public PBKDF2Encryptor(final String passPhrase, final byte[] salt, final int iterationCount, final int i1) { this.iterationCount = iterationCount; try { // create the key KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount, i1); SecretKey tmp = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(keySpec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES"); // encryptor ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); ecipher.init(Cipher.ENCRYPT_MODE, secret); AlgorithmParameters params = ecipher.getParameters(); byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV(); // decryptor dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv)); } catch (Exception ex) { throw new IllegalArgumentException(ex); } }
@Override public void subscribe(ObservableEmitter<EncryptionResult> emitter) throws Exception { if (initException==null) { createKey(keyName, timeout); SecretKey secretKey=(SecretKey)ks.getKey(keyName, null); Cipher cipher=Cipher.getInstance("AES/CBC/PKCS7Padding"); SecureRandom rand=new SecureRandom(); byte[] iv=new byte[BLOCK_SIZE]; rand.nextBytes(iv); IvParameterSpec ivParams=new IvParameterSpec(iv); cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivParams); emitter.onNext(new EncryptionResult(ivParams.getIV(), cipher.doFinal(toEncrypt))); } else { throw initException; } }
public static byte[] encrypt(byte[] data, IvParameterSpec zeroIv, SecretKeySpec keySpec) { try { Profiler.enter("time cost on [aes encrypt]: data length=" + data.length); Cipher cipher = Cipher.getInstance(KEY_ALGORITHM_PADDING); cipher.init(Cipher.ENCRYPT_MODE, keySpec, zeroIv); return cipher.doFinal(data); } catch (Exception e) { LOGGER.error("AES encrypt ex, iv={}, key={}", Arrays.toString(zeroIv.getIV()), Arrays.toString(keySpec.getEncoded()), e); throw new CryptoException("AES encrypt ex", e); } finally { Profiler.release(); } }
public static byte[] decrypt(byte[] data, IvParameterSpec zeroIv, SecretKeySpec keySpec) { try { Profiler.enter("time cost on [aes decrypt]: data length=" + data.length); Cipher cipher = Cipher.getInstance(KEY_ALGORITHM_PADDING); cipher.init(Cipher.DECRYPT_MODE, keySpec, zeroIv); return cipher.doFinal(data); } catch (Exception e) { LOGGER.error("AES decrypt ex, iv={}, key={}", Arrays.toString(zeroIv.getIV()), Arrays.toString(keySpec.getEncoded()), e); throw new CryptoException("AES decrypt ex", e); } finally { Profiler.release(); } } }
/** * Returns encrypted IV (initial vector) as generated by AES algorithm in the process of encryption. * Other algorithms are not using it. * In case of no such data available it returns {@code null}. * It uses already set {@link Alphabet} to encode it. * @return encoded form of IV or {@code null} when not available */ public String getEncodedIV() { if (algorithmParameters != null) { try { PBEParameterSpec spec = algorithmParameters.getParameterSpec(PBEParameterSpec.class); AlgorithmParameterSpec algSpec = spec.getParameterSpec(); if (algSpec instanceof IvParameterSpec) { return encodeUsingAlphabet(((IvParameterSpec) algSpec).getIV()); } } catch (InvalidParameterSpecException e) { return null; } } return null; }
return (pbeSpec.getIterationCount() * 31 + Arrays.hashCode(pbeSpec.getSalt())) * 31 + parametersHashCode(parameterSpec); } else if (param instanceof IvParameterSpec) { return Arrays.hashCode(((IvParameterSpec) param).getIV()); } else if (param instanceof RSAParameterSpec || param instanceof IteratedSaltedPasswordAlgorithmSpec
cipher.init(Cipher.ENCRYPT_MODE, secret); IvParameterSpec spec = cipher.getParameters().getParameterSpec(IvParameterSpec.class); byte[] iv = spec.getIV();
public static String encryptAES(String data, String secretKey) { try { byte[] secretKeys = Arrays.copyOfRange(Hashing.sha256().hashString(secretKey, Charsets.UTF_8) .asBytes(), 0, 16); final SecretKey secret = new SecretKeySpec(secretKeys, "AES"); final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, secret); final AlgorithmParameters params = cipher.getParameters(); final byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV(); final byte[] cipherText = cipher.doFinal(data.getBytes(Charsets.UTF_8)); return DatatypeConverter.printHexBinary(iv) + DatatypeConverter.printHexBinary(cipherText); } catch (Exception e) { throw Throwables.propagate(e); } }
Cipher enc = Cipher.getInstance("AES/CBC/PKCS5Padding"); enc.init(Cipher.ENCRYPT_MODE, key); AlgorithmParameters params = enc.getParameters(); IvParameterSpec iv = params.getParameterSpec(IvParameterSpec.class); out.write(iv.getIV()); out = new CipherOutputStream(enc, out);
private SkippingStreamCipher setup(OutputStream os) throws GeneralSecurityException, IOException { this.headerEncIV = KeyGenUtils.genIV(type.encryptType.ivSize).getIV(); this.unencryptedBaseKey = KeyGenUtils.genSecretKey(type.encryptKey); writeHeader(os); setupKeys(); SkippingStreamCipher cipherWrite = this.type.get(); cipherWrite.init(true, cipherParams); return cipherWrite; }
@Test public void testGenIVLength() throws InvalidKeyException, InvalidAlgorithmParameterException { int i = 4; CryptByteBuffer crypt = new CryptByteBuffer(cipherTypes[i], keys[i], ivs[i]); assertEquals(crypt.genIV().getIV().length, cipherTypes[i].ivSize.intValue()); }
@Test public void testGetIvParameterSpecLength() { assertEquals(KeyGenUtils.getIvParameterSpec(new byte[16], 0, trueLength).getIV().length, trueLength); }
@Test public void testDeriveIvParameterSpec() throws InvalidKeyException{ SecretKey kdfKey = KeyGenUtils.getSecretKey(KeyType.HMACSHA512, trueLengthSecretKeys[6]); IvParameterSpec buf1 = KeyGenUtils.deriveIvParameterSpec(kdfKey, KeyGenUtils.class, kdfInput, KeyType.ChaCha128); IvParameterSpec buf2 = KeyGenUtils.deriveIvParameterSpec(kdfKey, KeyGenUtils.class, kdfInput, KeyType.ChaCha128); assertNotNull(buf1); assertArrayEquals(buf1.getIV(), buf2.getIV()); }
@Test public void testDeriveIvParameterSpecLength() throws InvalidKeyException{ for(KeyType type: keyTypes){ SecretKey kdfKey = KeyGenUtils.getSecretKey(KeyType.HMACSHA512, trueLengthSecretKeys[6]); IvParameterSpec buf1 = KeyGenUtils.deriveIvParameterSpec(kdfKey, KeyGenUtils.class, kdfInput, type); assertEquals(buf1.getIV().length, type.ivSize >> 3); } }
@Test public void testGenIVLength() throws InvalidKeyException, InvalidAlgorithmParameterException { MessageAuthCode mac = new MessageAuthCode(types[3], keys[3], IVs[3]); assertEquals(mac.genIV().getIV().length, types[3].ivlen); }
@Test public void testGetIV() throws InvalidKeyException, InvalidAlgorithmParameterException { int i = 4; CryptByteBuffer crypt = new CryptByteBuffer(cipherTypes[i], keys[i], ivs[i]); assertArrayEquals(crypt.getIV().getIV(), ivs[i]); }
@Test public void testDeriveIvLength() { MasterSecret secret = new MasterSecret(); for(KeyType type: types){ assertEquals(secret.deriveIv(type).getIV().length, type.ivSize >> 3); } }
@Test public void testSetIVIvParameterSpec() throws InvalidKeyException, InvalidAlgorithmParameterException { int i = 4; CryptByteBuffer crypt = new CryptByteBuffer(cipherTypes[i], keys[i], ivs[i]); crypt.genIV(); crypt.setIV(new IvParameterSpec(ivs[i])); assertArrayEquals(ivs[i], crypt.getIV().getIV()); }