Examples with PBEParameterSpec javax.crypto.spec.PBEParameterSpec used on opensource projects

Example 76 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project jdk8u_jdk by JetBrains.

the class PBMAC1Core method engineInit.

/**
     * Initializes the HMAC with the given secret key and algorithm parameters.
     *
     * @param key the secret key.
     * @param params the algorithm parameters.
     *
     * @exception InvalidKeyException if the given key is inappropriate for
     * initializing this MAC.
     * @exception InvalidAlgorithmParameterException if the given algorithm
     * parameters are inappropriate for this MAC.
     */
protected void engineInit(Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException {
    char[] passwdChars;
    byte[] salt = null;
    int iCount = 0;
    if (key instanceof javax.crypto.interfaces.PBEKey) {
        javax.crypto.interfaces.PBEKey pbeKey = (javax.crypto.interfaces.PBEKey) key;
        passwdChars = pbeKey.getPassword();
        // maybe null if unspecified
        salt = pbeKey.getSalt();
        // maybe 0 if unspecified
        iCount = pbeKey.getIterationCount();
    } else if (key instanceof SecretKey) {
        byte[] passwdBytes = key.getEncoded();
        if ((passwdBytes == null) || !(key.getAlgorithm().regionMatches(true, 0, "PBE", 0, 3))) {
            throw new InvalidKeyException("Missing password");
        }
        passwdChars = new char[passwdBytes.length];
        for (int i = 0; i < passwdChars.length; i++) {
            passwdChars[i] = (char) (passwdBytes[i] & 0x7f);
        }
    } else {
        throw new InvalidKeyException("SecretKey of PBE type required");
    }
    if (params == null) {
        // retrieve the generated defaults.
        if ((salt == null) || (iCount == 0)) {
            throw new InvalidAlgorithmParameterException("PBEParameterSpec required for salt and iteration count");
        }
    } else if (!(params instanceof PBEParameterSpec)) {
        throw new InvalidAlgorithmParameterException("PBEParameterSpec type required");
    } else {
        PBEParameterSpec pbeParams = (PBEParameterSpec) params;
        // make sure the parameter values are consistent
        if (salt != null) {
            if (!Arrays.equals(salt, pbeParams.getSalt())) {
                throw new InvalidAlgorithmParameterException("Inconsistent value of salt between key and params");
            }
        } else {
            salt = pbeParams.getSalt();
        }
        if (iCount != 0) {
            if (iCount != pbeParams.getIterationCount()) {
                throw new InvalidAlgorithmParameterException("Different iteration count between key and params");
            }
        } else {
            iCount = pbeParams.getIterationCount();
        }
    }
    // which is what PKCS#5 recommends and openssl does.
    if (salt.length < 8) {
        throw new InvalidAlgorithmParameterException("Salt must be at least 8 bytes long");
    }
    if (iCount <= 0) {
        throw new InvalidAlgorithmParameterException("IterationCount must be a positive number");
    }
    PBEKeySpec pbeSpec = new PBEKeySpec(passwdChars, salt, iCount, blockLength);
    // password char[] was cloned in PBEKeySpec constructor,
    // so we can zero it out here
    java.util.Arrays.fill(passwdChars, ' ');
    SecretKey s = null;
    PBKDF2Core kdf = getKDFImpl(kdfAlgo);
    try {
        s = kdf.engineGenerateSecret(pbeSpec);
    } catch (InvalidKeySpecException ikse) {
        InvalidKeyException ike = new InvalidKeyException("Cannot construct PBE key");
        ike.initCause(ikse);
        throw ike;
    }
    byte[] derivedKey = s.getEncoded();
    SecretKey cipherKey = new SecretKeySpec(derivedKey, kdfAlgo);
    super.engineInit(cipherKey, null);
}

Example 77 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project GeoGig by boundlessgeo.

the class Remote method encryptPassword.

public static String encryptPassword(String password) {
    try {
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
        SecretKey key = keyFactory.generateSecret(new PBEKeySpec(PASSWORD));
        Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
        pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20));
        return Base64.encodeBytes(pbeCipher.doFinal(password.getBytes("UTF-8")));
    } catch (Exception e) {
        return password;
    }
}

Example 78 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project ranger by apache.

the class RangerMasterKey method decryptKey.

private byte[] decryptKey(byte[] encrypted, PBEKeySpec keyspec) throws Throwable {
    SecretKey key = getPasswordKey(keyspec);
    if (keyspec.getSalt() != null) {
        PBEParameterSpec paramSpec = new PBEParameterSpec(keyspec.getSalt(), keyspec.getIterationCount());
        Cipher c = Cipher.getInstance(key.getAlgorithm());
        c.init(Cipher.DECRYPT_MODE, key, paramSpec);
        return c.doFinal(encrypted);
    }
    return null;
}

Example 79 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project ranger by apache.

the class PasswordUtils method decrypt.

private String decrypt() throws IOException {
    String ret = null;
    try {
        byte[] decodedPassword = Base64.decode(password);
        Cipher engine = Cipher.getInstance(CRYPT_ALGO);
        PBEKeySpec keySpec = new PBEKeySpec(encryptKey);
        SecretKeyFactory skf = SecretKeyFactory.getInstance(CRYPT_ALGO);
        SecretKey key = skf.generateSecret(keySpec);
        engine.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(salt, ITERATION_COUNT));
        String decrypted = new String(engine.doFinal(decodedPassword));
        int foundAt = decrypted.indexOf(LEN_SEPARATOR_STR);
        if (foundAt > -1) {
            if (decrypted.length() > foundAt) {
                ret = decrypted.substring(foundAt + 1);
            } else {
                ret = "";
            }
        } else {
            ret = null;
        }
    } catch (Throwable t) {
        LOG.error("Unable to decrypt password due to error", t);
        throw new IOException("Unable to decrypt password due to error", t);
    }
    return ret;
}

Example 80 with PBEParameterSpec

use of javax.crypto.spec.PBEParameterSpec in project ORCID-Source by ORCID.

the class DesEncrypter method initDesEncrypter.

private void initDesEncrypter(final String passPhrase) {
    try {
        // Create the key
        KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
        SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);
        ecipher = Cipher.getInstance(key.getAlgorithm());
        dcipher = Cipher.getInstance(key.getAlgorithm());
        // Prepare the parameter to the ciphers
        AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
        // Create the ciphers
        ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
        dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
    } catch (GeneralSecurityException e) {
        LOGGER.trace("DesEncrypter.creation failed", e);
        throw new ApplicationException("DesEncrypter creation failed", e);
    }
}