List of usage examples for org.bouncycastle.crypto.engines AESFastEngine init
public void init(boolean forEncryption, CipherParameters params)
From source file:com.github.horrorho.inflatabledonkey.dataprotection.DPAESCBCBlockIVGenerator.java
License:Open Source License
static BlockCipher cipher(byte[] fileKey) { Digest digest = new SHA1Digest(); byte[] hash = new byte[digest.getDigestSize()]; digest.reset();/* w w w .ja v a 2s . com*/ digest.update(fileKey, 0, fileKey.length); digest.doFinal(hash, 0); AESFastEngine cipher = new AESFastEngine(); int blockSize = cipher.getBlockSize(); KeyParameter keyParameter = new KeyParameter(Arrays.copyOfRange(hash, 0, blockSize)); cipher.init(true, keyParameter); return cipher; }
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>Encrypts a file using AES and a passphrase.</p> * @param passphrase// w w w .j a v a2s .co m * @param file * @return * @throws java.io.IOException */ public static File encryptDiskBacked(String passphrase, File file) throws IOException { // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(true, params); int blockSize = encrypt.getBlockSize(); // read the file and encrypt it File encryptedFile = TempFileUtil.createTemporaryFile(); FileInputStream fis = null; BufferedInputStream bis = null; FileOutputStream fos = null; java.io.BufferedOutputStream bos = null; try { // initialize streams fis = new FileInputStream(file); bis = new BufferedInputStream(fis); fos = new FileOutputStream(encryptedFile); bos = new java.io.BufferedOutputStream(fos); // make the buffers byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; // encrypt all the data int bytesRead = 0; for (bytesRead = bis.read(data); bytesRead == blockSize; bytesRead = bis.read(data)) { encrypt.processBlock(data, 0, encrypted, 0); // write the data bos.write(encrypted); } if (bytesRead == -1) { bytesRead = 0; } // padd the rest using method#2 recommended by PKCS#5 add x bytes with a value of x. int paddingLength = data.length - bytesRead; for (int i = bytesRead; i < data.length; i++) { data[i] = (byte) (0xff & paddingLength); } // process the data encrypt.processBlock(data, 0, encrypted, 0); bos.write(encrypted); // return the file return encryptedFile; } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(bos); IOUtil.safeClose(fos); } }
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>In-memory version of encryption function. This method avoids all uses of temporary files, which can save some time when handling lots of small files.</p> * @param passphrase/*from ww w . ja v a 2s . co m*/ * @param dataBytes * @return * @throws java.io.IOException */ public static byte[] encryptInMemory(String passphrase, byte[] dataBytes) throws IOException { // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(true, params); int blockSize = encrypt.getBlockSize(); // read the file and encrypt it ByteArrayInputStream fis = null; BufferedInputStream bis = null; ByteArrayOutputStream fos = null; try { // initialize streams fis = new ByteArrayInputStream(dataBytes); bis = new BufferedInputStream(fis); fos = new ByteArrayOutputStream(); // make the buffers byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; // encrypt all the data int bytesRead = 0; for (bytesRead = bis.read(data); bytesRead == blockSize; bytesRead = bis.read(data)) { encrypt.processBlock(data, 0, encrypted, 0); // write the data fos.write(encrypted); } if (bytesRead == -1) { bytesRead = 0; } // padd the rest using method#2 recommended by PKCS#5 add x bytes with a value of x. int paddingLength = data.length - bytesRead; for (int i = bytesRead; i < data.length; i++) { data[i] = (byte) (0xff & paddingLength); } // process the data encrypt.processBlock(data, 0, encrypted, 0); fos.write(encrypted); return fos.toByteArray(); } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(fos); } }
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>Decrypt an AES-encrypted file using a specified passphrase.</p> * @param passphrase//from w w w . j a v a 2 s . com * @param file * @param expectedHash * @return * @throws WrongPassphraseException * @throws IOException * @throws GeneralSecurityException */ public static File decryptDiskBacked(String passphrase, File file, BigHash expectedHash) throws WrongPassphraseException, IOException, GeneralSecurityException { if (passphrase == null) { throw new PassphraseRequiredException("Can't decrypt file. No passphrase specified."); } DebugUtil.debugOut(SecurityUtil.class, "Decrypting " + file.getAbsolutePath() + " using passphrase " + passphrase); // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(false, params); int blockSize = encrypt.getBlockSize(); // read the file and encrypt it File encryptedFile = TempFileUtil.createTemporaryFile(); // make the IO BigHashMaker bhm = null; FileInputStream fis = null; BufferedInputStream bis = null; FileOutputStream fos = null; BufferedOutputStream bos = null; try { if (expectedHash != null) { bhm = new BigHashMaker(); } // initialize streams fis = new FileInputStream(file); bis = new BufferedInputStream(fis); fos = new FileOutputStream(encryptedFile); bos = new BufferedOutputStream(fos); // make the buffers int round = 0, bufferBlocks = 10; byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; byte[] encryptedBuffer = new byte[blockSize * bufferBlocks]; // encrypt all the data int offset = 0; for (int bytesRead = bis.read(data, offset, data.length - offset); bytesRead != -1; bytesRead = bis .read(data, offset, data.length - offset)) { // check for bytes read if (bytesRead + offset != data.length) { offset += bytesRead; continue; } offset = 0; // if not the first round, write it encrypt.processBlock(data, 0, encrypted, 0); // write the data if (round >= bufferBlocks) { // push out the first block bos.write(encryptedBuffer, 0, blockSize); if (bhm != null) { bhm.update(encryptedBuffer, 0, blockSize); } // shift middle blocks for (int i = 1; i < bufferBlocks - 1; i++) { System.arraycopy(encryptedBuffer, blockSize * i, encryptedBuffer, blockSize * (i - 1), blockSize); } // shift last blocks System.arraycopy(encryptedBuffer, blockSize * (bufferBlocks - 1), encryptedBuffer, blockSize * (bufferBlocks - 2), encryptedBuffer.length - (blockSize * (bufferBlocks - 1))); // write over the last block System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * (bufferBlocks - 1), encrypted.length); } else { System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * round, encrypted.length); } round++; } // take the last block and remove padding int paddingLength = (int) (0xff & encryptedBuffer[encryptedBuffer.length - 1]); if (paddingLength < 0) { DebugUtil.debugOut(SecurityUtil.class, "Expected Padding length: " + paddingLength); DebugUtil.debugOut(SecurityUtil.class, "Buffer length: " + encryptedBuffer.length); throw new WrongPassphraseException(); } else if (paddingLength > encryptedBuffer.length) { paddingLength = encryptedBuffer.length; } bos.write(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); bos.flush(); if (bhm != null) { bhm.update(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); BigHash actualHash = BigHash.createFromBytes(bhm.finish()); if (!actualHash.equals(expectedHash)) { DebugUtil.debugOut(SecurityUtil.class, "Expected " + expectedHash + " (" + expectedHash.getLength() + ") but actually " + actualHash + " (" + actualHash.getLength() + ")"); throw new WrongPassphraseException(); } } return encryptedFile; } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(bos); IOUtil.safeClose(fos); } }
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>In-memory version of decryption function. This method avoids all uses of temporary files, which can save some time when handling lots of small files.</p> * @param passphrase//from ww w . j av a 2s .co m * @param dataBytes * @param expectedHash * @return * @throws WrongPassphraseException * @throws IOException * @throws GeneralSecurityException */ public static byte[] decryptInMemory(String passphrase, byte[] dataBytes, BigHash expectedHash) throws WrongPassphraseException, IOException, GeneralSecurityException { if (passphrase == null) { throw new PassphraseRequiredException("Can't decrypt file. No passphrase specified."); } DebugUtil.debugOut(SecurityUtil.class, "Decrypting file in memory using passphrase " + passphrase); // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(false, params); int blockSize = encrypt.getBlockSize(); // make the IO BigHashMaker bhm = null; ByteArrayInputStream fis = null; BufferedInputStream bis = null; ByteArrayOutputStream bos = null; try { if (expectedHash != null) { bhm = new BigHashMaker(); } // initialize streams fis = new ByteArrayInputStream(dataBytes); bis = new BufferedInputStream(fis); bos = new ByteArrayOutputStream(); // make the buffers int round = 0, bufferBlocks = 10; byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; byte[] encryptedBuffer = new byte[blockSize * bufferBlocks]; // encrypt all the data int offset = 0; for (int bytesRead = bis.read(data, offset, data.length - offset); bytesRead != -1; bytesRead = bis .read(data, offset, data.length - offset)) { // check for bytes read if (bytesRead + offset != data.length) { offset += bytesRead; continue; } offset = 0; // if not the first round, write it encrypt.processBlock(data, 0, encrypted, 0); // write the data if (round >= bufferBlocks) { // push out the first block bos.write(encryptedBuffer, 0, blockSize); if (bhm != null) { bhm.update(encryptedBuffer, 0, blockSize); } // shift middle blocks for (int i = 1; i < bufferBlocks - 1; i++) { System.arraycopy(encryptedBuffer, blockSize * i, encryptedBuffer, blockSize * (i - 1), blockSize); } // shift last blocks System.arraycopy(encryptedBuffer, blockSize * (bufferBlocks - 1), encryptedBuffer, blockSize * (bufferBlocks - 2), encryptedBuffer.length - (blockSize * (bufferBlocks - 1))); // write over the last block System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * (bufferBlocks - 1), encrypted.length); } else { System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * round, encrypted.length); } round++; } // take the last block and remove padding int paddingLength = (int) (0xff & encryptedBuffer[encryptedBuffer.length - 1]); if (paddingLength < 0) { DebugUtil.debugOut(SecurityUtil.class, "Expected Padding length: " + paddingLength); DebugUtil.debugOut(SecurityUtil.class, "Buffer length: " + encryptedBuffer.length); throw new WrongPassphraseException(); } else if (paddingLength > encryptedBuffer.length) { paddingLength = encryptedBuffer.length; } bos.write(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); bos.flush(); if (bhm != null) { bhm.update(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); BigHash actualHash = BigHash.createFromBytes(bhm.finish()); if (!actualHash.equals(expectedHash)) { DebugUtil.debugOut(SecurityUtil.class, "Expected " + expectedHash + " (" + expectedHash.getLength() + ") but actually " + actualHash + " (" + actualHash.getLength() + ")"); throw new WrongPassphraseException(); } } return bos.toByteArray(); } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(bos); } }