Example 1 with InvalidCipherTextIOException
use of org.bouncycastle.crypto.io.InvalidCipherTextIOException in project syncany by syncany.
the class AesGcmWithBcInputStreamTest method testD_BouncyCastleCipherInputStreamWithAesGcm.
@Test
public void testD_BouncyCastleCipherInputStreamWithAesGcm() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
// Encrypt (not interesting in this example)
byte[] randomKey = createRandomArray(16);
byte[] randomIv = createRandomArray(16);
byte[] originalPlaintext = "Confirm 100$ pay".getBytes("ASCII");
byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
// Attack / alter ciphertext (an attacker would do this!)
byte[] alteredCiphertext = Arrays.clone(originalCiphertext);
// <<< Change 100$ to 900$
alteredCiphertext[8] = (byte) (alteredCiphertext[8] ^ 0x08);
// Decrypt with BouncyCastle implementation of CipherInputStream
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
try {
readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(alteredCiphertext), cipher));
// ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
//
// The BouncyCastle implementation of the CipherInputStream detects MAC verification errors and
// throws a InvalidCipherTextIOException if an error occurs. Nice! A more or less minor issue
// however is that it is incompatible with the standard JCE Cipher class from the javax.crypto
// package. The new interface AEADBlockCipher must be used. The code below is not executed.
fail("Test D: org.bouncycastle.crypto.io.CipherInputStream: NOT OK, tampering not detected");
} catch (InvalidCipherTextIOException e) {
System.out.println("Test D: org.bouncycastle.crypto.io.CipherInputStream: OK, tampering detected");
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException)
Test(org.junit.Test)
Example 2 with InvalidCipherTextIOException
use of org.bouncycastle.crypto.io.InvalidCipherTextIOException in project syncany by syncany.
the class AesGcmWithBcInputStreamTest method testD_BouncyCastleCipherInputStreamWithAesGcm.
@Test
public void testD_BouncyCastleCipherInputStreamWithAesGcm() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
// Encrypt (not interesting in this example)
byte[] randomKey = createRandomArray(16);
byte[] randomIv = createRandomArray(16);
byte[] originalPlaintext = "Confirm 100$ pay".getBytes("ASCII");
byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
// Attack / alter ciphertext (an attacker would do this!)
byte[] alteredCiphertext = Arrays.clone(originalCiphertext);
// <<< Change 100$ to 900$
alteredCiphertext[8] = (byte) (alteredCiphertext[8] ^ 0x08);
// Decrypt with BouncyCastle implementation of CipherInputStream
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
try {
readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(alteredCiphertext), cipher));
// ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
//
// The BouncyCastle implementation of the CipherInputStream detects MAC verification errors and
// throws a InvalidCipherTextIOException if an error occurs. Nice! A more or less minor issue
// however is that it is incompatible with the standard JCE Cipher class from the javax.crypto
// package. The new interface AEADBlockCipher must be used. The code below is not executed.
fail("Test D: org.bouncycastle.crypto.io.CipherInputStream: NOT OK, tampering not detected");
} catch (InvalidCipherTextIOException e) {
System.out.println("Test D: org.bouncycastle.crypto.io.CipherInputStream: OK, tampering detected");
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException)
Test(org.junit.Test)
Aggregations
ByteArrayInputStream (java.io.ByteArrayInputStream)2
AESEngine (org.bouncycastle.crypto.engines.AESEngine)2
InvalidCipherTextIOException (org.bouncycastle.crypto.io.InvalidCipherTextIOException)2
AEADBlockCipher (org.bouncycastle.crypto.modes.AEADBlockCipher)2
GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)2
AEADParameters (org.bouncycastle.crypto.params.AEADParameters)2
KeyParameter (org.bouncycastle.crypto.params.KeyParameter)2
Test (org.junit.Test)2
