/** * Only accepts <code>NtruEncrypt1087PublicKey</code>s and <code>Ntru1087PrivateKey</code>s. * @throws GeneralSecurityException */ @Override public byte[] decrypt(byte[] data, PublicKey publicKey, PrivateKey privateKey) throws GeneralSecurityException { if (data == null) return null; ByteBuffer inputBuffer = ByteBuffer.wrap(data); byte[] encryptedSymmKey = new byte[ENCRYPTED_LENGTH_BYTES]; inputBuffer.get(encryptedSymmKey); NtruEncrypt1087PublicKey publicNtruKey = castToNtruEncryptKey(publicKey); NtruEncrypt1087PrivateKey privateNtruKey = castToNtruEncryptKey(privateKey); EncryptionKeyPair keyPair = new EncryptionKeyPair(privateNtruKey.key, publicNtruKey.key); byte[] symmKey = ntruEngine.decrypt(encryptedSymmKey, keyPair); byte[] iv = new byte[BLOCK_SIZE]; inputBuffer.get(iv); byte[] encryptedData = new byte[inputBuffer.remaining()]; inputBuffer.get(encryptedData); byte[] decryptedData = decryptAes(encryptedData, symmKey, iv); return decryptedData; }
@Override public PrivateKeyPair createPrivateKeyPair(String base64) throws GeneralSecurityException { // append the "==" that is omitted in the encoding base64 += "=="; byte[] keyBytes = Base64.decode(base64); return createPrivateKeyPair(keyBytes); }
@Override public PublicKeyPair createPublicKeyPair(String base64) throws GeneralSecurityException { // append the '=' that is omitted in the encoding base64 += '='; byte[] keyBytes = Base64.decode(base64); return createPublicKeyPair(keyBytes); }
private static void init() { instances = Collections.synchronizedList(new ArrayList<CryptoImplementation>()); Log log = new Log(CryptoFactory.class); try { instances.add(new ElGamal2048_DSA1024()); } catch (GeneralSecurityException e) { log.error("Error creating ElGamal2048_DSA1024.", e); } try { instances.add(new ECDH256_ECDSA256()); instances.add(new ECDH521_ECDSA521()); } catch (GeneralSecurityException e) { log.error("Error creating ECDH256_ECDSA256 or ECDH521_ECDSA521.", e); } try { instances.add(new NTRUEncrypt1087_GMSS512()); } catch (GeneralSecurityException e) { log.error("Error creating NTRUEncrypt1087_GMSS512.", e); } } }
/** * Only accepts <code>NtruEncrypt1087PublicKey</code>s. * @throws GeneralSecurityException */ @Override public byte[] encrypt(byte[] data, PublicKey key) throws GeneralSecurityException { byte[] symmKey = new byte[32]; appContext.random().nextBytes(symmKey); byte iv[] = new byte[BLOCK_SIZE]; appContext.random().nextBytes(iv); byte[] encryptedData = encryptAes(data, symmKey, iv); NtruEncrypt1087PublicKey ntruKey = castToNtruEncryptKey(key); byte[] encryptedSymmKey = ntruEngine.encrypt(symmKey, ntruKey.key); ByteBuffer output = ByteBuffer.allocate(encryptedSymmKey.length + iv.length + encryptedData.length); output.put(encryptedSymmKey); output.put(iv); output.put(encryptedData); return output.array(); }
/** Only accepts <code>Gmss512PublicKey</code>s. */ @Override public boolean verify(byte[] data, byte[] signature, PublicKey key) throws GeneralSecurityException { Gmss512PublicKey gmssKey = castToGMSS(key); GMSSSignature signer = new GMSSSignature.GMSSwithSHA512(); signer.initVerify(gmssKey.key); signer.update(data); return signer.verify(signature); }
@Override public String toBase64(PublicKeyPair keyPair) { String base64 = Base64.encode(toByteArray(keyPair)); // the last char is always '=', so drop it return base64.substring(0, base64.length()-1); }
@Override public int getBase64CompleteKeySetLength() { return getBase64PublicKeyPairLength() + BASE64_PRIVATE_KEY_PAIR_LENGTH; }
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; String ntru1087PrivateKeyPair = ntruPrivKeyPart1 + ntruPrivKeyPart2; TestIdentity ntru1087 = new TestIdentity(ntru1087PublicKeyPair, ntru1087PrivateKeyPair, new NTRUEncrypt1087_GMSS512()); identities.add(ntru1087);
/** Only accepts <code>Gmss512PrivateKey</code>s. */ @Override public byte[] sign(byte[] data, PrivateKey key, KeyUpdateHandler keyUpdateHandler) throws GeneralSecurityException, PasswordException { Gmss512PrivateKey gmssKey = castToGMSS(key); GMSSSignature signer = new GMSSSignature.GMSSwithSHA512(); signer.initSign(gmssKey.key); signer.update(data); byte[] signature = signer.sign(); try { keyUpdateHandler.updateKey(); } catch (IOException e) { throw new KeyStoreException("Error updating GMSS key after signing.", e); } return signature; }
@Override public String toBase64(PrivateKeyPair keyPair) { String base64 = Base64.encode(toByteArray(keyPair)); // the last two chars are always "==", so drop them return base64.substring(0, base64.length()-2); }