Search in sources :

Example 31 with ParametersWithIV

use of org.bouncycastle.crypto.params.ParametersWithIV in project XobotOS by xamarin.

the class WrapCipherSpi method engineInit.

protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
    CipherParameters param;
    if (key instanceof JCEPBEKey) {
        JCEPBEKey k = (JCEPBEKey) key;
        if (params instanceof PBEParameterSpec) {
            param = PBE.Util.makePBEParameters(k, params, wrapEngine.getAlgorithmName());
        } else if (k.getParam() != null) {
            param = k.getParam();
        } else {
            throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
        }
    } else {
        param = new KeyParameter(key.getEncoded());
    }
    if (params instanceof javax.crypto.spec.IvParameterSpec) {
        IvParameterSpec iv = (IvParameterSpec) params;
        param = new ParametersWithIV(param, iv.getIV());
    }
    if (param instanceof KeyParameter && ivSize != 0) {
        iv = new byte[ivSize];
        random.nextBytes(iv);
        param = new ParametersWithIV(param, iv);
    }
    switch(opmode) {
        case Cipher.WRAP_MODE:
            wrapEngine.init(true, param);
            break;
        case Cipher.UNWRAP_MODE:
            wrapEngine.init(false, param);
            break;
        case Cipher.ENCRYPT_MODE:
        case Cipher.DECRYPT_MODE:
            throw new IllegalArgumentException("engine only valid for wrapping");
        default:
            System.out.println("eeek!");
    }
}
Also used : CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) IvParameterSpec(javax.crypto.spec.IvParameterSpec) PBEParameterSpec(javax.crypto.spec.PBEParameterSpec)

Example 32 with ParametersWithIV

use of org.bouncycastle.crypto.params.ParametersWithIV in project XobotOS by xamarin.

the class DESedeWrapEngine method wrap.

/**
    * Method wrap
    *
    * @param in
    * @param inOff
    * @param inLen
    * @return the wrapped bytes.
    */
public byte[] wrap(byte[] in, int inOff, int inLen) {
    if (!forWrapping) {
        throw new IllegalStateException("Not initialized for wrapping");
    }
    byte[] keyToBeWrapped = new byte[inLen];
    System.arraycopy(in, inOff, keyToBeWrapped, 0, inLen);
    // Compute the CMS Key Checksum, (section 5.6.1), call this CKS.
    byte[] CKS = calculateCMSKeyChecksum(keyToBeWrapped);
    // Let WKCKS = WK || CKS where || is concatenation.
    byte[] WKCKS = new byte[keyToBeWrapped.length + CKS.length];
    System.arraycopy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.length);
    System.arraycopy(CKS, 0, WKCKS, keyToBeWrapped.length, CKS.length);
    // Encrypt WKCKS in CBC mode using KEK as the key and IV as the
    // initialization vector. Call the results TEMP1.
    int blockSize = engine.getBlockSize();
    if (WKCKS.length % blockSize != 0) {
        throw new IllegalStateException("Not multiple of block length");
    }
    engine.init(true, paramPlusIV);
    byte[] TEMP1 = new byte[WKCKS.length];
    for (int currentBytePos = 0; currentBytePos != WKCKS.length; currentBytePos += blockSize) {
        engine.processBlock(WKCKS, currentBytePos, TEMP1, currentBytePos);
    }
    // Let TEMP2 = IV || TEMP1.
    byte[] TEMP2 = new byte[this.iv.length + TEMP1.length];
    System.arraycopy(this.iv, 0, TEMP2, 0, this.iv.length);
    System.arraycopy(TEMP1, 0, TEMP2, this.iv.length, TEMP1.length);
    // Reverse the order of the octets in TEMP2 and call the result TEMP3.
    byte[] TEMP3 = reverse(TEMP2);
    // Encrypt TEMP3 in CBC mode using the KEK and an initialization vector
    // of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the desired
    // result. It is 40 octets long if a 168 bit key is being wrapped.
    ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
    this.engine.init(true, param2);
    for (int currentBytePos = 0; currentBytePos != TEMP3.length; currentBytePos += blockSize) {
        engine.processBlock(TEMP3, currentBytePos, TEMP3, currentBytePos);
    }
    return TEMP3;
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV)

Example 33 with ParametersWithIV

use of org.bouncycastle.crypto.params.ParametersWithIV in project XobotOS by xamarin.

the class DESedeWrapEngine method unwrap.

