Search in sources :

Example 6 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project samourai-wallet-android by Samourai-Wallet.

the class AESUtil method decryptWithSetMode.

public static String decryptWithSetMode(String ciphertext, CharSequenceX password, int iterations, int mode, @Nullable BlockCipherPadding padding) throws InvalidCipherTextException, UnsupportedEncodingException, DecryptionException {
    final int AESBlockSize = 4;
    byte[] cipherdata = Base64.decodeBase64(ciphertext.getBytes());
    // Separate the IV and cipher data
    byte[] iv = copyOfRange(cipherdata, 0, AESBlockSize * 4);
    byte[] input = copyOfRange(cipherdata, AESBlockSize * 4, cipherdata.length);
    PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
    generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
    KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
    CipherParameters params = new ParametersWithIV(keyParam, iv);
    BlockCipher cipherMode;
    if (mode == MODE_CBC) {
        cipherMode = new CBCBlockCipher(new AESEngine());
    } else {
        // mode == MODE_OFB
        cipherMode = new OFBBlockCipher(new AESEngine(), 128);
    }
    BufferedBlockCipher cipher;
    if (padding != null) {
        cipher = new PaddedBufferedBlockCipher(cipherMode, padding);
    } else {
        cipher = new BufferedBlockCipher(cipherMode);
    }
    cipher.reset();
    cipher.init(false, params);
    // create a temporary buffer to decode into (includes padding)
    byte[] buf = new byte[cipher.getOutputSize(input.length)];
    int len = cipher.processBytes(input, 0, input.length, buf, 0);
    len += cipher.doFinal(buf, len);
    // remove padding
    byte[] out = new byte[len];
    System.arraycopy(buf, 0, out, 0, len);
    // return string representation of decoded bytes
    String result = new String(out, "UTF-8");
    if (result.isEmpty()) {
        throw new DecryptionException("Decrypted string is empty.");
    }
    return result;
}
Also used : AESEngine(org.bouncycastle.crypto.engines.AESEngine) OFBBlockCipher(org.bouncycastle.crypto.modes.OFBBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) BlockCipher(org.bouncycastle.crypto.BlockCipher) OFBBlockCipher(org.bouncycastle.crypto.modes.OFBBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) PBEParametersGenerator(org.bouncycastle.crypto.PBEParametersGenerator)

Example 7 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project jruby-openssl by jruby.

the class PEMInputOutput method derivePrivateKeyPBES2.

private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, InvalidCipherTextException {
    PBES2Parameters pbeParams = PBES2Parameters.getInstance((ASN1Sequence) algId.getParameters());
    CipherParameters cipherParams = extractPBES2CipherParams(password, pbeParams);
    EncryptionScheme scheme = pbeParams.getEncryptionScheme();
    BufferedBlockCipher cipher;
    if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
        RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme);
        byte[] iv = rc2Params.getIV();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
        cipher.init(false, param);
    } else {
        byte[] iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
        cipher.init(false, param);
    }
    byte[] data = eIn.getEncryptedData();
    byte[] out = new byte[cipher.getOutputSize(data.length)];
    int len = cipher.processBytes(data, 0, data.length, out, 0);
    len += cipher.doFinal(out, len);
    byte[] pkcs8 = new byte[len];
    System.arraycopy(out, 0, pkcs8, 0, len);
    // It seems to work for both RSA and DSA.
    KeyFactory fact = SecurityHelper.getKeyFactory("RSA");
    return fact.generatePrivate(new PKCS8EncodedKeySpec(pkcs8));
}
Also used : PBES2Parameters(org.bouncycastle.asn1.pkcs.PBES2Parameters) EncryptionScheme(org.bouncycastle.asn1.pkcs.EncryptionScheme) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) RC2Engine(org.bouncycastle.crypto.engines.RC2Engine) RC2CBCParameter(org.bouncycastle.asn1.pkcs.RC2CBCParameter) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) DESedeEngine(org.bouncycastle.crypto.engines.DESedeEngine) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyFactory(java.security.KeyFactory)

Example 8 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project sentinel-android by Samourai-Wallet.

the class AESUtil method decrypt.

