org.bouncycastle.crypto.BufferedBlockCipher Java Examples

public String testEncryptRijndael(String value,String key) throws DataLengthException, IllegalStateException, InvalidCipherTextException {
    BlockCipher engine = new RijndaelEngine(256);
    BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new ZeroBytePadding());

    byte[] keyBytes = key.getBytes();
    cipher.init(true, new KeyParameter(keyBytes));

    byte[] input = value.getBytes();
    byte[] cipherText = new byte[cipher.getOutputSize(input.length)];

    int cipherLength = cipher.processBytes(input, 0, input.length, cipherText, 0);
    cipher.doFinal(cipherText, cipherLength);

    String result = new String(Base64.encode(cipherText));
    //Log.e("testEncryptRijndael : " , result);
    return  result;
}
 

@Override
public byte[] aes256CtrEncrypt(byte[] m, byte[] key, byte[] iv) {
	validateAes256CtrEncrypt(m, key, iv);

	try {
		BufferedBlockCipher cipher = ase256CtrCipher(true, key, iv);

		byte[] cipherText = new byte[cipher.getOutputSize(m.length)];
		int len = cipher.processBytes(m, 0, m.length, cipherText, 0);
		cipher.doFinal(cipherText, len);

		return cipherText;
	} catch (InvalidCipherTextException e) {
		// Not possible since we're not using padding.
		throw new CryptoProviderException("Invalid cipher text in aes256CtrEncrypt.", e);
	}
}
 

@Override
public byte[] aes256CtrDecrypt(byte[] c, byte[] key, byte[] iv) {
	validateAes256CtrDecrypt(c, key, iv);

	try {
		BufferedBlockCipher cipher = ase256CtrCipher(false, key, iv);

		byte[] clearText = new byte[cipher.getOutputSize(c.length)];
		int len = cipher.processBytes(c, 0, c.length, clearText, 0);
		cipher.doFinal(clearText, len);

		return clearText;
	} catch (InvalidCipherTextException e) {
		// Not possible since we're not using padding.
		throw new CryptoProviderException("Invalid cipher text in aes256CtrDecrypt.", e);
	}
}
 

private byte[] encryptDESFile(String keys, byte[] plainText) {
BlockCipher engine = new DESEngine();

      byte[] key = keys.getBytes();
      byte[] ptBytes = plainText;
      BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine));
      cipher.init(true, new KeyParameter(key));
      byte[] rv = new byte[cipher.getOutputSize(ptBytes.length)];
      int tam = cipher.processBytes(ptBytes, 0, ptBytes.length, rv, 0);
      try {
          cipher.doFinal(rv, tam);
      } catch (Exception ce) {
          ce.printStackTrace();
      }
      return rv;
  }
 

/**
 * 数据通过KeyParameter和初始化向量加密
 *
 * @param plainBytes 需要加密的数据
 * @param iv         初始化向量
 * @param aesKey     秘钥
 * @return 加密后的数据
 */
public static EncryptedData encrypt(byte[] plainBytes, byte[] iv, KeyParameter aesKey) throws RuntimeException {
    HexUtil.checkNotNull(plainBytes);
    HexUtil.checkNotNull(aesKey);
    try {
        if (iv == null) {
            iv = EncryptedData.DEFAULT_IV;
            //SECURE_RANDOM.nextBytes(iv);
        }
        ParametersWithIV keyWithIv = new ParametersWithIV(aesKey, iv);
        // Encrypt using AES.
        BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()));
        cipher.init(true, keyWithIv);
        byte[] encryptedBytes = new byte[cipher.getOutputSize(plainBytes.length)];
        final int length1 = cipher.processBytes(plainBytes, 0, plainBytes.length, encryptedBytes, 0);
        final int length2 = cipher.doFinal(encryptedBytes, length1);

        return new EncryptedData(iv, Arrays.copyOf(encryptedBytes, length1 + length2));
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
 

