List of usage examples for javax.crypto.spec PBEKeySpec PBEKeySpec
public PBEKeySpec(char[] password)
From source file:org.kawanfw.commons.util.convert.Pbe.java
/** * Encrypt or decrypt a file using a password * /*from ww w .j a v a2 s . c o m*/ * @param mode * Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE * @param fileIn * the file to encrypt or Decrypt. * @param fileOut * the resulting encrypted/decrypted file * @param password * the password to use * * @throws Exception */ private void cipher(int mode, File fileIn, File fileOut, char[] password) throws Exception { if (mode != Cipher.ENCRYPT_MODE && mode != Cipher.DECRYPT_MODE) { throw new IllegalArgumentException("mode is not Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE!"); } if (fileIn == null) { throw new IllegalArgumentException("in File can not be null!"); } if (fileOut == null) { throw new IllegalArgumentException("out File can not be null!"); } if (password == null) { throw new IllegalArgumentException("password can not be null!"); } PBEKeySpec pbeKeySpec; PBEParameterSpec pbeParamSpec; SecretKeyFactory keyFac; // Salt byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 }; // Iteration count int count = 1; // Create PBE parameter set pbeParamSpec = new PBEParameterSpec(salt, count); pbeKeySpec = new PBEKeySpec(password); keyFac = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec); // Create PBE Cipher Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); // Initialize PBE Cipher with key and parameters pbeCipher.init(mode, pbeKey, pbeParamSpec); InputStream in = null; OutputStream out = null; try { in = new BufferedInputStream(new FileInputStream(fileIn)); out = new BufferedOutputStream(new FileOutputStream(fileOut)); byte[] input = new byte[2048 * 10]; int bytesRead; while ((bytesRead = in.read(input)) != -1) { byte[] output = pbeCipher.update(input, 0, bytesRead); if (output != null) out.write(output); } byte[] output = pbeCipher.doFinal(); if (output != null) out.write(output); out.flush(); } finally { IOUtils.closeQuietly(in); IOUtils.closeQuietly(out); } }
From source file:org.coronastreet.gpxconverter.AccountManager.java
public static String encrypt(String property) throws GeneralSecurityException, UnsupportedEncodingException { SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); SecretKey key = keyFactory.generateSecret(new PBEKeySpec(PASSWORD)); Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); return base64Encode(pbeCipher.doFinal(property.getBytes("UTF-8"))); }
From source file:org.coronastreet.gpxconverter.AccountManager.java
public static String decrypt(String property) throws GeneralSecurityException, IOException { SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); SecretKey key = keyFactory.generateSecret(new PBEKeySpec(PASSWORD)); Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); return new String(pbeCipher.doFinal(base64Decode(property)), "UTF-8"); }
From source file:org.openintents.safe.CryptoHelper.java
/** * Set the password to be used as an encryption key * * @param pass - might be a user-entered key, or one generated by generateMasterKey. * @throws Exception//w ww . j a va 2s . c o m */ public void setPassword(String pass) { if (debug) { Log.d(TAG, "setPassword(" + pass + ")"); } password = pass; pbeKeySpec = new PBEKeySpec(password.toCharArray()); try { pbeKey = keyFac.generateSecret(pbeKeySpec); pbeCipher = Cipher.getInstance(algorithm, "BC"); } catch (InvalidKeySpecException | NoSuchAlgorithmException | NoSuchPaddingException | NoSuchProviderException e) { Log.e(TAG, "setPassword(): " + e.toString()); } // Every time we set a new password, also the session key changes: sessionKey = createNewSessionKey(); }
From source file:net.sf.keystore_explorer.crypto.privatekey.Pkcs8Util.java
/** * Load an encrypted PKCS #8 private key from the specified stream. The * encoding of the private key may be PEM or DER. * * @param is// ww w. ja va 2 s . c o m * Stream load the encrypted private key from * @param password * Password to decrypt * @return The private key * @throws PrivateKeyUnencryptedException * If private key is unencrypted * @throws PrivateKeyPbeNotSupportedException * If private key PBE algorithm is not supported * @throws CryptoException * Problem encountered while loading the private key * @throws IOException * If an I/O error occurred */ public static PrivateKey loadEncrypted(InputStream is, Password password) throws CryptoException, IOException { byte[] streamContents = ReadUtil.readFully(is); // Check pkcs #8 is not unencrypted EncryptionType encType = getEncryptionType(new ByteArrayInputStream(streamContents)); if (encType == null) { // Not a valid PKCS #8 private key throw new CryptoException(res.getString("NotValidPkcs8.exception.message")); } if (encType == UNENCRYPTED) { throw new PrivateKeyUnencryptedException(res.getString("Pkcs8IsUnencrypted.exception.message")); } byte[] encPvk = null; // Check if stream is PEM encoded PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents)); if (pemInfo != null) { // It is - get DER from PEM encPvk = pemInfo.getContent(); } /* * If we haven't got the encrypted bytes via PEM then just use * stream contents directly (assume it is DER encoded) */ if (encPvk == null) { // Read in encrypted private key bytes encPvk = streamContents; } try { // Create encrypted