Example 1 with DerivedKey
use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.
the class PasswordCacheTest method testGetKey.
@Test
public void testGetKey() throws IOException, GeneralSecurityException {
passwordCache.setPassword(PASSWORD);
DerivedKey derivedKey = passwordCache.getKey();
assertEquals(derivedKey.scryptParams, FileEncryptionConstants.KDF_PARAMETERS);
byte[] expectedKey = FileEncryptionUtil.getEncryptionKey(PASSWORD, derivedKey.salt, derivedKey.scryptParams);
assertArrayEquals(expectedKey, derivedKey.key);
// verify that the salt was cached in a file and is reused
PasswordCache newPasswordCache = TestUtil.createPasswordCache(testDir);
newPasswordCache = TestUtil.createPasswordCache(testDir);
newPasswordCache.setPassword(PASSWORD);
byte[] oldSalt = derivedKey.salt;
byte[] newSalt = passwordCache.getKey().salt;
assertArrayEquals(oldSalt, newSalt);
// delete the cache file, clear the derived key, and verify that a new salt is generated
Configuration configuration = TestUtil.createConfiguration(testDir);
File derivParamsFile = configuration.getKeyDerivationParametersFile();
boolean deleted = derivParamsFile.delete();
assertTrue("Can't delete derivation parameters cache file: <" + derivParamsFile.getAbsolutePath() + ">", deleted);
// clear the key
passwordCache.setPassword(PASSWORD);
newSalt = passwordCache.getKey().salt;
assertFalse(Arrays.equals(oldSalt, newSalt));
}
Also used :
PasswordCache(i2p.bote.fileencryption.PasswordCache)
Configuration(i2p.bote.Configuration)
DerivedKey(i2p.bote.fileencryption.DerivedKey)
File(java.io.File)
Test(org.junit.Test)
Example 2 with DerivedKey
use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.
the class ExportableData method export.
public void export(OutputStream exportStream, String password) throws IOException, GeneralSecurityException, PasswordException {
initializeIfNeeded();
OutputStreamWriter writer;
if (password != null) {
// Use same salt and parameters as the on-disk files
PasswordCache cache = new PasswordCache(I2PBote.getInstance().getConfiguration());
cache.setPassword(password.getBytes());
DerivedKey derivedKey = cache.getKey();
writer = new OutputStreamWriter(new EncryptedOutputStream(exportStream, derivedKey), "UTF-8");
} else
writer = new OutputStreamWriter(exportStream, "UTF-8");
Properties properties = saveToProperties();
properties.store(writer, null);
// If a password was provided, this call triggers the encryption
writer.close();
}
Also used :
PasswordCache(i2p.bote.fileencryption.PasswordCache)
OutputStreamWriter(java.io.OutputStreamWriter)
Properties(java.util.Properties)
DerivedKey(i2p.bote.fileencryption.DerivedKey)
EncryptedOutputStream(i2p.bote.fileencryption.EncryptedOutputStream)
Example 3 with DerivedKey
use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.
the class I2PBote method changePassword.
/**
* Reencrypts all encrypted files with a new password
* @param oldPassword
* @param newPassword
* @param confirmNewPassword
* @param lsnr A StatusListener to report progress to
* @throws IOException
* @throws GeneralSecurityException
* @throws PasswordException if the old password is incorrect or two new passwords don't match
*/
public void changePassword(byte[] oldPassword, byte[] newPassword, byte[] confirmNewPassword, StatusListener<ChangePasswordStatus> lsnr) throws IOException, GeneralSecurityException, PasswordException {
File passwordFile = configuration.getPasswordFile();
lsnr.updateStatus(ChangePasswordStatus.CHECKING_PASSWORD);
if (!FileEncryptionUtil.isPasswordCorrect(oldPassword, passwordFile))
throw new PasswordIncorrectException();
if (!Arrays.equals(newPassword, confirmNewPassword))
throw new PasswordMismatchException();
// lock so no files are encrypted with the old password while the password is being changed
synchronized (passwordCache) {
passwordCache.setPassword(newPassword);
DerivedKey newKey = passwordCache.getKey();
lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_IDENTITIES);
identities.changePassword(oldPassword, newKey);
lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_ADDRESS_BOOK);
addressBook.changePassword(oldPassword, newKey);
for (EmailFolder folder : getEmailFolders()) {
lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_FOLDER, folder.getName());
folder.changePassword(oldPassword, newKey);
}
lsnr.updateStatus(ChangePasswordStatus.UPDATING_PASSWORD_FILE);
FileEncryptionUtil.writePasswordFile(passwordFile, passwordCache.getPassword(), newKey);
}
}
Also used :
PasswordMismatchException(i2p.bote.fileencryption.PasswordMismatchException)
PasswordIncorrectException(i2p.bote.fileencryption.PasswordIncorrectException)
SecureFile(net.i2p.util.SecureFile)
File(java.io.File)
DerivedKey(i2p.bote.fileencryption.DerivedKey)
EmailFolder(i2p.bote.folder.EmailFolder)
IncompleteEmailFolder(i2p.bote.folder.IncompleteEmailFolder)
Aggregations
DerivedKey (i2p.bote.fileencryption.DerivedKey)3
PasswordCache (i2p.bote.fileencryption.PasswordCache)2
File (java.io.File)2
Configuration (i2p.bote.Configuration)1
EncryptedOutputStream (i2p.bote.fileencryption.EncryptedOutputStream)1
PasswordIncorrectException (i2p.bote.fileencryption.PasswordIncorrectException)1
PasswordMismatchException (i2p.bote.fileencryption.PasswordMismatchException)1
EmailFolder (i2p.bote.folder.EmailFolder)1
IncompleteEmailFolder (i2p.bote.folder.IncompleteEmailFolder)1
OutputStreamWriter (java.io.OutputStreamWriter)1
Properties (java.util.Properties)1
SecureFile (net.i2p.util.SecureFile)1
Test (org.junit.Test)1
