protected AbstractPasswordEncoder() { this.saltGenerator = KeyGenerators.secureRandom(); }
BouncyCastleAesBytesEncryptor(String password, CharSequence salt) { this(password, salt, KeyGenerators.secureRandom(16)); }
public LdapShaPasswordEncoder() { this(KeyGenerators.secureRandom()); }
protected AbstractPasswordEncoder() { this.saltGenerator = KeyGenerators.secureRandom(); }
/** * Creates an instance with the provided key length and encoder. * @param encoder the encoder to use * @param keyLength the key length to use */ public Base64StringKeyGenerator(Base64.Encoder encoder, int keyLength) { if (encoder == null) { throw new IllegalArgumentException("encode cannot be null"); } if (keyLength < DEFAULT_KEY_LENGTH) { throw new IllegalArgumentException("keyLength must be greater than or equal to" + DEFAULT_KEY_LENGTH); } this.encoder = encoder; this.keyGenerator = KeyGenerators.secureRandom(keyLength); }
/** * Creates a {@link StringKeyGenerator} that hex-encodes {@link SecureRandom} keys of * 8 bytes in length. The hex-encoded string is keyLength * 2 characters in length. */ public static StringKeyGenerator string() { return new HexEncodingStringKeyGenerator(secureRandom()); }
/** * Creates a {@link StringKeyGenerator} that hex-encodes {@link SecureRandom} keys of * 8 bytes in length. The hex-encoded string is keyLength * 2 characters in length. */ public static StringKeyGenerator string() { return new HexEncodingStringKeyGenerator(secureRandom()); }
/** * Creates a standard password-based bytes encryptor using 256 bit AES encryption. * Derives the secret key using PKCS #5's PBKDF2 (Password-Based Key Derivation * Function #2). Salts the password to prevent dictionary attacks against the key. The * provided salt is expected to be hex-encoded; it should be random and at least 8 * bytes in length. Also applies a random 16 byte initialization vector to ensure each * encrypted message will be unique. Requires Java 6. * * @param password the password used to generate the encryptor's secret key; should * not be shared * @param salt a hex-encoded, random, site-global salt value to use to generate the * key */ public static BytesEncryptor standard(CharSequence password, CharSequence salt) { return new AesBytesEncryptor(password.toString(), salt, KeyGenerators.secureRandom(16)); }
private StandardPasswordEncoder(String algorithm, CharSequence secret) { this.digester = new Digester(algorithm, DEFAULT_ITERATIONS); this.secret = Utf8.encode(secret); this.saltGenerator = KeyGenerators.secureRandom(); }
/** * Create a {@link BytesKeyGenerator} that returns a single, shared * {@link SecureRandom} key of a custom length. * @param keyLength the key length in bytes, e.g. 16, for a 16 byte key. */ public static BytesKeyGenerator shared(int keyLength) { return new SharedKeyGenerator(secureRandom(keyLength).generateKey()); }
/** * Create a {@link BytesKeyGenerator} that returns a single, shared * {@link SecureRandom} key of a custom length. * @param keyLength the key length in bytes, e.g. 16, for a 16 byte key. */ public static BytesKeyGenerator shared(int keyLength) { return new SharedKeyGenerator(secureRandom(keyLength).generateKey()); }
private StandardPasswordEncoder(String algorithm, CharSequence secret) { this.digester = new Digester(algorithm, DEFAULT_ITERATIONS); this.secret = Utf8.encode(secret); this.saltGenerator = KeyGenerators.secureRandom(); }
public CachingPasswordEncoder() throws NoSuchAlgorithmException { messageDigest = MessageDigest.getInstance("SHA-256"); this.secret = Utf8.encode(new RandomValueStringGenerator().generate()); this.salt = KeyGenerators.secureRandom().generateKey(); iterations = 25; buildCache(); }
@Test public void secureRandom() { BytesKeyGenerator keyGenerator = KeyGenerators.secureRandom(); assertThat(keyGenerator.getKeyLength()).isEqualTo(8); byte[] key = keyGenerator.generateKey(); assertThat(key).hasSize(8); byte[] key2 = keyGenerator.generateKey(); assertThat(Arrays.equals(key, key2)).isFalse(); }
@Test(expected = IllegalArgumentException.class) public void bcCbcWithWrongLengthIv() throws Exception { new BouncyCastleAesCbcBytesEncryptor(password, salt, KeyGenerators.secureRandom(8)); }
@Test(expected = IllegalArgumentException.class) public void bcGcmWithWrongLengthIv() throws Exception { new BouncyCastleAesGcmBytesEncryptor(password, salt, KeyGenerators.secureRandom(8)); } }
@Test public void migrate() { final int saltLength = KeyGenerators.secureRandom().getKeyLength(); String encodedPassword = "ab1146a8458d4ce4e65789e5a3f60e423373cfa10b01abd23739e5ae2fdc37f8e9ede4ae6da65264"; String originalEncodedPassword = "ab1146a8458d4ce4ab1146a8458d4ce4e65789e5a3f60e423373cfa10b01abd23739e5ae2fdc37f8e9ede4ae6da65264"; byte[] originalBytes = Hex.decode(originalEncodedPassword); byte[] fixedBytes = Arrays.copyOfRange(originalBytes, saltLength, originalBytes.length); String fixedHex = String.valueOf(Hex.encode(fixedBytes)); assertThat(fixedHex).isEqualTo(encodedPassword); }
@Test public void secureRandomCustomLength() { BytesKeyGenerator keyGenerator = KeyGenerators.secureRandom(21); assertThat(keyGenerator.getKeyLength()).isEqualTo(21); byte[] key = keyGenerator.generateKey(); assertThat(key).hasSize(21); byte[] key2 = keyGenerator.generateKey(); assertThat(Arrays.equals(key, key2)).isFalse(); }
@Test public void bouncyCastleAesCbcWithSecureIvCompatible() throws Exception { CryptoAssumptions.assumeCBCJCE(); BytesEncryptor bcEncryptor = new BouncyCastleAesCbcBytesEncryptor(password, salt, KeyGenerators.secureRandom(16)); BytesEncryptor jceEncryptor = new AesBytesEncryptor(password, salt, KeyGenerators.secureRandom(16)); testCompatibility(bcEncryptor, jceEncryptor); }
@Test public void bouncyCastleAesGcmWithSecureIvCompatible() throws Exception { CryptoAssumptions.assumeGCMJCE(); BytesEncryptor bcEncryptor = new BouncyCastleAesGcmBytesEncryptor(password, salt, KeyGenerators.secureRandom(16)); BytesEncryptor jceEncryptor = new AesBytesEncryptor(password, salt, KeyGenerators.secureRandom(16), CipherAlgorithm.GCM); testCompatibility(bcEncryptor, jceEncryptor); }