private static byte[] performCipherOperation( int mode, byte[] iv, byte[] encryptKey, byte[] text) throws CipherException { try { IvParameterSpec ivParameterSpec = new IvParameterSpec(iv); Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding"); SecretKeySpec secretKeySpec = new SecretKeySpec(encryptKey, "AES"); cipher.init(mode, secretKeySpec, ivParameterSpec); return cipher.doFinal(text); } catch (NoSuchPaddingException | NoSuchAlgorithmException | InvalidAlgorithmParameterException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) { throw new CipherException("Error performing cipher operation", e); } }
static void validate(WalletFile walletFile) throws CipherException { WalletFile.Crypto crypto = walletFile.getCrypto(); if (walletFile.getVersion() != CURRENT_VERSION) { throw new CipherException("Wallet version is not supported"); } if (!crypto.getCipher().equals(CIPHER)) { throw new CipherException("Wallet cipher is not supported"); } if (!crypto.getKdf().equals(AES_128_CTR) && !crypto.getKdf().equals(SCRYPT)) { throw new CipherException("KDF type is not supported"); } }
private static byte[] generateAes128CtrDerivedKey( byte[] password, byte[] salt, int c, String prf) throws CipherException { if (!prf.equals("hmac-sha256")) { throw new CipherException("Unsupported prf:" + prf); } // Java 8 supports this, but you have to convert the password to a character array, see // http://stackoverflow.com/a/27928435/3211687 PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest()); gen.init(password, salt, c); return ((KeyParameter) gen.generateDerivedParameters(256)).getKey(); }
throw new CipherException("Unable to deserialize params: " + crypto.getKdf()); throw new CipherException("Invalid password provided");