213 shaares
2 résultats
taggé
bouncy
I have no idea what I am doing...
import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
import org.bouncycastle.crypto.params.KeyParameter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
public class Authentication {
private static Logger LOGGER = LoggerFactory.getLogger(Authentication.class.getCanonicalName());
// Are these sizes arbitrary ?
private static final int SEED_BYTES = 20;
private static final int HASH_BYTES = 20;
// increase iterations as high as your performance can tolerate
// since this increases computational cost of password guessing
// which should help security
private static final int ITERATIONS = 1000;
//Encoding
public static final String ENCODING = "UTF-8";
public String generateSalt() {
return new String(new SecureRandom().generateSeed(SEED_BYTES));
}
public String hashToken(String password, String salt) {
try {
PKCS5S2ParametersGenerator kdf = new PKCS5S2ParametersGenerator();
kdf.init(password.getBytes(ENCODING), salt.getBytes(ENCODING), ITERATIONS);
return new String(((KeyParameter) kdf.generateDerivedMacParameters(8 * HASH_BYTES)).getKey());
} catch (UnsupportedEncodingException exception) {
LOGGER.info("Error when hashing password : {}", exception.getMessage());
}
return null;
}
public boolean isPasswordValid(String givenPassword, String salt, String storedHash) {
return this.hashToken(givenPassword, salt).equals(storedHash);
}
}
J'ai commencé à regarder Bouncy Castle et je suis pas mal bloquée sur la compréhension des algorithmes de chiffrement...
Je met ici le début de ma réflexion :
package com.moi.search;
import org.bouncycastle.crypto.BlockCipher;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.paddings.BlockCipherPadding;
import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.util.encoders.Base64;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
public class AESBouncyCastle {
private final BlockCipher AESCipher = new AESEngine();
private PaddedBufferedBlockCipher paddedBufferedBlockCipher;
private KeyParameter key;
public void setPadding(BlockCipherPadding bcp) {
this.paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(AESCipher, bcp);
}
public SecretKey generateKey() throws NoSuchAlgorithmException {
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(256);
return kg.generateKey();
}
public String generateSecretKeyStringFormatted() throws NoSuchAlgorithmException {
SecretKey key = this.generateKey();
return this.convertToString(Base64.encode(key.getEncoded()));
}
public void setKey(byte[] key) {
this.key = new KeyParameter(key);
}
public void setKey(SecretKey key) {
this.setKey(key.getEncoded());
}
public byte[] retrieveKeyFromString(String key) {
return Base64.decode(key);
}
public String encrypt(String input) throws DataLengthException, InvalidCipherTextException {
byte[] result = this.processing(this.convertToBytes(input), true);
return this.convertToString(Base64.encode(result));
}
public String decrypt(String input) throws DataLengthException, InvalidCipherTextException {
byte[] bytesToDecrypt = Base64.decode(input);
return this.convertToString(this.processing(bytesToDecrypt, false));
}
private byte[] processing(byte[] input, boolean encrypt) throws DataLengthException, InvalidCipherTextException {
paddedBufferedBlockCipher.init(encrypt, key);
byte[] output = new byte[paddedBufferedBlockCipher.getOutputSize(input.length)];
int bytesWrittenOut = paddedBufferedBlockCipher.processBytes(input, 0, input.length, output, 0);
paddedBufferedBlockCipher.doFinal(output, bytesWrittenOut);
return output;
}
private byte[] convertToBytes(String content) {
return content.trim().getBytes(StandardCharsets.UTF_8);
}
private String convertToString(byte[] content) {
return new String(content, StandardCharsets.UTF_8).trim();
}
}
Exemple d'utilisation :
AESBouncyCastle cipherEngine = new AESBouncyCastle();
cipherEngine.setPadding(new PKCS7Padding());
String key = cipherEngine.generateSecretKeyStringFormatted();
cipherEngine.setKey(cipherEngine.retrieveKeyFromString(key));
cipherEngine.encrypt(stuffToEncrypt);
toto = cipherEngine.decrypt(stuffToDecrypt);