Example 21 with AEADParameters
use of org.bouncycastle.crypto.params.AEADParameters in project syncany by syncany.
the class AesGcmWithBcInputStreamTest method testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext.
@Test
public void testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
// Encrypt (not interesting in this example)
byte[] randomKey = createRandomArray(16);
byte[] randomIv = createRandomArray(16);
// <<<< 4080 bytes fails, 4079 bytes works!
byte[] originalPlaintext = createRandomArray(4080);
byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
// Decrypt with BouncyCastle implementation of CipherInputStream
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
try {
readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(originalCiphertext), cipher));
// ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
//
// In this example, the BouncyCastle implementation of the CipherInputStream throws an ArrayIndexOutOfBoundsException.
// The only difference to the example above is that the plaintext is now 4080 bytes long! For 4079 bytes plaintexts,
// everything works just fine.
System.out.println("Test E: org.bouncycastle.crypto.io.CipherInputStream: OK, throws no exception");
} catch (IOException e) {
fail("Test E: org.bouncycastle.crypto.io.CipherInputStream: NOT OK throws: " + e.getMessage());
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException)
IOException(java.io.IOException)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
Test(org.junit.Test)
Example 22 with AEADParameters
use of org.bouncycastle.crypto.params.AEADParameters in project syncany by syncany.
the class AesGcmWithBcInputStreamTest method testD_BouncyCastleCipherInputStreamWithAesGcm.
@Test
public void testD_BouncyCastleCipherInputStreamWithAesGcm() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
// Encrypt (not interesting in this example)
byte[] randomKey = createRandomArray(16);
byte[] randomIv = createRandomArray(16);
byte[] originalPlaintext = "Confirm 100$ pay".getBytes("ASCII");
byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
// Attack / alter ciphertext (an attacker would do this!)
byte[] alteredCiphertext = Arrays.clone(originalCiphertext);
// <<< Change 100$ to 900$
alteredCiphertext[8] = (byte) (alteredCiphertext[8] ^ 0x08);
// Decrypt with BouncyCastle implementation of CipherInputStream
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
try {
readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(alteredCiphertext), cipher));
// ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
//
// The BouncyCastle implementation of the CipherInputStream detects MAC verification errors and
// throws a InvalidCipherTextIOException if an error occurs. Nice! A more or less minor issue
// however is that it is incompatible with the standard JCE Cipher class from the javax.crypto
// package. The new interface AEADBlockCipher must be used. The code below is not executed.
fail("Test D: org.bouncycastle.crypto.io.CipherInputStream: NOT OK, tampering not detected");
} catch (InvalidCipherTextIOException e) {
System.out.println("Test D: org.bouncycastle.crypto.io.CipherInputStream: OK, tampering detected");
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException)
Test(org.junit.Test)
Example 23 with AEADParameters
use of org.bouncycastle.crypto.params.AEADParameters in project syncany by syncany.
the class AesGcmCipherSpec method newCipherOutputStream.
@Override
public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException {
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));
return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
Example 24 with AEADParameters
use of org.bouncycastle.crypto.params.AEADParameters in project syncany by syncany.
the class TwofishGcmCipherSpec method newCipherOutputStream.
@Override
public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException {
AEADBlockCipher cipher = new GCMBlockCipher(new TwofishEngine());
cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));
return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
}
Also used :
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
TwofishEngine(org.bouncycastle.crypto.engines.TwofishEngine)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
Example 25 with AEADParameters
use of org.bouncycastle.crypto.params.AEADParameters in project Pix-Art-Messenger by kriztan.
the class AbstractConnectionManager method createOutputStream.
private static OutputStream createOutputStream(DownloadableFile file, boolean gcm, boolean append) {
FileOutputStream os;
try {
os = new FileOutputStream(file, append);
if (file.getKey() == null) {
return os;
}
} catch (FileNotFoundException e) {
return null;
}
try {
if (gcm) {
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(false, new AEADParameters(new KeyParameter(file.getKey()), 128, file.getIv()));
return new org.bouncycastle.crypto.io.CipherOutputStream(os, cipher);
} else {
IvParameterSpec ips = new IvParameterSpec(file.getIv());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(file.getKey(), "AES"), ips);
Log.d(Config.LOGTAG, "opening encrypted output stream");
return new CipherOutputStream(os, cipher);
}
} catch (InvalidKeyException e) {
return null;
} catch (NoSuchAlgorithmException e) {
return null;
} catch (NoSuchPaddingException e) {
return null;
} catch (InvalidAlgorithmParameterException e) {
return null;
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
CipherOutputStream(javax.crypto.CipherOutputStream)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
FileNotFoundException(java.io.FileNotFoundException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
FileOutputStream(java.io.FileOutputStream)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
Aggregations
AEADParameters (org.bouncycastle.crypto.params.AEADParameters)26
KeyParameter (org.bouncycastle.crypto.params.KeyParameter)22
GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)20
AESEngine (org.bouncycastle.crypto.engines.AESEngine)18
AEADBlockCipher (org.bouncycastle.crypto.modes.AEADBlockCipher)16
IvParameterSpec (javax.crypto.spec.IvParameterSpec)5
SecretKeySpec (javax.crypto.spec.SecretKeySpec)5
ByteArrayInputStream (java.io.ByteArrayInputStream)4
IOException (java.io.IOException)4
InvalidCipherTextIOException (org.bouncycastle.crypto.io.InvalidCipherTextIOException)4
ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)4
Test (org.junit.Test)4
FileInputStream (java.io.FileInputStream)3
FileNotFoundException (java.io.FileNotFoundException)3
InputStream (java.io.InputStream)3
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
InvalidKeyException (java.security.InvalidKeyException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
Cipher (javax.crypto.Cipher)3
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)3
