List of usage examples for org.bouncycastle.crypto.engines AESFastEngine processBlock
public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>Encrypts a file using AES and a passphrase.</p> * @param passphrase// ww w .jav a 2s .co m * @param file * @return * @throws java.io.IOException */ public static File encryptDiskBacked(String passphrase, File file) throws IOException { // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(true, params); int blockSize = encrypt.getBlockSize(); // read the file and encrypt it File encryptedFile = TempFileUtil.createTemporaryFile(); FileInputStream fis = null; BufferedInputStream bis = null; FileOutputStream fos = null; java.io.BufferedOutputStream bos = null; try { // initialize streams fis = new FileInputStream(file); bis = new BufferedInputStream(fis); fos = new FileOutputStream(encryptedFile); bos = new java.io.BufferedOutputStream(fos); // make the buffers byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; // encrypt all the data int bytesRead = 0; for (bytesRead = bis.read(data); bytesRead == blockSize; bytesRead = bis.read(data)) { encrypt.processBlock(data, 0, encrypted, 0); // write the data bos.write(encrypted); } if (bytesRead == -1) { bytesRead = 0; } // padd the rest using method#2 recommended by PKCS#5 add x bytes with a value of x. int paddingLength = data.length - bytesRead; for (int i = bytesRead; i < data.length; i++) { data[i] = (byte) (0xff & paddingLength); } // process the data encrypt.processBlock(data, 0, encrypted, 0); bos.write(encrypted); // return the file return encryptedFile; } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(bos); IOUtil.safeClose(fos); } }
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>In-memory version of encryption function. This method avoids all uses of temporary files, which can save some time when handling lots of small files.</p> * @param passphrase// ww w.ja va 2 s.co m * @param dataBytes * @return * @throws java.io.IOException */ public static byte[] encryptInMemory(String passphrase, byte[] dataBytes) throws IOException { // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(true, params); int blockSize = encrypt.getBlockSize(); // read the file and encrypt it ByteArrayInputStream fis = null; BufferedInputStream bis = null; ByteArrayOutputStream fos = null; try { // initialize streams fis = new ByteArrayInputStream(dataBytes); bis = new BufferedInputStream(fis); fos = new ByteArrayOutputStream(); // make the buffers byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; // encrypt all the data int bytesRead = 0; for (bytesRead = bis.read(data); bytesRead == blockSize; bytesRead = bis.read(data)) { encrypt.processBlock(data, 0, encrypted, 0); // write the data fos.write(encrypted); } if (bytesRead == -1) { bytesRead = 0; } // padd the rest using method#2 recommended by PKCS#5 add x bytes with a value of x. int paddingLength = data.length - bytesRead; for (int i = bytesRead; i < data.length; i++) { data[i] = (byte) (0xff & paddingLength); } // process the data encrypt.processBlock(data, 0, encrypted, 0); fos.write(encrypted); return fos.toByteArray(); } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(fos); } }
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>Decrypt an AES-encrypted file using a specified passphrase.</p> * @param passphrase/*from w w w.j a v a 2 s .c o m*/ * @param file * @param expectedHash * @return * @throws WrongPassphraseException * @throws IOException * @throws GeneralSecurityException */ public static File decryptDiskBacked(String passphrase, File file, BigHash expectedHash) throws WrongPassphraseException, IOException, GeneralSecurityException { if (passphrase == null) { throw new PassphraseRequiredException("Can't decrypt file. No passphrase specified."); } DebugUtil.debugOut(SecurityUtil.class, "Decrypting " + file.getAbsolutePath() + " using passphrase " + passphrase); // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(false, params); int blockSize = encrypt.getBlockSize(); // read the file and encrypt it File encryptedFile = TempFileUtil.createTemporaryFile(); // make the IO BigHashMaker bhm = null; FileInputStream fis = null; BufferedInputStream bis = null; FileOutputStream fos = null; BufferedOutputStream bos = null; try { if (expectedHash != null) { bhm = new BigHashMaker(); } // initialize streams fis = new FileInputStream(file); bis = new BufferedInputStream(fis); fos = new FileOutputStream(encryptedFile); bos = new BufferedOutputStream(fos); // make the buffers int round = 0, bufferBlocks = 10; byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; byte[] encryptedBuffer = new byte[blockSize * bufferBlocks]; // encrypt all the data int offset = 0; for (int bytesRead = bis.read(data, offset, data.length - offset); bytesRead != -1; bytesRead = bis .read(data, offset, data.length - offset)) { // check for bytes read if (bytesRead + offset != data.length) { offset += bytesRead; continue; } offset = 0; // if not the first round, write it encrypt.processBlock(data, 0, encrypted, 0); // write the data if (round >= bufferBlocks) { // push out the first block bos.write(encryptedBuffer, 0, blockSize); if (bhm != null) { bhm.update(encryptedBuffer, 0, blockSize); } // shift middle blocks for (int i = 1; i < bufferBlocks - 1; i++) { System.arraycopy(encryptedBuffer, blockSize * i, encryptedBuffer, blockSize * (i - 1), blockSize); } // shift