private byte[] iv(byte[] encrypted) { return this.ivGenerator != NULL_IV_GENERATOR ? subArray(encrypted, 0, this.ivGenerator.getKeyLength()) : NULL_IV_GENERATOR.generateKey(); }
private byte[] iv(byte[] encrypted) { return this.ivGenerator != NULL_IV_GENERATOR ? subArray(encrypted, 0, this.ivGenerator.getKeyLength()) : NULL_IV_GENERATOR.generateKey(); }
BouncyCastleAesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator) { if (ivGenerator.getKeyLength() != 16) { throw new IllegalArgumentException("ivGenerator key length != block size 16"); } this.ivGenerator = ivGenerator; PBEParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(); byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS5PasswordToUTF8Bytes(password.toCharArray()); keyGenerator.init(pkcs12PasswordBytes, Hex.decode(salt), 1024); this.secretKey = (KeyParameter) keyGenerator.generateDerivedParameters(256); } }
BouncyCastleAesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator) { if (ivGenerator.getKeyLength() != 16) { throw new IllegalArgumentException("ivGenerator key length != block size 16"); } this.ivGenerator = ivGenerator; PBEParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(); byte[] pkcs12PasswordBytes = PBEParametersGenerator .PKCS5PasswordToUTF8Bytes(password.toCharArray()); keyGenerator.init(pkcs12PasswordBytes, Hex.decode(salt), 1024); this.secretKey = (KeyParameter) keyGenerator.generateDerivedParameters(256); } }
@Override public boolean matches(CharSequence rawPassword, String encodedPassword) { byte[] digested = decode(encodedPassword); byte[] salt = subArray(digested, 0, this.saltGenerator.getKeyLength()); return matches(digested, encode(rawPassword, salt)); }
@Override public boolean matches(CharSequence rawPassword, String encodedPassword) { byte[] digested = Hex.decode(encodedPassword); byte[] salt = subArray(digested, 0, this.saltGenerator.getKeyLength()); return matches(digested, encodeAndConcatenate(rawPassword, salt)); }
@Override public byte[] decrypt(byte[] encryptedBytes) { byte[] iv = subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength()); encryptedBytes = subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length); @SuppressWarnings("deprecation") GCMBlockCipher blockCipher = new GCMBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()); blockCipher.init(false, new AEADParameters(secretKey, 128, iv, null)); return process(blockCipher, encryptedBytes); }
public boolean matches(CharSequence rawPassword, String encodedPassword) { byte[] digested = decode(encodedPassword); byte[] salt = subArray(digested, 0, saltGenerator.getKeyLength()); return matches(digested, digest(rawPassword, salt)); }
@Before public void setUp() { this.generator = mock(BytesKeyGenerator.class); when(this.generator.generateKey()).thenReturn(Hex.decode("4b0febebd439db7ca77153cb254520c3")); when(this.generator.getKeyLength()).thenReturn(16); }
public boolean matches(CharSequence rawPassword, String encodedPassword) { byte[] digested = decode(encodedPassword); byte[] salt = subArray(digested, 0, saltGenerator.getKeyLength()); return matches(digested, digest(rawPassword, salt)); }
@Test public void migrate() { final int saltLength = KeyGenerators.secureRandom().getKeyLength(); String encodedPassword = "ab1146a8458d4ce4e65789e5a3f60e423373cfa10b01abd23739e5ae2fdc37f8e9ede4ae6da65264"; String originalEncodedPassword = "ab1146a8458d4ce4ab1146a8458d4ce4e65789e5a3f60e423373cfa10b01abd23739e5ae2fdc37f8e9ede4ae6da65264"; byte[] originalBytes = Hex.decode(originalEncodedPassword); byte[] fixedBytes = Arrays.copyOfRange(originalBytes, saltLength, originalBytes.length); String fixedHex = String.valueOf(Hex.encode(fixedBytes)); assertThat(fixedHex).isEqualTo(encodedPassword); }
@Test public void secureRandomCustomLength() { BytesKeyGenerator keyGenerator = KeyGenerators.secureRandom(21); assertThat(keyGenerator.getKeyLength()).isEqualTo(21); byte[] key = keyGenerator.generateKey(); assertThat(key).hasSize(21); byte[] key2 = keyGenerator.generateKey(); assertThat(Arrays.equals(key, key2)).isFalse(); }
@Override public boolean matches(CharSequence rawPassword, String encodedPassword) { byte[] digested = decode(encodedPassword); byte[] salt = subArray(digested, 0, this.saltGenerator.getKeyLength()); return matches(digested, encode(rawPassword, salt)); }
@Override public boolean matches(CharSequence rawPassword, String encodedPassword) { byte[] digested = Hex.decode(encodedPassword); byte[] salt = subArray(digested, 0, this.saltGenerator.getKeyLength()); return matches(digested, encodeAndConcatenate(rawPassword, salt)); }
@Override public byte[] decrypt(byte[] encryptedBytes) { byte[] iv = subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength()); encryptedBytes = subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length); @SuppressWarnings("deprecation") GCMBlockCipher blockCipher = new GCMBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()); blockCipher.init(false, new AEADParameters(secretKey, 128, iv, null)); return process(blockCipher, encryptedBytes); }
@Test public void secureRandom() { BytesKeyGenerator keyGenerator = KeyGenerators.secureRandom(); assertThat(keyGenerator.getKeyLength()).isEqualTo(8); byte[] key = keyGenerator.generateKey(); assertThat(key).hasSize(8); byte[] key2 = keyGenerator.generateKey(); assertThat(Arrays.equals(key, key2)).isFalse(); }
@Test public void shared() throws Exception { BytesKeyGenerator keyGenerator = KeyGenerators.shared(21); assertThat(keyGenerator.getKeyLength()).isEqualTo(21); byte[] key = keyGenerator.generateKey(); assertThat(key).hasSize(21); byte[] key2 = keyGenerator.generateKey(); assertThat(Arrays.equals(key, key2)).isTrue(); }
@Override public byte[] decrypt(byte[] encryptedBytes) { byte[] iv = subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength()); encryptedBytes = subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length); @SuppressWarnings("deprecation") PaddedBufferedBlockCipher blockCipher = new PaddedBufferedBlockCipher( new CBCBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()), new PKCS7Padding()); blockCipher.init(false, new ParametersWithIV(secretKey, iv)); return process(blockCipher, encryptedBytes); }
@Override public byte[] decrypt(byte[] encryptedBytes) { byte[] iv = subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength()); encryptedBytes = subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length); @SuppressWarnings("deprecation") PaddedBufferedBlockCipher blockCipher = new PaddedBufferedBlockCipher( new CBCBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()), new PKCS7Padding()); blockCipher.init(false, new ParametersWithIV(secretKey, iv)); return process(blockCipher, encryptedBytes); }
@Override public byte[] decrypt(byte[] encryptedBytes) { byte[] iv = subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength()); encryptedBytes = subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length); @SuppressWarnings("deprecation") GCMBlockCipher blockCipher = new GCMBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()); blockCipher.init(false, new AEADParameters(secretKey, 128, iv, null)); return process(blockCipher, encryptedBytes); }