use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.
the class PasswordCacheTest method testGetKey.
@Test
public void testGetKey() throws IOException, GeneralSecurityException {
passwordCache.setPassword(PASSWORD);
DerivedKey derivedKey = passwordCache.getKey();
assertEquals(derivedKey.scryptParams, FileEncryptionConstants.KDF_PARAMETERS);
byte[] expectedKey = FileEncryptionUtil.getEncryptionKey(PASSWORD, derivedKey.salt, derivedKey.scryptParams);
assertArrayEquals(expectedKey, derivedKey.key);
// verify that the salt was cached in a file and is reused
PasswordCache newPasswordCache = TestUtil.createPasswordCache(testDir);
newPasswordCache = TestUtil.createPasswordCache(testDir);
newPasswordCache.setPassword(PASSWORD);
byte[] oldSalt = derivedKey.salt;
byte[] newSalt = passwordCache.getKey().salt;
assertArrayEquals(oldSalt, newSalt);
// delete the cache file, clear the derived key, and verify that a new salt is generated
Configuration configuration = TestUtil.createConfiguration(testDir);
File derivParamsFile = configuration.getKeyDerivationParametersFile();
boolean deleted = derivParamsFile.delete();
assertTrue("Can't delete derivation parameters cache file: <" + derivParamsFile.getAbsolutePath() + ">", deleted);
// clear the key
passwordCache.setPassword(PASSWORD);
newSalt = passwordCache.getKey().salt;
assertFalse(Arrays.equals(oldSalt, newSalt));
}
use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.
the class ExportableData method export.
public void export(OutputStream exportStream, String password) throws IOException, GeneralSecurityException, PasswordException {
initializeIfNeeded();
OutputStreamWriter writer;
if (password != null) {
// Use same salt and parameters as the on-disk files
PasswordCache cache = new PasswordCache(I2PBote.getInstance().getConfiguration());
cache.setPassword(password.getBytes());
DerivedKey derivedKey = cache.getKey();
writer = new OutputStreamWriter(new EncryptedOutputStream(exportStream, derivedKey), "UTF-8");
} else
writer = new OutputStreamWriter(exportStream, "UTF-8");
Properties properties = saveToProperties();
properties.store(writer, null);
// If a password was provided, this call triggers the encryption
writer.close();
}
use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.
the class I2PBote method changePassword.
/**
* Reencrypts all encrypted files with a new password
* @param oldPassword
* @param newPassword
* @param confirmNewPassword
* @param lsnr A StatusListener to report progress to
* @throws IOException
* @throws GeneralSecurityException
* @throws PasswordException if the old password is incorrect or two new passwords don't match
*/
public void changePassword(byte[] oldPassword, byte[] newPassword, byte[] confirmNewPassword, StatusListener<ChangePasswordStatus> lsnr) throws IOException, GeneralSecurityException, PasswordException {
File passwordFile = configuration.getPasswordFile();
lsnr.updateStatus(ChangePasswordStatus.CHECKING_PASSWORD);
if (!FileEncryptionUtil.isPasswordCorrect(oldPassword, passwordFile))
throw new PasswordIncorrectException();
if (!Arrays.equals(newPassword, confirmNewPassword))
throw new PasswordMismatchException();
// lock so no files are encrypted with the old password while the password is being changed
synchronized (passwordCache) {
passwordCache.setPassword(newPassword);
DerivedKey newKey = passwordCache.getKey();
lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_IDENTITIES);
identities.changePassword(oldPassword, newKey);
lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_ADDRESS_BOOK);
addressBook.changePassword(oldPassword, newKey);
for (EmailFolder folder : getEmailFolders()) {
lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_FOLDER, folder.getName());
folder.changePassword(oldPassword, newKey);
}
lsnr.updateStatus(ChangePasswordStatus.UPDATING_PASSWORD_FILE);
FileEncryptionUtil.writePasswordFile(passwordFile, passwordCache.getPassword(), newKey);
}
}
Aggregations