/** * AES algorithm */ private PBEStringEncryptor newEncryptor(final String passphrase) { final StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); encryptor.setPassword(passphrase); encryptor.setProvider(PROVIDER); encryptor.setAlgorithm(CRYPTO_ALGO); return encryptor; } }
/** * DES algorithm */ private PBEStringEncryptor newEncryptor(final String passphrase) { final StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); encryptor.setPassword(passphrase); return encryptor; } }
public static StandardPBEStringEncryptor createEncryptor() { StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); EnvironmentStringPBEConfig config = new EnvironmentStringPBEConfig(); config.setAlgorithm("PBEWithMD5AndDES"); config.setPasswordEnvName("ACTIVEMQ_ENCRYPTION_PASSWORD"); encryptor.setConfig(config); return encryptor; }
@Override protected PasswordEncoder createStringEncoder() { byte[] password = lookupPasswordFromKeyStore(); char[] chars = toChars(password); try { stringEncrypter = new StandardPBEStringEncryptor(); stringEncrypter.setPasswordCharArray(chars); if (getProviderName() != null && !getProviderName().isEmpty()) { stringEncrypter.setProviderName(getProviderName()); } stringEncrypter.setAlgorithm(getAlgorithm()); JasyptPBEPasswordEncoderWrapper encoder = new JasyptPBEPasswordEncoderWrapper(); encoder.setPbeStringEncryptor(stringEncrypter); return encoder; } finally { scramble(password); scramble(chars); } }
@SuppressWarnings({ "rawtypes", "unchecked" }) @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { String encryptionPassword = (String)options.get(ENCRYPTION_PASSWORD); String passwordEnvName = options.get(PASSWORD_ENV_NAME) != null ? (String)options.get(PASSWORD_ENV_NAME) : DEFAULT_PASSWORD_ENV_NAME; String passwordAlgorithm = options.get(PASSWORD_ALGORITHM) != null ? (String)options.get(PASSWORD_ALGORITHM) : DEFAULT_PASSWORD_ALGORITHM; EnvironmentStringPBEConfig envConfig = new EnvironmentStringPBEConfig(); envConfig.setAlgorithm(passwordAlgorithm); //If the password was set, use it //else look up the password from the environment if (encryptionPassword == null) { envConfig.setPasswordEnvName(passwordEnvName); } else { envConfig.setPassword(encryptionPassword); } configurationEncryptor.setConfig(envConfig); EncryptableProperties encryptableOptions = new EncryptableProperties(configurationEncryptor); encryptableOptions.putAll(options); super.initialize(subject, callbackHandler, sharedState, encryptableOptions); }
char[] chars = toChars(password); byteEncrypter = new StandardPBEByteEncryptor(); byteEncrypter.setPasswordCharArray(chars); byteEncrypter.setProviderName(getProviderName()); byteEncrypter.setAlgorithm(getAlgorithm());
byte[] encode(char[] passwd) { if (!config.isEncrypting()) { return toBytes(passwd); } // encrypt the password StandardPBEByteEncryptor encryptor = new StandardPBEByteEncryptor(); char[] key = key(); try { encryptor.setPasswordCharArray(key); return Base64.encodeBase64(encryptor.encrypt(toBytes(passwd))); } finally { scramble(key); } }
byte[] decode(byte[] passwd) { if (!config.isEncrypting()) { return passwd; } // decrypt the password StandardPBEByteEncryptor encryptor = new StandardPBEByteEncryptor(); char[] key = key(); try { encryptor.setPasswordCharArray(key); return encryptor.decrypt(Base64.decodeBase64(passwd)); } finally { scramble(key); } }
@Override public String decrypt(final String cipheredText, final String passphrase) { try { final String jsonStr = Crypto.decode(cipheredText); final JsonNode json = MAPPER.readTree(jsonStr); return newEncryptor(passphrase).decrypt(json.get(CIPHERED_TEXT_KEY).asText()); } catch (final Exception e) { throw new RuntimeException(e); } }
public String encodePassword(String rawPass, Object salt) { this.checkInitialization(); return this.useTextEncryptor ? this.textEncryptor.encrypt(rawPass) : this.pbeStringEncryptor.encrypt(rawPass); }
