List of usage examples for javax.crypto.spec PBEKeySpec PBEKeySpec
public PBEKeySpec(char[] password, byte[] salt, int iterationCount)
From source file:org.webical.dao.encryption.impl.DesEncryptor.java
/** * Creates the DesEncryptor//from ww w . jav a 2 s . c o m * @param passPhrase the passphrase to use in encryption and decryption * @throws InvalidKeyException * @throws InvalidAlgorithmParameterException * @throws NoSuchAlgorithmException * @throws NoSuchPaddingException * @throws InvalidKeySpecException */ public DesEncryptor(String passPhrase) throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException { // Create the key KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount); SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec); encryptCipher = Cipher.getInstance(key.getAlgorithm()); decryptCipher = Cipher.getInstance(key.getAlgorithm()); // Prepare the parameter to the ciphers AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount); // Create the ciphers encryptCipher.init(Cipher.ENCRYPT_MODE, key, paramSpec); decryptCipher.init(Cipher.DECRYPT_MODE, key, paramSpec); }
From source file:net.mobid.codetraq.utils.PasswordProcessor.java
/** * Decrypts a text using the <code>passPhrase</code> above and an algorithm supported * by your virtual machine implementation. You can change the default algorithm with * another algorithm, but please make sure your virtual machine supports it. * @param valueToDecrypt - text to decrypt * @return a plain text/*from w w w .j a va 2 s .c om*/ */ public static String decryptString(String valueToDecrypt) { String output = null; try { KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterations); SecretKey secretKey = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec); Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm()); AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterations); cipher.init(Cipher.DECRYPT_MODE, secretKey, paramSpec); // begin decrypting... byte[] encrypted = new Base64().decode(valueToDecrypt); byte[] utf8 = cipher.doFinal(encrypted); output = new String(utf8, "UTF8"); } catch (Exception ex) { Logger.getLogger(PasswordProcessor.class.getName()).log(Level.SEVERE, null, ex); } return output; }
From source file:br.com.vizzatech.cryptocipher.CryptoXCipher.java
/** * Gera chave e os parametros para um determinado algoritmo. * /*from ww w. j av a 2 s . com*/ * @param algoritmo * @param sal * @return {@link SecretKey} * @throws NoSuchAlgorithmException * Algorismo no existente * @throws InvalidKeySpecException * @throws InvalidParameterSpecException */ private SecretKey getKey(String algoritmo, String sal) throws InvalidKeySpecException, NoSuchAlgorithmException, InvalidParameterSpecException { KeySpec keySpec; if (algoritmo.indexOf("PBE") != -1) { byte[] salt = { (byte) 0xA9, (byte) 0x9B, (byte) 0xC8, (byte) 0x32, (byte) 0x56, (byte) 0x34, (byte) 0xE3, (byte) 0x03 }; int iteracoes = 16; keySpec = new PBEKeySpec(sal.toCharArray(), salt, iteracoes); paramSpec = new PBEParameterSpec(salt, iteracoes); return SecretKeyFactory.getInstance(algoritmo).generateSecret(keySpec); } keySpec = new SecretKeySpec(sal.getBytes(charset), algoritmo); return (SecretKey) keySpec; }
From source file:edu.ku.brc.helpers.Encryption.java
/** * Encrypts the string from its array of bytes * @param input the actual string (in bytes) that is to be encrypted * @param password a password, which is really any string, but must be the same string that was used to decrypt it. * @return a byte array of the encrypted chars * @throws Exception in case something goes wrong *//*ww w.j a va 2s . c o m*/ public static byte[] encrypt(byte[] input, char[] password) throws Exception { /* * Get ourselves a random number generator, needed in a number of places for encrypting. */ SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); //$NON-NLS-1$ /* * A "salt" is considered an essential part of password-based encryption. The salt is * selected at random for each encryption. It is not considered "sensitive", so it is tacked * onto the generated ciphertext without any special processing. It doesn't matter if an * attacker actually gets the salt. The salt is used as part of the key, with the very * useful result that if you Encryption the same plaintext with the same password twice, you * get *different* ciphertexts. There are lots of pages on the 'net with information about * salts and password-based encryption, so read them if you want more details. Suffice to * say salt=good, no salt=bad. */ byte[] salt = new byte[SALT_LENGTH]; sr.nextBytes(salt); /* * We've now got enough information to build the actual key. We do this by encapsulating the * variables in a PBEKeySpec and using a SecretKeyFactory to transform the spec into a key. */ PBEKeySpec keyspec = new PBEKeySpec(password, salt, ITERATION_COUNT); SecretKeyFactory skf = SecretKeyFactory.getInstance(ALGORITHM); SecretKey key = skf.generateSecret(keyspec); /* * We'll use a ByteArrayOutputStream to conveniently gather up data as it's encrypted. */ ByteArrayOutputStream baos = new ByteArrayOutputStream(); /* * We've to a key, but to actually Encryption something, we need a "cipher". The cipher is * created, then initialized with the key, salt, and iteration count. We use a * PBEParameterSpec to hold the salt and iteration count needed by the Cipher object. */ PBEParameterSpec paramspec = new PBEParameterSpec(salt, ITERATION_COUNT); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, key, paramspec, sr); /* * First, in our output, we need to save the salt in plain unencrypted form. */ baos.write(salt); /* * Next, Encryption our plaintext using the Cipher object, and write it into our output buffer. */ baos.write(cipher.doFinal(input)); /* * We're done. For security reasons, we probably want the PBEKeySpec object to clear its * internal copy of the password, so it can't be stolen later. */ keyspec.clearPassword(); return baos.toByteArray(); }
From source file:org.tdmx.core.system.env.StringEncrypter.java
/** * Constructor used to create this object. Responsible for setting and initializing this object's encrypter and * decrypter Cipher instances given a Pass Phrase and algorithm. * /* w w w . j a va 2 s . co m*/ * @param passPhrase * Pass Phrase used to initialize both the encrypter and decrypter instances. */ public StringEncrypter(String passPhrase) { // 8-bytes Salt byte[] salt = { (byte) 0xA4, (byte) 0x9B, (byte) 0xC8, (byte) 0x72, (byte) 0x46, (byte) 0x45, (byte) 0xE3, (byte) 0x93 }; // Iteration count int iterationCount = 1024; try { KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount); key = SecretKeyFactory.getInstance("PBEWithSHA1AndDESede").generateSecret(keySpec); ecipher = Cipher.getInstance(key.getAlgorithm()); dcipher = Cipher.getInstance(key.getAlgorithm()); // Prepare the parameters to the ciphers paramSpec = new PBEParameterSpec(salt, iterationCount); initCipher(); } catch (InvalidKeySpecException e) { log.error("EXCEPTION: InvalidKeySpecException", e); } catch (NoSuchPaddingException e) { log.error("EXCEPTION: NoSuchPaddingException", e); } catch (NoSuchAlgorithmException e) { log.error("EXCEPTION: NoSuchAlgorithmException", e); } }
From source file:com.stimulus.archiva.store.MessageStore.java
public void init() throws MessageStoreException { tempfiles = Config.getFileSystem().getTempFiles(); byte[] salt = Config.getConfig().getSalt(); String passPhrase = getPassPhrase(); if (!isDefaultPassPhraseModified()) logger.warn("archiving is disabled. encryption password is not set."); int iterationCount = 17; String algorithm = Config.getConfig().getPBEAlgorithm(); // "PBEWithMD5AndDES") // Create the key try {//from w w w .j a va 2 s. c o m KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount); key = SecretKeyFactory.getInstance(algorithm).generateSecret(keySpec); paramSpec = new PBEParameterSpec(salt, iterationCount); } catch (java.security.NoSuchAlgorithmException e) { throw new MessageStoreException( "failed to locate desired encryption algorithm {algorithm='" + algorithm + "'", logger); } catch (Exception e) { throw new MessageStoreException(e.toString(), e, logger); } }
From source file:mitm.common.security.crypto.PBDecryptionInputStream.java
private void init(String algorithm, byte[] salt, int iterationCount) throws CryptoException { try {/*from w w w . j av a 2 s . com*/ SecurityFactory securityFactory = SecurityFactoryFactory.getSecurityFactory(); SecretKeyFactory keyFactory = securityFactory.createSecretKeyFactory(algorithm); PBEKeySpec keySpec = new PBEKeySpec(password, salt, iterationCount); /* * Clear out the password */ Arrays.fill(password, '#'); Key secretKey = keyFactory.generateSecret(keySpec); cipher = securityFactory.createCipher(algorithm); cipher.init(Cipher.DECRYPT_MODE, secretKey); } catch (NoSuchProviderException e) { throw new NoSuchProviderRuntimeException(e); } catch (NoSuchAlgorithmException e) { throw new CryptoException(e); } catch (InvalidKeySpecException e) { throw new CryptoException(e); } catch (NoSuchPaddingException e) { throw new CryptoException(e); } catch (InvalidKeyException e) { throw new CryptoException(e); } }
From source file:com.ephesoft.dcma.encryption.core.EncryptorDecryptor.java