/**
 * 数据通过KeyParameter解密
 *
 * @param dataToDecrypt 需要解密的数据
 * @param aesKey        秘钥
 * @return 解密后的数据
 */
public static byte[] decrypt(EncryptedData dataToDecrypt, KeyParameter aesKey) throws CryptoException {
    HexUtil.checkNotNull(dataToDecrypt);
    HexUtil.checkNotNull(aesKey);

    try {
        ParametersWithIV keyWithIv = new ParametersWithIV(new KeyParameter(aesKey.getKey()), dataToDecrypt.getInitialisationVector());

        // Decrypt the validator.
        BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()));
        cipher.init(false, keyWithIv);

        byte[] cipherBytes = dataToDecrypt.getEncryptedBytes();
        byte[] decryptedBytes = new byte[cipher.getOutputSize(cipherBytes.length)];
        final int length1 = cipher.processBytes(cipherBytes, 0, cipherBytes.length, decryptedBytes, 0);
        final int length2 = cipher.doFinal(decryptedBytes, length1);

        return Arrays.copyOf(decryptedBytes, length1 + length2);
    } catch (Exception e) {
        throw new CryptoException();
    }
}
 

@Override
@SuppressWarnings("squid:S1168")
public byte[] encrypt(final byte[] input) {
    // Setup salt.

    // Derive shared key.
    final byte[] sharedKey = getSharedKey(this.senderKeyPair.getPrivateKey(),
        this.recipientKeyPair.getPublicKey());

    // Setup IV.
    final byte[] ivData = RandomUtils.generateRandomBytes(IV_LENGTH);

    // Setup block cipher.
    final BufferedBlockCipher cipher = setupBlockCipher(sharedKey, ivData, true);

    // Encode.
    final byte[] buf = transform(cipher, input);
    if (null == buf) {
        return null;
    }

    final byte[] result = new byte[ivData.length + buf.length];
    System.arraycopy(ivData, 0, result, 0, ivData.length);
    System.arraycopy(buf, 0, result, ivData.length, buf.length);
    return result;
}
 

@Override
@SuppressWarnings("squid:S1168")
public byte[] decrypt(final byte[] input) {
    if (input.length < 32) {
        return null;
    }

    final byte[] ivData = Arrays.copyOfRange(input, 0, IV_LENGTH);
    final byte[] encData = Arrays.copyOfRange(input, IV_LENGTH, input.length);

    // Derive shared key.
    final byte[] sharedKey = getSharedKey(this.recipientKeyPair.getPrivateKey(),
        this.senderKeyPair.getPublicKey());

    // Setup block cipher.
    final BufferedBlockCipher cipher = setupBlockCipher(sharedKey, ivData, false);

    // Decode.
    return transform(cipher, encData);
}
 

@ParameterizedTest
@MethodSource("testResolveSharedKey")
void testResolveSharedKey(String privateKey, String otherPublicKey,
    String iv, String cipherText, String clearText) {
    PrivateKey privateKeyObject = PrivateKey.fromHexString(privateKey);
    PublicKey otherPublicKeyObject = PublicKey.fromHexString(otherPublicKey);
    byte[] sharedKey = Ed25519BlockCipher.getSharedKey(
        privateKeyObject,
        otherPublicKeyObject
    );

    final BufferedBlockCipher cipher = Ed25519BlockCipher
        .setupBlockCipher(sharedKey, ConvertUtils.fromHexToBytes(iv), false);
    byte[] decrypted = Ed25519BlockCipher
        .transform(cipher, ConvertUtils.fromHexToBytes(cipherText));
    Assertions.assertNotNull(decrypted);
    Assertions
        .assertEquals(clearText.toUpperCase(), ConvertUtils.toHex(decrypted).toUpperCase());
}
 

private static EthereumIESEncryptionEngine forDecryption(
    SecretKey privateKey,
    PublicKey ephemeralPublicKey,
    Bytes iv,
    Bytes commonMac) {
  CipherParameters pubParam = new ECPublicKeyParameters(ephemeralPublicKey.asEcPoint(), CURVE);
  CipherParameters privParam = new ECPrivateKeyParameters(privateKey.bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agreement = new ECDHBasicAgreement();
  agreement.init(privParam);
  byte[] agreementValue =
      BigIntegers.asUnsignedByteArray(agreement.getFieldSize(), agreement.calculateAgreement(pubParam));

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(agreementValue, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agreement,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(false, privParam, pubParam, cipherParameters);
  return engine;
}
 

private void validatePerms(PDEncryption encryption, int dicPermissions, boolean encryptMetadata)
        throws IOException
{
    try
    {
        BufferedBlockCipher cipher = new BufferedBlockCipher(new AESFastEngine());
        cipher.init(false, new KeyParameter(getEncryptionKey()));

        byte[] buf = new byte[cipher.getOutputSize(encryption.getPerms().length)];
        int len = cipher.processBytes(encryption.getPerms(), 0, encryption.getPerms().length,
                buf, 0);
        len += cipher.doFinal(buf, len);
        byte[] perms = copyOf(buf, len);

        if (perms[9] != 'a' || perms[10] != 'd' || perms[11] != 'b')
        {
            LOG.warn("Verification of permissions failed (constant)");
        }

        int permsP = perms[0] & 0xFF | (perms[1] & 0xFF) << 8 | (perms[2] & 0xFF) << 16
                | (perms[3] & 0xFF) << 24;

        if (permsP != dicPermissions)
        {
            LOG.warn("Verification of permissions failed (" + String.format("%08X", permsP)
                    + " != " + String.format("%08X", dicPermissions) + ")");
        }

        if (encryptMetadata && perms[8] != 'T' || !encryptMetadata && perms[8] != 'F')
        {
            LOG.warn("Verification of permissions failed (EncryptMetadata)");
        }
    }
    catch (DataLengthException | IllegalStateException | InvalidCipherTextException e)
    {
        throw new IOException(e);
    }
}
 

public String testDecryptRijndael(String value,String key) throws DataLengthException, IllegalStateException, InvalidCipherTextException {
        BlockCipher engine = new RijndaelEngine(256);
        BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new ZeroBytePadding());

        byte[] keyBytes = key.getBytes();
        cipher.init(false, new KeyParameter(keyBytes));

        byte[] output = Base64.decode(value.getBytes());
        byte[] cipherText = new byte[cipher.getOutputSize(output.length)];

        int cipherLength = cipher.processBytes(output, 0, output.length, cipherText, 0);
        int outputLength = cipher.doFinal(cipherText, cipherLength);
        outputLength += cipherLength;

        byte[] resultBytes = cipherText;
        if (outputLength != output.length) {
            resultBytes = new byte[outputLength];
            System.arraycopy(
                    cipherText, 0,
                    resultBytes, 0,
                    outputLength
            );
        }

        String result = new String(resultBytes);
return  result;
    }
 

/**
 * Constructs a CipherOutputStream from an OutputStream and a
 * BufferedBlockCipher.
 */
public CipherOutputStream(
        OutputStream os,
        BufferedBlockCipher cipher) {
    super(os);
    this.bufferedBlockCipher = cipher;
}
 

/**
 * Constructs a CipherInputStream from an InputStream and a
 * BufferedBlockCipher.
 */
public CipherInputStream(
        InputStream is,
        BufferedBlockCipher cipher) {
    super(is);

    this.bufferedBlockCipher = cipher;

    int outSize = cipher.getOutputSize(INPUT_BUF_SIZE);

    buf = new byte[(outSize > INPUT_BUF_SIZE) ? outSize : INPUT_BUF_SIZE];
    inBuf = new byte[INPUT_BUF_SIZE];
}
 

public byte[] decryptDESFile(String key, byte[] cipherText) {
BlockCipher engine = new DESEngine();
      byte[] bytes = key.getBytes();
      BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine));
      cipher.init(false, new KeyParameter(bytes));
      byte[] rv = new byte[cipher.getOutputSize(cipherText.length)];
      int tam = cipher.processBytes(cipherText, 0, cipherText.length, rv, 0);
      try {
          cipher.doFinal(rv, tam);
      } catch (Exception ce) {
          ce.printStackTrace();
      }
      return rv;
  }
 

public static BufferedBlockCipher setupBlockCipher(
    final byte[] sharedKey, final byte[] ivData, final boolean forEncryption) {
    // Setup cipher parameters with key and IV.
    final KeyParameter keyParam = new KeyParameter(sharedKey);
    final CipherParameters params = new ParametersWithIV(keyParam, ivData);

    // Setup AES cipher in CBC mode with PKCS7 padding.
    final BlockCipherPadding padding = new PKCS7Padding();
    final BufferedBlockCipher cipher =
        new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
    cipher.reset();
    cipher.init(forEncryption, params);
    return cipher;
}
 

/**
 * Method for AES CBC operation, internal call
 * 
 * @param key
 * @param icv
 * @param src
 * @param encrypting
 * @return
 * @throws GeneralSecurityException
 */
private static byte[] doAESCBC(byte[] key, byte[] icv, byte[] src, boolean encrypting) throws GeneralSecurityException {
	byte[] result = new byte[src.length];
	try {
		BufferedBlockCipher engine = new BufferedBlockCipher(new CBCBlockCipher(new AESEngine()));
		engine.init(encrypting, new ParametersWithIV(new KeyParameter(key), icv));
		int len = engine.processBytes(src, 0, src.length, result, 0);
		engine.doFinal(result, len);
	} catch (InvalidCipherTextException e) {
		throw new GeneralSecurityException(e);
	}
	return result;
}
 

/**
 * Method for AES ECB operation, internal call
 * 
 * @param key
 * @param src
 * @param encrypting
 * @return
 * @throws GeneralSecurityException
 */
private static byte[] doAESECB(byte[] key, byte[] src, boolean encrypting) throws GeneralSecurityException {
	byte[] result = new byte[src.length];
	try {
		BufferedBlockCipher engine = new BufferedBlockCipher(new AESEngine());
		engine.init(encrypting, new KeyParameter(key));
		int len = engine.processBytes(src, 0, src.length, result, 0);
		engine.doFinal(result, len);
	} catch (InvalidCipherTextException e) {
		throw new GeneralSecurityException(e);
	}
	return result;
}
 

private BufferedBlockCipher ase256CtrCipher(boolean forEncryption, byte[] key, byte[] iv) {
	BlockCipher engine = new AESEngine();
	BufferedBlockCipher cipher = new BufferedBlockCipher(new SICBlockCipher(engine));
	CipherParameters params = new ParametersWithIV(new KeyParameter(key), iv);

	cipher.init(forEncryption, params);
	return cipher;
}
 

private static EthereumIESEncryptionEngine forDecryption(
    SecretKey privateKey,
    PublicKey ephemeralPublicKey,
    Bytes iv,
    Bytes commonMac) {
  CipherParameters pubParam = new ECPublicKeyParameters(ephemeralPublicKey.asEcPoint(), CURVE);
  CipherParameters privParam = new ECPrivateKeyParameters(privateKey.bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agreement = new ECDHBasicAgreement();
  agreement.init(privParam);
  byte[] agreementValue =
      BigIntegers.asUnsignedByteArray(agreement.getFieldSize(), agreement.calculateAgreement(pubParam));

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(agreementValue, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agreement,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(false, privParam, pubParam, cipherParameters);
  return engine;
}
 

private static EthereumIESEncryptionEngine forEncryption(
    PublicKey pubKey,
    Bytes iv,
    Bytes commonMac,
    KeyPair ephemeralKeyPair) {
  CipherParameters pubParam = new ECPublicKeyParameters(pubKey.asEcPoint(), CURVE);
  CipherParameters privParam =
      new ECPrivateKeyParameters(ephemeralKeyPair.secretKey().bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agree = new ECDHBasicAgreement();
  agree.init(privParam);
  BigInteger z = agree.calculateAgreement(pubParam);
  byte[] zbytes = BigIntegers.asUnsignedByteArray(agree.getFieldSize(), z);

