Examples of org.bouncycastle.crypto.modes.AEADBlockCipher

• org.bouncycastle.crypto.modes.AEADBlockCipher
  A block cipher mode that includes authenticated encryption with a streaming mode and optional associated data. @see org.bouncycastle.crypto.params.AEADParameters

    // Attack / alter ciphertext (an attacker would do this!)
    byte[] alteredCiphertext = Arrays.clone(originalCiphertext);
    alteredCiphertext[8] = (byte) (alteredCiphertext[8] ^ 0x08); // <<< Change 100$ to 900$

    // Decrypt with BouncyCastle implementation of CipherInputStream
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));

    try {
      readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(alteredCiphertext), cipher));
      //             ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
      //

    byte[] randomIv = createRandomArray(16);
    byte[] originalPlaintext = createRandomArray(4080); // <<<< 4080 bytes fails, 4079 bytes works!
    byte[] originalCiphertext = encryptWithAesGcm(originalPlaintext, randomKey, randomIv);

    // Decrypt with BouncyCastle implementation of CipherInputStream
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(randomKey), 128, randomIv));

    try {
      readFromStream(new org.bouncycastle.crypto.io.CipherInputStream(new ByteArrayInputStream(originalCiphertext), cipher));
      //             ^^^^^^^^^^^^^^^ INTERESTING PART ^^^^^^^^^^^^^^^^
      //

    super(id, algorithm, keySize, ivSize, needsUnlimitedStrength);
  }

  @Override
  public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException {
    AEADBlockCipher cipher = new GCMBlockCipher(new TwofishEngine());
    cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));

    return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
  }

    return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
  }

  @Override
  public InputStream newCipherInputStream(InputStream underlyingInputStream, byte[] secretKey, byte[] iv) throws CipherException {
    AEADBlockCipher cipher = new GCMBlockCipher(new TwofishEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));

    return new org.bouncycastle.crypto.io.CipherInputStream(underlyingInputStream, cipher);
  }

    super(id, algorithm, keySize, ivSize, needsUnlimitedStrength);
  }

  @Override
  public OutputStream newCipherOutputStream(OutputStream underlyingOutputStream, byte[] secretKey, byte[] iv) throws CipherException {
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(true, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));

    return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
  }

    return new org.bouncycastle.crypto.io.CipherOutputStream(underlyingOutputStream, cipher);
  }

  @Override
  public InputStream newCipherInputStream(InputStream underlyingInputStream, byte[] secretKey, byte[] iv) throws CipherException {
    AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
    cipher.init(false, new AEADParameters(new KeyParameter(secretKey), MAC_SIZE, iv));

    return new org.bouncycastle.crypto.io.CipherInputStream(underlyingInputStream, cipher);
  }