public String decode(String encPass) throws UnsupportedOperationException { if (stringEncrypter == null) { // not initialized getStringEncoder(); } return stringEncrypter.decrypt(removePrefix(encPass)); }
SimplePBEConfig config = new SimplePBEConfig(); config.setAlgorithm("PBEWithMD5AndTripleDES"); config.setKeyObtentionIterations(1000); config.setPassword("propertiesFilePassword"); StandardPBEStringEncryptor encryptor = new org.jasypt.encryption.pbe.StandardPBEStringEncryptor(); encryptor.setConfig(config); encryptor.initialize();
@Override public boolean isPasswordValid(String encPass, char[] rawPass, Object salt) { byte[] decoded = Base64.decode(encPass.getBytes()); byte[] decrypted = byteEncrypter.decrypt(decoded); char[] chars = toChars(decrypted); try { return Arrays.equals(chars, rawPass); } finally { scramble(decrypted); scramble(chars); } }
@Override public String encodePassword(char[] rawPass, Object salt) { byte[] bytes = toBytes(rawPass); try { return new String(Base64.encode(byteEncrypter.encrypt(bytes))); } finally { scramble(bytes); } } };
/* * First, create (or ask some other component for) the adequate encryptor for * decrypting the values in our .properties file. */ StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); encryptor.setPassword("jasypt"); // could be got from web, env variable... /* * Create our EncryptableProperties object and load it the usual way. */ Properties props = new EncryptableProperties(encryptor); props.load(new FileInputStream("/path/to/my/configuration.properties")); /* * To get a non-encrypted value, we just get it with getProperty... */ String datasourceUsername = props.getProperty("datasource.username"); /* * ...and to get an encrypted value, we do exactly the same. Decryption will * be transparently performed behind the scenes. */ String datasourcePassword = props.getProperty("datasource.password"); // From now on, datasourcePassword equals "reports_passwd"...
@Override public String decrypt(final String cipheredText, final String passphrase) { try { final JsonNode json = MAPPER.readTree(Crypto.decode(cipheredText)); return newEncryptor(passphrase).decrypt(json.get(CIPHERED_TEXT_KEY).asText()); } catch (final Exception e) { throw new RuntimeException(e); } }
@Override public String encrypt(final String plaintext, final String passphrase, final Version cryptoVersion) { Preconditions.checkArgument(Version.V1_1.equals(cryptoVersion)); final String cipheredText = newEncryptor(passphrase).encrypt(plaintext); final ObjectNode node = MAPPER.createObjectNode(); node.put(CIPHERED_TEXT_KEY, cipheredText); node.put(VERSION_IDENTIFIER, Version.V1_1.versionStr()); return Crypto.encode(node.toString()); }
@Override public char[] decodeToCharArray(String encPass) throws UnsupportedOperationException { if (byteEncrypter == null) { // not initialized getCharEncoder(); } byte[] decoded = Base64.decode(removePrefix(encPass).getBytes()); byte[] bytes = byteEncrypter.decrypt(decoded); try { return toChars(bytes); } finally { scramble(bytes); } }
public boolean isPasswordValid(String encPass, String rawPass, Object salt) { this.checkInitialization(); String decPassword = null; if (this.useTextEncryptor) { decPassword = this.textEncryptor.decrypt(encPass); } else { decPassword = this.pbeStringEncryptor.decrypt(encPass); } if (decPassword != null && rawPass != null) { return decPassword.equals(rawPass); } else { return decPassword == rawPass; } }
@Override public String encrypt(final String plaintext, final String passphrase, final Version cryptoVersion) { Preconditions.checkArgument(Version.V1_0.equals(cryptoVersion)); final String cipheredText = newEncryptor(passphrase).encrypt(plaintext); final ObjectNode node = MAPPER.createObjectNode(); node.put(CIPHERED_TEXT_KEY, cipheredText); node.put(VERSION_IDENTIFIER, Version.V1_0.versionStr()); return Crypto.encode(node.toString()); }