2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.cms
.security
;
18 import java
.io
.ByteArrayInputStream
;
19 import java
.io
.ByteArrayOutputStream
;
20 import java
.io
.InputStream
;
21 import java
.util
.Base64
;
23 import javax
.crypto
.Cipher
;
24 import javax
.crypto
.CipherInputStream
;
25 import javax
.crypto
.CipherOutputStream
;
26 import javax
.crypto
.SecretKey
;
27 import javax
.crypto
.SecretKeyFactory
;
28 import javax
.crypto
.spec
.IvParameterSpec
;
29 import javax
.crypto
.spec
.PBEKeySpec
;
30 import javax
.crypto
.spec
.PBEParameterSpec
;
31 import javax
.crypto
.spec
.SecretKeySpec
;
33 import junit
.framework
.TestCase
;
35 import org
.apache
.commons
.io
.IOUtils
;
36 import org
.apache
.commons
.logging
.Log
;
37 import org
.apache
.commons
.logging
.LogFactory
;
38 import org
.argeo
.util
.PasswordEncryption
;
40 public class PasswordBasedEncryptionTest
extends TestCase
{
41 private final static Log log
= LogFactory
.getLog(PasswordBasedEncryptionTest
.class);
43 public void testEncryptDecrypt() {
44 final String password
= "test long password since they are safer";
45 PasswordEncryption pbeEnc
= new PasswordEncryption(password
.toCharArray());
46 String message
= "Hello World!";
47 log
.info("Password:\t'" + password
+ "'");
48 log
.info("Message:\t'" + message
+ "'");
49 byte[] encrypted
= pbeEnc
.encryptString(message
);
50 log
.info("Encrypted:\t'" + Base64
.getEncoder().encode(encrypted
) + "'");
51 PasswordEncryption pbeDec
= new PasswordEncryption(password
.toCharArray());
52 InputStream in
= null;
53 in
= new ByteArrayInputStream(encrypted
);
54 String decrypted
= pbeDec
.decryptAsString(in
);
55 log
.info("Decrypted:\t'" + decrypted
+ "'");
56 IOUtils
.closeQuietly(in
);
57 assertEquals(message
, decrypted
);
60 public void testPBEWithMD5AndDES() throws Exception
{
61 String password
= "test";
62 String message
= "Hello World!";
64 byte[] salt
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
69 String cipherAlgorithm
= "PBEWithMD5AndDES";
70 String secretKeyAlgorithm
= "PBEWithMD5AndDES";
71 SecretKeyFactory keyFac
= SecretKeyFactory
.getInstance(secretKeyAlgorithm
);
72 PBEKeySpec pbeKeySpec
= new PBEKeySpec(password
.toCharArray());
73 PBEParameterSpec pbeParamSpec
= new PBEParameterSpec(salt
, count
);
74 SecretKey pbeKey
= keyFac
.generateSecret(pbeKeySpec
);
75 Cipher ecipher
= Cipher
.getInstance(cipherAlgorithm
);
76 ecipher
.init(Cipher
.ENCRYPT_MODE
, pbeKey
, pbeParamSpec
);
77 Cipher dcipher
= Cipher
.getInstance(cipherAlgorithm
);
78 dcipher
.init(Cipher
.DECRYPT_MODE
, pbeKey
, pbeParamSpec
);
80 byte[] encrypted
= ecipher
.doFinal(message
.getBytes());
81 byte[] decrypted
= dcipher
.doFinal(encrypted
);
82 assertEquals(message
, new String(decrypted
));
86 public void testPBEWithSHA1AndAES() throws Exception
{
87 String password
= "test";
88 String message
= "Hello World!";
90 byte[] salt
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
92 byte[] iv
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
93 (byte) 0x99, (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
97 // int keyLength = 256;
100 String cipherAlgorithm
= "AES/CBC/PKCS5Padding";
101 String secretKeyAlgorithm
= "PBKDF2WithHmacSHA1";
102 SecretKeyFactory keyFac
= SecretKeyFactory
.getInstance(secretKeyAlgorithm
);
103 PBEKeySpec pbeKeySpec
= new PBEKeySpec(password
.toCharArray(), salt
, count
, keyLength
);
104 SecretKey tmp
= keyFac
.generateSecret(pbeKeySpec
);
105 SecretKey secret
= new SecretKeySpec(tmp
.getEncoded(), "AES");
106 Cipher ecipher
= Cipher
.getInstance(cipherAlgorithm
);
107 ecipher
.init(Cipher
.ENCRYPT_MODE
, secret
, new IvParameterSpec(iv
));
110 keyFac
= SecretKeyFactory
.getInstance(secretKeyAlgorithm
);
111 pbeKeySpec
= new PBEKeySpec(password
.toCharArray(), salt
, count
, keyLength
);
112 tmp
= keyFac
.generateSecret(pbeKeySpec
);
113 secret
= new SecretKeySpec(tmp
.getEncoded(), "AES");
114 // AlgorithmParameters params = ecipher.getParameters();
115 // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
116 Cipher dcipher
= Cipher
.getInstance(cipherAlgorithm
);
117 dcipher
.init(Cipher
.DECRYPT_MODE
, secret
, new IvParameterSpec(iv
));
119 byte[] encrypted
= ecipher
.doFinal(message
.getBytes());
120 byte[] decrypted
= dcipher
.doFinal(encrypted
);
121 assertEquals(message
, new String(decrypted
));
123 ByteArrayOutputStream out
= new ByteArrayOutputStream();
124 CipherOutputStream cipherOut
= new CipherOutputStream(out
, ecipher
);
125 cipherOut
.write(message
.getBytes());
126 IOUtils
.closeQuietly(cipherOut
);
127 byte[] enc
= out
.toByteArray();
129 ByteArrayInputStream in
= new ByteArrayInputStream(enc
);
130 CipherInputStream cipherIn
= new CipherInputStream(in
, dcipher
);
131 ByteArrayOutputStream dec
= new ByteArrayOutputStream();
132 IOUtils
.copy(cipherIn
, dec
);
133 assertEquals(message
, new String(dec
.toByteArray()));