// AES 256 PBKDF2 CBC iso10126 decryption
// 16 byte IV must be prepended to ciphertext - Compatible with crypto-js
public static String decrypt(String ciphertext, CharSequenceX password, int iterations) {
    final int AESBlockSize = 4;
    byte[] cipherdata = Base64.decodeBase64(ciphertext.getBytes());
    // Seperate the IV and cipher data
    byte[] iv = copyOfRange(cipherdata, 0, AESBlockSize * 4);
    byte[] input = copyOfRange(cipherdata, AESBlockSize * 4, cipherdata.length);
    PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
    generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
    KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
    CipherParameters params = new ParametersWithIV(keyParam, iv);
    // setup AES cipher in CBC mode with PKCS7 padding
    BlockCipherPadding padding = new ISO10126d2Padding();
    BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
    cipher.reset();
    cipher.init(false, params);
    // create a temporary buffer to decode into (includes padding)
    byte[] buf = new byte[cipher.getOutputSize(input.length)];
    int len = cipher.processBytes(input, 0, input.length, buf, 0);
    try {
        len += cipher.doFinal(buf, len);
    } catch (InvalidCipherTextException icte) {
        icte.printStackTrace();
        return null;
    }
    // remove padding
    byte[] out = new byte[len];
    System.arraycopy(buf, 0, out, 0, len);
    // return string representation of decoded bytes
    String ret = null;
    try {
        ret = new String(out, "UTF-8");
    } catch (UnsupportedEncodingException uee) {
        uee.printStackTrace();
        return null;
    }
    return ret;
}
Also used : PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) AESEngine(org.bouncycastle.crypto.engines.AESEngine) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ISO10126d2Padding(org.bouncycastle.crypto.paddings.ISO10126d2Padding) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) BlockCipherPadding(org.bouncycastle.crypto.paddings.BlockCipherPadding) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) PBEParametersGenerator(org.bouncycastle.crypto.PBEParametersGenerator)

Example 9 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project sentinel-android by Samourai-Wallet.

the class AESUtil method encrypt.

public static String encrypt(String cleartext, CharSequenceX password, int iterations) {
    final int AESBlockSize = 4;
    if (password == null) {
        return null;
    }
    // Use secure random to generate a 16 byte iv
    SecureRandom random = new SecureRandom();
    byte[] iv = new byte[AESBlockSize * 4];
    random.nextBytes(iv);
    byte[] clearbytes = null;
    try {
        clearbytes = cleartext.getBytes("UTF-8");
    } catch (UnsupportedEncodingException uee) {
        uee.printStackTrace();
        return null;
    }
    PBEParametersGenerator generator = new PKCS5S2ParametersGenerator();
    generator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toString().toCharArray()), iv, iterations);
    KeyParameter keyParam = (KeyParameter) generator.generateDerivedParameters(256);
    CipherParameters params = new ParametersWithIV(keyParam, iv);
    // setup AES cipher in CBC mode with PKCS7 padding
    BlockCipherPadding padding = new ISO10126d2Padding();
    BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
    cipher.reset();
    cipher.init(true, params);
    byte[] outBuf = cipherData(cipher, clearbytes);
    // Append to IV to the output
    int len1 = iv.length;
    int len2 = outBuf.length;
    byte[] ivAppended = new byte[len1 + len2];
    System.arraycopy(iv, 0, ivAppended, 0, len1);
    System.arraycopy(outBuf, 0, ivAppended, len1, len2);
    byte[] raw = Base64.encodeBase64(ivAppended);
    String ret = new String(raw);
    return ret;
}
Also used : PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) AESEngine(org.bouncycastle.crypto.engines.AESEngine) PKCS5S2ParametersGenerator(org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) SecureRandom(java.security.SecureRandom) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ISO10126d2Padding(org.bouncycastle.crypto.paddings.ISO10126d2Padding) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) BlockCipherPadding(org.bouncycastle.crypto.paddings.BlockCipherPadding) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) PBEParametersGenerator(org.bouncycastle.crypto.PBEParametersGenerator)

Example 10 with PaddedBufferedBlockCipher

use of org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher in project spring-security by spring-projects.

the class BouncyCastleAesCbcBytesEncryptor method decrypt.

@Override
@SuppressWarnings("deprecation")
public byte[] decrypt(byte[] encryptedBytes) {
    byte[] iv = EncodingUtils.subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength());
    encryptedBytes = EncodingUtils.subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length);
    PaddedBufferedBlockCipher blockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()), new PKCS7Padding());
    blockCipher.init(false, new ParametersWithIV(this.secretKey, iv));
    return process(blockCipher, encryptedBytes);
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) PKCS7Padding(org.bouncycastle.crypto.paddings.PKCS7Padding) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)

Aggregations

PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)25 CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)23 KeyParameter (org.bouncycastle.crypto.params.KeyParameter)19 ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)19 AESEngine (org.bouncycastle.crypto.engines.AESEngine)14 BufferedBlockCipher (org.bouncycastle.crypto.BufferedBlockCipher)13 CipherParameters (org.bouncycastle.crypto.CipherParameters)11 InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)9 PKCS7Padding (org.bouncycastle.crypto.paddings.PKCS7Padding)6 DataLengthException (org.bouncycastle.crypto.DataLengthException)4 PBEParametersGenerator (org.bouncycastle.crypto.PBEParametersGenerator)4 AESFastEngine (org.bouncycastle.crypto.engines.AESFastEngine)4 DESEngine (org.bouncycastle.crypto.engines.DESEngine)4 PKCS5S2ParametersGenerator (org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator)4 UnsupportedEncodingException (java.io.UnsupportedEncodingException)3 BlockCipherPadding (org.bouncycastle.crypto.paddings.BlockCipherPadding)3 IOException (java.io.IOException)2 SecureRandom (java.security.SecureRandom)2 BlockCipher (org.bouncycastle.crypto.BlockCipher)2 OFBBlockCipher (org.bouncycastle.crypto.modes.OFBBlockCipher)2