stackoom
  简体   繁体   中英

AES 256 (instead of 128) with BouncyCastle

 原文  2012-09-24 21:28:06       java/ cryptography/ aes/ bouncycastle

Question

I followed much of this post with the objective to implement aes 256 encryption in my software and it works just fine

The key point here is that the whole implementation described in the above link uses the AESEngine class . Looking at the class code and javadoc reference , the AESEngine is a 128bit instead of a 256 bit block cipher

Searching trough the code and docs i could not find the 192 or 256 bits implementations. Where are them?

For completeness, this is the core of my actual ciphering class: 

    private void init(String passphrase) {
        try {
            String algorithm = "PBEWithSHA256And256BitAES-CBC-BC"; 

            encryptCipher = createCipher();
            decryptCipher = createCipher();    

            randomGenerator = new RandomGenerator();

            PBEKeySpec keySpec = new PBEKeySpec(passphrase.toCharArray(), KEY_SALT, ITERATIONS);    

            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
            key = keyFactory.generateSecret(keySpec);    

        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("NoSuchAlgorithmException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
        } catch (InvalidKeySpecException e) {
            throw new RuntimeException("InvalidKeySpecException occured while trying to generate the crypto key. This error should never occur, check the application code", e);
        }
    }    

    private BufferedBlockCipher createCipher() {
        return new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESFastEngine()), new PKCS7Padding());
    }    

    public byte[] encrypt(byte[] data) {
        if (data == null)
            throw new NullPointerException("Cannot encrypt null data");    

        byte[] iv = randomGenerator.generateRandom(IV_SIZE);    

        byte[] encrypted;

        synchronized (encryptCipher) {
            encrypted = runCipher(encryptCipher, true, data, iv);
        }    

        return DataUtil.append(iv, encrypted);
    }    

    public byte[] decrypt(byte[] data) {
        if (data == null)
            throw new NullPointerException("Cannot decrypt null data");    

        byte[] iv = DataUtil.extract(data, 0, IV_SIZE);
        byte[] cipherText = DataUtil.extract(data, IV_SIZE, data.length - IV_SIZE);

        byte[] decrypted;    

        synchronized (decryptCipher) {
            decrypted = runCipher(decryptCipher, false, cipherText, iv);
        }

        return decrypted;
    }

    private byte[] runCipher(BufferedBlockCipher cipher, boolean forEncryption, byte[] data, byte[] iv) {
        String operation = forEncryption ? "encrypt" : "decrypt";

        try {
            KeyParameter keyParam = new KeyParameter(key.getEncoded());
            ParametersWithIV cipherParams = new ParametersWithIV(keyParam, iv);

            cipher.init(forEncryption, cipherParams);

            byte[] result = new byte[cipher.getOutputSize(data.length)];
            int len = cipher.processBytes(data, 0, data.length, result, 0);
            len += cipher.doFinal(result, len);

            //Remove padding se estiver decriptografando
            if(!forEncryption)
                result = DataUtil.extract(result, 0, len);

            return result;
        } catch (DataLengthException e) {
            throw new RuntimeException("DataLengthException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
        } catch (IllegalStateException e) {
            throw new RuntimeException("IllegalStateException occured while trying to " + operation + " data with length " + data.length + ". This error should never occur, check the application code", e);
        } catch (InvalidCipherTextException e) {
            throw new IllegalArgumentException("InvalidCipherTextException occured while trying to " + operation + " data with length " + data.length, e);
        }
    }

2 answers

solution1
 5 ACCPTED  2012-09-24 22:40:56

If you want to do AES like encryption with a block size of 256 bit you should use:

http://www.docjar.org/docs/api/org/bouncycastle/crypto/engines/RijndaelEngine.html

But that's probably not what you want; the 256 in AES-256 is about the key size. This key size is then used by the underlying 128 bit AES block cipher. AES is the standardized, 128 bit block version of Rijndael.

solution2
 0  2015-02-22 14:39:14

AES supports 3 key sizes - Wikipedia , NIST .

You're probably referring the block size, which is fixed at 128 bits.

Also, I tried going through code, it is written assuming different key sizes - 128, 192, and 256. Copy - paste from code - "AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits. This code is written assuming those are the only possible values"

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Is AES128 or AES256 on Android? AES-256 encryption with BouncyCastle Lightweight API Decrypting aes-256-cbc using bouncycastle Java AES 128 with 256 character key size How to switch from AES-256 to AES-128? Android: Define which encryption to use: AES 128 or AES 256 Java AES 128 ECB to AES 256 ECB conversion Encrypt/decrypt byte array > 256 bytes using AES-128 Java using AES 256 and 128 Symmetric-key encryption How to switch between AES-128, AES-192 and AES-256
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM