Examples with GCMBlockCipher org.bouncycastle.crypto.modes.GCMBlockCipher used on opensource projects

Search in sources :

Example 1 with GCMBlockCipher

use of org.bouncycastle.crypto.modes.GCMBlockCipher in project oxAuth by GluuFederation.

the class JweDecrypterImpl method decryptCipherText.

@Override
public String decryptCipherText(String encodedCipherText, byte[] contentMasterKey, byte[] initializationVector, byte[] authenticationTag, byte[] additionalAuthenticatedData) throws InvalidJweException {
    if (getBlockEncryptionAlgorithm() == null) {
        throw new InvalidJweException("The block encryption algorithm is null");
    }
    if (contentMasterKey == null) {
        throw new InvalidJweException("The content master key (CMK) is null");
    }
    if (initializationVector == null) {
        throw new InvalidJweException("The initialization vector is null");
    }
    if (authenticationTag == null) {
        throw new InvalidJweException("The authentication tag is null");
    }
    if (additionalAuthenticatedData == null) {
        throw new InvalidJweException("The additional authentication data is null");
    }
    try {
        if (getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A128GCM || getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A256GCM) {
            final int MAC_SIZE_BITS = 128;
            byte[] cipherText = Base64Util.base64urldecode(encodedCipherText);
            KeyParameter key = new KeyParameter(contentMasterKey);
            AEADParameters aeadParameters = new AEADParameters(key, MAC_SIZE_BITS, initializationVector, additionalAuthenticatedData);
            SecretKeySpec sks = new SecretKeySpec(contentMasterKey, "AES");
            BlockCipher blockCipher = new AESEngine();
            CipherParameters params = new KeyParameter(sks.getEncoded());
            blockCipher.init(false, params);
            GCMBlockCipher aGCMBlockCipher = new GCMBlockCipher(blockCipher);
            aGCMBlockCipher.init(false, aeadParameters);
            byte[] input = new byte[cipherText.length + authenticationTag.length];
            System.arraycopy(cipherText, 0, input, 0, cipherText.length);
            System.arraycopy(authenticationTag, 0, input, cipherText.length, authenticationTag.length);
            int len = aGCMBlockCipher.getOutputSize(input.length);
            byte[] out = new byte[len];
            int outOff = aGCMBlockCipher.processBytes(input, 0, input.length, out, 0);
            aGCMBlockCipher.doFinal(out, outOff);
            String plaintext = new String(out, Charset.forName(Util.UTF8_STRING_ENCODING));
            return plaintext;
        } else if (getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A128CBC_PLUS_HS256 || getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A256CBC_PLUS_HS512) {
            byte[] cipherText = Base64Util.base64urldecode(encodedCipherText);
            byte[] cek = KeyDerivationFunction.generateCek(contentMasterKey, getBlockEncryptionAlgorithm());
            Cipher cipher = Cipher.getInstance(getBlockEncryptionAlgorithm().getAlgorithm());
            IvParameterSpec ivParameter = new IvParameterSpec(initializationVector);
            cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(cek, "AES"), ivParameter);
            byte[] decodedPlainTextBytes = cipher.doFinal(cipherText);
            String decodedPlainText = new String(decodedPlainTextBytes, Charset.forName(Util.UTF8_STRING_ENCODING));
            // Integrity check
            String securedInputValue = new String(additionalAuthenticatedData, Charset.forName(Util.UTF8_STRING_ENCODING)) + "." + encodedCipherText;
            byte[] cik = KeyDerivationFunction.generateCik(contentMasterKey, getBlockEncryptionAlgorithm());
            SecretKey secretKey = new SecretKeySpec(cik, getBlockEncryptionAlgorithm().getIntegrityValueAlgorithm());
            Mac mac = Mac.getInstance(getBlockEncryptionAlgorithm().getIntegrityValueAlgorithm());
            mac.init(secretKey);
            byte[] integrityValue = mac.doFinal(securedInputValue.getBytes(Util.UTF8_STRING_ENCODING));
            if (!Arrays.equals(integrityValue, authenticationTag)) {
                throw new InvalidJweException("The authentication tag is not valid");
            }
            return decodedPlainText;
        } else {
            throw new InvalidJweException("The block encryption algorithm is not supported");
        }
    } catch (InvalidCipherTextException e) {
        throw new InvalidJweException(e);
    } catch (NoSuchPaddingException e) {
        throw new InvalidJweException(e);
    } catch (BadPaddingException e) {
        throw new InvalidJweException(e);
    } catch (InvalidAlgorithmParameterException e) {
        throw new InvalidJweException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new InvalidJweException(e);
    } catch (IllegalBlockSizeException e) {
        throw new InvalidJweException(e);
    } catch (UnsupportedEncodingException e) {
        throw new InvalidJweException(e);
    } catch (NoSuchProviderException e) {
        throw new InvalidJweException(e);
    } catch (InvalidKeyException e) {
        throw new InvalidJweException(e);
    } catch (InvalidParameterException e) {
        throw new InvalidJweException(e);
    }
}
Also used : InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) InvalidParameterException(org.xdi.oxauth.model.exception.InvalidParameterException) SecretKeySpec(javax.crypto.spec.SecretKeySpec) InvalidJweException(org.xdi.oxauth.model.exception.InvalidJweException) AESEngine(org.bouncycastle.crypto.engines.AESEngine) BlockCipher(org.bouncycastle.crypto.BlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) UnsupportedEncodingException(java.io.UnsupportedEncodingException) CipherParameters(org.bouncycastle.crypto.CipherParameters) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) IvParameterSpec(javax.crypto.spec.IvParameterSpec) BlockCipher(org.bouncycastle.crypto.BlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)

