Java Code Examples for javax.crypto.Cipher#updateAAD()

The following examples show how to use javax.crypto.Cipher#updateAAD() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CryptoUtils.java    From cxf with Apache License 2.0 6 votes vote down vote up
public static Cipher initCipher(Key secretKey, KeyProperties keyProps, int mode)  throws SecurityException {
    try {
        String algorithm = keyProps != null && keyProps.getKeyAlgo() != null
            ? keyProps.getKeyAlgo() : secretKey.getAlgorithm();
        Cipher c = Cipher.getInstance(algorithm);
        if (keyProps == null || keyProps.getAlgoSpec() == null && keyProps.getSecureRandom() == null) {
            c.init(mode, secretKey);
        } else {
            AlgorithmParameterSpec algoSpec = keyProps.getAlgoSpec();
            SecureRandom random = keyProps.getSecureRandom();
            if (algoSpec == null) {
                c.init(mode, secretKey, random);
            } else if (random == null) {
                c.init(mode, secretKey, algoSpec);
            } else {
                c.init(mode, secretKey, algoSpec, random);
            }
        }
        if (keyProps != null && keyProps.getAdditionalData() != null) {
            c.updateAAD(keyProps.getAdditionalData());
        }
        return c;
    } catch (Exception ex) {
        throw new SecurityException(ex);
    }
}
 
Example 2
Source File: Encrypt.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
private void combination_6(List<byte[]> results, int mode, byte[] AAD,
        byte[] plainText, AlgorithmParameters params) throws Exception {
    Cipher c = createCipher(mode, params);
    c.updateAAD(AAD, 0, AAD.length / 2);
    c.updateAAD(AAD, AAD.length / 2, AAD.length - AAD.length / 2);
    int t = 0;
    int offset = 0;
    if (plainText.length > ARRAY_OFFSET) {
        t = plainText.length - ARRAY_OFFSET;
        offset = ARRAY_OFFSET;
    }
    byte[] part61 = c.update(plainText, 0, t);
    byte[] part62 = new byte[c.getOutputSize(plainText.length)];
    int len = c.doFinal(plainText, t, offset, part62, 0);
    int part61Length = part61 != null ? part61.length : 0;
    byte[] outputText6 = new byte[part61Length + len];
    if (part61 != null) {
        System.arraycopy(part61, 0, outputText6, 0, part61Length);
    }
    System.arraycopy(part62, 0, outputText6, part61Length, len);
    results.add(outputText6);
}
 
Example 3
Source File: GXSecure.java    From gurux.dlms.java with GNU General Public License v2.0 6 votes vote down vote up
private static byte[] countTag(final Cipher c, final AesGcmParameter p,
        final byte[] data)
        throws IllegalBlockSizeException, BadPaddingException {
    GXByteBuffer data2 = new GXByteBuffer();
    data2.setUInt8(p.getSecurity().getValue());
    data2.set(p.getAuthenticationKey());
    if (data != null) {
        data2.set(data);
    }
    c.updateAAD(data2.array());
    byte[] tmp = c.doFinal();
    // DLMS Tag is only 12 bytes.
    byte[] tag = new byte[12];
    System.arraycopy(tmp, 0, tag, 0, 12);
    return tag;
}
 
Example 4
Source File: GCMParameterSpecTest.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
private byte[] getCipherTextBySpec(GCMParameterSpec spec) throws Exception {
    // init a cipher
    Cipher cipher = createCipher(Cipher.ENCRYPT_MODE, spec);
    cipher.updateAAD(AAD);
    byte[] cipherText = cipher.doFinal(data);

    // check IVs
    if (!Arrays.equals(cipher.getIV(), spec.getIV())) {
        System.out.println("IV in parameters is incorrect");
        return null;
    }
    if (spec.getTLen() != (cipherText.length - data.length) * 8) {
        System.out.println("Tag length is incorrect");
        return null;
    }
    return cipherText;
}
 
