List of usage examples for javax.crypto.spec PBEKeySpec PBEKeySpec
public PBEKeySpec(char[] password, byte[] salt, int iterationCount)
From source file:edu.ku.brc.helpers.Encryption.java
/** * Decrypt the string from its array of bytes * @param input the actual string (in bytes) that is to be decrypted * @param password a password, which is really any string, but must be the same string that was used to encrypt it. * @return a byte array of the decrypted chars * @throws Exception in case something goes wrong *//*from w w w. ja v a 2 s.c om*/ public static byte[] decrypt(final byte[] input, final char[] password) throws Exception { /* * The first SALT_LENGTH bytes of the input ciphertext are actually the salt, not the * ciphertext. */ byte[] salt = new byte[SALT_LENGTH]; System.arraycopy(input, 0, salt, 0, SALT_LENGTH); /* * We can now create a key from our salt (extracted just above), password, and iteration * count. Same procedure to create the key as in Encryption(). */ PBEKeySpec keyspec = new PBEKeySpec(password, salt, ITERATION_COUNT); SecretKeyFactory skf = SecretKeyFactory.getInstance(ALGORITHM); SecretKey key = skf.generateSecret(keyspec); /* * Once again, create a PBEParameterSpec object and a Cipher object. */ PBEParameterSpec paramspec = new PBEParameterSpec(salt, ITERATION_COUNT); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, key, paramspec); /* * Decrypt the data. The parameters we pass into doFinal() instruct it to skip the first * SALT_LENGTH bytes of input (which are actually the salt), and then to Encryption the next * (length - SALT_LENGTH) bytes, which are the real ciphertext. */ byte[] output = cipher.doFinal(input, SALT_LENGTH, input.length - SALT_LENGTH); /* Clear the password and return the generated plaintext. */ keyspec.clearPassword(); return output; }
From source file:org.jboss.ejb3.examples.ch05.encryption.EncryptionBean.java
/** * Initializes this service before it may handle requests * /*from w ww. j av a 2s. c om*/ * @throws Exception If some unexpected error occurred */ @PostConstruct public void initialize() throws Exception { // Log that we're here log.info("Initializing, part of " + PostConstruct.class.getName() + " lifecycle"); /* * Symmetric Encryption */ // Obtain parameters used in initializing the ciphers final String cipherAlgorithm = DEFAULT_ALGORITHM_CIPHER; final byte[] ciphersSalt = DEFAULT_SALT_CIPHERS; final int ciphersIterationCount = DEFAULT_ITERATION_COUNT_CIPHERS; final String ciphersPassphrase = this.getCiphersPassphrase(); // Obtain key and param spec for the ciphers final KeySpec ciphersKeySpec = new PBEKeySpec(ciphersPassphrase.toCharArray(), ciphersSalt, ciphersIterationCount); final SecretKey ciphersKey = SecretKeyFactory.getInstance(cipherAlgorithm).generateSecret(ciphersKeySpec); final AlgorithmParameterSpec paramSpec = new PBEParameterSpec(ciphersSalt, ciphersIterationCount); // Create and init the ciphers this.encryptionCipher = Cipher.getInstance(ciphersKey.getAlgorithm()); this.decryptionCipher = Cipher.getInstance(ciphersKey.getAlgorithm()); encryptionCipher.init(Cipher.ENCRYPT_MODE, ciphersKey, paramSpec); decryptionCipher.init(Cipher.DECRYPT_MODE, ciphersKey, paramSpec); // Log log.info("Initialized encryption cipher: " + this.encryptionCipher); log.info("Initialized decryption cipher: " + this.decryptionCipher); /* * One-way Hashing */ // Get the algorithm for the MessageDigest final String messageDigestAlgorithm = this.getMessageDigestAlgorithm(); // Create the MessageDigest try { this.messageDigest = MessageDigest.getInstance(messageDigestAlgorithm); } catch (NoSuchAlgorithmException e) { throw new RuntimeException("Could not obtain the " + MessageDigest.class.getSimpleName() + " for algorithm: " + messageDigestAlgorithm, e); } log.info("Initialized MessageDigest for one-way hashing: " + this.messageDigest); }
From source file:mitm.common.security.KeyEncoderTest.java
@Test public void testSerializeSecretKey() throws Exception { PBEKeySpec keySpec = new PBEKeySpec("test".toCharArray(), new byte[] { 1 }, 1); SecretKeyFactory secretKeyFactory = securityFactory .createSecretKeyFactory("PBEWITHSHA256AND128BITAES-CBC-BC"); Key secretKey = secretKeyFactory.generateSecret(keySpec); byte[] serialized = KeyEncoder.encode(secretKey, encryptor); assertNotNull(serialized);/*from w ww. j a va2s . c o m*/ Key key = KeyEncoder.decode(serialized, encryptor); assertTrue(key instanceof SecretKey); assertTrue(ArrayUtils.isEquals(secretKey.getEncoded(), key.getEncoded())); }
From source file:com.thruzero.common.core.security.SimpleCipher.java
