List of usage examples for org.bouncycastle.crypto.generators BCrypt generate
public static byte[] generate(byte[] password, byte[] salt, int cost)
From source file:cologne.eck.peafactory.crypto.kdf.BcryptKDF.java
License:Open Source License
@Override public byte[] deriveKey(byte[] pswMaterial) { byte[] salt = getSalt(); if (salt.length != 16) { if (salt.length > 16) { System.out.println("Warning: Bcrypt uses only 16 byte salt - salt is truncated"); byte[] tmp = new byte[16]; System.arraycopy(getSalt(), 0, tmp, 0, tmp.length); salt = tmp;//from w w w. j a v a2 s. c o m } //throw new IllegalArgumentException("Bcrypt - invalid salt size"); } byte[] keyMaterial = null; try { keyMaterial = BCrypt.generate(pswMaterial, salt, gettCost()); } catch (Exception e) { e.printStackTrace(); } //System.out.println("Bcrypt: 2 ^" + rounds + " iterations" ); printInfos(true); keyMaterial = adjustKeyMaterial(keyMaterial); return keyMaterial; }
From source file:com.cryptolib.CryptoCommitmentObject.java
License:Open Source License
private void createCommitment() { byte[] myBb = formatMessage(this.myB.toByteArray()); int size = this.hmac.getMacLength() + hLength + saltLength + aLength + myBb.length; byte[] commitment = new byte[size]; //create H(x) byte[] h = BCrypt.generate(this.myX, this.mySalt, cost); System.arraycopy(h, 0, commitment, this.hmac.getMacLength(), hLength); //append mySalt System.arraycopy(this.mySalt, 0, commitment, this.hmac.getMacLength() + hLength, saltLength); //create g (hmac) byte[] hb = new byte[hLength + saltLength + myBb.length + myA.length]; System.arraycopy(myA, 0, hb, hLength + saltLength, aLength); System.arraycopy(myBb, 0, hb, hLength + saltLength + aLength, myBb.length); System.arraycopy(this.mySalt, 0, hb, hLength, saltLength); System.arraycopy(h, 0, hb, 0, hLength); System.arraycopy(this.hmac.doFinal(hb), 0, commitment, 0, this.hmac.getMacLength()); //append a//from www . j a v a 2s . c o m System.arraycopy(myA, 0, commitment, this.hmac.getMacLength() + hLength + saltLength, aLength); //append b System.arraycopy(myBb, 0, commitment, this.hmac.getMacLength() + hLength + saltLength + aLength, myBb.length); Arrays.fill(myBb, (byte) 0); Arrays.fill(h, (byte) 0); Arrays.fill(hb, (byte) 0); this.myCommitment = commitment; }
From source file:com.cryptolib.CryptoCommitmentObject.java
License:Open Source License
public void open(byte[] decommitment) throws CryptoSocketException, InvalidKeyException, NoSuchAlgorithmException { if (this.myCommitment == null || this.myDecommitment == null || this.otherCommitment == null || decommitment.length != decommitmentSize()) { throw new CryptoSocketException("not ready to open"); }// www . jav a 2s. co m //parse decommitment int macSize = this.hmac.getMacLength(); this.otherDecommitment = decommitment; byte[] otherXb = Arrays.copyOfRange(this.otherDecommitment, 0, this.xLength); //parse commitment byte[] otherMacb = Arrays.copyOfRange(this.otherCommitment, 0, macSize); byte[] otherHb = Arrays.copyOfRange(this.otherCommitment, macSize, macSize + hLength); byte[] otherSaltb = Arrays.copyOfRange(this.otherCommitment, macSize + hLength, macSize + hLength + saltLength); byte[] otherAb = Arrays.copyOfRange(this.otherCommitment, macSize + hLength + saltLength, macSize + hLength + saltLength + aLength); byte[] otherBb = Arrays.copyOfRange(this.otherCommitment, macSize + hLength + saltLength + aLength, this.otherCommitment.length); byte[] hb = new byte[otherHb.length + otherSaltb.length + otherAb.length + otherBb.length]; System.arraycopy(otherHb, 0, hb, 0, otherHb.length); System.arraycopy(otherSaltb, 0, hb, otherHb.length, otherSaltb.length); System.arraycopy(otherAb, 0, hb, otherHb.length + otherSaltb.length, otherAb.length); System.arraycopy(otherBb, 0, hb, otherHb.length + otherSaltb.length + otherAb.length, otherBb.length); SecretKey key = new SecretKeySpec(otherXb, this.hmac.getAlgorithm()); Mac mac = Mac.getInstance(key.getAlgorithm()); mac.init(key); //validate commitment mac if (!Arrays.equals(mac.doFinal(hb), otherMacb)) { this.otherDecommitment = null; throw new CryptoSocketException("invalid MAC. You may be attacked"); } //validate BCrypt if (!Arrays.equals(BCrypt.generate(otherXb, otherSaltb, cost), otherHb)) { this.otherDecommitment = null; throw new CryptoSocketException("invalid BCrypt. You may be attacked"); } //set Values BigInteger bigA = new BigInteger(1, otherAb); BigInteger bigX = new BigInteger(1, otherXb); this.otherA = otherAb; this.otherX = otherXb; this.otherB = new BigInteger(1, otherBb); this.otherMessage = this.otherB.add(bigA.multiply(bigX)) .mod(new BigInteger( "1942668892225729070919461906823518906642406839052139521251812409738904285205208498221")) .mod(new BigInteger("2").pow(xLength * 8)); Arrays.fill(otherMacb, (byte) 0); Arrays.fill(otherHb, (byte) 0); Arrays.fill(otherSaltb, (byte) 0); Arrays.fill(otherBb, (byte) 0); Arrays.fill(hb, (byte) 0); }
From source file:com.distrimind.util.crypto.PasswordHashType.java
License:Open Source License
@SuppressWarnings("fallthrough") byte[] hash(byte[] data, int off, int len, byte[] salt, byte cost, byte hashLength) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException { CodeProvider.encureProviderLoaded(codeProvider); if (cost < 4 || cost > 31) throw new IllegalArgumentException("cost must be greater or equals than 4 and lower or equals than 31"); if (defaultOf != null) return defaultOf.hash(data, off, len, salt, cost, hashLength); if (OSVersion.getCurrentOSVersion() != null && OSVersion.getCurrentOSVersion().getOS() == OS.MAC_OS_X) { if (this == PBKDF2WithHMacSHA2_256) return PasswordHashType.BC_FIPS_PBKFD2WithHMacSHA2_256.hash(data, off, len, salt, cost, hashLength); if (this == PBKDF2WithHMacSHA2_384) return PasswordHashType.BC_FIPS_PBKFD2WithHMacSHA2_384.hash(data, off, len, salt, cost, hashLength); if (this == PBKDF2WithHMacSHA2_512) return PasswordHashType.BC_FIPS_PBKFD2WithHMacSHA2_512.hash(data, off, len, salt, cost, hashLength); }//w w w. ja v a 2s . co m int scryptN = 1 << 18; int iterations = 1 << (cost - 1); switch (this) { case DEFAULT: case PBKDF2WithHmacSHA1: case PBKDF2WithHMacSHA2_256: case PBKDF2WithHMacSHA2_384: case PBKDF2WithHMacSHA2_512: { int size = len / 2; char[] password = new char[size + len % 2]; for (int i = 0; i < size; i++) { password[i] = (char) ((data[off + i * 2] & 0xFF) & ((data[off + i * 2 + 1] << 8) & 0xFF)); } if (size < password.length) password[size] = (char) (data[off + size * 2] & 0xFF); PBEKeySpec spec = new PBEKeySpec(password, salt, iterations, (hashLength) * 8); SecretKeyFactory skf = SecretKeyFactory.getInstance(algorithmName, codeProvider.checkProviderWithCurrentOS().name()); return skf.generateSecret(spec).getEncoded(); } case GNU_PBKDF2WithHMacSHA2_256: case GNU_PBKDF2WithHMacSHA2_384: case GNU_PBKDF2WithHMacSHA2_512: case GNU_PBKDF2WithHMacWhirlpool: case GNU_PBKDF2WithHmacSHA1: { int size = len / 2; char[] password = new char[size + len % 2]; for (int i = 0; i < size; i++) { password[i] = (char) ((data[off + i * 2] & 0xFF) & ((data[off + i * 2 + 1] << 8) & 0xFF)); } if (size < password.length) password[size] = (char) (data[off + size * 2] & 0xFF); Object spec = GnuFunctions.PBEKeySpecGetInstance(password, salt, iterations, (hashLength)); Object skf = GnuFunctions.secretKeyFactoryGetInstance(algorithmName); return GnuFunctions.keyGetEncoded(GnuFunctions.secretKeyFactoryGenerateSecret(skf, spec)); } case BC_BCRYPT: { byte[] passwordb; if (off != 0 || len != data.length) { passwordb = new byte[len]; System.arraycopy(data, off, passwordb, 0, len); } else passwordb = data; salt = uniformizeSaltLength(salt, 16); return BCrypt.generate(passwordb, salt, cost); } case BC_FIPS_PBKFD2WithHMacSHA2_256: case BC_FIPS_PBKFD2WithHMacSHA2_384: case BC_FIPS_PBKFD2WithHMacSHA2_512: { PasswordBasedDeriver<org.bouncycastle.crypto.fips.FipsPBKD.Parameters> deriver = new FipsPBKD.DeriverFactory() .createDeriver(FipsPBKD.PBKDF2.using(fipsDigestAlgorithm, data).withIterationCount(iterations) .withSalt(salt)); return deriver.deriveKey(PasswordBasedDeriver.KeyType.CIPHER, ((hashLength * 8) + 7) / 8); } case BC_SCRYPT_FOR_LOGIN: scryptN = 1 << 13; case BC_SCRYPT_FOR_DATAENCRYPTION: { byte[] d; if (len == data.length && off == 0) d = data; else { d = new byte[len]; System.arraycopy(data, off, d, 0, len); } return SCrypt.generate(d, salt, scryptN, 8, 1, hashLength); } default: break; } throw new InternalError(); }
From source file:com.distrimind.util.crypto.PasswordHashType.java
License:Open Source License
byte[] hash(char[] password, byte[] salt, byte cost, byte hashLength) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException { CodeProvider.encureProviderLoaded(codeProvider); if (cost < 4 || cost > 31) throw new IllegalArgumentException("cost must be greater or equals than 4 and lower or equals than 31"); if (defaultOf != null) return defaultOf.hash(password, salt, cost, hashLength); if (OSVersion.getCurrentOSVersion() != null && OSVersion.getCurrentOSVersion().getOS() == OS.MAC_OS_X) { if (this == PBKDF2WithHMacSHA2_256) return PasswordHashType.BC_FIPS_PBKFD2WithHMacSHA2_256.hash(password, salt, cost, hashLength); if (this == PBKDF2WithHMacSHA2_384) return PasswordHashType.BC_FIPS_PBKFD2WithHMacSHA2_384.hash(password, salt, cost, hashLength); if (this == PBKDF2WithHMacSHA2_512) return PasswordHashType.BC_FIPS_PBKFD2WithHMacSHA2_512.hash(password, salt, cost, hashLength); }/*from w ww. j ava 2 s .c o m*/ int iterations = 1 << (cost - 1); int scryptN = 1 << 18; switch (this) { case DEFAULT: case PBKDF2WithHmacSHA1: case PBKDF2WithHMacSHA2_256: case PBKDF2WithHMacSHA2_384: case PBKDF2WithHMacSHA2_512: { PBEKeySpec spec = new PBEKeySpec(password, salt, iterations, (hashLength) * 8); SecretKeyFactory skf = SecretKeyFactory.getInstance(algorithmName, codeProvider.checkProviderWithCurrentOS().name()); return skf.generateSecret(spec).getEncoded(); } case GNU_PBKDF2WithHMacSHA2_256: case GNU_PBKDF2WithHMacSHA2_384: case GNU_PBKDF2WithHMacSHA2_512: case GNU_PBKDF2WithHMacWhirlpool: case GNU_PBKDF2WithHmacSHA1: { Object spec = GnuFunctions.PBEKeySpecGetInstance(password, salt, iterations, hashLength); Object skf = GnuFunctions.secretKeyFactoryGetInstance(algorithmName); return GnuFunctions.keyGetEncoded(GnuFunctions.secretKeyFactoryGenerateSecret(skf, spec)); } case BC_BCRYPT: { salt = uniformizeSaltLength(salt, 16); return BCrypt.generate(BCrypt.passwordToByteArray(password), salt, cost); } case BC_FIPS_PBKFD2WithHMacSHA2_256: case BC_FIPS_PBKFD2WithHMacSHA2_384: case BC_FIPS_PBKFD2WithHMacSHA2_512: { PasswordBasedDeriver<org.bouncycastle.crypto.fips.FipsPBKD.Parameters> deriver = new FipsPBKD.DeriverFactory() .createDeriver( FipsPBKD.PBKDF2.using(fipsDigestAlgorithm, PasswordConverter.UTF8.convert(password)) .withIterationCount(iterations).withSalt(salt)); return deriver.deriveKey(PasswordBasedDeriver.KeyType.CIPHER, ((hashLength * 8) + 7) / 8); } case BC_SCRYPT_FOR_LOGIN: scryptN = 1 << 13; case BC_SCRYPT_FOR_DATAENCRYPTION: byte[] passwordb = new byte[password.length * 2]; for (int i = 0; i < password.length; i++) { passwordb[i * 2] = (byte) (password[i] & 0xFF); passwordb[i * 2 + 1] = (byte) ((password[i] >> 8 & 0xFFFF) & 0xFF); } return SCrypt.generate(passwordb, salt, scryptN, 8, 1, hashLength); } throw new InternalError(); }
From source file:com.google.gerrit.server.account.HashedPassword.java
License:Apache License
private static byte[] hashPassword(String password, byte[] salt, int cost) { byte[] pwBytes = password.getBytes(StandardCharsets.UTF_8); return BCrypt.generate(pwBytes, salt, cost); }