Examples with AEADParameters org.bouncycastle.crypto.params.AEADParameters used on opensource projects

Search in sources :

Example 16 with AEADParameters

use of org.bouncycastle.crypto.params.AEADParameters in project Conversations by siacs.

the class AbstractConnectionManager method createInputStream.

public static Pair<InputStream, Integer> createInputStream(DownloadableFile file, boolean gcm) throws FileNotFoundException {
    FileInputStream is;
    int size;
    is = new FileInputStream(file);
    size = (int) file.getSize();
    if (file.getKey() == null) {
        return new Pair<InputStream, Integer>(is, size);
    }
    try {
        if (gcm) {
            AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
            cipher.init(true, new AEADParameters(new KeyParameter(file.getKey()), 128, file.getIv()));
            InputStream cis = new org.bouncycastle.crypto.io.CipherInputStream(is, cipher);
            return new Pair<>(cis, cipher.getOutputSize(size));
        } else {
            IvParameterSpec ips = new IvParameterSpec(file.getIv());
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(file.getKey(), "AES"), ips);
            Log.d(Config.LOGTAG, "opening encrypted input stream");
            final int s = Config.REPORT_WRONG_FILESIZE_IN_OTR_JINGLE ? size : (size / 16 + 1) * 16;
            return new Pair<InputStream, Integer>(new CipherInputStream(is, cipher), s);
        }
    } catch (InvalidKeyException e) {
        return null;
    } catch (NoSuchAlgorithmException e) {
        return null;
    } catch (NoSuchPaddingException e) {
        return null;
    } catch (InvalidAlgorithmParameterException e) {
        return null;
    }
}
Also used : AESEngine(org.bouncycastle.crypto.engines.AESEngine) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) CipherInputStream(javax.crypto.CipherInputStream) CipherInputStream(javax.crypto.CipherInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) FileInputStream(java.io.FileInputStream) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) SecretKeySpec(javax.crypto.spec.SecretKeySpec) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher) Pair(android.util.Pair)

Example 17 with AEADParameters

use of org.bouncycastle.crypto.params.AEADParameters in project XobotOS by xamarin.

the class GCMBlockCipher method init.

public void init(boolean forEncryption, CipherParameters params) throws IllegalArgumentException {
    this.forEncryption = forEncryption;
    this.macBlock = null;
    if (params instanceof AEADParameters) {
        AEADParameters param = (AEADParameters) params;
        nonce = param.getNonce();
        A = param.getAssociatedText();
        int macSizeBits = param.getMacSize();
        if (macSizeBits < 96 || macSizeBits > 128 || macSizeBits % 8 != 0) {
            throw new IllegalArgumentException("Invalid value for MAC size: " + macSizeBits);
        }
        macSize = macSizeBits / 8;
        keyParam = param.getKey();
    } else if (params instanceof ParametersWithIV) {
        ParametersWithIV param = (ParametersWithIV) params;
        nonce = param.getIV();
        A = null;
        macSize = 16;
        keyParam = (KeyParameter) param.getParameters();
    } else {
        throw new IllegalArgumentException("invalid parameters passed to GCM");
    }
    int bufLength = forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize);
    this.bufBlock = new byte[bufLength];
    if (nonce == null || nonce.length < 1) {
        throw new IllegalArgumentException("IV must be at least 1 byte");
    }
    if (A == null) {
        // Avoid lots of null checks
        A = new byte[0];
    }
    // Cipher always used in forward mode
    cipher.init(true, keyParam);
    // TODO This should be configurable by init parameters
    // (but must be 16 if nonce length not 12) (BLOCK_SIZE?)
    //        this.tagLength = 16;
    this.H = new byte[BLOCK_SIZE];
    cipher.processBlock(ZEROES, 0, H, 0);
    multiplier.init(H);
    this.initS = gHASH(A);
    if (nonce.length == 12) {
        this.J0 = new byte[16];
        System.arraycopy(nonce, 0, J0, 0, nonce.length);
        this.J0[15] = 0x01;
    } else {
        this.J0 = gHASH(nonce);
        byte[] X = new byte[16];
        packLength((long) nonce.length * 8, X, 8);
        xor(this.J0, X);
        multiplier.multiplyH(this.J0);
    }
    this.S = Arrays.clone(initS);
    this.counter = Arrays.clone(J0);
    this.bufOff = 0;
    this.totalLength = 0;
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) KeyParameter(org.bouncycastle.crypto.params.KeyParameter)

Example 18 with AEADParameters

use of org.bouncycastle.crypto.params.AEADParameters in project oxAuth by GluuFederation.

the class JweEncrypterImpl method generateCipherTextAndIntegrityValue.

