use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project spring-security by spring-projects.
the class Argon2PasswordEncoder method matches.
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
if (encodedPassword == null) {
this.logger.warn("password hash is null");
return false;
}
Argon2EncodingUtils.Argon2Hash decoded;
try {
decoded = Argon2EncodingUtils.decode(encodedPassword);
} catch (IllegalArgumentException ex) {
this.logger.warn("Malformed password hash", ex);
return false;
}
byte[] hashBytes = new byte[decoded.getHash().length];
Argon2BytesGenerator generator = new Argon2BytesGenerator();
generator.init(decoded.getParameters());
generator.generateBytes(rawPassword.toString().toCharArray(), hashBytes);
return constantTimeArrayEquals(decoded.getHash(), hashBytes);
}
use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project smoke by textbrowser.
the class Cryptography method generateMacKey.
public static SecretKey generateMacKey(byte[] salt, char[] password, int iterations, int keyDerivationFunction) {
if (password == null || salt == null)
return null;
if (// Argon2id
keyDerivationFunction == 0) {
try {
Argon2BytesGenerator generator = new Argon2BytesGenerator();
Argon2Parameters.Builder builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withVersion(Argon2Parameters.ARGON2_VERSION_13).withIterations(iterations).withMemoryAsKB(HASH_KEY_LENGTH).withParallelism(NUMBER_OF_CORES).withAdditional(Hex.decode("000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a")).withSecret(new String(password).getBytes(StandardCharsets.UTF_8)).withSalt(salt);
byte[] bytes = new byte[HASH_KEY_LENGTH];
generator.init(builder.build());
generator.generateBytes(password, bytes);
return new SecretKeySpec(bytes, HASH_ALGORITHM);
} catch (Exception exception) {
}
} else // PBKDF2
{
// Bits.
int length = 8 * HASH_KEY_LENGTH;
try {
KeySpec keySpec = new PBEKeySpec(password, salt, iterations, length);
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(PBKDF2_ALGORITHM);
return secretKeyFactory.generateSecret(keySpec);
} catch (Exception exception) {
}
}
return null;
}
use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project spring-security by spring-projects.
the class Argon2PasswordEncoder method encode.
@Override
public String encode(CharSequence rawPassword) {
byte[] salt = this.saltGenerator.generateKey();
byte[] hash = new byte[this.hashLength];
// @formatter:off
Argon2Parameters params = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withSalt(salt).withParallelism(this.parallelism).withMemoryAsKB(this.memory).withIterations(this.iterations).build();
// @formatter:on
Argon2BytesGenerator generator = new Argon2BytesGenerator();
generator.init(params);
generator.generateBytes(rawPassword.toString().toCharArray(), hash);
return Argon2EncodingUtils.encode(hash, params);
}
use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project smoke by textbrowser.
the class Cryptography method generateEncryptionKey.
public static SecretKey generateEncryptionKey(byte[] salt, char[] password, int iterations, int keyDerivationFunction) {
if (password == null || salt == null)
return null;
if (// Argon2id
keyDerivationFunction == 0) {
try {
Argon2BytesGenerator generator = new Argon2BytesGenerator();
Argon2Parameters.Builder builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withVersion(Argon2Parameters.ARGON2_VERSION_13).withIterations(iterations).withMemoryAsKB(CIPHER_KEY_LENGTH).withParallelism(NUMBER_OF_CORES).withAdditional(Hex.decode("010203040506070809000a0b0c0d0e0f" + "010203040506070809000a0b0c0d0e0f")).withSecret(new String(password).getBytes(StandardCharsets.UTF_8)).withSalt(salt);
byte[] bytes = new byte[CIPHER_KEY_LENGTH];
generator.init(builder.build());
generator.generateBytes(password, bytes);
return new SecretKeySpec(bytes, SYMMETRIC_ALGORITHM);
} catch (Exception exception) {
}
} else // PBKDF2
{
// Bits.
int length = 8 * CIPHER_KEY_LENGTH;
try {
KeySpec keySpec = new PBEKeySpec(password, salt, iterations, length);
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(PBKDF2_ALGORITHM);
return secretKeyFactory.generateSecret(keySpec);
} catch (Exception exception) {
}
}
return null;
}
Aggregations