Example 2 with GCMBlockCipher

use of org.bouncycastle.crypto.modes.GCMBlockCipher in project robovm by robovm.

the class BaseBlockCipher method engineSetMode.

protected void engineSetMode(String mode) throws NoSuchAlgorithmException {
    modeName = Strings.toUpperCase(mode);
    if (modeName.equals("ECB")) {
        ivLength = 0;
        cipher = new BufferedGenericBlockCipher(baseEngine);
    } else if (modeName.equals("CBC")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new CBCBlockCipher(baseEngine));
    } else if (modeName.startsWith("OFB")) {
        ivLength = baseEngine.getBlockSize();
        if (modeName.length() != 3) {
            int wordSize = Integer.parseInt(modeName.substring(3));
            cipher = new BufferedGenericBlockCipher(new OFBBlockCipher(baseEngine, wordSize));
        } else {
            cipher = new BufferedGenericBlockCipher(new OFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
        }
    } else if (modeName.startsWith("CFB")) {
        ivLength = baseEngine.getBlockSize();
        if (modeName.length() != 3) {
            int wordSize = Integer.parseInt(modeName.substring(3));
            cipher = new BufferedGenericBlockCipher(new CFBBlockCipher(baseEngine, wordSize));
        } else {
            cipher = new BufferedGenericBlockCipher(new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
        }
    } else // END android-removed
    if (modeName.startsWith("SIC")) {
        ivLength = baseEngine.getBlockSize();
        if (ivLength < 16) {
            throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
        }
        cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new SICBlockCipher(baseEngine)));
    } else if (modeName.startsWith("CTR")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(new SICBlockCipher(baseEngine)));
    } else // END android-removed
    if (modeName.startsWith("CTS")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new BufferedGenericBlockCipher(new CTSBlockCipher(new CBCBlockCipher(baseEngine)));
    } else if (modeName.startsWith("CCM")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
    } else // END android-removed
    if (modeName.startsWith("GCM")) {
        ivLength = baseEngine.getBlockSize();
        cipher = new AEADGenericBlockCipher(new GCMBlockCipher(baseEngine));
    } else {
        throw new NoSuchAlgorithmException("can't support mode " + mode);
    }
}
Also used : OFBBlockCipher(org.bouncycastle.crypto.modes.OFBBlockCipher) CCMBlockCipher(org.bouncycastle.crypto.modes.CCMBlockCipher) SICBlockCipher(org.bouncycastle.crypto.modes.SICBlockCipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CFBBlockCipher(org.bouncycastle.crypto.modes.CFBBlockCipher) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) CTSBlockCipher(org.bouncycastle.crypto.modes.CTSBlockCipher) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)

Example 3 with GCMBlockCipher

use of org.bouncycastle.crypto.modes.GCMBlockCipher in project syncany by syncany.

the class AesGcmWithBcInputStreamTest method testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext.

