/** * Crypts the given byte array * * @param input * byte array to be encrypted * @param mode * crypt mode * @return the input crypted. Null in case of an error * @throws GeneralSecurityException */ @Override protected byte[] crypt(final byte[] input, final int mode) throws GeneralSecurityException { SecretKey key = generateSecretKey(); AlgorithmParameterSpec spec = createParameterSpec(); Cipher ciph = createCipher(key, spec, mode); return ciph.doFinal(input); }
/** * @return the key spec to be used for the configured crypt method */ protected KeySpec createKeySpec() { return new PBEKeySpec(getKey().toCharArray()); } }
/** * @return the {@link org.apache.wicket.util.crypt.ICrypt} to use */ protected ICrypt createCrypt() { return new SunJceCrypt(cryptMethod); } }
/** * Crypts the given byte array * * @param input * byte array to be crypted * @param mode * crypt mode * @return the input crypted. Null in case of an error * @throws GeneralSecurityException */ protected final byte[] crypt(final byte[] input, final int mode) throws GeneralSecurityException { SecretKey key = generateSecretKey(); PBEParameterSpec spec = new PBEParameterSpec(salt, COUNT); Cipher ciph = Cipher.getInstance(CRYPT_METHOD); ciph.init(mode, key, spec); return ciph.doFinal(input); }
/** * Generate the de-/encryption key. * <p> * Note: if you don't provide your own encryption key, the implementation will use a default. Be * aware that this is potential security risk. Thus make sure you always provide your own one. * * @return secretKey the security key generated * @throws NoSuchAlgorithmException * unable to find encryption algorithm specified * @throws InvalidKeySpecException * invalid encryption key */ protected SecretKey generateSecretKey() throws NoSuchAlgorithmException, InvalidKeySpecException { SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(cryptMethod); KeySpec spec = createKeySpec(); return keyFactory.generateSecret(spec); }
/** * Crypts the given byte array * * @param input * byte array to be crypted * @param mode * crypt mode * @return the input crypted. Null in case of an error * @throws GeneralSecurityException */ @Override protected final byte[] crypt(final byte[] input, final int mode) throws GeneralSecurityException { SecretKey key = generateSecretKey(); PBEParameterSpec spec = new PBEParameterSpec(salt, COUNT); Cipher ciph = Cipher.getInstance(CRYPT_METHOD); ciph.init(mode, key, spec); return ciph.doFinal(input); }
/** * Generate the de-/encryption key. * <p> * Note: if you don't provide your own encryption key, the implementation will use a default. Be * aware that this is potential security risk. Thus make sure you always provide your own one. * * @return secretKey the security key generated * @throws NoSuchAlgorithmException * unable to find encryption algorithm specified * @throws InvalidKeySpecException * invalid encryption key */ private final SecretKey generateSecretKey() throws NoSuchAlgorithmException, InvalidKeySpecException { final PBEKeySpec spec = new PBEKeySpec(getKey().toCharArray()); return SecretKeyFactory.getInstance(CRYPT_METHOD).generateSecret(spec); } }
/** * @return the {@link org.apache.wicket.util.crypt.ICrypt} to use */ protected ICrypt createCrypt() { return new SunJceCrypt(cryptMethod); } }
/** * Generate the de-/encryption key. * <p> * Note: if you don't provide your own encryption key, the implementation will use a default. Be * aware that this is potential security risk. Thus make sure you always provide your own one. * * @return secretKey the security key generated * @throws NoSuchAlgorithmException * unable to find encryption algorithm specified * @throws InvalidKeySpecException * invalid encryption key */ private final SecretKey generateSecretKey() throws NoSuchAlgorithmException, InvalidKeySpecException { final PBEKeySpec spec = new PBEKeySpec(getKey().toCharArray()); return SecretKeyFactory.getInstance(CRYPT_METHOD).generateSecret(spec); } }
public ICrypt newCrypt() { WebRequestCycle rc = (WebRequestCycle)RequestCycle.get(); // get http session, create if necessary HttpSession session = rc.getWebRequest().getHttpServletRequest().getSession(true); // retrieve or generate encryption key from session final String keyAttr = rc.getApplication().getApplicationKey() + "." + getClass().getName(); String key = (String)session.getAttribute(keyAttr); if (key == null) { // generate new key key = session.getId() + "." + UUID.randomUUID().toString(); session.setAttribute(keyAttr, key); } // build the crypt based on session key ICrypt crypt = new SunJceCrypt(); crypt.setKey(key); return crypt; } }