Search in sources :

Example 26 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project robovm by robovm.

the class BaseWrapCipher method engineInit.

protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
    CipherParameters param;
    if (key instanceof BCPBEKey) {
        BCPBEKey k = (BCPBEKey) key;
        if (params instanceof PBEParameterSpec) {
            param = PBE.Util.makePBEParameters(k, params, wrapEngine.getAlgorithmName());
        } else if (k.getParam() != null) {
            param = k.getParam();
        } else {
            throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
        }
    } else {
        param = new KeyParameter(key.getEncoded());
    }
    if (params instanceof IvParameterSpec) {
        IvParameterSpec iv = (IvParameterSpec) params;
        param = new ParametersWithIV(param, iv.getIV());
    }
    if (param instanceof KeyParameter && ivSize != 0) {
        iv = new byte[ivSize];
        random.nextBytes(iv);
        param = new ParametersWithIV(param, iv);
    }
    switch(opmode) {
        case Cipher.WRAP_MODE:
            wrapEngine.init(true, param);
            break;
        case Cipher.UNWRAP_MODE:
            wrapEngine.init(false, param);
            break;
        case Cipher.ENCRYPT_MODE:
        case Cipher.DECRYPT_MODE:
            throw new IllegalArgumentException("engine only valid for wrapping");
        default:
            System.out.println("eeek!");
    }
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) IvParameterSpec(javax.crypto.spec.IvParameterSpec) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)

Example 27 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project robovm by robovm.

the class GCMBlockCipher method init.

public void init(boolean forEncryption, CipherParameters params) throws IllegalArgumentException {
    this.forEncryption = forEncryption;
    this.macBlock = null;
    KeyParameter keyParam;
    if (params instanceof AEADParameters) {
        AEADParameters param = (AEADParameters) params;
        nonce = param.getNonce();
        initialAssociatedText = param.getAssociatedText();
        int macSizeBits = param.getMacSize();
        if (macSizeBits < 96 || macSizeBits > 128 || macSizeBits % 8 != 0) {
            throw new IllegalArgumentException("Invalid value for MAC size: " + macSizeBits);
        }
        macSize = macSizeBits / 8;
        keyParam = param.getKey();
    } else if (params instanceof ParametersWithIV) {
        ParametersWithIV param = (ParametersWithIV) params;
        nonce = param.getIV();
        initialAssociatedText = null;
        macSize = 16;
        keyParam = (KeyParameter) param.getParameters();
    } else {
        throw new IllegalArgumentException("invalid parameters passed to GCM");
    }
    int bufLength = forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize);
    this.bufBlock = new byte[bufLength];
    if (nonce == null || nonce.length < 1) {
        throw new IllegalArgumentException("IV must be at least 1 byte");
    }
    // if keyParam is null we're reusing the last key.
    if (keyParam != null) {
        cipher.init(true, keyParam);
        this.H = new byte[BLOCK_SIZE];
        cipher.processBlock(H, 0, H, 0);
        // GCMMultiplier tables don't change unless the key changes (and are expensive to init)
        multiplier.init(H);
        exp = null;
    }
    this.J0 = new byte[BLOCK_SIZE];
    if (nonce.length == 12) {
        System.arraycopy(nonce, 0, J0, 0, nonce.length);
        this.J0[BLOCK_SIZE - 1] = 0x01;
    } else {
        gHASH(J0, nonce, nonce.length);
        byte[] X = new byte[BLOCK_SIZE];
        Pack.longToBigEndian((long) nonce.length * 8, X, 8);
        gHASHBlock(J0, X);
    }
    this.S = new byte[BLOCK_SIZE];
    this.S_at = new byte[BLOCK_SIZE];
    this.S_atPre = new byte[BLOCK_SIZE];
    this.atBlock = new byte[BLOCK_SIZE];
    this.atBlockPos = 0;
    this.atLength = 0;
    this.atLengthPre = 0;
    this.counter = Arrays.clone(J0);
    this.bufOff = 0;
    this.totalLength = 0;
    if (initialAssociatedText != null) {
        processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
    }
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) KeyParameter(org.bouncycastle.crypto.params.KeyParameter)

Example 28 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project robovm by robovm.

the class DESedeWrapEngine method init.

/**
    * Method init
    *
    * @param forWrapping
    * @param param
    */
public void init(boolean forWrapping, CipherParameters param) {
    this.forWrapping = forWrapping;
    this.engine = new CBCBlockCipher(new DESedeEngine());
    SecureRandom sr;
    if (param instanceof ParametersWithRandom) {
        ParametersWithRandom pr = (ParametersWithRandom) param;
        param = pr.getParameters();
        sr = pr.getRandom();
    } else {
        sr = new SecureRandom();
    }
    if (param instanceof KeyParameter) {
        this.param = (KeyParameter) param;
        if (this.forWrapping) {
            // Hm, we have no IV but we want to wrap ?!?
            // well, then we have to create our own IV.
            this.iv = new byte[8];
            sr.nextBytes(iv);
            this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
        }
    } else if (param instanceof ParametersWithIV) {
        this.paramPlusIV = (ParametersWithIV) param;
        this.iv = this.paramPlusIV.getIV();
        this.param = (KeyParameter) this.paramPlusIV.getParameters();
        if (this.forWrapping) {
            if ((this.iv == null) || (this.iv.length != 8)) {
                throw new IllegalArgumentException("IV is not 8 octets");
            }
        } else {
            throw new IllegalArgumentException("You should not supply an IV for unwrapping");
        }
    }
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) SecureRandom(java.security.SecureRandom) ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)

Example 29 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project robovm by robovm.

the class PKCS5S1ParametersGenerator method generateDerivedParameters.

/**
     * Generate a key with initialisation vector parameter derived from
     * the password, salt, and iteration count we are currently initialised
     * with.
     *
     * @param keySize the size of the key we want (in bits)
     * @param ivSize the size of the iv we want (in bits)
     * @return a ParametersWithIV object.
     * @exception IllegalArgumentException if keySize + ivSize is larger than the base hash size.
     */
public CipherParameters generateDerivedParameters(int keySize, int ivSize) {
    keySize = keySize / 8;
    ivSize = ivSize / 8;
    if ((keySize + ivSize) > digest.getDigestSize()) {
        throw new IllegalArgumentException("Can't generate a derived key " + (keySize + ivSize) + " bytes long.");
    }
    byte[] dKey = generateDerivedKey();
    return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) KeyParameter(org.bouncycastle.crypto.params.KeyParameter)

Example 30 with KeyParameter

use of org.bouncycastle.crypto.params.KeyParameter in project robovm by robovm.

the class PKCS5S2ParametersGenerator method generateDerivedKey.

private byte[] generateDerivedKey(int dkLen) {
    int hLen = hMac.getMacSize();
    int l = (dkLen + hLen - 1) / hLen;
    byte[] iBuf = new byte[4];
    byte[] outBytes = new byte[l * hLen];
    int outPos = 0;
    CipherParameters param = new KeyParameter(password);
    hMac.init(param);
    for (int i = 1; i <= l; i++) {
        // Increment the value in 'iBuf'
        int pos = 3;
        while (++iBuf[pos] == 0) {
            --pos;
        }
        F(salt, iterationCount, iBuf, outBytes, outPos);
        outPos += hLen;
    }
    return outBytes;
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) KeyParameter(org.bouncycastle.crypto.params.KeyParameter)

Aggregations

KeyParameter (org.bouncycastle.crypto.params.KeyParameter)47 ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)21 CipherParameters (org.bouncycastle.crypto.CipherParameters)15 IvParameterSpec (javax.crypto.spec.IvParameterSpec)13 GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)12 AEADParameters (org.bouncycastle.crypto.params.AEADParameters)12 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)11 InvalidKeyException (java.security.InvalidKeyException)9 PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)9 AESEngine (org.bouncycastle.crypto.engines.AESEngine)8 AEADBlockCipher (org.bouncycastle.crypto.modes.AEADBlockCipher)8 SecureRandom (java.security.SecureRandom)7 SecretKeySpec (javax.crypto.spec.SecretKeySpec)7 SecretKey (javax.crypto.SecretKey)5 InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)5 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)4 BlockCipher (org.bouncycastle.crypto.BlockCipher)4 CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)4 ParametersWithRandom (org.bouncycastle.crypto.params.ParametersWithRandom)4