Example 5
Source File: SameBuffer.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
private void runGCMWithSameArray(int mode, byte[] array, int txtOffset,
        int length, AlgorithmParameters params) throws Exception {
    // first, generate cipher text at an allocated buffer
    Cipher cipher = createCipher(mode, params);
    cipher.updateAAD(array, 0, AADLength);
    byte[] outputText = cipher.doFinal(array, txtOffset, length);

    // new cipher for encrypt operation
    Cipher anotherCipher = createCipher(mode, params);
    anotherCipher.updateAAD(array, 0, AADLength);

    // next, generate cipher text again at the same buffer of plain text
    int off = anotherCipher.update(array, txtOffset, length,
            array, txtOffset);
    anotherCipher.doFinal(array, txtOffset + off);

    // check if two results are equal or not
    if (!isEqual(array, txtOffset, outputText, 0,
            outputText.length)) {
        throw new RuntimeException(
                "Two results are not equal, mode:" + mode);
    }
}
 
Example 6
Source File: SameBuffer.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
private void runGCMWithSeparateArray(int mode, byte[] AAD, byte[] text,
        int txtOffset, int lenght, int offset, AlgorithmParameters params)
        throws Exception {
    // first, generate the cipher text at an allocated buffer
    Cipher cipher = createCipher(mode, params);
    cipher.updateAAD(AAD);
    byte[] outputText = cipher.doFinal(text, txtOffset, lenght);

    // new cipher for encrypt operation
    Cipher anotherCipher = createCipher(mode, params);
    anotherCipher.updateAAD(AAD);

    // next, generate cipher text again at the same buffer of plain text
    int myoff = offset;
    int off = anotherCipher.update(text, txtOffset, lenght, text, myoff);
    anotherCipher.doFinal(text, myoff + off);

    // check if two resutls are equal
    if (!isEqual(text, myoff, outputText, 0, outputText.length)) {
        throw new RuntimeException("Two results not equal, mode:" + mode);
    }
}
 
Example 7
Source File: Encrypt.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
private void combination_6(List<byte[]> results, int mode, byte[] AAD,
        byte[] plainText, AlgorithmParameters params) throws Exception {
    Cipher c = createCipher(mode, params);
    c.updateAAD(AAD, 0, AAD.length / 2);
    c.updateAAD(AAD, AAD.length / 2, AAD.length - AAD.length / 2);
    int t = 0;
    int offset = 0;
    if (plainText.length > ARRAY_OFFSET) {
        t = plainText.length - ARRAY_OFFSET;
        offset = ARRAY_OFFSET;
    }
    byte[] part61 = c.update(plainText, 0, t);
    byte[] part62 = new byte[c.getOutputSize(plainText.length)];
    int len = c.doFinal(plainText, t, offset, part62, 0);
    int part61Length = part61 != null ? part61.length : 0;
    byte[] outputText6 = new byte[part61Length + len];
    if (part61 != null) {
        System.arraycopy(part61, 0, outputText6, 0, part61Length);
    }
    System.arraycopy(part62, 0, outputText6, part61Length, len);
    results.add(outputText6);
}
 
Example 8
Source File: WrongAAD.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
private void decryptWithWrongAAD() throws Exception {
    System.out.println("decrypt with wrong AAD");

    // initialize it with wrong AAD to get an exception during decryption
    Cipher decryptCipher = createCipher(Cipher.DECRYPT_MODE,
            encryptCipher.getParameters());
    byte[] someAAD = Helper.generateBytes(AAD_SIZE + 1);
    decryptCipher.updateAAD(someAAD);

    // init output stream
    try (ByteArrayOutputStream baOutput = new ByteArrayOutputStream();
            CipherOutputStream ciOutput = new CipherOutputStream(baOutput,
                    decryptCipher);) {
        if (decrypt(ciOutput, baOutput)) {
            throw new RuntimeException(
                    "A decryption has been perfomed successfully in"
                            + " spite of the decrypt Cipher has been"
                            + " initialized with fake AAD");
        }
    }