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  // Initialise the KDF.
  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(zbytes, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agree,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(true, privParam, pubParam, cipherParameters);

  return engine;
}
 

/**
 * Create a new BufferedBlockCipher instance
 */
private static BufferedBlockCipher createBufferedBlockCipher(boolean par0, Key par1Key) {
    BufferedBlockCipher var2 = new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8));
    var2.init(par0, new ParametersWithIV(new KeyParameter(par1Key.getEncoded()), par1Key.getEncoded(), 0, 16));
    return var2;
}
 

static InputStream decryptStream(InputStream in, XFileKey keyCipher) {
    BlockCipher cipher = keyCipher.ciphers().get();
    cipher.init(false, new KeyParameter(keyCipher.key()));
    return new CipherInputStream(in, new BufferedBlockCipher(cipher));
}
 

private static EthereumIESEncryptionEngine forEncryption(
    PublicKey pubKey,
    Bytes iv,
    Bytes commonMac,
    KeyPair ephemeralKeyPair) {
  CipherParameters pubParam = new ECPublicKeyParameters(pubKey.asEcPoint(), CURVE);
  CipherParameters privParam =
      new ECPrivateKeyParameters(ephemeralKeyPair.secretKey().bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agree = new ECDHBasicAgreement();
  agree.init(privParam);
  BigInteger z = agree.calculateAgreement(pubParam);
  byte[] zbytes = BigIntegers.asUnsignedByteArray(agree.getFieldSize(), z);

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  // Initialise the KDF.
  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(zbytes, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agree,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(true, privParam, pubParam, cipherParameters);

  return engine;
}
 

private byte[] computeEncryptedKeyRev56(byte[] password, boolean isOwnerPassword, byte[] o,
        byte[] u, byte[] oe, byte[] ue, int encRevision) throws IOException
{
    byte[] hash, fileKeyEnc;

    if (isOwnerPassword)
    {
        byte[] oKeySalt = new byte[8];
        System.arraycopy(o, 40, oKeySalt, 0, 8);

        if (encRevision == 5)
        {
            hash = computeSHA256(password, oKeySalt, u);
        }
        else
        {
            hash = computeHash2A(password, oKeySalt, u);
        }

        fileKeyEnc = oe;
    }
    else
    {
        byte[] uKeySalt = new byte[8];
        System.arraycopy(u, 40, uKeySalt, 0, 8);

        if (encRevision == 5)
        {
            hash = computeSHA256(password, uKeySalt, null);
        }
        else
        {
            hash = computeHash2A(password, uKeySalt, null);
        }

        fileKeyEnc = ue;
    }
    try
    {
        BufferedBlockCipher cipher = new BufferedBlockCipher(
                new CBCBlockCipher(new AESFastEngine()));
        cipher.init(false, new KeyParameter(hash));
        byte[] buf = new byte[cipher.getOutputSize(fileKeyEnc.length)];
        int len = cipher.processBytes(fileKeyEnc, 0, fileKeyEnc.length, buf, 0);
        len += cipher.doFinal(buf, len);
        return copyOf(buf, len);
    }
    catch (DataLengthException | IllegalStateException | InvalidCipherTextException e)
    {
        throw new IOException(e);
    }
}
 

AESEngineNoPadding(BufferedBlockCipher cipher)
{
    this.cipher = cipher;
}
 

/**
 * @return and instance of EncryptionAlgorithmEngine AES/CBC/NoPadding and no initialization vector
 */
static AESEngineNoPadding cbc()
{
    return new AESEngineNoPadding(
            new BufferedBlockCipher(new CBCBlockCipher(new AESFastEngine())));
}
 

/**
 * @return and instance of EncryptionAlgorithmEngine AES/ECB/NoPadding and no initialization vector
 */
static AESEngineNoPadding ecb()
{
    return new AESEngineNoPadding(new BufferedBlockCipher(new AESFastEngine()));
}
 

/**
 * Returns a new instance.
 *
 * @return a new instance, not null
 */
public static FileDecrypter create() {
    return FileDecrypter.from(
            new BufferedBlockCipher(new CBCBlockCipher(new AESEngine())),
            new SHA1Digest());
}
 

static FileDecrypter from(BufferedBlockCipher cbcAes, SHA1Digest sha1) {
    return new FileDecrypter(cbcAes, sha1);
}