2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.cms
.security
;
18 import java
.io
.ByteArrayInputStream
;
19 import java
.io
.ByteArrayOutputStream
;
20 import java
.io
.InputStream
;
22 import javax
.crypto
.Cipher
;
23 import javax
.crypto
.CipherInputStream
;
24 import javax
.crypto
.CipherOutputStream
;
25 import javax
.crypto
.SecretKey
;
26 import javax
.crypto
.SecretKeyFactory
;
27 import javax
.crypto
.spec
.IvParameterSpec
;
28 import javax
.crypto
.spec
.PBEKeySpec
;
29 import javax
.crypto
.spec
.PBEParameterSpec
;
30 import javax
.crypto
.spec
.SecretKeySpec
;
31 import javax
.xml
.bind
.DatatypeConverter
;
33 import junit
.framework
.TestCase
;
35 import org
.apache
.commons
.io
.IOUtils
;
36 import org
.apache
.commons
.logging
.Log
;
37 import org
.apache
.commons
.logging
.LogFactory
;
38 import org
.argeo
.cms
.security
.PasswordBasedEncryption
;
40 public class PasswordBasedEncryptionTest
extends TestCase
{
41 private final static Log log
= LogFactory
42 .getLog(PasswordBasedEncryptionTest
.class);
44 public void testEncryptDecrypt() {
45 final String password
= "test long password since they are safer";
46 PasswordBasedEncryption pbeEnc
= new PasswordBasedEncryption(
47 password
.toCharArray());
48 String message
= "Hello World!";
49 log
.info("Password:\t'" + password
+ "'");
50 log
.info("Message:\t'" + message
+ "'");
51 byte[] encrypted
= pbeEnc
.encryptString(message
);
52 log
.info("Encrypted:\t'"
53 + DatatypeConverter
.printBase64Binary(encrypted
) + "'");
54 PasswordBasedEncryption pbeDec
= new PasswordBasedEncryption(
55 password
.toCharArray());
56 InputStream in
= null;
57 in
= new ByteArrayInputStream(encrypted
);
58 String decrypted
= pbeDec
.decryptAsString(in
);
59 log
.info("Decrypted:\t'" + decrypted
+ "'");
60 IOUtils
.closeQuietly(in
);
61 assertEquals(message
, decrypted
);
64 public void testPBEWithMD5AndDES() throws Exception
{
65 String password
= "test";
66 String message
= "Hello World!";
68 byte[] salt
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
69 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
73 String cipherAlgorithm
= "PBEWithMD5AndDES";
74 String secretKeyAlgorithm
= "PBEWithMD5AndDES";
75 SecretKeyFactory keyFac
= SecretKeyFactory
76 .getInstance(secretKeyAlgorithm
);
77 PBEKeySpec pbeKeySpec
= new PBEKeySpec(password
.toCharArray());
78 PBEParameterSpec pbeParamSpec
= new PBEParameterSpec(salt
, count
);
79 SecretKey pbeKey
= keyFac
.generateSecret(pbeKeySpec
);
80 Cipher ecipher
= Cipher
.getInstance(cipherAlgorithm
);
81 ecipher
.init(Cipher
.ENCRYPT_MODE
, pbeKey
, pbeParamSpec
);
82 Cipher dcipher
= Cipher
.getInstance(cipherAlgorithm
);
83 dcipher
.init(Cipher
.DECRYPT_MODE
, pbeKey
, pbeParamSpec
);
85 byte[] encrypted
= ecipher
.doFinal(message
.getBytes());
86 byte[] decrypted
= dcipher
.doFinal(encrypted
);
87 assertEquals(message
, new String(decrypted
));
91 public void testPBEWithSHA1AndAES() throws Exception
{
92 String password
= "test";
93 String message
= "Hello World!";
95 byte[] salt
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
96 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
97 byte[] iv
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
98 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99,
99 (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
100 (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
103 // int keyLength = 256;
106 String cipherAlgorithm
= "AES/CBC/PKCS5Padding";
107 String secretKeyAlgorithm
= "PBKDF2WithHmacSHA1";
108 SecretKeyFactory keyFac
= SecretKeyFactory
109 .getInstance(secretKeyAlgorithm
);
110 PBEKeySpec pbeKeySpec
= new PBEKeySpec(password
.toCharArray(), salt
,
112 SecretKey tmp
= keyFac
.generateSecret(pbeKeySpec
);
113 SecretKey secret
= new SecretKeySpec(tmp
.getEncoded(), "AES");
114 Cipher ecipher
= Cipher
.getInstance(cipherAlgorithm
);
115 ecipher
.init(Cipher
.ENCRYPT_MODE
, secret
, new IvParameterSpec(iv
));
118 keyFac
= SecretKeyFactory
.getInstance(secretKeyAlgorithm
);
119 pbeKeySpec
= new PBEKeySpec(password
.toCharArray(), salt
, count
,
121 tmp
= keyFac
.generateSecret(pbeKeySpec
);
122 secret
= new SecretKeySpec(tmp
.getEncoded(), "AES");
123 // AlgorithmParameters params = ecipher.getParameters();
124 // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
125 Cipher dcipher
= Cipher
.getInstance(cipherAlgorithm
);
126 dcipher
.init(Cipher
.DECRYPT_MODE
, secret
, new IvParameterSpec(iv
));
128 byte[] encrypted
= ecipher
.doFinal(message
.getBytes());
129 byte[] decrypted
= dcipher
.doFinal(encrypted
);
130 assertEquals(message
, new String(decrypted
));
132 ByteArrayOutputStream out
= new ByteArrayOutputStream();
133 CipherOutputStream cipherOut
= new CipherOutputStream(out
, ecipher
);
134 cipherOut
.write(message
.getBytes());
135 IOUtils
.closeQuietly(cipherOut
);
136 byte[] enc
= out
.toByteArray();
138 ByteArrayInputStream in
= new ByteArrayInputStream(enc
);
139 CipherInputStream cipherIn
= new CipherInputStream(in
, dcipher
);
140 ByteArrayOutputStream dec
= new ByteArrayOutputStream();
141 IOUtils
.copy(cipherIn
, dec
);
142 assertEquals(message
, new String(dec
.toByteArray()));