/** * Construct using the {@code salt}, {@code passPhrase} and {@code iterationCount} defined by the given * {@code simpleCipherConfiguration}.//from w w w.j a v a 2 s. c o m * * @throws SimpleCipherException */ public SimpleCipher(final SimpleCipherConfiguration simpleCipherConfiguration) throws SimpleCipherException { try { int count = simpleCipherConfiguration.getIterationCount(); byte[] salt = simpleCipherConfiguration.getSalt(); KeySpec keySpec = new PBEKeySpec(simpleCipherConfiguration.getPassPhrase(), salt, count); AlgorithmParameterSpec parameterSpec = new PBEParameterSpec(salt, count); SecretKey key = SecretKeyFactory.getInstance(PBE_WITH_MD5_AND_DES).generateSecret(keySpec); encryptionCipher = Cipher.getInstance(key.getAlgorithm()); encryptionCipher.init(Cipher.ENCRYPT_MODE, key, parameterSpec); decryptionCipher = Cipher.getInstance(key.getAlgorithm()); decryptionCipher.init(Cipher.DECRYPT_MODE, key, parameterSpec); } catch (InvalidAlgorithmParameterException e) { throw new SimpleCipherException( "Couldn't instantiate SimpleCipher because of " + ExceptionUtils.getMessage(e), e); } catch (Exception e) { throw new SimpleCipherException( "Couldn't instantiate SimpleCipher because of " + ExceptionUtils.getMessage(e), e); } }
From source file:org.mxupdate.eclipse.properties.ProjectProperties.java
/** * Returns encrypted/decrypted by salt password. Uses SHA-1 Message Digest * Algorithm as defined in NIST's FIPS 180-1. The output of this algorithm * is a 160-bit digest./*from ww w. j ava 2 s. c om*/ * * @param _password password to encrypt / decrypt * @param _decrypt <i>true</i> to decrypt or <i>false</i> to encrypt * @return decrypted / encrypted by salt password * @see #PDE_ALGORITHM * @see #PDE_PASSWORD * @see #PDE_SALT * @see #PDE_ITERATION */ private String decryptEncrypt(final String _password, final boolean _decrypt) { String ret = null; if (_password != null) { try { // create PBE parameter set final PBEParameterSpec pbeParamSpec = new PBEParameterSpec(ProjectProperties.PDE_SALT, ProjectProperties.PDE_ITERATION); final PBEKeySpec pbeKeySpec = new PBEKeySpec(ProjectProperties.PDE_PASSWORD, ProjectProperties.PDE_SALT, ProjectProperties.PDE_ITERATION); final SecretKeyFactory keyFac = SecretKeyFactory.getInstance(ProjectProperties.PDE_ALGORITHM); final SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec); final Cipher cipher = Cipher.getInstance(pbeKey.getAlgorithm()); if (_decrypt) { cipher.init(Cipher.DECRYPT_MODE, pbeKey, pbeParamSpec); // decode base64 to get bytes final byte[] dec = Base64.decodeBase64(_password.getBytes(ProjectProperties.ENCODING)); // decrypt final byte[] ciphertext = cipher.doFinal(dec); ret = new String(ciphertext, ProjectProperties.ENCODING); } else { cipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec); final byte[] pwdText = _password.getBytes(ProjectProperties.ENCODING); // encrypt the cleartext final byte[] ciphertext = cipher.doFinal(pwdText); ret = new String(Base64.encodeBase64(ciphertext), ProjectProperties.ENCODING); } } catch (final Exception e) { throw new Error(e); } } return ret; }
From source file:org.ejbca.util.StringTools.java
public static String pbeDecryptStringWithSha256Aes192(final String in) throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, UnsupportedEncodingException { if (CryptoProviderTools.isUsingExportableCryptography()) { log.warn("De-obfuscation not possible due to weak crypto policy."); return in; }//from w ww . j av a2 s . com final String algorithm = "PBEWithSHA256And192BitAES-CBC-BC"; final Cipher c = Cipher.getInstance(algorithm, "BC"); final PBEKeySpec keySpec = new PBEKeySpec(p, getSalt(), iCount); final SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm, "BC"); c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec)); final byte[] dec = c.doFinal(Hex.decode(in.getBytes("UTF-8"))); return new String(dec); }
From source file:org.cesecore.util.StringTools.java
public static String pbeDecryptStringWithSha256Aes192(final String in) throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, UnsupportedEncodingException { CryptoProviderTools.installBCProviderIfNotAvailable(); if (CryptoProviderTools.isUsingExportableCryptography()) { log.warn("De-obfuscation not possible due to weak crypto policy."); return in; }// w w w. java 2 s. c o m final String algorithm = "PBEWithSHA256And192BitAES-CBC-BC"; final Cipher c = Cipher.getInstance(algorithm, "BC"); final PBEKeySpec keySpec = new PBEKeySpec(p, getSalt(), iCount); final SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm, "BC"); c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec)); final byte[] dec = c.doFinal(Hex.decode(in.getBytes("UTF-8"))); return new String(dec); }