]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms/ext/test/org/argeo/cms/security/PasswordBasedEncryptionTest.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Introduce query table content provider.
[lgpl/argeo-commons.git] / org.argeo.cms / ext / test / org / argeo / cms / security / PasswordBasedEncryptionTest.java
1 package org.argeo.cms.security;
2
3 import java.io.ByteArrayInputStream;
4 import java.io.ByteArrayOutputStream;
5 import java.io.InputStream;
6 import java.util.Base64;
7
8 import javax.crypto.Cipher;
9 import javax.crypto.CipherInputStream;
10 import javax.crypto.CipherOutputStream;
11 import javax.crypto.SecretKey;
12 import javax.crypto.SecretKeyFactory;
13 import javax.crypto.spec.IvParameterSpec;
14 import javax.crypto.spec.PBEKeySpec;
15 import javax.crypto.spec.PBEParameterSpec;
16 import javax.crypto.spec.SecretKeySpec;
17
18 import junit.framework.TestCase;
19
20 import org.apache.commons.io.IOUtils;
21 import org.apache.commons.logging.Log;
22 import org.apache.commons.logging.LogFactory;
23 import org.argeo.util.PasswordEncryption;
24
25 public class PasswordBasedEncryptionTest extends TestCase {
26 private final static Log log = LogFactory.getLog(PasswordBasedEncryptionTest.class);
27
28 public void testEncryptDecrypt() {
29 final String password = "test long password since they are safer";
30 PasswordEncryption pbeEnc = new PasswordEncryption(password.toCharArray());
31 String message = "Hello World!";
32 log.info("Password:\t'" + password + "'");
33 log.info("Message:\t'" + message + "'");
34 byte[] encrypted = pbeEnc.encryptString(message);
35 log.info("Encrypted:\t'" + Base64.getEncoder().encode(encrypted) + "'");
36 PasswordEncryption pbeDec = new PasswordEncryption(password.toCharArray());
37 InputStream in = null;
38 in = new ByteArrayInputStream(encrypted);
39 String decrypted = pbeDec.decryptAsString(in);
40 log.info("Decrypted:\t'" + decrypted + "'");
41 IOUtils.closeQuietly(in);
42 assertEquals(message, decrypted);
43 }
44
45 public void testPBEWithMD5AndDES() throws Exception {
46 String password = "test";
47 String message = "Hello World!";
48
49 byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
50 (byte) 0x99 };
51
52 int count = 1024;
53
54 String cipherAlgorithm = "PBEWithMD5AndDES";
55 String secretKeyAlgorithm = "PBEWithMD5AndDES";
56 SecretKeyFactory keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
57 PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
58 PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, count);
59 SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
60 Cipher ecipher = Cipher.getInstance(cipherAlgorithm);
61 ecipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
62 Cipher dcipher = Cipher.getInstance(cipherAlgorithm);
63 dcipher.init(Cipher.DECRYPT_MODE, pbeKey, pbeParamSpec);
64
65 byte[] encrypted = ecipher.doFinal(message.getBytes());
66 byte[] decrypted = dcipher.doFinal(encrypted);
67 assertEquals(message, new String(decrypted));
68
69 }
70
71 public void testPBEWithSHA1AndAES() throws Exception {
72 String password = "test";
73 String message = "Hello World!";
74
75 byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
76 (byte) 0x99 };
77 byte[] iv = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
78 (byte) 0x99, (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
79 (byte) 0x99 };
80
81 int count = 1024;
82 // int keyLength = 256;
83 int keyLength = 128;
84
85 String cipherAlgorithm = "AES/CBC/PKCS5Padding";
86 String secretKeyAlgorithm = "PBKDF2WithHmacSHA1";
87 SecretKeyFactory keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
88 PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, count, keyLength);
89 SecretKey tmp = keyFac.generateSecret(pbeKeySpec);
90 SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
91 Cipher ecipher = Cipher.getInstance(cipherAlgorithm);
92 ecipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv));
93
94 // decrypt
95 keyFac = SecretKeyFactory.getInstance(secretKeyAlgorithm);
96 pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, count, keyLength);
97 tmp = keyFac.generateSecret(pbeKeySpec);
98 secret = new SecretKeySpec(tmp.getEncoded(), "AES");
99 // AlgorithmParameters params = ecipher.getParameters();
100 // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
101 Cipher dcipher = Cipher.getInstance(cipherAlgorithm);
102 dcipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
103
104 byte[] encrypted = ecipher.doFinal(message.getBytes());
105 byte[] decrypted = dcipher.doFinal(encrypted);
106 assertEquals(message, new String(decrypted));
107
108 ByteArrayOutputStream out = new ByteArrayOutputStream();
109 CipherOutputStream cipherOut = new CipherOutputStream(out, ecipher);
110 cipherOut.write(message.getBytes());
111 IOUtils.closeQuietly(cipherOut);
112 byte[] enc = out.toByteArray();
113
114 ByteArrayInputStream in = new ByteArrayInputStream(enc);
115 CipherInputStream cipherIn = new CipherInputStream(in, dcipher);
116 ByteArrayOutputStream dec = new ByteArrayOutputStream();
117 IOUtils.copy(cipherIn, dec);
118 assertEquals(message, new String(dec.toByteArray()));
119 }
120 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi