Search in sources :

Example 1 with Argon2BytesGenerator

use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project spring-security by spring-projects.

the class Argon2PasswordEncoder method matches.

@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
    if (encodedPassword == null) {
        this.logger.warn("password hash is null");
        return false;
    }
    Argon2EncodingUtils.Argon2Hash decoded;
    try {
        decoded = Argon2EncodingUtils.decode(encodedPassword);
    } catch (IllegalArgumentException ex) {
        this.logger.warn("Malformed password hash", ex);
        return false;
    }
    byte[] hashBytes = new byte[decoded.getHash().length];
    Argon2BytesGenerator generator = new Argon2BytesGenerator();
    generator.init(decoded.getParameters());
    generator.generateBytes(rawPassword.toString().toCharArray(), hashBytes);
    return constantTimeArrayEquals(decoded.getHash(), hashBytes);
}
Also used : Argon2BytesGenerator(org.bouncycastle.crypto.generators.Argon2BytesGenerator)

Example 2 with Argon2BytesGenerator

use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project smoke by textbrowser.

the class Cryptography method generateMacKey.

public static SecretKey generateMacKey(byte[] salt, char[] password, int iterations, int keyDerivationFunction) {
    if (password == null || salt == null)
        return null;
    if (// Argon2id
    keyDerivationFunction == 0) {
        try {
            Argon2BytesGenerator generator = new Argon2BytesGenerator();
            Argon2Parameters.Builder builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withVersion(Argon2Parameters.ARGON2_VERSION_13).withIterations(iterations).withMemoryAsKB(HASH_KEY_LENGTH).withParallelism(NUMBER_OF_CORES).withAdditional(Hex.decode("000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a" + "000908070605040302010f0e0d0c0b0a")).withSecret(new String(password).getBytes(StandardCharsets.UTF_8)).withSalt(salt);
            byte[] bytes = new byte[HASH_KEY_LENGTH];
            generator.init(builder.build());
            generator.generateBytes(password, bytes);
            return new SecretKeySpec(bytes, HASH_ALGORITHM);
        } catch (Exception exception) {
        }
    } else // PBKDF2
    {
        // Bits.
        int length = 8 * HASH_KEY_LENGTH;
        try {
            KeySpec keySpec = new PBEKeySpec(password, salt, iterations, length);
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(PBKDF2_ALGORITHM);
            return secretKeyFactory.generateSecret(keySpec);
        } catch (Exception exception) {
        }
    }
    return null;
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) Argon2Parameters(org.bouncycastle.crypto.params.Argon2Parameters) SecretKeySpec(javax.crypto.spec.SecretKeySpec) EncodedKeySpec(java.security.spec.EncodedKeySpec) SecretKeySpec(javax.crypto.spec.SecretKeySpec) KeySpec(java.security.spec.KeySpec) PBEKeySpec(javax.crypto.spec.PBEKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) Argon2BytesGenerator(org.bouncycastle.crypto.generators.Argon2BytesGenerator) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 3 with Argon2BytesGenerator

use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project spring-security by spring-projects.

the class Argon2PasswordEncoder method encode.

@Override
public String encode(CharSequence rawPassword) {
    byte[] salt = this.saltGenerator.generateKey();
    byte[] hash = new byte[this.hashLength];
    // @formatter:off
    Argon2Parameters params = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withSalt(salt).withParallelism(this.parallelism).withMemoryAsKB(this.memory).withIterations(this.iterations).build();
    // @formatter:on
    Argon2BytesGenerator generator = new Argon2BytesGenerator();
    generator.init(params);
    generator.generateBytes(rawPassword.toString().toCharArray(), hash);
    return Argon2EncodingUtils.encode(hash, params);
}
Also used : Argon2Parameters(org.bouncycastle.crypto.params.Argon2Parameters) Argon2BytesGenerator(org.bouncycastle.crypto.generators.Argon2BytesGenerator)

Example 4 with Argon2BytesGenerator

use of org.bouncycastle.crypto.generators.Argon2BytesGenerator in project smoke by textbrowser.

the class Cryptography method generateEncryptionKey.

public static SecretKey generateEncryptionKey(byte[] salt, char[] password, int iterations, int keyDerivationFunction) {
    if (password == null || salt == null)
        return null;
    if (// Argon2id
    keyDerivationFunction == 0) {
        try {
            Argon2BytesGenerator generator = new Argon2BytesGenerator();
            Argon2Parameters.Builder builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withVersion(Argon2Parameters.ARGON2_VERSION_13).withIterations(iterations).withMemoryAsKB(CIPHER_KEY_LENGTH).withParallelism(NUMBER_OF_CORES).withAdditional(Hex.decode("010203040506070809000a0b0c0d0e0f" + "010203040506070809000a0b0c0d0e0f")).withSecret(new String(password).getBytes(StandardCharsets.UTF_8)).withSalt(salt);
            byte[] bytes = new byte[CIPHER_KEY_LENGTH];
            generator.init(builder.build());
            generator.generateBytes(password, bytes);
            return new SecretKeySpec(bytes, SYMMETRIC_ALGORITHM);
        } catch (Exception exception) {
        }
    } else // PBKDF2
    {
        // Bits.
        int length = 8 * CIPHER_KEY_LENGTH;
        try {
            KeySpec keySpec = new PBEKeySpec(password, salt, iterations, length);
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(PBKDF2_ALGORITHM);
            return secretKeyFactory.generateSecret(keySpec);
        } catch (Exception exception) {
        }
    }
    return null;
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) Argon2Parameters(org.bouncycastle.crypto.params.Argon2Parameters) SecretKeySpec(javax.crypto.spec.SecretKeySpec) EncodedKeySpec(java.security.spec.EncodedKeySpec) SecretKeySpec(javax.crypto.spec.SecretKeySpec) KeySpec(java.security.spec.KeySpec) PBEKeySpec(javax.crypto.spec.PBEKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) Argon2BytesGenerator(org.bouncycastle.crypto.generators.Argon2BytesGenerator) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Aggregations

Argon2BytesGenerator (org.bouncycastle.crypto.generators.Argon2BytesGenerator)4 Argon2Parameters (org.bouncycastle.crypto.params.Argon2Parameters)3 EncodedKeySpec (java.security.spec.EncodedKeySpec)2 KeySpec (java.security.spec.KeySpec)2 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)2 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)2 SecretKeyFactory (javax.crypto.SecretKeyFactory)2 PBEKeySpec (javax.crypto.spec.PBEKeySpec)2 SecretKeySpec (javax.crypto.spec.SecretKeySpec)2