public CryptoAES(String transformation, Properties properties, byte[] inKey, byte[] outKey, byte[] inIv, byte[] outIv) throws IOException { checkTransformation(transformation); // encryptor encryptor = Utils.getCipherInstance(transformation, properties); try { SecretKeySpec outKEYSpec = new SecretKeySpec(outKey, "AES"); IvParameterSpec outIVSpec = new IvParameterSpec(outIv); encryptor.init(Cipher.ENCRYPT_MODE, outKEYSpec, outIVSpec); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IOException("Failed to initialize encryptor", e); } // decryptor decryptor = Utils.getCipherInstance(transformation, properties); try { SecretKeySpec inKEYSpec = new SecretKeySpec(inKey, "AES"); IvParameterSpec inIVSpec = new IvParameterSpec(inIv); decryptor.init(Cipher.DECRYPT_MODE, inKEYSpec, inIVSpec); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IOException("Failed to initialize decryptor", e); } integrity = new Integrity(outKey, inKey); }
boolean compareHMAC(byte[] expectedHMAC, byte[] peerSeqNum, byte[] msg, int start, int len) throws SaslException { byte[] mac = calculateHMAC(peerKey, peerSeqNum, msg, start, len); return Arrays.equals(mac, expectedHMAC); }
if (!integrity.compareHMAC(mac, peerSeqNum, msg, 0, msg.length)) { throw new SaslException("Unmatched MAC"); if (!integrity.comparePeerSeqNum(peerSeqNum)) { throw new SaslException("Out of order sequencing of messages. Got: " + integrity.byteToInt (peerSeqNum) + " Expected: " + integrity.peerSeqNum); integrity.incPeerSeqNum();
if (!integrity.compareHMAC(mac, peerSeqNum, msg, 0, msg.length)) { throw new SaslException("Unmatched MAC"); if (!integrity.comparePeerSeqNum(peerSeqNum)) { throw new SaslException("Out of order sequencing of messages. Got: " + integrity.byteToInt (peerSeqNum) + " Expected: " + integrity.peerSeqNum); integrity.incPeerSeqNum();
if (!integrity.compareHMAC(mac, peerSeqNum, msg, 0, msg.length)) { throw new SaslException("Unmatched MAC"); if (!integrity.comparePeerSeqNum(peerSeqNum)) { throw new SaslException("Out of order sequencing of messages. Got: " + integrity.byteToInt (peerSeqNum) + " Expected: " + integrity.peerSeqNum); integrity.incPeerSeqNum();
/** * Encrypts input data. The result composes of (msg, padding if needed, mac) and sequence num. * @param data the input byte array * @param offset the offset in input where the input starts * @param len the input length * @return the new encrypted byte array. * @throws SaslException if error happens */ public byte[] wrap(byte[] data, int offset, int len) throws SaslException { // mac byte[] mac = integrity.getHMAC(data, offset, len); integrity.incMySeqNum(); // encrypt byte[] encrypted = new byte[len + 10]; try { int n = encryptor.update(data, offset, len, encrypted, 0); encryptor.update(mac, 0, 10, encrypted, n); } catch (ShortBufferException sbe) { // this should not happen throw new SaslException("Error happens during encrypt data", sbe); } // append seqNum used for mac byte[] wrapped = new byte[encrypted.length + 4]; System.arraycopy(encrypted, 0, wrapped, 0, encrypted.length); System.arraycopy(integrity.getSeqNum(), 0, wrapped, encrypted.length, 4); return wrapped; }
/** * Encrypts input data. The result composes of (msg, padding if needed, mac) and sequence num. * @param data the input byte array * @param offset the offset in input where the input starts * @param len the input length * @return the new encrypted byte array. * @throws SaslException if error happens */ public byte[] wrap(byte[] data, int offset, int len) throws SaslException { // mac byte[] mac = integrity.getHMAC(data, offset, len); integrity.incMySeqNum(); // encrypt byte[] encrypted = new byte[len + 10]; try { int n = encryptor.update(data, offset, len, encrypted, 0); encryptor.update(mac, 0, 10, encrypted, n); } catch (ShortBufferException sbe) { // this should not happen throw new SaslException("Error happens during encrypt data", sbe); } // append seqNum used for mac byte[] wrapped = new byte[encrypted.length + 4]; System.arraycopy(encrypted, 0, wrapped, 0, encrypted.length); System.arraycopy(integrity.getSeqNum(), 0, wrapped, encrypted.length, 4); return wrapped; }