@Override
public Pair<String, String> generateCipherTextAndIntegrityValue(byte[] contentMasterKey, byte[] initializationVector, byte[] additionalAuthenticatedData, byte[] plainText) throws InvalidJweException {
    if (getBlockEncryptionAlgorithm() == null) {
        throw new InvalidJweException("The block encryption algorithm is null");
    }
    if (contentMasterKey == null) {
        throw new InvalidJweException("The content master key (CMK) is null");
    }
    if (initializationVector == null) {
        throw new InvalidJweException("The initialization vector is null");
    }
    if (additionalAuthenticatedData == null) {
        throw new InvalidJweException("The additional authentication data is null");
    }
    if (plainText == null) {
        throw new InvalidJweException("The plain text to encrypt is null");
    }
    try {
        if (getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A128GCM || getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A256GCM) {
            SecretKey secretKey = new SecretKeySpec(contentMasterKey, "AES");
            KeyParameter key = new KeyParameter(contentMasterKey);
            final int MAC_SIZE_BITS = 128;
            AEADParameters aeadParameters = new AEADParameters(key, MAC_SIZE_BITS, initializationVector, additionalAuthenticatedData);
            final int macSize = aeadParameters.getMacSize() / 8;
            BlockCipher blockCipher = new AESEngine();
            CipherParameters params = new KeyParameter(secretKey.getEncoded());
            blockCipher.init(true, params);
            GCMBlockCipher aGCMBlockCipher = new GCMBlockCipher(blockCipher);
            aGCMBlockCipher.init(true, aeadParameters);
            int len = aGCMBlockCipher.getOutputSize(plainText.length);
            byte[] out = new byte[len];
            int outOff = aGCMBlockCipher.processBytes(plainText, 0, plainText.length, out, 0);
            outOff += aGCMBlockCipher.doFinal(out, outOff);
            byte[] cipherText = new byte[outOff - macSize];
            System.arraycopy(out, 0, cipherText, 0, cipherText.length);
            byte[] authenticationTag = new byte[macSize];
            System.arraycopy(out, outOff - macSize, authenticationTag, 0, authenticationTag.length);
            String encodedCipherText = Base64Util.base64urlencode(cipherText);
            String encodedAuthenticationTag = Base64Util.base64urlencode(authenticationTag);
            return new Pair<String, String>(encodedCipherText, encodedAuthenticationTag);
        } else if (getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A128CBC_PLUS_HS256 || getBlockEncryptionAlgorithm() == BlockEncryptionAlgorithm.A256CBC_PLUS_HS512) {
            byte[] cek = KeyDerivationFunction.generateCek(contentMasterKey, getBlockEncryptionAlgorithm());
            IvParameterSpec parameters = new IvParameterSpec(initializationVector);
            Cipher cipher = Cipher.getInstance(getBlockEncryptionAlgorithm().getAlgorithm(), "BC");
            //Cipher cipher = Cipher.getInstance(getBlockEncryptionAlgorithm().getAlgorithm());
            SecretKeySpec secretKeySpec = new SecretKeySpec(cek, "AES");
            cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, parameters);
            byte[] cipherText = cipher.doFinal(plainText);
            String encodedCipherText = Base64Util.base64urlencode(cipherText);
            String securedInputValue = new String(additionalAuthenticatedData, Charset.forName(Util.UTF8_STRING_ENCODING)) + "." + encodedCipherText;
            byte[] cik = KeyDerivationFunction.generateCik(contentMasterKey, getBlockEncryptionAlgorithm());
            SecretKey secretKey = new SecretKeySpec(cik, getBlockEncryptionAlgorithm().getIntegrityValueAlgorithm());
            Mac mac = Mac.getInstance(getBlockEncryptionAlgorithm().getIntegrityValueAlgorithm());
            mac.init(secretKey);
            byte[] integrityValue = mac.doFinal(securedInputValue.getBytes(Util.UTF8_STRING_ENCODING));
            String encodedIntegrityValue = Base64Util.base64urlencode(integrityValue);
            return new Pair<String, String>(encodedCipherText, encodedIntegrityValue);
        } else {
            throw new InvalidJweException("The block encryption algorithm is not supported");
        }
    } catch (InvalidCipherTextException e) {
        throw new InvalidJweException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new InvalidJweException(e);
    } catch (UnsupportedEncodingException e) {
        throw new InvalidJweException(e);
    } catch (NoSuchProviderException e) {
        throw new InvalidJweException(e);
    } catch (IllegalBlockSizeException e) {
        throw new InvalidJweException(e);
    } catch (InvalidKeyException e) {
        throw new InvalidJweException(e);
    } catch (BadPaddingException e) {
        throw new InvalidJweException(e);
    } catch (InvalidAlgorithmParameterException e) {
        throw new InvalidJweException(e);
    } catch (NoSuchPaddingException e) {
        throw new InvalidJweException(e);
    } catch (InvalidParameterException e) {
        throw new InvalidJweException(e);
    }
}
Also used : InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) InvalidParameterException(org.xdi.oxauth.model.exception.InvalidParameterException) SecretKeySpec(javax.crypto.spec.SecretKeySpec) InvalidJweException(org.xdi.oxauth.model.exception.InvalidJweException) Pair(org.xdi.oxauth.model.util.Pair) AESEngine(org.bouncycastle.crypto.engines.AESEngine) BlockCipher(org.bouncycastle.crypto.BlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) UnsupportedEncodingException(java.io.UnsupportedEncodingException) CipherParameters(org.bouncycastle.crypto.CipherParameters) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) IvParameterSpec(javax.crypto.spec.IvParameterSpec) BlockCipher(org.bouncycastle.crypto.BlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)

Aggregations

AEADParameters (org.bouncycastle.crypto.params.AEADParameters)18 GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)14 KeyParameter (org.bouncycastle.crypto.params.KeyParameter)14 AESEngine (org.bouncycastle.crypto.engines.AESEngine)10 AEADBlockCipher (org.bouncycastle.crypto.modes.AEADBlockCipher)10 ByteArrayInputStream (java.io.ByteArrayInputStream)4 IvParameterSpec (javax.crypto.spec.IvParameterSpec)4 SecretKeySpec (javax.crypto.spec.SecretKeySpec)4 InvalidCipherTextIOException (org.bouncycastle.crypto.io.InvalidCipherTextIOException)4 ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)4 Test (org.junit.Test)4 IOException (java.io.IOException)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)2 InvalidKeyException (java.security.InvalidKeyException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 Cipher (javax.crypto.Cipher)2 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)2 BlockCipher (org.bouncycastle.crypto.BlockCipher)2 CipherParameters (org.bouncycastle.crypto.CipherParameters)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial