org.argeo.cms/ext/test/org/argeo/cms/security/PasswordBasedEncryptionTest.java

   1 /*
   2  * Copyright (C) 2007-2012 Argeo GmbH
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.cms.security;
  17
  18 import java.io.ByteArrayInputStream;
  19 import java.io.ByteArrayOutputStream;
  20 import java.io.InputStream;
  21 import java.util.Base64;
  22
  23 import javax.crypto.Cipher;
  24 import javax.crypto.CipherInputStream;
  25 import javax.crypto.CipherOutputStream;
  26 import javax.crypto.SecretKey;
  27 import javax.crypto.SecretKeyFactory;
  28 import javax.crypto.spec.IvParameterSpec;
  29 import javax.crypto.spec.PBEKeySpec;
  30 import javax.crypto.spec.PBEParameterSpec;
  31 import javax.crypto.spec.SecretKeySpec;
  32
  33 import junit.framework.TestCase;
  34
  35 import org.apache.commons.io.IOUtils;
  36 import org.apache.commons.logging.Log;
  37 import org.apache.commons.logging.LogFactory;
  38 import org.argeo.util.PasswordEncryption;
  39
  40 public class PasswordBasedEncryptionTest extends TestCase {
  41         private final static Log log = LogFactory.getLog(PasswordBasedEncryptionTest.class);
  42
  43         public void testEncryptDecrypt() {
  44                 final String password = "test long password since they are safer";
  45                 PasswordEncryption pbeEnc = new PasswordEncryption(password.toCharArray());
  46                 String message = "Hello World!";
  47                 log.info("Password:\t'" + password + "'");
  48                 log.info("Message:\t'" + message + "'");
  49                 byte[] encrypted = pbeEnc.encryptString(message);
  50                 log.info("Encrypted:\t'" + Base64.getEncoder().encode(encrypted) + "'");
  51                 PasswordEncryption pbeDec = new PasswordEncryption(password.toCharArray());
  52                 InputStream in = null;
  53                 in = new ByteArrayInputStream(encrypted);
  54                 String decrypted = pbeDec.decryptAsString(in);
  55                 log.info("Decrypted:\t'" + decrypted + "'");
  56                 IOUtils.closeQuietly(in);
  57                 assertEquals(message, decrypted);
  58         }
  59
  60         public void testPBEWithMD5AndDES() throws Exception {
  61                 String password = "test";
  62                 String message = "Hello World!";
  63
  64                 byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
  65                                 (byte) 0x99 };
  66
  67                 int count = 1024;
  68
  69                 String cipherAlgorithm = "PBEWithMD5AndDES";
  70                 String secretKeyAlgorithm = "PBEWithMD5AndDES";
  71                 SecretKeyFactory keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
  72                 PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
  73                 PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, count);
  74                 SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
  75                 Cipher ecipher = Cipher.getInstance(cipherAlgorithm);
  76                 ecipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
  77                 Cipher dcipher = Cipher.getInstance(cipherAlgorithm);
  78                 dcipher.init(Cipher.DECRYPT_MODE, pbeKey, pbeParamSpec);
  79
  80                 byte[] encrypted = ecipher.doFinal(message.getBytes());
  81                 byte[] decrypted = dcipher.doFinal(encrypted);
  82                 assertEquals(message, new String(decrypted));
  83
  84         }
  85
  86         public void testPBEWithSHA1AndAES() throws Exception {
  87                 String password = "test";
  88                 String message = "Hello World!";
  89
  90                 byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
  91                                 (byte) 0x99 };
  92                 byte[] iv = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
  93                                 (byte) 0x99, (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
  94                                 (byte) 0x99 };
  95
  96                 int count = 1024;
  97                 // int keyLength = 256;
  98                 int keyLength = 128;
  99
 100                 String cipherAlgorithm = "AES/CBC/PKCS5Padding";
 101                 String secretKeyAlgorithm = "PBKDF2WithHmacSHA1";
 102                 SecretKeyFactory keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
 103                 PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, count, keyLength);
 104                 SecretKey tmp = keyFac.generateSecret(pbeKeySpec);
 105                 SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
 106                 Cipher ecipher = Cipher.getInstance(cipherAlgorithm);
 107                 ecipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv));
 108
 109                 // decrypt
 110                 keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
 111                 pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, count, keyLength);
 112                 tmp = keyFac.generateSecret(pbeKeySpec);
 113                 secret = new SecretKeySpec(tmp.getEncoded(), "AES");
 114                 // AlgorithmParameters params = ecipher.getParameters();
 115                 // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
 116                 Cipher dcipher = Cipher.getInstance(cipherAlgorithm);
 117                 dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
 118
 119                 byte[] encrypted = ecipher.doFinal(message.getBytes());
 120                 byte[] decrypted = dcipher.doFinal(encrypted);
 121                 assertEquals(message, new String(decrypted));
 122
 123                 ByteArrayOutputStream out = new ByteArrayOutputStream();
 124                 CipherOutputStream cipherOut = new CipherOutputStream(out, ecipher);
 125                 cipherOut.write(message.getBytes());
 126                 IOUtils.closeQuietly(cipherOut);
 127                 byte[] enc = out.toByteArray();
 128
 129                 ByteArrayInputStream in = new ByteArrayInputStream(enc);
 130                 CipherInputStream cipherIn = new CipherInputStream(in, dcipher);
 131                 ByteArrayOutputStream dec = new ByteArrayOutputStream();
 132                 IOUtils.copy(cipherIn, dec);
 133                 assertEquals(message, new String(dec.toByteArray()));
 134         }
 135 }