Examples with KeyParameter org.bouncycastle.crypto.params.KeyParameter used on opensource projects

Example 96 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project nem2-sdk-java by nemtech.

the class AESGCM method createAESGCMCipher.

/**
 * Creates a new AES/GCM/NoPadding cipher.
 *
 * @param secretKey The AES key. Must not be {@code null}.
 * @param forEncryption If {@code true} creates an encryption cipher, else creates a decryption
 *     cipher.
 * @param iv The initialisation vector (IV). Must not be {@code null}.
 * @return The AES/GCM/NoPadding cipher.
 */
private static GCMBlockCipher createAESGCMCipher(final byte[] secretKey, final boolean forEncryption, final byte[] iv) {
    // Initialise AES cipher
    BlockCipher cipher = createCipher(secretKey, forEncryption);
    // Create GCM cipher with AES
    GCMBlockCipher gcm = new GCMBlockCipher(cipher);
    final KeyParameter keyParam = new KeyParameter(secretKey);
    final CipherParameters params = new ParametersWithIV(keyParam, iv);
    gcm.init(forEncryption, params);
    return gcm;
}

Example 97 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project syncany by syncany.

the class AesGcmWithBcInputStreamTest method testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext.

@Test
public void testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
    // Encrypt (not interesting in this example)
    byte[] randomKey = createRandomArray(16);
    byte[] randomIv = createRandomArray(16);
    // <<<< 4080 bytes fails, 4079 bytes works!
    byte[] originalPlaintext = createRandomArray(4080);
    byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
    // Decrypt with BouncyCastle implementation of CipherInputStream
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
    try {
        readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(originalCiphertext), cipher));
        // ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
        // 
        // In this example, the BouncyCastle implementation of the CipherInputStream throws an ArrayIndexOutOfBoundsException.
        // The only difference to the example above is that the plaintext is now 4080 bytes long! For 4079 bytes plaintexts,
        // everything works just fine.
        System.out.println("Test E: org.bouncycastle.crypto.io.CipherInputStream:        OK, throws no exception");
    } catch (IOException e) {
        fail("Test E: org.bouncycastle.crypto.io.CipherInputStream:        NOT OK throws: " + e.getMessage());
    }
}

Example 98 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project syncany by syncany.

the class AesGcmWithBcInputStreamTest method testD_BouncyCastleCipherInputStreamWithAesGcm.

@Test
public void testD_BouncyCastleCipherInputStreamWithAesGcm() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
    // Encrypt (not interesting in this example)
    byte[] randomKey = createRandomArray(16);
    byte[] randomIv = createRandomArray(16);
    byte[] originalPlaintext = "Confirm 100$ pay".getBytes("ASCII");
    byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
    // Attack / alter ciphertext (an attacker would do this!)
    byte[] alteredCiphertext = Arrays.clone(originalCiphertext);
    // <<< Change 100$ to 900$
    alteredCiphertext[8] = (byte) (alteredCiphertext[8] ^ 0x08);
    // Decrypt with BouncyCastle implementation of CipherInputStream
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
    try {
        readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(alteredCiphertext), cipher));
        // ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
        // 
        // The BouncyCastle implementation of the CipherInputStream detects MAC verification errors and
        // throws a InvalidCipherTextIOException if an error occurs. Nice! A more or less minor issue
        // however is that it is incompatible with the standard JCE Cipher class from the javax.crypto
        // package. The new interface AEADBlockCipher must be used. The code below is not executed.
        fail("Test D: org.bouncycastle.crypto.io.CipherInputStream:        NOT OK, tampering not detected");
    } catch (InvalidCipherTextIOException e) {
        System.out.println("Test D: org.bouncycastle.crypto.io.CipherInputStream:        OK, tampering detected");
    }
}

Example 99 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project syncany by syncany.

the class AesGcmCipherSpec method newCipherOutputStream.

@Override
public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException {
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));
    return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
}

Example 100 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project syncany by syncany.

the class TwofishGcmCipherSpec method newCipherOutputStream.

@Override
public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException {
    AEADBlockCipher cipher = new GCMBlockCipher(new TwofishEngine());
    cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));
    return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
}