private key information from bytes EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo(encPvk); // Get wrapping algorithm String encAlg = epki.getAlgName(); // Check algorithm is supported if (!checkSupportedForDecrypt(encAlg)) { throw new PrivateKeyPbeNotSupportedException(encAlg, MessageFormat .format(res.getString("PrivateKeyWrappingAlgUnsupported.exception.message"), encAlg)); } // Create algorithm parameters and decryption key AlgorithmParameters encAlgParams = epki.getAlgParameters(); PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); SecretKeyFactory keyFact = SecretKeyFactory.getInstance(encAlg); SecretKey pbeKey = keyFact.generateSecret(pbeKeySpec); // Create cipher to create Cipher cipher = Cipher.getInstance(encAlg); // Do decryption cipher.init(Cipher.DECRYPT_MODE, pbeKey, encAlgParams); PKCS8EncodedKeySpec privateKeySpec = epki.getKeySpec(cipher); // Get encoding of private key byte[] pvkBytes = privateKeySpec.getEncoded(); // Determine private key algorithm from key bytes String privateKeyAlgorithm = getPrivateKeyAlgorithm(pvkBytes); // Use Key Factory to create private key from encoding KeyFactory keyFactory = KeyFactory.getInstance(privateKeyAlgorithm); PrivateKey pvk = keyFactory.generatePrivate(privateKeySpec); return pvk; } catch (GeneralSecurityException ex) { throw new CryptoException(res.getString("NoLoadPkcs8PrivateKey.exception.message"), ex); } }
From source file:org.nuclos.client.LocalUserCaches.java
private static Cipher createCipher(int mode, String password) throws GeneralSecurityException { String alg = "PBEWithSHA1AndDESede"; //BouncyCastle has better algorithms PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray()); SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(alg); SecretKey secretKey = keyFactory.generateSecret(keySpec); Cipher cipher = Cipher.getInstance("PBEWithSHA1AndDESede"); // TODO: A fixed salt doesn't help anything. cipher.init(mode, secretKey, new PBEParameterSpec("saltsalt".getBytes(), 2000)); return cipher; }
From source file:eu.vital.vitalcep.collector.Collector.java
private static String decrypt(String property) throws GeneralSecurityException, IOException { SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); SecretKey key = keyFactory.generateSecret(new PBEKeySpec(PASSWORD)); Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); return new String(Base64.getDecoder().decode(property), StandardCharsets.UTF_8); }
From source file:com.jrummyapps.busybox.signing.ZipSigner.java
/** * Decrypt an encrypted PKCS 8 format private key. * * Based on ghstark's post on Aug 6, 2006 at * http://forums.sun.com/thread.jspa?threadID=758133&messageID=4330949 * * @param encryptedPrivateKey//from ww w . j a v a2s. c o m * The raw data of the private key */ private static KeySpec decryptPrivateKey(final byte[] encryptedPrivateKey) throws GeneralSecurityException { EncryptedPrivateKeyInfo epkInfo; try { epkInfo = new EncryptedPrivateKeyInfo(encryptedPrivateKey); } catch (final IOException ex) { // Probably not an encrypted key. return null; } final String pass = "android"; final char[] password = pass.toCharArray(); final SecretKeyFactory skFactory = SecretKeyFactory.getInstance(epkInfo.getAlgName()); final Key key = skFactory.generateSecret(new PBEKeySpec(password)); final Cipher cipher = Cipher.getInstance(epkInfo.getAlgName()); cipher.init(Cipher.DECRYPT_MODE, key, epkInfo.getAlgParameters()); try { return epkInfo.getKeySpec(cipher); } catch (final InvalidKeySpecException ex) { Log.e(TAG, "Password for keyFile may be bad.", ex); return null; } }
From source file:org.apache.nifi.security.util.crypto.CipherUtility.java
/** * Initializes a {@link Cipher} object with the given PBE parameters. * * @param algorithm the algorithm/*ww w . j a v a 2s.c o m*/ * @param provider the JCA provider * @param password the password * @param salt the salt * @param iterationCount the KDF iteration count * @param encryptMode true to encrypt; false to decrypt * @return the initialized Cipher * @throws IllegalArgumentException if any parameter is invalid */ public static Cipher initPBECipher(String algorithm, String provider, String password, byte[] salt, int iterationCount, boolean encryptMode) throws IllegalArgumentException { try { // Initialize secret key from password final PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); final SecretKeyFactory factory = SecretKeyFactory.getInstance(algorithm, provider); SecretKey tempKey = factory.generateSecret(pbeKeySpec); final PBEParameterSpec parameterSpec = new PBEParameterSpec(salt, iterationCount); Cipher cipher = Cipher.getInstance(algorithm, provider); cipher.init(encryptMode ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, tempKey, parameterSpec); return cipher; } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IllegalArgumentException("One or more parameters to initialize the PBE cipher were invalid", e); } }
From source file:bioLockJ.module.agent.MailAgent.java
private static String encrypt(final String password) throws GeneralSecurityException, UnsupportedEncodingException { final SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); final SecretKey key = keyFactory.generateSecret(new PBEKeySpec(PASSWORD)); final Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); return base64Encode(pbeCipher.doFinal(password.getBytes("UTF-8"))); }