Examples with PaddedBufferedBlockCipher org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher used on opensource projects

Example 1 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project gocd by gocd.

the class GoCipher method decipher.

public String decipher(byte[] key, String cipherText) throws InvalidCipherTextException {
    PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESEngine()));
    cipher.init(false, new KeyParameter(Hex.decode(key)));
    byte[] cipherTextBytes = java.util.Base64.getDecoder().decode(cipherText);
    byte[] plainTextBytes = new byte[cipher.getOutputSize(cipherTextBytes.length)];
    int outputLength = cipher.processBytes(cipherTextBytes, 0, cipherTextBytes.length, plainTextBytes, 0);
    cipher.doFinal(plainTextBytes, outputLength);
    int paddingStarts = plainTextBytes.length - 1;
    for (; paddingStarts >= 0; paddingStarts--) {
        if (plainTextBytes[paddingStarts] != 0) {
            break;
        }
    }
    return new String(plainTextBytes, 0, paddingStarts + 1);
}

Example 2 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project inbot-utils by Inbot.

the class AESUtils method decryptBouncyCastle.

private static String decryptBouncyCastle(SecretKey secret, String input) {
    try {
        // Convert url-safe base64 to normal base64, remove carriage returns
        input = input.replaceAll("-", "+").replaceAll("_", "/").replaceAll("\r", "").replaceAll("\n", "");
        String[] splitInput = SPLIT_PATTERN.split(input);
        byte[] iv = hexStringToByteArray(splitInput[0]);
        byte[] encrypted = Base64.decodeBase64(splitInput[1]);
        // get raw key from password and salt
        byte[] key = secret.getEncoded();
        // setup cipher parameters with key and IV
        KeyParameter keyParam = new KeyParameter(key);
        CipherParameters params = new ParametersWithIV(keyParam, iv);
        // setup AES cipher in CBC mode with PKCS7 padding
        BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), new PKCS7Padding());
        cipher.reset();
        cipher.init(false, params);
        // create a temporary buffer to decode into (it'll include padding)
        byte[] buf = new byte[cipher.getOutputSize(encrypted.length)];
        int len = cipher.processBytes(encrypted, 0, encrypted.length, buf, 0);
        len += cipher.doFinal(buf, len);
        // lose the padding
        byte[] out = new byte[len];
        System.arraycopy(buf, 0, out, 0, len);
        // lose the salt
        String plaintext = new String(out, StandardCharsets.UTF_8);
        String md5Hash = plaintext.substring(0, 22);
        String plainTextWithoutHash = plaintext.substring(22);
        if (md5Hash.equals(HashUtils.md5(plainTextWithoutHash))) {
            return plainTextWithoutHash;
        } else {
            // it's possible to decrypt to garbage with the wrong key; the md5 check helps detecting that
            throw new IllegalArgumentException("wrong aes key - incorrect content hash");
        }
    } catch (DataLengthException e) {
        throw new IllegalStateException("buffer not big enough", e);
    } catch (InvalidCipherTextException e) {
        throw new IllegalArgumentException("wrong password");
    }
}

Example 3 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project samourai-wallet-android by Samourai-Wallet.

the class AESUtil method decryptWithSetMode.