last blocks System.arraycopy(encryptedBuffer, blockSize * (bufferBlocks - 1), encryptedBuffer, blockSize * (bufferBlocks - 2), encryptedBuffer.length - (blockSize * (bufferBlocks - 1))); // write over the last block System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * (bufferBlocks - 1), encrypted.length); } else { System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * round, encrypted.length); } round++; } // take the last block and remove padding int paddingLength = (int) (0xff & encryptedBuffer[encryptedBuffer.length - 1]); if (paddingLength < 0) { DebugUtil.debugOut(SecurityUtil.class, "Expected Padding length: " + paddingLength); DebugUtil.debugOut(SecurityUtil.class, "Buffer length: " + encryptedBuffer.length); throw new WrongPassphraseException(); } else if (paddingLength > encryptedBuffer.length) { paddingLength = encryptedBuffer.length; } bos.write(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); bos.flush(); if (bhm != null) { bhm.update(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); BigHash actualHash = BigHash.createFromBytes(bhm.finish()); if (!actualHash.equals(expectedHash)) { DebugUtil.debugOut(SecurityUtil.class, "Expected " + expectedHash + " (" + expectedHash.getLength() + ") but actually " + actualHash + " (" + actualHash.getLength() + ")"); throw new WrongPassphraseException(); } } return encryptedFile; } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(bos); IOUtil.safeClose(fos); } }
From source file:org.tranche.security.SecurityUtil.java
License:Apache License
/** * <p>In-memory version of decryption function. This method avoids all uses of temporary files, which can save some time when handling lots of small files.</p> * @param passphrase// ww w .j av a 2s . c o m * @param dataBytes * @param expectedHash * @return * @throws WrongPassphraseException * @throws IOException * @throws GeneralSecurityException */ public static byte[] decryptInMemory(String passphrase, byte[] dataBytes, BigHash expectedHash) throws WrongPassphraseException, IOException, GeneralSecurityException { if (passphrase == null) { throw new PassphraseRequiredException("Can't decrypt file. No passphrase specified."); } DebugUtil.debugOut(SecurityUtil.class, "Decrypting file in memory using passphrase " + passphrase); // make the AES encryption engine AESFastEngine encrypt = new AESFastEngine(); // make up some params PKCS5S2ParametersGenerator pg = new PKCS5S2ParametersGenerator(); pg.init(passphrase.getBytes(), ENCRYPTION_SALT, ENCRYPTION_ITERATIONS); CipherParameters params = pg.generateDerivedParameters(256); // initialize encrypt.init(false, params); int blockSize = encrypt.getBlockSize(); // make the IO BigHashMaker bhm = null; ByteArrayInputStream fis = null; BufferedInputStream bis = null; ByteArrayOutputStream bos = null; try { if (expectedHash != null) { bhm = new BigHashMaker(); } // initialize streams fis = new ByteArrayInputStream(dataBytes); bis = new BufferedInputStream(fis); bos = new ByteArrayOutputStream(); // make the buffers int round = 0, bufferBlocks = 10; byte[] data = new byte[blockSize]; byte[] encrypted = new byte[blockSize]; byte[] encryptedBuffer = new byte[blockSize * bufferBlocks]; // encrypt all the data int offset = 0; for (int bytesRead = bis.read(data, offset, data.length - offset); bytesRead != -1; bytesRead = bis .read(data, offset, data.length - offset)) { // check for bytes read if (bytesRead + offset != data.length) { offset += bytesRead; continue; } offset = 0; // if not the first round, write it encrypt.processBlock(data, 0, encrypted, 0); // write the data if (round >= bufferBlocks) { // push out the first block bos.write(encryptedBuffer, 0, blockSize); if (bhm != null) { bhm.update(encryptedBuffer, 0, blockSize); } // shift middle blocks for (int i = 1; i < bufferBlocks - 1; i++) { System.arraycopy(encryptedBuffer, blockSize * i, encryptedBuffer, blockSize * (i - 1), blockSize); } // shift last blocks System.arraycopy(encryptedBuffer, blockSize * (bufferBlocks - 1), encryptedBuffer, blockSize * (bufferBlocks - 2), encryptedBuffer.length - (blockSize * (bufferBlocks - 1))); // write over the last block System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * (bufferBlocks - 1), encrypted.length); } else { System.arraycopy(encrypted, 0, encryptedBuffer, blockSize * round, encrypted.length); } round++; } // take the last block and remove padding int paddingLength = (int) (0xff & encryptedBuffer[encryptedBuffer.length - 1]); if (paddingLength < 0) { DebugUtil.debugOut(SecurityUtil.class, "Expected Padding length: " + paddingLength); DebugUtil.debugOut(SecurityUtil.class, "Buffer length: " + encryptedBuffer.length); throw new WrongPassphraseException(); } else if (paddingLength > encryptedBuffer.length) { paddingLength = encryptedBuffer.length; } bos.write(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); bos.flush(); if (bhm != null) { bhm.update(encryptedBuffer, 0, encryptedBuffer.length - paddingLength); BigHash actualHash = BigHash.createFromBytes(bhm.finish()); if (!actualHash.equals(expectedHash)) { DebugUtil.debugOut(SecurityUtil.class, "Expected " + expectedHash + " (" + expectedHash.getLength() + ") but actually " + actualHash + " (" + actualHash.getLength() + ")"); throw new WrongPassphraseException(); } } return bos.toByteArray(); } finally { IOUtil.safeClose(bis); IOUtil.safeClose(fis); IOUtil.safeClose(bos); } }