Java tutorial
/* * This file is part of RskJ * Copyright (C) 2017 RSK Labs Ltd. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ /* * Copyright 2013 Jim Burton. * Copyright 2014 Andreas Schildbach * * Licensed under the MIT license (the "License") * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://opensource.org/licenses/mit-license.php * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package co.rsk.crypto; import org.bouncycastle.crypto.BufferedBlockCipher; import org.bouncycastle.crypto.engines.AESEngine; import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; import java.security.SecureRandom; import java.util.Arrays; import static com.google.common.base.Preconditions.checkNotNull; /** * This class encrypts and decrypts byte arrays using AES symmetric cipher. */ public class KeyCrypterAes implements KeyCrypter { /** * The size of an AES block in bytes. * This is also the length of the initialisation vector. */ private static final int BLOCK_LENGTH = 16; // = 128 bits. private static final SecureRandom secureRandom = new SecureRandom(); /** * Password based encryption using AES - CBC 256 bits. */ @Override public EncryptedData encrypt(byte[] plainBytes, KeyParameter key) { checkNotNull(plainBytes); checkNotNull(key); try { // Generate iv - each encryption call has a different iv. byte[] iv = new byte[BLOCK_LENGTH]; secureRandom.nextBytes(iv); ParametersWithIV keyWithIv = new ParametersWithIV(key, iv); // Encrypt using AES. BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine())); cipher.init(true, keyWithIv); byte[] encryptedBytes = new byte[cipher.getOutputSize(plainBytes.length)]; final int length1 = cipher.processBytes(plainBytes, 0, plainBytes.length, encryptedBytes, 0); final int length2 = cipher.doFinal(encryptedBytes, length1); return new EncryptedData(iv, Arrays.copyOf(encryptedBytes, length1 + length2)); } catch (Exception e) { throw new KeyCrypterException("Could not encrypt bytes.", e); } } /** * Decrypt bytes previously encrypted with this class. * * @param dataToDecrypt The data to decrypt * @param key The AES key to use for decryption * @return The decrypted bytes * @throws KeyCrypterException if bytes could not be decrypted */ @Override public byte[] decrypt(EncryptedData dataToDecrypt, KeyParameter key) { checkNotNull(dataToDecrypt); checkNotNull(key); try { ParametersWithIV keyWithIv = new ParametersWithIV(new KeyParameter(key.getKey()), dataToDecrypt.initialisationVector); // Decrypt the message. BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine())); cipher.init(false, keyWithIv); byte[] cipherBytes = dataToDecrypt.encryptedBytes; byte[] decryptedBytes = new byte[cipher.getOutputSize(cipherBytes.length)]; final int length1 = cipher.processBytes(cipherBytes, 0, cipherBytes.length, decryptedBytes, 0); final int length2 = cipher.doFinal(decryptedBytes, length1); return Arrays.copyOf(decryptedBytes, length1 + length2); } catch (Exception e) { throw new KeyCrypterException("Could not decrypt bytes", e); } } }