Search in sources :

Example 1 with DerivedKey

use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.

the class PasswordCacheTest method testGetKey.

@Test
public void testGetKey() throws IOException, GeneralSecurityException {
    passwordCache.setPassword(PASSWORD);
    DerivedKey derivedKey = passwordCache.getKey();
    assertEquals(derivedKey.scryptParams, FileEncryptionConstants.KDF_PARAMETERS);
    byte[] expectedKey = FileEncryptionUtil.getEncryptionKey(PASSWORD, derivedKey.salt, derivedKey.scryptParams);
    assertArrayEquals(expectedKey, derivedKey.key);
    // verify that the salt was cached in a file and is reused
    PasswordCache newPasswordCache = TestUtil.createPasswordCache(testDir);
    newPasswordCache = TestUtil.createPasswordCache(testDir);
    newPasswordCache.setPassword(PASSWORD);
    byte[] oldSalt = derivedKey.salt;
    byte[] newSalt = passwordCache.getKey().salt;
    assertArrayEquals(oldSalt, newSalt);
    // delete the cache file, clear the derived key, and verify that a new salt is generated
    Configuration configuration = TestUtil.createConfiguration(testDir);
    File derivParamsFile = configuration.getKeyDerivationParametersFile();
    boolean deleted = derivParamsFile.delete();
    assertTrue("Can't delete derivation parameters cache file: <" + derivParamsFile.getAbsolutePath() + ">", deleted);
    // clear the key
    passwordCache.setPassword(PASSWORD);
    newSalt = passwordCache.getKey().salt;
    assertFalse(Arrays.equals(oldSalt, newSalt));
}
Also used : PasswordCache(i2p.bote.fileencryption.PasswordCache) Configuration(i2p.bote.Configuration) DerivedKey(i2p.bote.fileencryption.DerivedKey) File(java.io.File) Test(org.junit.Test)

Example 2 with DerivedKey

use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.

the class ExportableData method export.

public void export(OutputStream exportStream, String password) throws IOException, GeneralSecurityException, PasswordException {
    initializeIfNeeded();
    OutputStreamWriter writer;
    if (password != null) {
        // Use same salt and parameters as the on-disk files
        PasswordCache cache = new PasswordCache(I2PBote.getInstance().getConfiguration());
        cache.setPassword(password.getBytes());
        DerivedKey derivedKey = cache.getKey();
        writer = new OutputStreamWriter(new EncryptedOutputStream(exportStream, derivedKey), "UTF-8");
    } else
        writer = new OutputStreamWriter(exportStream, "UTF-8");
    Properties properties = saveToProperties();
    properties.store(writer, null);
    // If a password was provided, this call triggers the encryption
    writer.close();
}
Also used : PasswordCache(i2p.bote.fileencryption.PasswordCache) OutputStreamWriter(java.io.OutputStreamWriter) Properties(java.util.Properties) DerivedKey(i2p.bote.fileencryption.DerivedKey) EncryptedOutputStream(i2p.bote.fileencryption.EncryptedOutputStream)

Example 3 with DerivedKey

use of i2p.bote.fileencryption.DerivedKey in project i2p.i2p-bote by i2p.

the class I2PBote method changePassword.

/**
 * Reencrypts all encrypted files with a new password
 * @param oldPassword
 * @param newPassword
 * @param confirmNewPassword
 * @param lsnr A StatusListener to report progress to
 * @throws IOException
 * @throws GeneralSecurityException
 * @throws PasswordException if the old password is incorrect or two new passwords don't match
 */
public void changePassword(byte[] oldPassword, byte[] newPassword, byte[] confirmNewPassword, StatusListener<ChangePasswordStatus> lsnr) throws IOException, GeneralSecurityException, PasswordException {
    File passwordFile = configuration.getPasswordFile();
    lsnr.updateStatus(ChangePasswordStatus.CHECKING_PASSWORD);
    if (!FileEncryptionUtil.isPasswordCorrect(oldPassword, passwordFile))
        throw new PasswordIncorrectException();
    if (!Arrays.equals(newPassword, confirmNewPassword))
        throw new PasswordMismatchException();
    // lock so no files are encrypted with the old password while the password is being changed
    synchronized (passwordCache) {
        passwordCache.setPassword(newPassword);
        DerivedKey newKey = passwordCache.getKey();
        lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_IDENTITIES);
        identities.changePassword(oldPassword, newKey);
        lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_ADDRESS_BOOK);
        addressBook.changePassword(oldPassword, newKey);
        for (EmailFolder folder : getEmailFolders()) {
            lsnr.updateStatus(ChangePasswordStatus.RE_ENCRYPTING_FOLDER, folder.getName());
            folder.changePassword(oldPassword, newKey);
        }
        lsnr.updateStatus(ChangePasswordStatus.UPDATING_PASSWORD_FILE);
        FileEncryptionUtil.writePasswordFile(passwordFile, passwordCache.getPassword(), newKey);
    }
}
Also used : PasswordMismatchException(i2p.bote.fileencryption.PasswordMismatchException) PasswordIncorrectException(i2p.bote.fileencryption.PasswordIncorrectException) SecureFile(net.i2p.util.SecureFile) File(java.io.File) DerivedKey(i2p.bote.fileencryption.DerivedKey) EmailFolder(i2p.bote.folder.EmailFolder) IncompleteEmailFolder(i2p.bote.folder.IncompleteEmailFolder)

Aggregations

DerivedKey (i2p.bote.fileencryption.DerivedKey)3 PasswordCache (i2p.bote.fileencryption.PasswordCache)2 File (java.io.File)2 Configuration (i2p.bote.Configuration)1 EncryptedOutputStream (i2p.bote.fileencryption.EncryptedOutputStream)1 PasswordIncorrectException (i2p.bote.fileencryption.PasswordIncorrectException)1 PasswordMismatchException (i2p.bote.fileencryption.PasswordMismatchException)1 EmailFolder (i2p.bote.folder.EmailFolder)1 IncompleteEmailFolder (i2p.bote.folder.IncompleteEmailFolder)1 OutputStreamWriter (java.io.OutputStreamWriter)1 Properties (java.util.Properties)1 SecureFile (net.i2p.util.SecureFile)1 Test (org.junit.Test)1