/** * This method is used to start the encryption process. * //from w ww.j a v a 2 s. c o m * @param data byte[] * @param salt byte[] * @param isEncryption boolean * @return byte[] * @throws CryptographyException {@link CryptographyException} */ public byte[] startCrypting(byte[] data, byte[] salt, boolean isEncryption) throws CryptographyException { KeySpec keySpec = new PBEKeySpec(EncryptionConstants.KEY.toCharArray(), salt, EncryptionConstants.ITERATION_COUNT); SecretKey key; byte[] finalBytes = null; try { key = SecretKeyFactory.getInstance(EncryptionConstants.ALGORITHM).generateSecret(keySpec); Cipher ecipher = Cipher.getInstance(key.getAlgorithm()); AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, EncryptionConstants.ITERATION_COUNT); if (isEncryption) { ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec); } else { ecipher.init(Cipher.DECRYPT_MODE, key, paramSpec); } finalBytes = ecipher.doFinal(data); } catch (InvalidKeySpecException e) { if (isEncryption) { LOGGER.error("Encryption : Key used is invalid", e); throw new CryptographyException("Key used is invalid", e); } else { LOGGER.error("Decryption : Key used is invalid", e); throw new CryptographyException("Key used is invalid", e); } } catch (NoSuchAlgorithmException e) { if (isEncryption) { LOGGER.error("Encryption : Algorithm used does not exist", e); throw new CryptographyException("Algorithm used does not exist", e); } else { LOGGER.error("Decryption : Algorithm used does not exist", e); throw new CryptographyException("Algorithm used does not exist", e); } } catch (NoSuchPaddingException e) { if (isEncryption) { LOGGER.error("Encryption : Padding used does not exist", e); throw new CryptographyException("Padding used does not exist", e); } else { LOGGER.error("Decryption : Padding used does not exist", e); throw new CryptographyException("Padding used does not exist", e); } } catch (InvalidKeyException e) { if (isEncryption) { LOGGER.error("Encryption : Key generated is invalid", e); throw new CryptographyException("Key generated is invalid", e); } else { LOGGER.error("Decryption : Key generated is invalid", e); throw new CryptographyException("Key generated is invalid", e); } } catch (InvalidAlgorithmParameterException e) { if (isEncryption) { LOGGER.error("Encryption : Algorithm parameter is invalid", e); throw new CryptographyException("Algorithm parameter is invalid", e); } else { LOGGER.error("Decryption : Algorithm parameter is invalid", e); throw new CryptographyException("Algorithm parameter is invalid", e); } } catch (IllegalBlockSizeException e) { if (isEncryption) { LOGGER.error("Encryption : Block size is illegal", e); throw new CryptographyException("Block size is illegal", e); } else { LOGGER.error("Decryption : Block size is illegal", e); throw new CryptographyException("Block size is illegal", e); } } catch (BadPaddingException e) { if (isEncryption) { LOGGER.error("Encryption : Padding done is invalid", e); throw new CryptographyException("Padding done is invalid", e); } else { LOGGER.error("Decryption : Padding done is invalid", e); throw new CryptographyException("Padding done is invalid", e); } } return finalBytes; }
From source file:org.pentaho.platform.engine.security.CipherEncryptionService.java
public void afterPropertiesSet() throws ObjectFactoryException { if ((saltString == null) || (algorithm == null) || (encryptionKey == null)) { throw new ObjectFactoryException( "Required properties not set - need Salt, algorithm and encryption key"); }/*from w ww . j av a 2s .c o m*/ if (saltString.length() != this.saltLength) { // Make sure that the salt length is 8 bytes - the PBEParameterSpec doesn't anything but if (saltString.length() < saltLength) { saltString = (saltString + "!@#$%^&*").substring(0, saltLength); // postfix bytes to pad it out } else if (saltString.length() > saltLength) { saltString = saltString.substring(0, saltLength); // Trim off longer than 8-bytes } } byte[] saltBytes = saltString.getBytes(); paramSpec = new PBEParameterSpec(saltBytes, getIterations()); PBEKeySpec skeySpec = new PBEKeySpec(getEncryptionKey().toCharArray(), saltBytes, getIterations()); try { secretKey = SecretKeyFactory.getInstance(getAlgorithm()).generateSecret(skeySpec); } catch (Exception ex) { ex.printStackTrace(); throw new ObjectFactoryException("Encryption requested not available"); } }
From source file:mitm.common.security.crypto.PBEncryptionOutputStream.java
private void init() throws CryptoException { try {/*from w w w .j av a 2 s . co m*/ SecurityFactory securityFactory = SecurityFactoryFactory.getSecurityFactory(); SecretKeyFactory keyFactory = securityFactory.createSecretKeyFactory(algorithm); RandomGenerator randomGenerator = securityFactory.createRandomGenerator(); salt = randomGenerator.generateRandom(saltLength); PBEKeySpec keySpec = new PBEKeySpec(password, salt, iterationCount); /* * Clear out the password */ Arrays.fill(password, '#'); Key secretKey = keyFactory.generateSecret(keySpec); cipher = securityFactory.createCipher(algorithm); cipher.init(Cipher.ENCRYPT_MODE, secretKey); } catch (NoSuchProviderException e) { throw new NoSuchProviderRuntimeException(e); } catch (NoSuchAlgorithmException e) { throw new CryptoException(e); } catch (InvalidKeySpecException e) { throw new CryptoException(e); } catch (NoSuchPaddingException e) { throw new CryptoException(e); } catch (InvalidKeyException e) { throw new CryptoException(e); } }