Search in sources :

Example 51 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project gocd by gocd.

the class GoCipher method cipher.

public String cipher(byte[] key, String plainText) throws InvalidCipherTextException {
    PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESEngine()));
    KeyParameter keyParameter = new KeyParameter(Hex.decode(key));
    cipher.init(true, keyParameter);
    byte[] plainTextBytes = plainText.getBytes();
    byte[] cipherTextBytes = new byte[cipher.getOutputSize(plainTextBytes.length)];
    int outputLength = cipher.processBytes(plainTextBytes, 0, plainTextBytes.length, cipherTextBytes, 0);
    cipher.doFinal(cipherTextBytes, outputLength);
    return java.util.Base64.getEncoder().encodeToString(cipherTextBytes).trim();
}
Also used : PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) DESEngine(org.bouncycastle.crypto.engines.DESEngine) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)

Example 52 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project elastic-core-maven by OrdinaryDude.

the class Crypto method aesEncrypt.

public static byte[] aesEncrypt(byte[] plaintext, byte[] key) {
    try {
        byte[] iv = new byte[16];
        secureRandom.get().nextBytes(iv);
        PaddedBufferedBlockCipher aes = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()));
        CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv);
        aes.init(true, ivAndKey);
        byte[] output = new byte[aes.getOutputSize(plaintext.length)];
        int ciphertextLength = aes.processBytes(plaintext, 0, plaintext.length, output, 0);
        ciphertextLength += aes.doFinal(output, ciphertextLength);
        byte[] result = new byte[iv.length + ciphertextLength];
        System.arraycopy(iv, 0, result, 0, iv.length);
        System.arraycopy(output, 0, result, iv.length, ciphertextLength);
        return result;
    } catch (InvalidCipherTextException e) {
        throw new RuntimeException(e.getMessage(), e);
    }
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) AESEngine(org.bouncycastle.crypto.engines.AESEngine) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)

Example 53 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project elastic-core-maven by OrdinaryDude.

the class Crypto method aesGCMDecrypt.

public static byte[] aesGCMDecrypt(byte[] ivCiphertext, byte[] key) {
    try {
        if (ivCiphertext.length < 16) {
            throw new InvalidCipherTextException("invalid ivCiphertext length");
        }
        byte[] iv = Arrays.copyOfRange(ivCiphertext, 0, 16);
        byte[] ciphertext = Arrays.copyOfRange(ivCiphertext, 16, ivCiphertext.length);
        GCMBlockCipher aes = new GCMBlockCipher(new AESEngine());
        CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv);
        aes.init(false, ivAndKey);
        byte[] output = new byte[aes.getOutputSize(ciphertext.length)];
        int plaintextLength = aes.processBytes(ciphertext, 0, ciphertext.length, output, 0);
        plaintextLength += aes.doFinal(output, plaintextLength);
        byte[] result = new byte[plaintextLength];
        System.arraycopy(output, 0, result, 0, result.length);
        return result;
    } catch (InvalidCipherTextException e) {
        throw new RuntimeException(e.getMessage(), e);
    }
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) AESEngine(org.bouncycastle.crypto.engines.AESEngine) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)

Example 54 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project elastic-core-maven by OrdinaryDude.

the class Crypto method aesGCMEncrypt.

public static byte[] aesGCMEncrypt(byte[] plaintext, byte[] key) {
    try {
        byte[] iv = new byte[16];
        secureRandom.get().nextBytes(iv);
        GCMBlockCipher aes = new GCMBlockCipher(new AESEngine());
        CipherParameters ivAndKey = new ParametersWithIV(new KeyParameter(key), iv);
        aes.init(true, ivAndKey);
        byte[] output = new byte[aes.getOutputSize(plaintext.length)];
        int ciphertextLength = aes.processBytes(plaintext, 0, plaintext.length, output, 0);
        ciphertextLength += aes.doFinal(output, ciphertextLength);
        byte[] result = new byte[iv.length + ciphertextLength];
        System.arraycopy(iv, 0, result, 0, iv.length);
        System.arraycopy(output, 0, result, iv.length, ciphertextLength);
        return result;
    } catch (InvalidCipherTextException e) {
        throw new RuntimeException(e.getMessage(), e);
    }
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) AESEngine(org.bouncycastle.crypto.engines.AESEngine) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)

Example 55 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project inbot-utils by Inbot.

the class AESUtils method encryptBouncyCastle.

private static String encryptBouncyCastle(SecretKey secret, String plainText) {
    try {
        // prepending with md5 hash allows us to do an integrity check on decrypt to prevent returning garbage if the decrypt key is incorrect
        String md5 = HashUtils.md5(plainText);
        plainText = md5 + plainText;
        // the iv acts as a per use salt, this ensures things encrypted with the same key always have a unique salt
        // 128 bit iv because NIST AES is standardized with 128 bit blocks and iv needs to match block size, even when using 256 bit key
        byte[] iv = new byte[16];
        SECURE_RANDOM.nextBytes(iv);
        // setup cipher parameters with key and IV
        byte[] key = secret.getEncoded();
        // setup AES cipher in CBC mode with PKCS7 padding
        BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), new PKCS7Padding());
        cipher.reset();
        cipher.init(true, new ParametersWithIV(new KeyParameter(key), iv));
        byte[] plainTextBuf = plainText.getBytes(StandardCharsets.UTF_8);
        byte[] buf = new byte[cipher.getOutputSize(plainTextBuf.length)];
        int len = cipher.processBytes(plainTextBuf, 0, plainTextBuf.length, buf, 0);
        len += cipher.doFinal(buf, len);
        // copy the encrypted part of the buffer to out
        byte[] out = new byte[len];
        System.arraycopy(buf, 0, out, 0, len);
        // iv$encrypted
        return byteArrayToHexString(iv) + "$" + new String(Base64.encodeBase64URLSafe(out), StandardCharsets.UTF_8);
    } catch (DataLengthException | InvalidCipherTextException e) {
        throw new IllegalStateException("cannot encrypt", e);
    }
}
Also used : PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) AESEngine(org.bouncycastle.crypto.engines.AESEngine) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) PKCS7Padding(org.bouncycastle.crypto.paddings.PKCS7Padding) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) DataLengthException(org.bouncycastle.crypto.DataLengthException) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)

Aggregations

KeyParameter (org.bouncycastle.crypto.params.KeyParameter)58 ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)28 CipherParameters (org.bouncycastle.crypto.CipherParameters)21 AESEngine (org.bouncycastle.crypto.engines.AESEngine)17 GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)16 AEADParameters (org.bouncycastle.crypto.params.AEADParameters)14 IvParameterSpec (javax.crypto.spec.IvParameterSpec)13 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)11 InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)11 AEADBlockCipher (org.bouncycastle.crypto.modes.AEADBlockCipher)10 InvalidKeyException (java.security.InvalidKeyException)9 PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)9 CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)9 SecureRandom (java.security.SecureRandom)7 SecretKeySpec (javax.crypto.spec.SecretKeySpec)7 PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)7 SecretKey (javax.crypto.SecretKey)5 ByteArrayInputStream (java.io.ByteArrayInputStream)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)4