/**
    * Method unwrap
    *
    * @param in
    * @param inOff
    * @param inLen
    * @return the unwrapped bytes.
    * @throws InvalidCipherTextException
    */
public byte[] unwrap(byte[] in, int inOff, int inLen) throws InvalidCipherTextException {
    if (forWrapping) {
        throw new IllegalStateException("Not set for unwrapping");
    }
    if (in == null) {
        throw new InvalidCipherTextException("Null pointer as ciphertext");
    }
    final int blockSize = engine.getBlockSize();
    if (inLen % blockSize != 0) {
        throw new InvalidCipherTextException("Ciphertext not multiple of " + blockSize);
    }
    /*
      // Check if the length of the cipher text is reasonable given the key
      // type. It must be 40 bytes for a 168 bit key and either 32, 40, or
      // 48 bytes for a 128, 192, or 256 bit key. If the length is not supported
      // or inconsistent with the algorithm for which the key is intended,
      // return error.
      //
      // we do not accept 168 bit keys. it has to be 192 bit.
      int lengthA = (estimatedKeyLengthInBit / 8) + 16;
      int lengthB = estimatedKeyLengthInBit % 8;

      if ((lengthA != keyToBeUnwrapped.length) || (lengthB != 0)) {
         throw new XMLSecurityException("empty");
      }
      */
    // Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK
    // and an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3.
    ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
    this.engine.init(false, param2);
    byte[] TEMP3 = new byte[inLen];
    for (int currentBytePos = 0; currentBytePos != inLen; currentBytePos += blockSize) {
        engine.processBlock(in, inOff + currentBytePos, TEMP3, currentBytePos);
    }
    // Reverse the order of the octets in TEMP3 and call the result TEMP2.
    byte[] TEMP2 = reverse(TEMP3);
    // Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining octets.
    this.iv = new byte[8];
    byte[] TEMP1 = new byte[TEMP2.length - 8];
    System.arraycopy(TEMP2, 0, this.iv, 0, 8);
    System.arraycopy(TEMP2, 8, TEMP1, 0, TEMP2.length - 8);
    // Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV
    // found in the previous step. Call the result WKCKS.
    this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
    this.engine.init(false, this.paramPlusIV);
    byte[] WKCKS = new byte[TEMP1.length];
    for (int currentBytePos = 0; currentBytePos != WKCKS.length; currentBytePos += blockSize) {
        engine.processBlock(TEMP1, currentBytePos, WKCKS, currentBytePos);
    }
    // Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are
    // those octets before the CKS.
    byte[] result = new byte[WKCKS.length - 8];
    byte[] CKStoBeVerified = new byte[8];
    System.arraycopy(WKCKS, 0, result, 0, WKCKS.length - 8);
    System.arraycopy(WKCKS, WKCKS.length - 8, CKStoBeVerified, 0, 8);
    // with the CKS extracted in the above step. If they are not equal, return error.
    if (!checkCMSKeyChecksum(result, CKStoBeVerified)) {
        throw new InvalidCipherTextException("Checksum inside ciphertext is corrupted");
    }
    // WK is the wrapped key, now extracted for use in data decryption.
    return result;
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException)

Example 34 with ParametersWithIV

use of org.bouncycastle.crypto.params.ParametersWithIV in project XobotOS by xamarin.

the class DESedeWrapEngine method init.

/**
    * Method init
    *
    * @param forWrapping
    * @param param
    */
public void init(boolean forWrapping, CipherParameters param) {
    this.forWrapping = forWrapping;
    this.engine = new CBCBlockCipher(new DESedeEngine());
    SecureRandom sr;
    if (param instanceof ParametersWithRandom) {
        ParametersWithRandom pr = (ParametersWithRandom) param;
        param = pr.getParameters();
        sr = pr.getRandom();
    } else {
        sr = new SecureRandom();
    }
    if (param instanceof KeyParameter) {
        this.param = (KeyParameter) param;
        if (this.forWrapping) {
            // Hm, we have no IV but we want to wrap ?!?
            // well, then we have to create our own IV.
            this.iv = new byte[8];
            sr.nextBytes(iv);
            this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
        }
    } else if (param instanceof ParametersWithIV) {
        this.paramPlusIV = (ParametersWithIV) param;
        this.iv = this.paramPlusIV.getIV();
        this.param = (KeyParameter) this.paramPlusIV.getParameters();
        if (this.forWrapping) {
            if ((this.iv == null) || (this.iv.length != 8)) {
                throw new IllegalArgumentException("IV is not 8 octets");
            }
        } else {
            throw new IllegalArgumentException("You should not supply an IV for unwrapping");
        }
    }
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) KeyParameter(org.bouncycastle.crypto.params.KeyParameter) SecureRandom(java.security.SecureRandom) ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher)

