/** * Creates a text encryptor that uses "standard" password-based encryption. Encrypted * text is hex-encoded. * * @param password the password used to generate the encryptor's secret key; should * not be shared * @see Encryptors#standard(CharSequence, CharSequence) */ public static TextEncryptor text(CharSequence password, CharSequence salt) { return new HexEncodingTextEncryptor(standard(password, salt)); }
public SingleTextEncryptorLocator(TextEncryptor encryptor) { this.encryptor = encryptor == null ? Encryptors.noOpText() : encryptor; }
/** * Creates a text encryptor that uses "stronger" password-based encryption. Encrypted * text is hex-encoded. * * @param password the password used to generate the encryptor's secret key; should * not be shared * @see Encryptors#stronger(CharSequence, CharSequence) */ public static TextEncryptor delux(CharSequence password, CharSequence salt) { return new HexEncodingTextEncryptor(stronger(password, salt)); }
private static byte[] decrypt(byte[] text, PrivateKey key, RsaAlgorithm alg, String salt, boolean gcm) { ByteArrayInputStream input = new ByteArrayInputStream(text); ByteArrayOutputStream output = new ByteArrayOutputStream(text.length); try { int length = readInt(input); byte[] random = new byte[length]; input.read(random); final Cipher cipher = Cipher.getInstance(alg.getJceName()); cipher.init(Cipher.DECRYPT_MODE, key); String secret = new String(Hex.encode(cipher.doFinal(random))); byte[] buffer = new byte[text.length - random.length - 2]; input.read(buffer); BytesEncryptor aes = gcm ? Encryptors.stronger(secret, salt) : Encryptors .standard(secret, salt); output.write(aes.decrypt(buffer)); return output.toByteArray(); } catch (RuntimeException e) { throw e; } catch (Exception e) { throw new IllegalStateException("Cannot decrypt", e); } }
@Test public void text() { CryptoAssumptions.assumeCBCJCE(); TextEncryptor encryptor = Encryptors.text("password", "5c0744940b5c369b"); String result = encryptor.encrypt("text"); assertThat(result).isNotNull(); assertThat(result.equals("text")).isFalse(); assertThat(encryptor.decrypt(result)).isEqualTo("text"); assertThat(result.equals(encryptor.encrypt("text"))).isFalse(); }
@Test public void preferred() { CryptoAssumptions.assumeGCMJCE(); TextEncryptor encryptor = Encryptors.delux("password", "5c0744940b5c369b"); String result = encryptor.encrypt("text"); assertThat(result).isNotNull(); assertThat(result.equals("text")).isFalse(); assertThat(encryptor.decrypt(result)).isEqualTo("text"); assertThat(result.equals(encryptor.encrypt("text"))).isFalse(); }
private static byte[] encrypt(byte[] text, PublicKey key, RsaAlgorithm alg, String salt, boolean gcm) { byte[] random = KeyGenerators.secureRandom(16).generateKey(); BytesEncryptor aes = gcm ? Encryptors.stronger(new String(Hex.encode(random)), salt) : Encryptors.standard(new String(Hex.encode(random)), salt); try { final Cipher cipher = Cipher.getInstance(alg.getJceName()); cipher.init(Cipher.ENCRYPT_MODE, key); byte[] secret = cipher.doFinal(random); ByteArrayOutputStream result = new ByteArrayOutputStream(text.length + 20); writeInt(result, secret.length); result.write(secret); result.write(aes.encrypt(text)); return result.toByteArray(); } catch (RuntimeException e) { throw e; } catch (Exception e) { throw new IllegalStateException("Cannot encrypt", e); } }
public TextEncryptor create(String data) { TextEncryptor encryptor; if (data.contains("RSA PRIVATE KEY")) { try { String normalizedPemData = normalizePem(data); encryptor = new RsaSecretEncryptor( NEWLINE_ESCAPE_PATTERN.matcher(normalizedPemData).replaceAll("")); } catch (IllegalArgumentException e) { throw new KeyFormatException(e); } } else if (data.startsWith("ssh-rsa") || data.contains("RSA PUBLIC KEY")) { throw new KeyFormatException(); } else { encryptor = Encryptors.text(data, salt); } return encryptor; }
/** * Creates a text encryptor that uses "standard" password-based encryption. Encrypted * text is hex-encoded. * * @param password the password used to generate the encryptor's secret key; should * not be shared * @see Encryptors#standard(CharSequence, CharSequence) */ public static TextEncryptor text(CharSequence password, CharSequence salt) { return new HexEncodingTextEncryptor(standard(password, salt)); }
@Bean public TextEncryptor defaultTextEncryptor() { if (locator != null) { return new LocatorTextEncryptor(locator); } if (StringUtils.hasText(this.key.getKey())) { return new EncryptorFactory(this.key.getSalt()).create(this.key.getKey()); } return Encryptors.noOpText(); }
/** * Creates a text encryptor that uses "stronger" password-based encryption. Encrypted * text is hex-encoded. * * @param password the password used to generate the encryptor's secret key; should * not be shared * @see Encryptors#stronger(CharSequence, CharSequence) */ public static TextEncryptor delux(CharSequence password, CharSequence salt) { return new HexEncodingTextEncryptor(stronger(password, salt)); }
public TextEncryptor create(String data) { TextEncryptor encryptor; if (data.contains("RSA PRIVATE KEY")) { try { String normalizedPemData = normalizePem(data); encryptor = new RsaSecretEncryptor( NEWLINE_ESCAPE_PATTERN.matcher(normalizedPemData).replaceAll("")); } catch (IllegalArgumentException e) { throw new KeyFormatException(e); } } else if (data.startsWith("ssh-rsa") || data.contains("RSA PUBLIC KEY")) { throw new KeyFormatException(); } else { encryptor = Encryptors.text(data, salt); } return encryptor; }
@Test public void standard() throws Exception { CryptoAssumptions.assumeCBCJCE(); BytesEncryptor encryptor = Encryptors.standard("password", "5c0744940b5c369b"); byte[] result = encryptor.encrypt("text".getBytes("UTF-8")); assertThat(result).isNotNull(); assertThat(new String(result).equals("text")).isFalse(); assertThat(new String(encryptor.decrypt(result))).isEqualTo("text"); assertThat(new String(result)).isNotEqualTo( new String(encryptor.encrypt("text".getBytes()))); }
@Test public void noOpText() { TextEncryptor encryptor = Encryptors.noOpText(); assertThat(encryptor.encrypt("text")).isEqualTo("text"); assertThat(encryptor.decrypt("text")).isEqualTo("text"); }
@Test public void stronger() throws Exception { CryptoAssumptions.assumeGCMJCE(); BytesEncryptor encryptor = Encryptors.stronger("password", "5c0744940b5c369b"); byte[] result = encryptor.encrypt("text".getBytes("UTF-8")); assertThat(result).isNotNull(); assertThat(new String(result).equals("text")).isFalse(); assertThat(new String(encryptor.decrypt(result))).isEqualTo("text"); assertThat(new String(result)).isNotEqualTo( new String(encryptor.encrypt("text".getBytes()))); }
Log.info("Trying symmetric key"); encryptor = Encryptors.text(data, SALT);
/** * Creates a text encryptor that uses standard password-based encryption. * Encrypted text is hex-encoded. * * @param password the password used to generate the encryptor's secret key; should not be shared */ public static TextEncryptor text(CharSequence password, CharSequence salt) { return new HexEncodingTextEncryptor(standard(password, salt)); }
@Override public UsersConnectionRepository configureUsersConnectionRepository( ConnectionFactoryLocator connectionFactoryLocator) { JdbcUsersConnectionRepository repository = new JdbcUsersConnectionRepository(dataSource, connectionFactoryLocator, Encryptors.noOpText()); return repository; }
/** * Creates a text encryptor that uses "stronger" password-based encryption. Encrypted * text is hex-encoded. * * @param password the password used to generate the encryptor's secret key; should * not be shared * @see Encryptors#stronger(CharSequence, CharSequence) */ public static TextEncryptor delux(CharSequence password, CharSequence salt) { return new HexEncodingTextEncryptor(stronger(password, salt)); }
/** * Creates a text encryptor that uses "standard" password-based encryption. Encrypted * text is hex-encoded. * * @param password the password used to generate the encryptor's secret key; should * not be shared * @see Encryptors#standard(CharSequence, CharSequence) */ public static TextEncryptor text(CharSequence password, CharSequence salt) { return new HexEncodingTextEncryptor(standard(password, salt)); }