@Override public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher); }
@Override public InputStream newCipherInputStream(InputStream underlyingInputStream, byte[] secretKey, byte[] iv) throws CipherException { AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(false, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv)); return new org.bouncycastle.crypto.io.CipherInputStream(underlyingInputStream, cipher); } }
@Test public void testE_BouncyCastleCipherInputStreamWithAesGcmLongPlaintext() throws InvalidKeyException, InvalidAlgorithmParameterException, IOException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException { // Encrypt (not interesting in this example) byte[] randomKey = createRandomArray(16); byte[] randomIv = createRandomArray(16); byte[] originalPlaintext = createRandomArray(4080); // <<<< 4080 bytes fails, 4079 bytes works! byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv); // Decrypt with BouncyCastle implementation of CipherInputStream AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv)); try { readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(originalCiphertext), cipher)); // ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^ // // In this example, the BouncyCastle implementation of the CipherInputStream throws an ArrayIndexOutOfBoundsException. // The only difference to the example above is that the plaintext is now 4080 bytes long! For 4079 bytes plaintexts, // everything works just fine. System.out.println("Test E: org.bouncycastle.crypto.io.CipherInputStream: OK, throws no exception"); } catch (IOException e) { fail("Test E: org.bouncycastle.crypto.io.CipherInputStream: NOT OK throws: "+e.getMessage()); } }
AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine()); cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));
/** * Creates a new AES cipher. * * @param secretKey The AES key. Must not be {@code null}. * @param forEncryption If {@code true} creates an AES encryption * cipher, else creates an AES decryption * cipher. * * @return The AES cipher. */ public static AESEngine createCipher(final SecretKey secretKey, final boolean forEncryption) { AESEngine cipher = new AESEngine(); CipherParameters cipherParams = new KeyParameter(secretKey.getEncoded()); cipher.init(forEncryption, cipherParams); return cipher; }
private byte[] decryptWithLWCrypto(byte[] cipher, String password, byte[] salt, final int iterationCount) throws Exception { PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(new SHA256Digest()); char[] passwordChars = password.toCharArray(); final byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS12PasswordToBytes(passwordChars); pGen.init(pkcs12PasswordBytes, salt, iterationCount); CBCBlockCipher aesCBC = new CBCBlockCipher(new AESEngine()); ParametersWithIV aesCBCParams = (ParametersWithIV) pGen.generateDerivedParameters(256, 128); aesCBC.init(false, aesCBCParams); PaddedBufferedBlockCipher aesCipher = new PaddedBufferedBlockCipher(aesCBC, new PKCS7Padding()); byte[] plainTemp = new byte[aesCipher.getOutputSize(cipher.length)]; int offset = aesCipher.processBytes(cipher, 0, cipher.length, plainTemp, 0); int last = aesCipher.doFinal(plainTemp, offset); final byte[] plain = new byte[offset + last]; System.arraycopy(plainTemp, 0, plain, 0, plain.length); return plain; }
new CBCBlockCipher(new AESEngine()), padding); cipher.reset(); cipher.init(false, params);
/** * Create a regular AESWrapEngine specifying the encrypt for wrapping, decrypt for unwrapping. */ public AESWrapEngine() { super(new AESEngine()); }
/** * Create an AESWrapEngine where the underlying cipher is set to decrypt for wrapping, encrypt for unwrapping. * * @param useReverseDirection true if underlying cipher should be used in decryption mode, false otherwise. */ public AESWrapEngine(boolean useReverseDirection) { super(new AESEngine(), useReverseDirection); } }
public AESWrapPadEngine() { super(new AESEngine()); } }
public AESWrapPadEngine() { super(new AESEngine()); } }
public GCM() { super(new GCMBlockCipher(new AESEngine())); } }
public RFC3211Wrap() { super(new RFC3211WrapEngine(new AESEngine()), 16); } }
public ECIESwithAESCBC() { super(new CBCBlockCipher(new AESEngine()), 16); } }
public AESGMAC() { super(new GMac(new GCMBlockCipher(new AESEngine()))); } }
KeyParameter keyParameter = new KeyParameter(aesDecrypted); CBCBlockCipher cbcBlockCipher = new CBCBlockCipher(new AESEngine()); cbcBlockCipher.init(false, keyParameter); PaddedBufferedBlockCipher aesCipher = new PaddedBufferedBlockCipher(cbcBlockCipher, new PKCS7Padding()); return new CipherInputStream(in, aesCipher)
/** For unit tests only */ static AEADOutputStream innerCreateAES(OutputStream os, byte[] key, Random random) throws IOException { AESEngine mainCipher = new AESEngine(); AESLightEngine hashCipher = new AESLightEngine(); byte[] nonce = new byte[mainCipher.getBlockSize()]; random.nextBytes(nonce); nonce[0] &= 0x7F; return new AEADOutputStream(os, key, nonce, hashCipher, mainCipher); }
private BufferedBlockCipher getCipher(boolean forEncryption) { BufferedBlockCipher cipher = new PaddedBufferedBlockCipher( new CBCBlockCipher(new AESEngine()), new PKCS7Padding()); cipher.init(forEncryption, new ParametersWithIV(new KeyParameter(this.keyBytes, IV_LENGTH, this.keyBytes.length - IV_LENGTH), this.keyBytes, 0, IV_LENGTH)); return cipher; } }
private BufferedBlockCipher ase256CtrCipher(boolean forEncryption, byte[] key, byte[] iv) { BlockCipher engine = new AESEngine(); BufferedBlockCipher cipher = new BufferedBlockCipher(new SICBlockCipher(engine)); CipherParameters params = new ParametersWithIV(new KeyParameter(key), iv); cipher.init(forEncryption, params); return cipher; }