use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project samourai-wallet-android by Samourai-Wallet.
the class AESUtil method decryptWithSetMode.
public static String decryptWithSetMode(String ciphertext, CharSequenceX password, int iterations, int mode, @Nullable BlockCipherPadding padding) throws InvalidCipherTextException, UnsupportedEncodingException, DecryptionException {
final int AESBlockSize = 4;
byte[] cipherdata = Base64.decodeBase64(ciphertext.getBytes());
// Separate the IV and cipher data
byte[] iv = copyOfRange(cipherdata, 0, AESBlockSize * 4);
byte[] input = copyOfRange(cipherdata, AESBlockSize * 4, cipherdata.length);
PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
CipherParameters params = new ParametersWithIV(keyParam, iv);
BlockCipher cipherMode;
if (mode == MODE_CBC) {
cipherMode = new CBCBlockCipher(new AESEngine());
} else {
// mode == MODE_OFB
cipherMode = new OFBBlockCipher(new AESEngine(), 128);
}
BufferedBlockCipher cipher;
if (padding != null) {
cipher = new PaddedBufferedBlockCipher(cipherMode, padding);
} else {
cipher = new BufferedBlockCipher(cipherMode);
}
cipher.reset();
cipher.init(false, params);
// create a temporary buffer to decode into (includes padding)
byte[] buf = new byte[cipher.getOutputSize(input.length)];
int len = cipher.processBytes(input, 0, input.length, buf, 0);
len += cipher.doFinal(buf, len);
// remove padding
byte[] out = new byte[len];
System.arraycopy(buf, 0, out, 0, len);
// return string representation of decoded bytes
String result = new String(out, "UTF-8");
if (result.isEmpty()) {
throw new DecryptionException("Decrypted string is empty.");
}
return result;
}
use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project jruby-openssl by jruby.
the class PEMInputOutput method derivePrivateKeyPBES2.
private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, InvalidCipherTextException {
PBES2Parameters pbeParams = PBES2Parameters.getInstance((ASN1Sequence) algId.getParameters());
CipherParameters cipherParams = extractPBES2CipherParams(password, pbeParams);
EncryptionScheme scheme = pbeParams.getEncryptionScheme();
BufferedBlockCipher cipher;
if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme);
byte[] iv = rc2Params.getIV();
CipherParameters param = new ParametersWithIV(cipherParams, iv);
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
cipher.init(false, param);
} else {
byte[] iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
CipherParameters param = new ParametersWithIV(cipherParams, iv);
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
cipher.init(false, param);
}
byte[] data = eIn.getEncryptedData();
byte[] out = new byte[cipher.getOutputSize(data.length)];
int len = cipher.processBytes(data, 0, data.length, out, 0);
len += cipher.doFinal(out, len);
byte[] pkcs8 = new byte[len];
System.arraycopy(out, 0, pkcs8, 0, len);
// It seems to work for both RSA and DSA.
KeyFactory fact = SecurityHelper.getKeyFactory("RSA");
return fact.generatePrivate(new PKCS8EncodedKeySpec(pkcs8));
}
use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project sentinel-android by Samourai-Wallet.
the class AESUtil method decrypt.
// AES 256 PBKDF2 CBC iso10126 decryption
// 16 byte IV must be prepended to ciphertext - Compatible with crypto-js
public static String decrypt(String ciphertext, CharSequenceX password, int iterations) {
final int AESBlockSize = 4;
byte[] cipherdata = Base64.decodeBase64(ciphertext.getBytes());
// Seperate the IV and cipher data
byte[] iv = copyOfRange(cipherdata, 0, AESBlockSize * 4);
byte[] input = copyOfRange(cipherdata, AESBlockSize * 4, cipherdata.length);
PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
CipherParameters params = new ParametersWithIV(keyParam, iv);
// setup AES cipher in CBC mode with PKCS7 padding
BlockCipherPadding padding = new ISO10126d2Padding();
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
cipher.reset();
cipher.init(false, params);
// create a temporary buffer to decode into (includes padding)
byte[] buf = new byte[cipher.getOutputSize(input.length)];
int len = cipher.processBytes(input, 0, input.length, buf, 0);
try {
len += cipher.doFinal(buf, len);
} catch (InvalidCipherTextException icte) {
icte.printStackTrace();
return null;
}
// remove padding
byte[] out = new byte[len];
System.arraycopy(buf, 0, out, 0, len);
// return string representation of decoded bytes
String ret = null;
try {
ret = new String(out, "UTF-8");
} catch (UnsupportedEncodingException uee) {
uee.printStackTrace();
return null;
}
return ret;
}
use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project sentinel-android by Samourai-Wallet.
the class AESUtil method encrypt.
public static String encrypt(String cleartext, CharSequenceX password, int iterations) {
final int AESBlockSize = 4;
if (password == null) {
return null;
}
// Use secure random to generate a 16 byte iv
SecureRandom random = new SecureRandom();
byte[] iv = new byte[AESBlockSize * 4];
random.nextBytes(iv);
byte[] clearbytes = null;
try {
clearbytes = cleartext.getBytes("UTF-8");
} catch (UnsupportedEncodingException uee) {
uee.printStackTrace();
return null;
}
PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
CipherParameters params = new ParametersWithIV(keyParam, iv);
// setup AES cipher in CBC mode with PKCS7 padding
BlockCipherPadding padding = new ISO10126d2Padding();
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
cipher.reset();
cipher.init(true, params);
byte[] outBuf = cipherData(cipher, clearbytes);
// Append to IV to the output
int len1 = iv.length;
int len2 = outBuf.length;
byte[] ivAppended = new byte[len1 + len2];
System.arraycopy(iv, 0, ivAppended, 0, len1);
System.arraycopy(outBuf, 0, ivAppended, len1, len2);
byte[] raw = Base64.encodeBase64(ivAppended);
String ret = new String(raw);
return ret;
}
use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project spring-security by spring-projects.
the class BouncyCastleAesCbcBytesEncryptor method decrypt.
@Override
@SuppressWarnings("deprecation")
public byte[] decrypt(byte[] encryptedBytes) {
byte[] iv = EncodingUtils.subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength());
encryptedBytes = EncodingUtils.subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length);
PaddedBufferedBlockCipher blockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()), new PKCS7Padding());
blockCipher.init(false, new ParametersWithIV(this.secretKey, iv));
return process(blockCipher, encryptedBytes);
}
Aggregations