@Override public String decrypt(String encryptedValue, String masterSalt) { return cipherService.decrypt(encryptedValue, masterSalt); } }
@Override public String encrypt(String cleartext, String masterSalt) { return cipherService.encrypt(cleartext, masterSalt); }
@Override public void setMasterHash(String masterPassword, String masterSalt, boolean overwrite) throws IOException { cipherService.setMasterHash(masterPassword, masterSalt, overwrite); }
public String encrypt(String cleartext, String masterSalt) { return byteToHex(aesEncrypt(cleartext, getMasterKey(masterSalt))); }
public String decrypt(String encryptedValue, String masterSalt) { return aesDecrypt(hexToByte(encryptedValue), getMasterKey(masterSalt)); }
@Test public void testMasterPwdEncryption() throws Exception { DefaultCipherService cipherService = new DefaultCipherService(); String masterSalt = "deltaspike-test-salt"; cipherService.setMasterHash("newMasterPwd", masterSalt, true); String cleartext = "my cleartext sentence"; String encrypted = cipherService.encrypt(cleartext, masterSalt); String decrypted = cipherService.decrypt(encrypted, masterSalt); Assert.assertEquals(cleartext, decrypted); }
protected String getMasterKey(String masterSalt) { File masterFile = getMasterFile(); if (!masterFile.exists()) { throw new IllegalStateException("Could not find master.hash file. Create a master password first!"); } try { String saltHash = byteToHex(secureHash(masterSalt)); String saltKey = byteToHex(secureHash(saltHash)); Properties keys = loadProperties(masterFile.toURI().toURL()); String encryptedMasterKey = (String) keys.get(saltKey); if (encryptedMasterKey == null) { throw new IllegalStateException("Could not find master key for hash " + saltKey + ". Create a master password first!"); } return aesDecrypt(hexToByte(encryptedMasterKey), saltHash); } catch (MalformedURLException e) { throw new RuntimeException(e); } }
DefaultCipherService defaultCipherService = new DefaultCipherService(); String masterSaltHash = defaultCipherService.setMasterHash(masterPwd, masterSalt, overwrite); String encrypted = defaultCipherService.encrypt(plaintext, masterSalt); System.out.println("Encrypted value: " + encrypted);
public String setMasterHash(String masterPassword, String masterSalt, boolean overwrite) throws IOException { File masterFile = getMasterFile(); if (!masterFile.getParentFile().exists()) { if (!masterFile.getParentFile().mkdirs()) { throw new IOException("Can not create directory " + masterFile.getParent()); } } String saltHash = byteToHex(secureHash(masterSalt)); String saltKey = byteToHex(secureHash(saltHash)); String encrypted = byteToHex(aesEncrypt(byteToHex(secureHash(masterPassword)), saltHash)); Properties keys = new Properties(); if (masterFile.exists()) { keys = loadProperties(masterFile.toURI().toURL()); } if (keys.get(saltKey) != null && !overwrite) { throw new IllegalStateException("MasterKey for hash " + saltKey + " already exists. Forced overwrite option needed"); } keys.put(saltKey, encrypted); keys.store(new FileOutputStream(masterFile), null); return saltKey; }
@Test public void testMasterKeyOverwrite() throws Exception { DefaultCipherService cipherService = new DefaultCipherService(); String masterSalt = "deltaspike-test-salt"; cipherService.setMasterHash("newMasterPwd", masterSalt, true); try { cipherService.setMasterHash("newMasterPwd", masterSalt, false); Assert.fail(); } catch (Exception e) { // todo: how to log exception properly // System.out.println("expected: " + e); } }
/** * performs an AES encryption of the given text with the given password key */ public byte[] aesEncrypt(String valueToEncrypt, String key) { try { SecretKeySpec secretKeySpec = getSecretKeySpec(key); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec); return cipher.doFinal(valueToEncrypt.getBytes(UTF_8)); } catch (Exception e) { throw new RuntimeException(e); } }
/** * performs an AES decryption of the given text with the given key key */ public String aesDecrypt(byte[] encryptedValue, String key) { try { SecretKeySpec secretKeySpec = getSecretKeySpec(key); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, secretKeySpec); return new String(cipher.doFinal(encryptedValue), UTF_8); } catch (Exception e) { throw new RuntimeException(e); } }