elastic-core-maven by OrdinaryDude.
the class Crypto method aesGCMEncrypt.
public static byte[] aesGCMEncrypt(byte[] plaintext, byte[] key) {
try {
byte[] iv = new byte[16];
secureRandom.get().nextBytes(iv);
GCMBlockCipher aes = new GCMBlockCipher(new AESEngine());
CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv);
aes.init(true, ivAndKey);
byte[] output = new byte[aes.getOutputSize(plaintext.length)];
int ciphertextLength = aes.processBytes(plaintext, 0, plaintext.length, output, 0);
ciphertextLength += aes.doFinal(output, ciphertextLength);
byte[] result = new byte[iv.length + ciphertextLength];
System.arraycopy(iv, 0, result, 0, iv.length);
System.arraycopy(output, 0, result, iv.length, ciphertextLength);
return result;
} catch (InvalidCipherTextException e) {
throw new RuntimeException(e.getMessage(), e);
}
}
Also used :
CipherParameters(org.bouncycastle.crypto.CipherParameters)
ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
Example 35 with InvalidCipherTextException
use of org.bouncycastle.crypto.InvalidCipherTextException in project bitcoin-wallet by bitcoin-wallet.
the class Crypto method decryptRaw.
/**
* Decrypt bytes previously encrypted with this class.
*
* @param bytesToDecode
* The bytes to decrypt
* @param password
* password to use for decryption
* @return The decrypted bytes
* @throws IOException
*/
private static byte[] decryptRaw(final byte[] bytesToDecode, final char[] password) throws IOException {
try {
// separate the salt and bytes to decrypt
final byte[] salt = new byte[SALT_LENGTH];
System.arraycopy(bytesToDecode, 0, salt, 0, SALT_LENGTH);
final byte[] cipherBytes = new byte[bytesToDecode.length - SALT_LENGTH];
System.arraycopy(bytesToDecode, SALT_LENGTH, cipherBytes, 0, bytesToDecode.length - SALT_LENGTH);
final ParametersWithIV key = (ParametersWithIV) getAESPasswordKey(password, salt);
// decrypt the message
final BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()));
cipher.init(false, key);
final byte[] decryptedBytes = new byte[cipher.getOutputSize(cipherBytes.length)];
final int processLen = cipher.processBytes(cipherBytes, 0, cipherBytes.length, decryptedBytes, 0);
final int doFinalLen = cipher.doFinal(decryptedBytes, processLen);
return Arrays.copyOf(decryptedBytes, processLen + doFinalLen);
} catch (final InvalidCipherTextException | DataLengthException x) {
throw new IOException("Could not decrypt bytes", x);
}
}
Also used :
ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)
PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)
InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException)
BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher)
PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)
DataLengthException(org.bouncycastle.crypto.DataLengthException)
CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)
AESFastEngine(org.bouncycastle.crypto.engines.AESFastEngine)
IOException(java.io.IOException)
Aggregations
InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)46
KeyParameter (org.bouncycastle.crypto.params.KeyParameter)13
ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)13
AESEngine (org.bouncycastle.crypto.engines.AESEngine)12
CipherParameters (org.bouncycastle.crypto.CipherParameters)11
PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)9
IOException (java.io.IOException)7
DataLengthException (org.bouncycastle.crypto.DataLengthException)7
CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)7
GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)7
GoCipher (com.thoughtworks.go.security.GoCipher)6
Test (org.junit.Test)6
BadPaddingException (javax.crypto.BadPaddingException)5
BlockCipher (org.bouncycastle.crypto.BlockCipher)5
BufferedBlockCipher (org.bouncycastle.crypto.BufferedBlockCipher)5
UrlArgument (com.thoughtworks.go.util.command.UrlArgument)4
UnsupportedEncodingException (java.io.UnsupportedEncodingException)4
ExtendedInvalidCipherTextException (org.openremote.agent.protocol.bluetooth.mesh.utils.ExtendedInvalidCipherTextException)4
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)3
SecretKeySpec (javax.crypto.spec.SecretKeySpec)3