@Test
public void testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
    // Encrypt (not interesting in this example)
    byte[] randomKey = createRandomArray(16);
    byte[] randomIv = createRandomArray(16);
    // <<<< 4080 bytes fails, 4079 bytes works!
    byte[] originalPlaintext = createRandomArray(4080);
    byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
    // Decrypt with BouncyCastle implementation of CipherInputStream
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
    try {
        readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(originalCiphertext), cipher));
        // ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
        // 
        // In this example, the BouncyCastle implementation of the CipherInputStream throws an ArrayIndexOutOfBoundsException.
        // The only difference to the example above is that the plaintext is now 4080 bytes long! For 4079 bytes plaintexts,
        // everything works just fine.
        System.out.println("Test E: org.bouncycastle.crypto.io.CipherInputStream:        OK, throws no exception");
    } catch (IOException e) {
        fail("Test E: org.bouncycastle.crypto.io.CipherInputStream:        NOT OK throws: " + e.getMessage());
    }
}
Also used : AESEngine(org.bouncycastle.crypto.engines.AESEngine) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) ByteArrayInputStream(java.io.ByteArrayInputStream) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException) IOException(java.io.IOException) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher) Test(org.junit.Test)

Example 4 with GCMBlockCipher

use of org.bouncycastle.crypto.modes.GCMBlockCipher in project syncany by syncany.

the class AesGcmWithBcInputStreamTest method testD_BouncyCastleCipherInputStreamWithAesGcm.

@Test
public void testD_BouncyCastleCipherInputStreamWithAesGcm() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
    // Encrypt (not interesting in this example)
    byte[] randomKey = createRandomArray(16);
    byte[] randomIv = createRandomArray(16);
    byte[] originalPlaintext = "Confirm 100$ pay".getBytes("ASCII");
    byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
    // Attack / alter ciphertext (an attacker would do this!)
    byte[] alteredCiphertext = Arrays.clone(originalCiphertext);
    // <<< Change 100$ to 900$
    alteredCiphertext[8] = (byte) (alteredCiphertext[8] ^ 0x08);
    // Decrypt with BouncyCastle implementation of CipherInputStream
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
    try {
        readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(alteredCiphertext), cipher));
        // ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
        // 
        // The BouncyCastle implementation of the CipherInputStream detects MAC verification errors and
        // throws a InvalidCipherTextIOException if an error occurs. Nice! A more or less minor issue
        // however is that it is incompatible with the standard JCE Cipher class from the javax.crypto
        // package. The new interface AEADBlockCipher must be used. The code below is not executed.
        fail("Test D: org.bouncycastle.crypto.io.CipherInputStream:        NOT OK, tampering not detected");
    } catch (InvalidCipherTextIOException e) {
        System.out.println("Test D: org.bouncycastle.crypto.io.CipherInputStream:        OK, tampering detected");
    }
}
Also used : AESEngine(org.bouncycastle.crypto.engines.AESEngine) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) ByteArrayInputStream(java.io.ByteArrayInputStream) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher) InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException) Test(org.junit.Test)

Example 5 with GCMBlockCipher

use of org.bouncycastle.crypto.modes.GCMBlockCipher in project Zom-Android by zom.

the class Downloader method setupOutputStream.

public static OutputStream setupOutputStream(OutputStream os, String reference) {
    if (reference != null && reference.length() == 96) {
        byte[] keyAndIv = hexToBytes(reference);
        byte[] key = new byte[32];
        byte[] iv = new byte[16];
        System.arraycopy(keyAndIv, 0, iv, 0, 16);
        System.arraycopy(keyAndIv, 16, key, 0, 32);
        AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
        cipher.init(false, new AEADParameters(new KeyParameter(key), 128, iv));
        return new CipherOutputStream(os, cipher);
    } else {
        return os;
    }
}
Also used : AESEngine(org.bouncycastle.crypto.engines.AESEngine) CipherOutputStream(org.bouncycastle.crypto.io.CipherOutputStream) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)

Aggregations

GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)29 KeyParameter (org.bouncycastle.crypto.params.KeyParameter)22 AEADParameters (org.bouncycastle.crypto.params.AEADParameters)20 AESEngine (org.bouncycastle.crypto.engines.AESEngine)19 AEADBlockCipher (org.bouncycastle.crypto.modes.AEADBlockCipher)16 InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 IvParameterSpec (javax.crypto.spec.IvParameterSpec)5 SecretKeySpec (javax.crypto.spec.SecretKeySpec)5 CipherParameters (org.bouncycastle.crypto.CipherParameters)5 ByteArrayInputStream (java.io.ByteArrayInputStream)4 IOException (java.io.IOException)4 BlockCipher (org.bouncycastle.crypto.BlockCipher)4 InvalidCipherTextIOException (org.bouncycastle.crypto.io.InvalidCipherTextIOException)4 ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)4 Test (org.junit.Test)4 FileInputStream (java.io.FileInputStream)3 FileNotFoundException (java.io.FileNotFoundException)3 InputStream (java.io.InputStream)3 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial