Example 31 with KeyParameter
use of org.bouncycastle.crypto.params.KeyParameter in project syncany by syncany.
the class TwofishGcmCipherSpec method newCipherOutputStream.
@Override
public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException {
AEADBlockCipher cipher = new GCMBlockCipher(new TwofishEngine());
cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));
return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
}
Also used :
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
TwofishEngine(org.bouncycastle.crypto.engines.TwofishEngine)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
Example 32 with KeyParameter
use of org.bouncycastle.crypto.params.KeyParameter in project syncany by syncany.
the class AesGcmWithBcInputStreamTest method testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext.
@Test
public void testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
// Encrypt (not interesting in this example)
byte[] randomKey = createRandomArray(16);
byte[] randomIv = createRandomArray(16);
// <<<< 4080 bytes fails, 4079 bytes works!
byte[] originalPlaintext = createRandomArray(4080);
byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
// Decrypt with BouncyCastle implementation of CipherInputStream
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
try {
readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(originalCiphertext), cipher));
// ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
//
// In this example, the BouncyCastle implementation of the CipherInputStream throws an ArrayIndexOutOfBoundsException.
// The only difference to the example above is that the plaintext is now 4080 bytes long! For 4079 bytes plaintexts,
// everything works just fine.
System.out.println("Test E: org.bouncycastle.crypto.io.CipherInputStream: OK, throws no exception");
} catch (IOException e) {
fail("Test E: org.bouncycastle.crypto.io.CipherInputStream: NOT OK throws: " + e.getMessage());
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException)
IOException(java.io.IOException)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
Test(org.junit.Test)
Example 33 with KeyParameter
use of org.bouncycastle.crypto.params.KeyParameter in project syncany by syncany.
the class AesGcmWithBcInputStreamTest method testD_BouncyCastleCipherInputStreamWithAesGcm.
@Test
public void testD_BouncyCastleCipherInputStreamWithAesGcm() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
// Encrypt (not interesting in this example)
byte[] randomKey = createRandomArray(16);
byte[] randomIv = createRandomArray(16);
byte[] originalPlaintext = "Confirm 100$ pay".getBytes("ASCII");
byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);
// Attack / alter ciphertext (an attacker would do this!)
byte[] alteredCiphertext = Arrays.clone(originalCiphertext);
// <<< Change 100$ to 900$
alteredCiphertext[8] = (byte) (alteredCiphertext[8] ^ 0x08);
// Decrypt with BouncyCastle implementation of CipherInputStream
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
try {
readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(alteredCiphertext), cipher));
// ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
//
// The BouncyCastle implementation of the CipherInputStream detects MAC verification errors and
// throws a InvalidCipherTextIOException if an error occurs. Nice! A more or less minor issue
// however is that it is incompatible with the standard JCE Cipher class from the javax.crypto
// package. The new interface AEADBlockCipher must be used. The code below is not executed.
fail("Test D: org.bouncycastle.crypto.io.CipherInputStream: NOT OK, tampering not detected");
} catch (InvalidCipherTextIOException e) {
System.out.println("Test D: org.bouncycastle.crypto.io.CipherInputStream: OK, tampering detected");
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
InvalidCipherTextIOException(org.bouncycastle.crypto.io.InvalidCipherTextIOException)
Test(org.junit.Test)
Example 34 with KeyParameter
use of org.bouncycastle.crypto.params.KeyParameter in project Conversations by siacs.
the class AbstractConnectionManager method createInputStream.
public static Pair<InputStream, Integer> createInputStream(DownloadableFile file, boolean gcm) throws FileNotFoundException {
FileInputStream is;
int size;
is = new FileInputStream(file);
size = (int) file.getSize();
if (file.getKey() == null) {
return new Pair<InputStream, Integer>(is, size);
}
try {
if (gcm) {
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
cipher.init(true, new AEADParameters(new KeyParameter(file.getKey()), 128, file.getIv()));
InputStream cis = new org.bouncycastle.crypto.io.CipherInputStream(is, cipher);
return new Pair<>(cis, cipher.getOutputSize(size));
} else {
IvParameterSpec ips = new IvParameterSpec(file.getIv());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(file.getKey(), "AES"), ips);
Log.d(Config.LOGTAG, "opening encrypted input stream");
final int s = Config.REPORT_WRONG_FILESIZE_IN_OTR_JINGLE ? size : (size / 16 + 1) * 16;
return new Pair<InputStream, Integer>(new CipherInputStream(is, cipher), s);
}
} catch (InvalidKeyException e) {
return null;
} catch (NoSuchAlgorithmException e) {
return null;
} catch (NoSuchPaddingException e) {
return null;
} catch (InvalidAlgorithmParameterException e) {
return null;
}
}
Also used :
AESEngine(org.bouncycastle.crypto.engines.AESEngine)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
CipherInputStream(javax.crypto.CipherInputStream)
CipherInputStream(javax.crypto.CipherInputStream)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
FileInputStream(java.io.FileInputStream)
AEADParameters(org.bouncycastle.crypto.params.AEADParameters)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
GCMBlockCipher(org.bouncycastle.crypto.modes.GCMBlockCipher)
AEADBlockCipher(org.bouncycastle.crypto.modes.AEADBlockCipher)
Pair(android.util.Pair)
Example 35 with KeyParameter
use of org.bouncycastle.crypto.params.KeyParameter in project Conversations by siacs.
the class ScramMechanism method hmac.
private static synchronized byte[] hmac(final byte[] key, final byte[] input) throws InvalidKeyException {
HMAC.init(new KeyParameter(key));
HMAC.update(input, 0, input.length);
final byte[] out = new byte[HMAC.getMacSize()];
HMAC.doFinal(out, 0);
return out;
}
Also used :
KeyParameter(org.bouncycastle.crypto.params.KeyParameter)
Aggregations
KeyParameter (org.bouncycastle.crypto.params.KeyParameter)58
ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)28
CipherParameters (org.bouncycastle.crypto.CipherParameters)21
AESEngine (org.bouncycastle.crypto.engines.AESEngine)17
GCMBlockCipher (org.bouncycastle.crypto.modes.GCMBlockCipher)16
AEADParameters (org.bouncycastle.crypto.params.AEADParameters)14
IvParameterSpec (javax.crypto.spec.IvParameterSpec)13
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)11
InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)11
AEADBlockCipher (org.bouncycastle.crypto.modes.AEADBlockCipher)10
InvalidKeyException (java.security.InvalidKeyException)9
PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)9
CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)9
SecureRandom (java.security.SecureRandom)7
SecretKeySpec (javax.crypto.spec.SecretKeySpec)7
PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)7
SecretKey (javax.crypto.SecretKey)5
ByteArrayInputStream (java.io.ByteArrayInputStream)4
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)4
