public byte[] decrypt(ObjectRequest<NonPersonalizedEncryptedPayloadModel> request) throws GenericCryptoException, CryptoProviderException, InvalidKeyException { if (request == null) { return null; } NonPersonalizedEncryptedPayloadModel requestObject = request.getRequestObject(); if (requestObject == null) { return null; } NonPersonalizedEncryptedMessage message = new NonPersonalizedEncryptedMessage(); message.setApplicationKey(BaseEncoding.base64().decode(requestObject.getApplicationKey())); message.setEphemeralPublicKey(BaseEncoding.base64().decode(requestObject.getEphemeralPublicKey())); message.setSessionIndex(BaseEncoding.base64().decode(requestObject.getSessionIndex())); message.setAdHocIndex(BaseEncoding.base64().decode(requestObject.getAdHocIndex())); message.setMacIndex(BaseEncoding.base64().decode(requestObject.getMacIndex())); message.setNonce(BaseEncoding.base64().decode(requestObject.getNonce())); message.setMac(BaseEncoding.base64().decode(requestObject.getMac())); message.setEncryptedData(BaseEncoding.base64().decode(requestObject.getEncryptedData())); return encryptor.decrypt(message); }
public ObjectResponse<NonPersonalizedEncryptedPayloadModel> encrypt(byte[] originalData) throws GenericCryptoException, CryptoProviderException, InvalidKeyException { if (originalData == null) { return null; } NonPersonalizedEncryptedMessage message = encryptor.encrypt(originalData); if (message == null) { // this will happen only in case of an unlikely randomness error, or if keys are corrupted return null; } NonPersonalizedEncryptedPayloadModel responseObject = new NonPersonalizedEncryptedPayloadModel(); responseObject.setApplicationKey(BaseEncoding.base64().encode(message.getApplicationKey())); responseObject.setEphemeralPublicKey(BaseEncoding.base64().encode(message.getEphemeralPublicKey())); responseObject.setSessionIndex(BaseEncoding.base64().encode(message.getSessionIndex())); responseObject.setAdHocIndex(BaseEncoding.base64().encode(message.getAdHocIndex())); responseObject.setMacIndex(BaseEncoding.base64().encode(message.getMacIndex())); responseObject.setNonce(BaseEncoding.base64().encode(message.getNonce())); responseObject.setMac(BaseEncoding.base64().encode(message.getMac())); responseObject.setEncryptedData(BaseEncoding.base64().encode(message.getEncryptedData())); return new ObjectResponse<>(responseObject); }
/** * Decrypt the encrypted message from the message payload using this encryptor. * @param message Message object to be decrypted. * @return Original decrypted bytes. * @throws InvalidKeyException In case decryption key is invalid. * @throws GenericCryptoException In case decryption fails. * @throws CryptoProviderException In case cryptography provider is incorrectly initialized. */ public byte[] decrypt(NonPersonalizedEncryptedMessage message) throws InvalidKeyException, GenericCryptoException, CryptoProviderException { byte[] adHocIndex = message.getAdHocIndex(); byte[] macIndex = message.getMacIndex(); // make sure the indexes are different if (Arrays.equals(adHocIndex, macIndex)) { throw new GenericCryptoException("Invalid index"); } byte[] nonce = message.getNonce(); SecretKey sessionKey = keyConversion.convertBytesToSharedSecretKey(this.sessionRelatedSecretKey); SecretKey encryptionKey = generator.deriveSecretKeyHmac(sessionKey, adHocIndex); SecretKey macKey = generator.deriveSecretKeyHmac(sessionKey, macIndex); byte[] encryptedData = message.getEncryptedData(); byte[] macExpected = hmac.hash(macKey, encryptedData); byte[] mac = message.getMac(); // make sure the macs are the same if (!Arrays.equals(mac, macExpected)) { throw new GenericCryptoException("Invalid mac"); } return aes.decrypt(encryptedData, nonce, encryptionKey); }
/** * Decrypt the encrypted message from the message payload using this encryptor. * @param message Message object to be decrypted. * @return Original decrypted bytes. * @throws InvalidKeyException In case decryption key is invalid. * @throws GenericCryptoException In case decryption fails. * @throws CryptoProviderException In case cryptography provider is incorrectly initialized. */ public byte[] decrypt(NonPersonalizedEncryptedMessage message) throws InvalidKeyException, GenericCryptoException, CryptoProviderException { byte[] adHocIndex = message.getAdHocIndex(); byte[] macIndex = message.getMacIndex(); // make sure the indexes are different if (Arrays.equals(adHocIndex, macIndex)) { throw new GenericCryptoException("Invalid index"); } byte[] nonce = message.getNonce(); SecretKey sessionKey = keyConversion.convertBytesToSharedSecretKey(this.sessionRelatedSecretKey); SecretKey encryptionKey = generator.deriveSecretKeyHmac(sessionKey, adHocIndex); SecretKey macKey = generator.deriveSecretKeyHmac(sessionKey, macIndex); byte[] encryptedData = message.getEncryptedData(); byte[] macExpected = hmac.hash(macKey, encryptedData); byte[] mac = message.getMac(); // make sure the macs are the same if (!Arrays.equals(mac, macExpected)) { throw new GenericCryptoException("Invalid mac"); } return aes.decrypt(encryptedData, nonce, encryptionKey); }
byte[] mac = hmac.hash(macKey, encryptedData); NonPersonalizedEncryptedMessage message = new NonPersonalizedEncryptedMessage(); message.setApplicationKey(applicationKey); message.setEphemeralPublicKey(ephemeralPublicKey); message.setSessionIndex(sessionIndex); message.setAdHocIndex(adHocIndex); message.setMacIndex(macIndex); message.setNonce(nonce); message.setEncryptedData(encryptedData); message.setMac(mac);
byte[] mac = hmac.hash(macKey, encryptedData); NonPersonalizedEncryptedMessage message = new NonPersonalizedEncryptedMessage(); message.setApplicationKey(applicationKey); message.setEphemeralPublicKey(ephemeralPublicKey); message.setSessionIndex(sessionIndex); message.setAdHocIndex(adHocIndex); message.setMacIndex(macIndex); message.setNonce(nonce); message.setEncryptedData(encryptedData); message.setMac(mac);