1 package org
.argeo
.cms
.security
;
3 import java
.io
.ByteArrayInputStream
;
4 import java
.io
.ByteArrayOutputStream
;
5 import java
.io
.InputStream
;
6 import java
.util
.Base64
;
8 import javax
.crypto
.Cipher
;
9 import javax
.crypto
.CipherInputStream
;
10 import javax
.crypto
.CipherOutputStream
;
11 import javax
.crypto
.SecretKey
;
12 import javax
.crypto
.SecretKeyFactory
;
13 import javax
.crypto
.spec
.IvParameterSpec
;
14 import javax
.crypto
.spec
.PBEKeySpec
;
15 import javax
.crypto
.spec
.PBEParameterSpec
;
16 import javax
.crypto
.spec
.SecretKeySpec
;
18 import junit
.framework
.TestCase
;
20 import org
.apache
.commons
.io
.IOUtils
;
21 import org
.apache
.commons
.logging
.Log
;
22 import org
.apache
.commons
.logging
.LogFactory
;
23 import org
.argeo
.util
.PasswordEncryption
;
25 public class PasswordBasedEncryptionTest
extends TestCase
{
26 private final static Log log
= LogFactory
.getLog(PasswordBasedEncryptionTest
.class);
28 public void testEncryptDecrypt() {
29 final String password
= "test long password since they are safer";
30 PasswordEncryption pbeEnc
= new PasswordEncryption(password
.toCharArray());
31 String message
= "Hello World!";
32 log
.info("Password:\t'" + password
+ "'");
33 log
.info("Message:\t'" + message
+ "'");
34 byte[] encrypted
= pbeEnc
.encryptString(message
);
35 log
.info("Encrypted:\t'" + Base64
.getEncoder().encode(encrypted
) + "'");
36 PasswordEncryption pbeDec
= new PasswordEncryption(password
.toCharArray());
37 InputStream in
= null;
38 in
= new ByteArrayInputStream(encrypted
);
39 String decrypted
= pbeDec
.decryptAsString(in
);
40 log
.info("Decrypted:\t'" + decrypted
+ "'");
41 IOUtils
.closeQuietly(in
);
42 assertEquals(message
, decrypted
);
45 public void testPBEWithMD5AndDES() throws Exception
{
46 String password
= "test";
47 String message
= "Hello World!";
49 byte[] salt
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
54 String cipherAlgorithm
= "PBEWithMD5AndDES";
55 String secretKeyAlgorithm
= "PBEWithMD5AndDES";
56 SecretKeyFactory keyFac
= SecretKeyFactory
.getInstance(secretKeyAlgorithm
);
57 PBEKeySpec pbeKeySpec
= new PBEKeySpec(password
.toCharArray());
58 PBEParameterSpec pbeParamSpec
= new PBEParameterSpec(salt
, count
);
59 SecretKey pbeKey
= keyFac
.generateSecret(pbeKeySpec
);
60 Cipher ecipher
= Cipher
.getInstance(cipherAlgorithm
);
61 ecipher
.init(Cipher
.ENCRYPT_MODE
, pbeKey
, pbeParamSpec
);
62 Cipher dcipher
= Cipher
.getInstance(cipherAlgorithm
);
63 dcipher
.init(Cipher
.DECRYPT_MODE
, pbeKey
, pbeParamSpec
);
65 byte[] encrypted
= ecipher
.doFinal(message
.getBytes());
66 byte[] decrypted
= dcipher
.doFinal(encrypted
);
67 assertEquals(message
, new String(decrypted
));
71 public void testPBEWithSHA1AndAES() throws Exception
{
72 String password
= "test";
73 String message
= "Hello World!";
75 byte[] salt
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
77 byte[] iv
= { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
78 (byte) 0x99, (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8, (byte) 0xee,
82 // int keyLength = 256;
85 String cipherAlgorithm
= "AES/CBC/PKCS5Padding";
86 String secretKeyAlgorithm
= "PBKDF2WithHmacSHA1";
87 SecretKeyFactory keyFac
= SecretKeyFactory
.getInstance(secretKeyAlgorithm
);
88 PBEKeySpec pbeKeySpec
= new PBEKeySpec(password
.toCharArray(), salt
, count
, keyLength
);
89 SecretKey tmp
= keyFac
.generateSecret(pbeKeySpec
);
90 SecretKey secret
= new SecretKeySpec(tmp
.getEncoded(), "AES");
91 Cipher ecipher
= Cipher
.getInstance(cipherAlgorithm
);
92 ecipher
.init(Cipher
.ENCRYPT_MODE
, secret
, new IvParameterSpec(iv
));
95 keyFac
= SecretKeyFactory
.getInstance(secretKeyAlgorithm
);
96 pbeKeySpec
= new PBEKeySpec(password
.toCharArray(), salt
, count
, keyLength
);
97 tmp
= keyFac
.generateSecret(pbeKeySpec
);
98 secret
= new SecretKeySpec(tmp
.getEncoded(), "AES");
99 // AlgorithmParameters params = ecipher.getParameters();
100 // byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
101 Cipher dcipher
= Cipher
.getInstance(cipherAlgorithm
);
102 dcipher
.init(Cipher
.DECRYPT_MODE
, secret
, new IvParameterSpec(iv
));
104 byte[] encrypted
= ecipher
.doFinal(message
.getBytes());
105 byte[] decrypted
= dcipher
.doFinal(encrypted
);
106 assertEquals(message
, new String(decrypted
));
108 ByteArrayOutputStream out
= new ByteArrayOutputStream();
109 CipherOutputStream cipherOut
= new CipherOutputStream(out
, ecipher
);
110 cipherOut
.write(message
.getBytes());
111 IOUtils
.closeQuietly(cipherOut
);
112 byte[] enc
= out
.toByteArray();
114 ByteArrayInputStream in
= new ByteArrayInputStream(enc
);
115 CipherInputStream cipherIn
= new CipherInputStream(in
, dcipher
);
116 ByteArrayOutputStream dec
= new ByteArrayOutputStream();
117 IOUtils
.copy(cipherIn
, dec
);
118 assertEquals(message
, new String(dec
.toByteArray()));