コード例 #1
0
  /**
   * The Advanced Encryption Symmetric (AES) encryption algorithm in Cipher Block Chaining (CBC)
   * mode with a null initialization vector.
   *
   * <p>The AES implementation used is the public domain optimised Java implementation of the
   * Rijndael (AES) block cipher by Paul Barreto. (see
   * com.dragongate_technologies.borZoi.internal.Rijndael)
   *
   * <p>Encrypt an octet string M with key KB of length keysize.
   *
   * @param KB the key
   * @param M the plaintext to be encrypted
   * @param keysize can be 128, 192 or 256 bits
   * @return the encrypted cipher text
   */
  public static int[] AES_CBC_IV0_Encrypt(int[] KB, int[] M, int keysize) {
    int padLen = 16 - (M.length % 16);
    int k = ((M.length + 1) / 16);
    if ((M.length + 1) % 16 != 0) k++;

    int P1[] = new int[1];
    P1[0] = padLen;
    int P2[] = new int[padLen];
    for (int l = 0; l < padLen; l++) {
      P2[l] = P1[0];
    }

    int T[] = Utils.concatenate(M, P2);
    int C[] = new int[16];
    int U[] = new int[16];

    for (int i = 1; i <= k; i++) {
      for (int j = 0; j < 16; j++) {
        if (i == 1) U[j] = T[(i - 1) * 16 + j];
        else U[j] = T[(i - 1) * 16 + j] ^ C[(i - 2) * 16 + j];
      }
      if (i == 1) C = Utils.toIntArray(Enc(Utils.toByteArray(U), Utils.toByteArray(KB), keysize));
      else
        C =
            Utils.concatenate(
                C, Utils.toIntArray(Enc(Utils.toByteArray(U), Utils.toByteArray(KB), keysize)));
    }
    return C;
  }
コード例 #2
0
  /**
   * Key Derivation Function 2 (KDF2) from the IEEE P1363a draft standard. It generates a secret key
   * of length oLen bits from shared secret Z and key derivation parameter P.
   */
  public static int[] KDF2(int[] Z, int oLen, int[] P) {
    // Note:
    // oLen cannot be > hbits * (2^32-1) bits, because the size of an
    // int is 32 bits
    int[] K = new int[0];
    int[] CB = new int[1];
    int cThreshold = (oLen / 160);
    if (oLen % 160 != 0) cThreshold++;
    try {
      MessageDigest sha = MessageDigest.getInstance("SHA");

      // sha.update(data);
      // byte[] hash = sha.digest(data);
      for (byte i = 1; i <= cThreshold; i++) {
        CB[0] = i;
        sha.update(Utils.toByteArray(Utils.concatenate(Z, CB, P)));
        K = Utils.concatenate(K, Utils.revIntArray(Utils.toIntArray(sha.digest())));
        // K = Utils.concatenate(K, Utils.toIntArray(sha.digest()));
        sha.reset(); // not needed after diget()
      }
    } catch (NoSuchAlgorithmException e) {
    }
    // return Utils.resize (Utils.revIntArray(K), oLen);
    return Utils.resize(K, oLen);
  }
コード例 #3
0
  /**
   * The Advanced Encryption Symmetric (AES) decryption algorithm in Cipher Block Chaining (CBC)
   * mode with a null initialization vector.
   *
   * <p>The AES implementation used is the public domain optimised Java implementation of the
   * Rijndael (AES) block cipher by Paul Barreto. (see
   * com.dragongate_technologies.borZoi.internal.Rijndael)
   *
   * <p>Decrypt an octet string C with key KB of length keysize.
   *
   * @param KB the key
   * @param C the ciphertext to be decrypted
   * @param keysize can be 128, 192 or 256 bits
   * @return the decrypted plain text
   */
  public static int[] AES_CBC_IV0_Decrypt(int[] KB, int[] C, int keysize) {
    if (C.length % 16 != 0) {
      throw (new RuntimeException("AES_CBC_IV0_Decrypt: C.length not a multiple of 16"));
    } else if (C.length < 16) {
      throw (new RuntimeException("AES_CBC_IV0_Decrypt: C.length < 16"));
    }
    int k = ((C.length + 1) / 16);

    int T[] = new int[C.length];
    int U[] = new int[16];
    int CI[] = new int[16];
    for (int i = 1; i <= k; i++) {
      for (int n = 0; n < 16; n++) {
        CI[n] = C[(i - 1) * 16 + n];
      }
      U = Utils.toIntArray(Dec(Utils.toByteArray(CI), Utils.toByteArray(KB), keysize));
      for (int j = 0; j < 16; j++) {
        if (i > 1) T[(i - 1) * 16 + j] = U[j] ^ C[(i - 2) * 16 + j];
        else T[j] = U[j];
      }
    }

    int padLen = T[(k * 16) - 1];
    if (padLen < 1) {
      throw (new RuntimeException("AES_CBC_IV0_Decrypt: padLen < 1"));
    } else if (padLen > 16) {
      throw (new RuntimeException("AES_CBC_IV0_Decrypt: padLen(" + padLen + ")>16"));
    }
    for (int l = 1; l < padLen; l++) {
      if (T[(k * 16) - 1 - l] != padLen) {
        throw (new RuntimeException("AES_CBC_IV0_Decrypt: OCTET != padLen"));
      }
    }
    int M[] = new int[T.length - padLen];
    for (int m = 0; m < T.length - padLen; m++) {
      M[m] = T[m];
    }
    return M;
  }
コード例 #4
0
  /**
   * MAC1 as described in the IEEE P1363 standard. It computes a HMAC message authentication code
   * tag from secret key KB and message M.
   */
  public static int[] MAC1(int[] K, int[] M) {
    int[] HH = new int[0];
    try {
      int i;
      int[] KK;
      MessageDigest sha = MessageDigest.getInstance("SHA");
      // SHA1 Blocksize B = 512
      if (K.length > (8 * 512)) {
        sha.update(Utils.toByteArray(K));
        // kkLen = 20 octets, 160 bits
        KK = Utils.revIntArray(Utils.toIntArray(sha.digest()));
      } else KK = K;
      int[] P = new int[512 - KK.length];
      for (i = 0; i < P.length; i++) {
        P[i] = 0;
      }
      int[] K0 = Utils.concatenate(KK, P);
      int[] iPad = new int[512];
      for (i = 0; i < iPad.length; i++) {
        iPad[i] = 0x36;
      }
      int[] oPad = new int[512];
      for (i = 0; i < oPad.length; i++) {
        oPad[i] = 0x54;
      }
      sha.reset();
      sha.update(Utils.toByteArray(Utils.concatenate(Utils.xor(K0, iPad), M)));
      int[] H = Utils.revIntArray(Utils.toIntArray(sha.digest()));
      sha.reset();
      sha.update(Utils.toByteArray(Utils.concatenate(Utils.xor(K0, oPad), H)));
      HH = Utils.revIntArray(Utils.toIntArray(sha.digest()));
    } catch (NoSuchAlgorithmException e) {
    }

    return HH;
  }