List of usage examples for javax.crypto.spec PBEKeySpec PBEKeySpec
public PBEKeySpec(char[] password, byte[] salt, int iterationCount, int keyLength)
From source file:com.networknt.utility.HashUtil.java
public static String generateStrongPasswordHash(String password) throws NoSuchAlgorithmException, InvalidKeySpecException { int iterations = 1000; char[] chars = password.toCharArray(); byte[] salt = getSalt().getBytes(UTF_8); PBEKeySpec spec = new PBEKeySpec(chars, salt, iterations, 64 * 8); SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); byte[] hash = skf.generateSecret(spec).getEncoded(); return iterations + ":" + toHex(salt) + ":" + toHex(hash); }
From source file:bit.changepurse.wdk.bip.MnemonicService.java
private PBEKeySpec createPBESpec(String mnemonic, String passphrase) { char[] password = mnemonic.toCharArray(); byte[] salt = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(passphrase.toCharArray()); PBEKeySpec spec = new PBEKeySpec(password, salt, ITERATION_COUNT, DERIVED_KEY_SIZE); return spec;/*from w w w. j a va2s.c o m*/ }
From source file:com.billing.ng.crypto.profile.hash.PBEKeySpecProfile.java
@Override public byte[] digest(String plainText, String salt) { KeySpec spec = new PBEKeySpec(plainText.toCharArray(), salt.getBytes(), getWorkFactor(), getKeyLength()); SecretKey key;// w w w .j a v a 2s. c o m try { key = getSecretKeyFactory().generateSecret(spec); } catch (InvalidKeySpecException e) { throw new RuntimeException("Key generator algorithm not supported by the JCE provider."); } return key.getEncoded(); }
From source file:net.alegen.datpass.library.crypto.CryptoManager.java
public SecretKey derivateKey(KeyDerivationFunctions function, String password, byte[] salt, int length, int iterations) { try {//from w w w . j a v a2s . c om SecretKeyFactory factory = SecretKeyFactory.getInstance(function.toString()); KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, length); return factory.generateSecret(spec); } catch (NoSuchAlgorithmException e) { log.error("The required algorithm is not supported by the current JVM."); return null; } catch (InvalidKeySpecException e) { log.error("The key spec is invalid."); return null; } }
From source file:org.openmrs.module.clinicalsummary.io.DownloadSummariesTask.java
/** * Method to initialize the cipher object with the correct encryption algorithm. * * @throws Exception// w w w . j a v a 2 s . c om */ protected final void initializeCipher() throws Exception { SecretKeyFactory factory = SecretKeyFactory.getInstance(TaskConstants.SECRET_KEY_FACTORY); KeySpec spec = new PBEKeySpec(password.toCharArray(), password.getBytes(), 1024, 128); SecretKey tmp = factory.generateSecret(spec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), TaskConstants.KEY_SPEC); if (log.isDebugEnabled()) log.debug("Encrypting with: " + secret.getAlgorithm()); cipher = Cipher.getInstance(TaskConstants.CIPHER_CONFIGURATION); cipher.init(Cipher.ENCRYPT_MODE, secret); }
From source file:org.alfresco.util.encryption.impl.AES256PasswordBasedEncrypter.java
/** * Constructor for the class./*from ww w . j a va2 s .c o m*/ * * @param password The password to use when encrypting data <i>(must not be null, empty or blank)</i>. */ public AES256PasswordBasedEncrypter(final char[] password) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException { // PRECONDITIONS assert password != null && password.length > 0 : "password must not be null or empty"; // Body SecretKeyFactory factory = SecretKeyFactory.getInstance(PASSWORD_ALGORITHM); KeySpec spec = new PBEKeySpec(password, SALT, NUM_ITERATIONS, KEY_LENGTH); secretKey = new SecretKeySpec(factory.generateSecret(spec).getEncoded(), SECRET_KEY_ALGORITHM); }
From source file:org.noroomattheinn.utils.PWUtils.java
public byte[] getEncryptedPassword(String password, byte[] salt) { // PBKDF2 with SHA-1 as the hashing algorithm. Note that the NIST // specifically names SHA-1 as an acceptable hashing algorithm for PBKDF2 String algorithm = "PBKDF2WithHmacSHA1"; // SHA-1 generates 160 bit hashes, so that's what makes sense here int derivedKeyLength = 160; // Pick an iteration count that works for you. The NIST recommends at // least 1,000 iterations: // http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf // iOS 4.x reportedly uses 10,000: // http://blog.crackpassword.com/2010/09/smartphone-forensics-cracking-blackberry-backup-passwords/ int iterations = 20000; KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, derivedKeyLength); try {//w ww . j ava 2s . c o m SecretKeyFactory f = SecretKeyFactory.getInstance(algorithm); return f.generateSecret(spec).getEncoded(); } catch (NoSuchAlgorithmException | InvalidKeySpecException ex) { Logger.getLogger(PWUtils.class.getName()).log(Level.SEVERE, null, ex); return null; } }
From source file:ch.rgw.tools.PasswordEncryptionService.java
public byte[] getEncryptedPassword(String password, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException { // PBKDF2 with SHA-1 as the hashing algorithm. Note that the NIST // specifically names SHA-1 as an acceptable hashing algorithm for PBKDF2 String algorithm = "PBKDF2WithHmacSHA1"; // SHA-1 generates 160 bit hashes, so that's what makes sense here int derivedKeyLength = 160; // Pick an iteration count that works for you. The NIST recommends at // least 1,000 iterations: // http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf // iOS 4.x reportedly uses 10,000: // http://blog.crackpassword.com/2010/09/smartphone-forensics-cracking-blackberry-backup-passwords/ int iterations = 20000; KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, derivedKeyLength); SecretKeyFactory f = SecretKeyFactory.getInstance(algorithm); return f.generateSecret(spec).getEncoded(); }
From source file:com.streamsets.lib.security.http.TestPasswordHasher.java
@Test public void testPasswordHashDefault() throws Exception { Configuration configuration = new Configuration(); configuration.set(PasswordHasher.ITERATIONS_KEY, 1); PasswordHasher hasher = new PasswordHasher(configuration); String currentVersion = hasher.getCurrentVersion(); String passwordHash = hasher.getPasswordHash("user", "foo"); Assert.assertEquals(hasher.getCurrentVersion(), hasher.getHashVersion(passwordHash)); Assert.assertTrue(passwordHash.startsWith(currentVersion + ":" + hasher.getIterations() + ":")); String[] parts = passwordHash.split(":"); Assert.assertEquals(4, parts.length); int iterations = Integer.parseInt(parts[1]); byte[] salt = Hex.decodeHex(parts[2].toCharArray()); PBEKeySpec spec = new PBEKeySpec(hasher.getValueToHash(currentVersion, "user", "foo").toCharArray(), salt, iterations, hasher.getKeyLength()); byte[] hash = PasswordHasher.SECRET_KEY_FACTORIES.get(hasher.getCurrentVersion()).generateSecret(spec) .getEncoded();/*from w w w. j av a2 s.c o m*/ String hashHex = Hex.encodeHexString(hash); Assert.assertEquals(parts[3], hashHex); //valid u/p Assert.assertTrue(hasher.verify(passwordHash, "user", "foo")); // invalid u valid p, V2 catches this Assert.assertFalse(hasher.verify(passwordHash, "userx", "foo")); // invalid p Assert.assertFalse(hasher.verify(passwordHash, "user", "bar")); }
From source file:io.hawkcd.agent.services.SecurityService.java
private Key generateKey() throws Exception { SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); char[] password = PASSWORD.toCharArray(); byte[] salt = getBytes(SALT); KeySpec spec = new PBEKeySpec(password, salt, 65536, 128); SecretKey tmp = factory.generateSecret(spec); byte[] encoded = tmp.getEncoded(); return new SecretKeySpec(encoded, "AES"); }