List of usage examples for javax.crypto.spec PBEKeySpec PBEKeySpec
public PBEKeySpec(char[] password, byte[] salt, int iterationCount, int keyLength)
From source file:com.github.sshw.crypt.EncryptionBean.java
public Key keyFromPassword(String password) throws Exception { SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); KeySpec spec = new PBEKeySpec(password.toCharArray(), password.getBytes(), 1000, 128); SecretKey tmp = factory.generateSecret(spec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES"); return secret; }
From source file:com.invariantproperties.sandbox.springentitylistener.service.EncryptorBean.java
/** * Constructor creates secret key. In production we may want to avoid * keeping the secret key hanging around in memory for very long. *///from w w w . j av a2 s.com public EncryptorBean() { try { // create the PBE key KeySpec spec = new PBEKeySpec(PASSWORD, Base64.decode(SALT), 10000, 128); key = SecretKeyFactory.getInstance(PBE_ALGORITHM).generateSecret(spec); } catch (SecurityException ex) { // handle appropriately... System.out.println("encryptor bean ctor exception: " + ex.getMessage()); } catch (NoSuchAlgorithmException ex) { // handle appropriately... System.out.println("encryptor bean ctor exception: " + ex.getMessage()); } catch (InvalidKeySpecException ex) { // handle appropriately... System.out.println("encryptor bean ctor exception: " + ex.getMessage()); } }
From source file:com.jwt.security.auth.cryptographics.Crypto.java
private SecretKey generateKey(String salt, String passphrase) throws InvalidKeySpecException { try {//from w ww . j a v a 2s . c o m SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); KeySpec spec = new PBEKeySpec(passphrase.toCharArray(), hex(salt), cryptoProps.getIterationCount(), cryptoProps.getKeySize()); SecretKey key = new SecretKeySpec(factory.generateSecret(spec).getEncoded(), "AES"); return key; } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw fail(e); } }
From source file:pl.kotcrab.crypto.CryptoUtils.java
/** Generates AES key from provided password and salt. Used algorithm is PBKDF2WithHmacSHA1. * @param password password in char array, using {@link CryptoUtils#fillZeros(char[])} is recommend after generating key * @param salt salt for this key// ww w.j a v a 2 s . c om * @return SecretKeySpec */ public static SecretKeySpec getAESKeyFromPassword(char[] password, byte[] salt) { try { SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); KeySpec spec = new PBEKeySpec(password, salt, 65536, 256); return new SecretKeySpec(factory.generateSecret(spec).getEncoded(), "AES"); } catch (GeneralSecurityException e) { e.printStackTrace(); } return null; }
From source file:com.networknt.light.util.HashUtil.java
public static String generateStorngPasswordHash(String password) throws NoSuchAlgorithmException, InvalidKeySpecException { int iterations = 1000; char[] chars = password.toCharArray(); byte[] salt = getSalt().getBytes(); PBEKeySpec spec = new PBEKeySpec(chars, salt, iterations, 64 * 8); SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); byte[] hash = skf.generateSecret(spec).getEncoded(); return iterations + ":" + toHex(salt) + ":" + toHex(hash); }
From source file:test.frames.CryptoServiceSingleton.java
/** * Generate the AES key from the salt and the private key. * * @param salt the salt (hexadecimal) * @param privateKey the private key//from w w w .j a v a 2 s .c om * @return the generated key. */ private SecretKey generateAESKey(String privateKey, String salt) { try { byte[] raw = Hex.decodeHex(salt.toCharArray()); KeySpec spec = new PBEKeySpec(privateKey.toCharArray(), raw, iterationCount, keySize); SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_2_WITH_HMAC_SHA_1); return new SecretKeySpec(factory.generateSecret(spec).getEncoded(), AES_ECB_ALGORITHM); } catch (DecoderException e) { throw new IllegalStateException(e); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } catch (InvalidKeySpecException e) { throw new IllegalStateException(e); } }
From source file:org.starnub.utilities.crypto.PasswordHash.java
/** * using PBKDF2 from Sun, an alternative is https://github.com/wg/scrypt * cf. http://www.unlimitednovelty.com/2012/03/dont-use-bcrypt.html * @param password String password to be salted * @param salt Byte[] of the salt/*from w w w . java2 s . c o m*/ * @return String of the hashed password * @throws Exception */ private String hash(String password, byte[] salt) throws Exception { if (password == null || password.length() == 0) throw new IllegalArgumentException("Empty passwords are not supported."); SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); SecretKey key = f.generateSecret(new PBEKeySpec(password.toCharArray(), salt, iterations, desiredKeyLen)); return Base64.encodeBase64String(key.getEncoded()); }
From source file:eu.uqasar.service.AuthenticationService.java
/** * * @param password//w ww .j a v a 2s . c o m * @param salt * @return * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public static byte[] getEncryptedPassword(String password, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException { // PBKDF2 with SHA-1 as the hashing algorithm. Note that the NIST // specifically names SHA-1 as an acceptable hashing algorithm for // PBKDF2 String algorithm = "PBKDF2WithHmacSHA1"; // SHA-1 generates 160 bit hashes, so that's what makes sense here int derivedKeyLength = 160; // Pick an iteration count that works for you. The NIST recommends at // least 1,000 iterations: // http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf // iOS 4.x reportedly uses 10,000: // http://blog.crackpassword.com/2010/09/smartphone-forensics-cracking-blackberry-backup-passwords/ int iterations = 20000; KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, derivedKeyLength); SecretKeyFactory f = SecretKeyFactory.getInstance(algorithm); return f.generateSecret(spec).getEncoded(); }
From source file:com.registryKit.user.userManager.java
public byte[] getEncryptedPassword(String password, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException { // PBKDF2 with SHA-1 as the hashing algorithm. Note that the NIST // specifically names SHA-1 as an acceptable hashing algorithm for PBKDF2 String algorithm = "PBKDF2WithHmacSHA1"; // SHA-1 generates 160 bit hashes, so that's what makes sense here int derivedKeyLength = 160; // Pick an iteration count that works for you. The NIST recommends at // least 1,000 iterations: // http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf // iOS 4.x reportedly uses 10,000: // http://blog.crackpassword.com/2010/09/smartphone-forensics-cracking-blackberry-backup-passwords/ int iterations = 20000; // byte[] b = string.getBytes(Charset.forName("UTF-8")); KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterations, derivedKeyLength); SecretKeyFactory f = SecretKeyFactory.getInstance(algorithm); return f.generateSecret(spec).getEncoded(); }
From source file:com.beligum.core.accounts.UserManager.java
private static String hash(String password, String salt) { KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 2048, 160); try {/*from w ww .j a v a2 s. c om*/ SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); byte[] hash = f.generateSecret(spec).getEncoded(); return new String(Hex.encodeHex(hash)); } catch (Exception e) { return null; } }