    System.out.println("Passed");
}
 
Example 9
Source File: SameBuffer.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void runGCMWithSeparateBuffers(int mode, ByteBuffer buffer,
        ByteBuffer textBB, int txtOffset, int dataLength,
        AlgorithmParameters params) throws Exception {
    // take offset into account
    textBB.position(txtOffset);
    textBB.mark();

    // first, generate the cipher text at an allocated buffer
    Cipher cipher = createCipher(mode, params);
    cipher.updateAAD(buffer);
    buffer.flip();
    ByteBuffer outBB = ByteBuffer.allocateDirect(
            cipher.getOutputSize(dataLength));

    cipher.doFinal(textBB, outBB);// get cipher text in outBB
    outBB.flip();

    // restore positions
    textBB.reset();

    // next, generate cipher text again in a buffer that shares content
    Cipher anotherCipher = createCipher(mode, params);
    anotherCipher.updateAAD(buffer);
    buffer.flip();
    ByteBuffer buf2 = textBB.duplicate(); // buf2 shares textBuf context
    buf2.limit(txtOffset + anotherCipher.getOutputSize(dataLength));
    int dataProcessed2 = anotherCipher.doFinal(textBB, buf2);
    buf2.position(txtOffset);
    buf2.limit(txtOffset + dataProcessed2);

    if (!buf2.equals(outBB)) {
        throw new RuntimeException(
                "Two results are not equal, mode:" + mode);
    }
}
 
Example 10
Source File: Encrypt.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
private void combination_8(List<byte[]> results, int mode, byte[] AAD,
        byte[] plainText, AlgorithmParameters params) throws Exception {
    Cipher ci = createCipher(mode, params);
    ci.updateAAD(AAD, 0, 0);
    ci.updateAAD(AAD, 0, AAD.length);
    byte[] part81 = new byte[ci.getOutputSize(plainText.length)];
    int offset = plainText.length > ARRAY_OFFSET ? ARRAY_OFFSET : 0;
    int len = ci.update(plainText, 0, plainText.length - offset, part81, 0);
    int rest = ci.doFinal(plainText, plainText.length - offset, offset,
            part81, len);
    byte[] outputText8 = new byte[len + rest];
    System.arraycopy(part81, 0, outputText8, 0, outputText8.length);
    results.add(outputText8);
}
 
Example 11
Source File: ReadWriteSkip.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private Cipher createCipher(int mode) throws GeneralSecurityException {
    Cipher cipher = Cipher.getInstance(TRANSFORM, PROVIDER);
    if (mode == Cipher.ENCRYPT_MODE) {
        cipher.init(Cipher.ENCRYPT_MODE, key);
    } else {
        if (encryptCipher != null) {
            cipher.init(Cipher.DECRYPT_MODE, key,
                    encryptCipher.getParameters());
        } else {
            throw new RuntimeException("Can't create a cipher");
        }
    }
    cipher.updateAAD(AAD);
    return cipher;
}
 
Example 12
Source File: SameBuffer.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
private void runGCMWithSameBuffer(int mode, ByteBuffer buffer,
        int txtOffset, int length, AlgorithmParameters params)
        throws Exception {

    // allocate a separate buffer
    Cipher cipher = createCipher(mode, params);
    ByteBuffer outBB = ByteBuffer.allocateDirect(
            cipher.getOutputSize(length));

    // first, generate the cipher text at an allocated buffer
    buffer.flip();
    buffer.limit(AADLength);
    cipher.updateAAD(buffer);
    buffer.limit(AADLength + txtOffset + length);
    buffer.position(AADLength + txtOffset);
    cipher.doFinal(buffer, outBB);
    outBB.flip(); // cipher text in outBB

    // next, generate cipherText again in the same buffer
    Cipher anotherCipher = createCipher(mode, params);
    buffer.flip();
    buffer.limit(AADLength);
    anotherCipher.updateAAD(buffer);
    buffer.limit(AADLength + txtOffset + length);
    buffer.position(AADLength + txtOffset);

    // share textBuf context
    ByteBuffer buf2 = buffer.duplicate();
    buf2.limit(AADLength + txtOffset + anotherCipher.getOutputSize(length));
    int dataProcessed2 = anotherCipher.doFinal(buffer, buf2);
    buf2.position(AADLength + txtOffset);
    buf2.limit(AADLength + txtOffset + dataProcessed2);

    if (!buf2.equals(outBB)) {
        throw new RuntimeException(
                "Two results are not equal, mode:" + mode);
    }
}
 
Example 13
Source File: SameBuffer.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
private void runGCMWithSeparateBuffers(int mode, ByteBuffer buffer,
        ByteBuffer textBB, int txtOffset, int dataLength,
        AlgorithmParameters params) throws Exception {
    // take offset into account
    textBB.position(txtOffset);
    textBB.mark();

    // first, generate the cipher text at an allocated buffer
    Cipher cipher = createCipher(mode, params);
    cipher.updateAAD(buffer);
    buffer.flip();
    ByteBuffer outBB = ByteBuffer.allocateDirect(
            cipher.getOutputSize(dataLength));

    cipher.doFinal(textBB, outBB);// get cipher text in outBB
    outBB.flip();

    // restore positions
    textBB.reset();

    // next, generate cipher text again in a buffer that shares content
    Cipher anotherCipher = createCipher(mode, params);
    anotherCipher.updateAAD(buffer);
    buffer.flip();
    ByteBuffer buf2 = textBB.duplicate(); // buf2 shares textBuf context
    buf2.limit(txtOffset + anotherCipher.getOutputSize(dataLength));
    int dataProcessed2 = anotherCipher.doFinal(textBB, buf2);
    buf2.position(txtOffset);
    buf2.limit(txtOffset + dataProcessed2);

    if (!buf2.equals(outBB)) {
        throw new RuntimeException(
                "Two results are not equal, mode:" + mode);
    }
}
 
Example 14
Source File: GCMParameterSpecTest.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private byte[] recoverCipherText(byte[] cipherText, GCMParameterSpec spec)
        throws Exception {
    // init a cipher
    Cipher cipher = createCipher(Cipher.DECRYPT_MODE, spec);

    // check IVs
    if (!Arrays.equals(cipher.getIV(), spec.getIV())) {
        System.out.println("IV in parameters is incorrect");
        return null;
    }

    cipher.updateAAD(AAD);
    return cipher.doFinal(cipherText);
}
 
Example 15
Source File: Encrypt.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void combination_8(List<byte[]> results, int mode, byte[] AAD,
        byte[] plainText, AlgorithmParameters params) throws Exception {
    Cipher ci = createCipher(mode, params);
    ci.updateAAD(AAD, 0, 0);
    ci.updateAAD(AAD, 0, AAD.length);
    byte[] part81 = new byte[ci.getOutputSize(plainText.length)];
    int offset = plainText.length > ARRAY_OFFSET ? ARRAY_OFFSET : 0;
    int len = ci.update(plainText, 0, plainText.length - offset, part81, 0);
    int rest = ci.doFinal(plainText, plainText.length - offset, offset,
            part81, len);
    byte[] outputText8 = new byte[len + rest];
    System.arraycopy(part81, 0, outputText8, 0, outputText8.length);
    results.add(outputText8);
}
 
Example 16
Source File: Encrypt.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void combination_3(List<byte[]> results, int mode, byte[] AAD,
        byte[] plainText, AlgorithmParameters params) throws Exception {
    Cipher ci = createCipher(mode, params);
    ci.updateAAD(AAD);
    byte[] part31 = new byte[ci.getOutputSize(plainText.length)];
    int offset = plainText.length > ARRAY_OFFSET ? ARRAY_OFFSET : 0;
    int len = ci.update(plainText, 0, plainText.length - offset, part31, 0);
    byte[] part32 = ci.doFinal(plainText, plainText.length - offset,
            offset);
    byte[] outputText3 = new byte[len + part32.length];
    System.arraycopy(part31, 0, outputText3, 0, len);
    System.arraycopy(part32, 0, outputText3, len, part32.length);
    results.add(outputText3);
}
 
Example 17
Source File: ReadWriteSkip.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
private Cipher createCipher(int mode) throws GeneralSecurityException {
    Cipher cipher = Cipher.getInstance(TRANSFORM, PROVIDER);
    if (mode == Cipher.ENCRYPT_MODE) {
        cipher.init(Cipher.ENCRYPT_MODE, key);
    } else {
        if (encryptCipher != null) {
            cipher.init(Cipher.DECRYPT_MODE, key,
                    encryptCipher.getParameters());
        } else {
            throw new RuntimeException("Can't create a cipher");
        }
    }
    cipher.updateAAD(AAD);
    return cipher;
}
 
Example 18
Source File: AesGcmTest.java    From wycheproof with Apache License 2.0 5 votes vote down vote up
/**
 * If a ByteBuffer is backed by an array and not readonly, then it is possible to access the data
 * through the .array() method. An implementation using this possiblity must ensure that it
 * considers the offset.
 */
@Test
public void testByteBufferWithOffset() throws Exception {
  for (GcmTestVector test : getTestVectors()) {
    // Encryption
    Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
    ByteBuffer ptBuffer = ByteBuffer.wrap(new byte[test.pt.length + 50]);
    ptBuffer.position(5);
    ptBuffer = ptBuffer.slice();
    ptBuffer.put(test.pt);
    ptBuffer.flip();

    ByteBuffer ctBuffer = ByteBuffer.wrap(new byte[test.ct.length + 50]);
    ctBuffer.position(8);
    ctBuffer = ctBuffer.slice();
    cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters);
    cipher.updateAAD(test.aad);
    cipher.doFinal(ptBuffer, ctBuffer);
    assertEquals(test.ctHex, TestUtil.byteBufferToHex(ctBuffer));
    ctBuffer.flip();

    // Decryption
    ByteBuffer decBuffer = ByteBuffer.wrap(new byte[test.pt.length + 50]);
    decBuffer.position(6);
    decBuffer = decBuffer.slice();
    cipher.init(Cipher.DECRYPT_MODE, test.key, test.parameters);
    cipher.updateAAD(test.aad);
    cipher.doFinal(ctBuffer, decBuffer);
    assertEquals(test.ptHex, TestUtil.byteBufferToHex(decBuffer));
  }
}
 
Example 19
Source File: Encrypt.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
private void combination_4(List<byte[]> results, int mode, byte[] AAD,
        byte[] plainText, AlgorithmParameters params) throws Exception {
    Cipher ci = createCipher(mode, params);
    ci.updateAAD(AAD);
    byte[] part41 = new byte[ci.getOutputSize(plainText.length)];
    int offset = plainText.length > ARRAY_OFFSET ? ARRAY_OFFSET : 0;
    int len = ci.update(plainText, 0, plainText.length - offset, part41, 0);
    int rest4 = ci.doFinal(plainText, plainText.length - offset, offset,
            part41, len);
    byte[] outputText4 = new byte[len + rest4];
    System.arraycopy(part41, 0, outputText4, 0, outputText4.length);
    results.add(outputText4);
}
 
Example 20
Source File: AesGcmEncryptionProvider.java    From keycloak with Apache License 2.0 5 votes vote down vote up
private byte[] decryptBytes(byte[] encryptedBytes, byte[] ivBytes, Key aesKey, byte[] aad) throws GeneralSecurityException {
    Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
    GCMParameterSpec gcmParams = new GCMParameterSpec(AUTH_TAG_SIZE_BYTE * 8, ivBytes);
    cipher.init(Cipher.DECRYPT_MODE, aesKey, gcmParams);
    cipher.updateAAD(aad);
    return cipher.doFinal(encryptedBytes);
}