public static String decryptWithSetMode(String ciphertext, CharSequenceX password, int iterations, int mode, @Nullable BlockCipherPadding padding) throws InvalidCipherTextException, UnsupportedEncodingException, DecryptionException {
    final int AESBlockSize = 4;
    byte[] cipherdata = Base64.decodeBase64(ciphertext.getBytes());
    // Separate the IV and cipher data
    byte[] iv = copyOfRange(cipherdata, 0, AESBlockSize * 4);
    byte[] input = copyOfRange(cipherdata, AESBlockSize * 4, cipherdata.length);
    PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
    generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
    KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
    CipherParameters params = new ParametersWithIV(keyParam, iv);
    BlockCipher cipherMode;
    if (mode == MODE_CBC) {
        cipherMode = new CBCBlockCipher(new AESEngine());
    } else {
        // mode == MODE_OFB
        cipherMode = new OFBBlockCipher(new AESEngine(), 128);
    }
    BufferedBlockCipher cipher;
    if (padding != null) {
        cipher = new PaddedBufferedBlockCipher(cipherMode, padding);
    } else {
        cipher = new BufferedBlockCipher(cipherMode);
    }
    cipher.reset();
    cipher.init(false, params);
    // create a temporary buffer to decode into (includes padding)
    byte[] buf = new byte[cipher.getOutputSize(input.length)];
    int len = cipher.processBytes(input, 0, input.length, buf, 0);
    len += cipher.doFinal(buf, len);
    // remove padding
    byte[] out = new byte[len];
    System.arraycopy(buf, 0, out, 0, len);
    // return string representation of decoded bytes
    String result = new String(out, "UTF-8");
    if (result.isEmpty()) {
        throw new DecryptionException("Decrypted string is empty.");
    }
    return result;
}

Example 4 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project jruby-openssl by jruby.

the class PEMInputOutput method derivePrivateKeyPBES2.

private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, InvalidCipherTextException {
    PBES2Parameters pbeParams = PBES2Parameters.getInstance((ASN1Sequence) algId.getParameters());
    CipherParameters cipherParams = extractPBES2CipherParams(password, pbeParams);
    EncryptionScheme scheme = pbeParams.getEncryptionScheme();
    BufferedBlockCipher cipher;
    if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
        RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme);
        byte[] iv = rc2Params.getIV();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
        cipher.init(false, param);
    } else {
        byte[] iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
        cipher.init(false, param);
    }
    byte[] data = eIn.getEncryptedData();
    byte[] out = new byte[cipher.getOutputSize(data.length)];
    int len = cipher.processBytes(data, 0, data.length, out, 0);
    len += cipher.doFinal(out, len);
    byte[] pkcs8 = new byte[len];
    System.arraycopy(out, 0, pkcs8, 0, len);
    // It seems to work for both RSA and DSA.
    KeyFactory fact = SecurityHelper.getKeyFactory("RSA");
    return fact.generatePrivate(new PKCS8EncodedKeySpec(pkcs8));
}

Example 5 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project sentinel-android by Samourai-Wallet.

the class AESUtil method decrypt.

// AES 256 PBKDF2 CBC iso10126 decryption
// 16 byte IV must be prepended to ciphertext - Compatible with crypto-js
public static String decrypt(String ciphertext, CharSequenceX password, int iterations) {
    final int AESBlockSize = 4;
    byte[] cipherdata = Base64.decodeBase64(ciphertext.getBytes());
    // Seperate the IV and cipher data
    byte[] iv = copyOfRange(cipherdata, 0, AESBlockSize * 4);
    byte[] input = copyOfRange(cipherdata, AESBlockSize * 4, cipherdata.length);
    PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
    generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
    KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
    CipherParameters params = new ParametersWithIV(keyParam, iv);
    // setup AES cipher in CBC mode with PKCS7 padding
    BlockCipherPadding padding = new ISO10126d2Padding();
    BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
    cipher.reset();
    cipher.init(false, params);
    // create a temporary buffer to decode into (includes padding)
    byte[] buf = new byte[cipher.getOutputSize(input.length)];
    int len = cipher.processBytes(input, 0, input.length, buf, 0);
    try {
        len += cipher.doFinal(buf, len);
    } catch (InvalidCipherTextException icte) {
        icte.printStackTrace();
        return null;
    }
    // remove padding
    byte[] out = new byte[len];
    System.arraycopy(buf, 0, out, 0, len);
    // return string representation of decoded bytes
    String ret = null;
    try {
        ret = new String(out, "UTF-8");
    } catch (UnsupportedEncodingException uee) {
        uee.printStackTrace();
        return null;
    }
    return ret;
}