public CryptoAES(String transformation, Properties properties, byte[] inKey, byte[] outKey, byte[] inIv, byte[] outIv) throws IOException { checkTransformation(transformation); // encryptor encryptor = Utils.getCipherInstance(transformation, properties); try { SecretKeySpec outKEYSpec = new SecretKeySpec(outKey, "AES"); IvParameterSpec outIVSpec = new IvParameterSpec(outIv); encryptor.init(Cipher.ENCRYPT_MODE, outKEYSpec, outIVSpec); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IOException("Failed to initialize encryptor", e); } // decryptor decryptor = Utils.getCipherInstance(transformation, properties); try { SecretKeySpec inKEYSpec = new SecretKeySpec(inKey, "AES"); IvParameterSpec inIVSpec = new IvParameterSpec(inIv); decryptor.init(Cipher.DECRYPT_MODE, inKEYSpec, inIVSpec); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IOException("Failed to initialize decryptor", e); } integrity = new Integrity(outKey, inKey); }
public CryptoAES(String transformation, Properties properties, byte[] inKey, byte[] outKey, byte[] inIv, byte[] outIv) throws IOException { checkTransformation(transformation); // encryptor encryptor = Utils.getCipherInstance(transformation, properties); try { SecretKeySpec outKEYSpec = new SecretKeySpec(outKey, "AES"); IvParameterSpec outIVSpec = new IvParameterSpec(outIv); encryptor.init(Cipher.ENCRYPT_MODE, outKEYSpec, outIVSpec); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IOException("Failed to initialize encryptor", e); } // decryptor decryptor = Utils.getCipherInstance(transformation, properties); try { SecretKeySpec inKEYSpec = new SecretKeySpec(inKey, "AES"); IvParameterSpec inIVSpec = new IvParameterSpec(inIv); decryptor.init(Cipher.DECRYPT_MODE, inKEYSpec, inIVSpec); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IOException("Failed to initialize decryptor", e); } integrity = new Integrity(outKey, inKey); }
boolean comparePeerSeqNum(byte[] peerSeqNum) { return this.peerSeqNum == byteToInt(peerSeqNum); }
boolean comparePeerSeqNum(byte[] peerSeqNum) { return this.peerSeqNum == byteToInt(peerSeqNum); }
byte[] getHMAC(byte[] msg, int start, int len) throws SaslException { intToByte(mySeqNum); return calculateHMAC(myKey, seqNum, msg, start, len); }
byte[] getHMAC(byte[] msg, int start, int len) throws SaslException { intToByte(mySeqNum); return calculateHMAC(myKey, seqNum, msg, start, len); }
boolean compareHMAC(byte[] expectedHMAC, byte[] peerSeqNum, byte[] msg, int start, int len) throws SaslException { byte[] mac = calculateHMAC(peerKey, peerSeqNum, msg, start, len); return Arrays.equals(mac, expectedHMAC); }
boolean compareHMAC(byte[] expectedHMAC, byte[] peerSeqNum, byte[] msg, int start, int len) throws SaslException { byte[] mac = calculateHMAC(peerKey, peerSeqNum, msg, start, len); return Arrays.equals(mac, expectedHMAC); }
/** * Encrypts input data. The result composes of (msg, padding if needed, mac) and sequence num. * @param data the input byte array * @param offset the offset in input where the input starts * @param len the input length * @return the new encrypted byte array. * @throws SaslException if error happens */ public byte[] wrap(byte[] data, int offset, int len) throws SaslException { // mac byte[] mac = integrity.getHMAC(data, offset, len); integrity.incMySeqNum(); // encrypt byte[] encrypted = new byte[len + 10]; try { int n = encryptor.update(data, offset, len, encrypted, 0); encryptor.update(mac, 0, 10, encrypted, n); } catch (ShortBufferException sbe) { // this should not happen throw new SaslException("Error happens during encrypt data", sbe); } // append seqNum used for mac byte[] wrapped = new byte[encrypted.length + 4]; System.arraycopy(encrypted, 0, wrapped, 0, encrypted.length); System.arraycopy(integrity.getSeqNum(), 0, wrapped, encrypted.length, 4); return wrapped; }
boolean comparePeerSeqNum(byte[] peerSeqNum) { return this.peerSeqNum == byteToInt(peerSeqNum); }
byte[] getHMAC(byte[] msg, int start, int len) throws SaslException { intToByte(mySeqNum); return calculateHMAC(myKey, seqNum, msg, start, len); }