Example 35 with ParametersWithIV

use of org.bouncycastle.crypto.params.ParametersWithIV in project XobotOS by xamarin.

the class GCMBlockCipher method init.

public void init(boolean forEncryption, CipherParameters params) throws IllegalArgumentException {
    this.forEncryption = forEncryption;
    this.macBlock = null;
    if (params instanceof AEADParameters) {
        AEADParameters param = (AEADParameters) params;
        nonce = param.getNonce();
        A = param.getAssociatedText();
        int macSizeBits = param.getMacSize();
        if (macSizeBits < 96 || macSizeBits > 128 || macSizeBits % 8 != 0) {
            throw new IllegalArgumentException("Invalid value for MAC size: " + macSizeBits);
        }
        macSize = macSizeBits / 8;
        keyParam = param.getKey();
    } else if (params instanceof ParametersWithIV) {
        ParametersWithIV param = (ParametersWithIV) params;
        nonce = param.getIV();
        A = null;
        macSize = 16;
        keyParam = (KeyParameter) param.getParameters();
    } else {
        throw new IllegalArgumentException("invalid parameters passed to GCM");
    }
    int bufLength = forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize);
    this.bufBlock = new byte[bufLength];
    if (nonce == null || nonce.length < 1) {
        throw new IllegalArgumentException("IV must be at least 1 byte");
    }
    if (A == null) {
        // Avoid lots of null checks
        A = new byte[0];
    }
    // Cipher always used in forward mode
    cipher.init(true, keyParam);
    // TODO This should be configurable by init parameters
    // (but must be 16 if nonce length not 12) (BLOCK_SIZE?)
    //        this.tagLength = 16;
    this.H = new byte[BLOCK_SIZE];
    cipher.processBlock(ZEROES, 0, H, 0);
    multiplier.init(H);
    this.initS = gHASH(A);
    if (nonce.length == 12) {
        this.J0 = new byte[16];
        System.arraycopy(nonce, 0, J0, 0, nonce.length);
        this.J0[15] = 0x01;
    } else {
        this.J0 = gHASH(nonce);
        byte[] X = new byte[16];
        packLength((long) nonce.length * 8, X, 8);
        xor(this.J0, X);
        multiplier.multiplyH(this.J0);
    }
    this.S = Arrays.clone(initS);
    this.counter = Arrays.clone(J0);
    this.bufOff = 0;
    this.totalLength = 0;
}
Also used : ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) AEADParameters(org.bouncycastle.crypto.params.AEADParameters) KeyParameter(org.bouncycastle.crypto.params.KeyParameter)

Aggregations

ParametersWithIV (org.bouncycastle.crypto.params.ParametersWithIV)49 KeyParameter (org.bouncycastle.crypto.params.KeyParameter)28 CipherParameters (org.bouncycastle.crypto.CipherParameters)15 InvalidCipherTextException (org.bouncycastle.crypto.InvalidCipherTextException)12 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)9 IvParameterSpec (javax.crypto.spec.IvParameterSpec)9 PBEParameterSpec (javax.crypto.spec.PBEParameterSpec)9 CBCBlockCipher (org.bouncycastle.crypto.modes.CBCBlockCipher)9 InvalidKeyException (java.security.InvalidKeyException)7 SecureRandom (java.security.SecureRandom)7 AESEngine (org.bouncycastle.crypto.engines.AESEngine)7 PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)7 SecretKey (javax.crypto.SecretKey)5 PKCS7Padding (org.bouncycastle.crypto.paddings.PKCS7Padding)5 DataLengthException (org.bouncycastle.crypto.DataLengthException)4 AEADParameters (org.bouncycastle.crypto.params.AEADParameters)4 ParametersWithRandom (org.bouncycastle.crypto.params.ParametersWithRandom)4 BufferedBlockCipher (org.bouncycastle.crypto.BufferedBlockCipher)3 InvalidParameterException (java.security.InvalidParameterException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2