Author: gk Date: Wed Dec 19 16:43:34 2018 New Revision: 1849320 URL: http://svn.apache.org/viewvc?rev=1849320&view=rev Log: - move changes in project-reports for site -> project reports - change factories from static to instance method calls - add factory using Java 8 supported PBEWithHmacSHA256AndAES_128 encryption
Added: turbine/fulcrum/trunk/yaafi-crypto/src/changes/ turbine/fulcrum/trunk/yaafi-crypto/src/changes/changes.xml (with props) turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8.java (with props) turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8Impl.java (with props) turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtilJ8.java (with props) turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilJ8Test.java (with props) Removed: turbine/fulcrum/trunk/yaafi-crypto/xdocs/changes.xml Modified: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoParameters.java turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactory.java turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryImpl.java turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtil.java turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordFactory.java turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordParameters.java turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilTest.java turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/Main.java turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/SmartDecryptingInputStreamTest.java turbine/fulcrum/trunk/yaafi-crypto/xdocs/downloads.xml turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml Added: turbine/fulcrum/trunk/yaafi-crypto/src/changes/changes.xml URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/changes/changes.xml?rev=1849320&view=auto ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/changes/changes.xml (added) +++ turbine/fulcrum/trunk/yaafi-crypto/src/changes/changes.xml Wed Dec 19 16:43:34 2018 @@ -0,0 +1,56 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<document> + <properties> + <title>Fulcrum YAAFI Crytpo Library</title> + <author email="siegfried.goes...@it20one.at">Siegfried Goeschl</author> + </properties> + + <body> + <release version="1.0.8" date="as in SVN"> + <action dev="jk" type="update"> + Add Java 8 PBEWithHmacSHA256AndAES_128 based encryption + </action> + </release> + <release version="1.0.7" date="2018-11-08"> + <action dev="painter" type="update"> + Simplify the HexConverter code, more Java 8 friendly + </action> + <action dev="painter" type="update"> + Update parent pom to Turbine 5 + </action> + <action dev="painter" type="update"> + Remove references to StringBuffer + </action> + <action dev="painter" type="update"> + Fix missing license from rat report + </action> + </release> + <release version="1.0.6" date="2009-03-25"> + <action dev="sgoeschl" type="update"> + Using the official fulcrum-parent-1 pom. + </action> + <action dev="sgoeschl" type="add"> + Moving the code out of YAAFI and make a standalone library. + </action> + </release> + </body> +</document> + Propchange: turbine/fulcrum/trunk/yaafi-crypto/src/changes/changes.xml ------------------------------------------------------------------------------ svn:eol-style = native Modified: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoParameters.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoParameters.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoParameters.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoParameters.java Wed Dec 19 16:43:34 2018 @@ -30,6 +30,8 @@ public interface CryptoParameters { /** Parameter for PBEParameterSpec */ int COUNT = 20; + + int COUNT_J8 = 10_000; //200_000; /** The password salt */ byte[] SALT = { @@ -39,4 +41,7 @@ public interface CryptoParameters /** The crypto algorithm being used */ String ALGORITHM = "PBEWithMD5AndDES"; + + // https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJCEProvider + String ALGORITHM_J8 = "PBEWithHmacSHA256AndAES_128"; //"PBEWithHmacSHA256AndAES_256"; } Modified: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactory.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactory.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactory.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactory.java Wed Dec 19 16:43:34 2018 @@ -115,9 +115,9 @@ public interface CryptoStreamFactory * Creates an encrypting output stream using the default password. * * @param os the output stream to be wrapped - * @return an decrypting input stream - * @throws GeneralSecurityException creating the ouptut stream failed - * @throws IOException creating the ouptut stream failed + * @return an encrypting output stream + * @throws GeneralSecurityException creating the output stream failed + * @throws IOException creating the output stream failed */ OutputStream getOutputStream(OutputStream os) throws GeneralSecurityException, IOException; @@ -127,10 +127,11 @@ public interface CryptoStreamFactory * * @param os the output stream to be wrapped * @param password the password to be used - * @return an decrypting input stream - * @throws GeneralSecurityException creating the ouptut stream failed - * @throws IOException creating the ouptut stream failed + * @return an encrypting output stream + * @throws GeneralSecurityException creating the output stream failed + * @throws IOException creating the output stream failed */ OutputStream getOutputStream(OutputStream os, char[] password) throws GeneralSecurityException, IOException; + } Modified: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryImpl.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryImpl.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryImpl.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryImpl.java Wed Dec 19 16:43:34 2018 @@ -52,19 +52,19 @@ import javax.crypto.spec.PBEParameterSpe * @author <a href="mailto:maa...@earthlink.net">Markus Hahn</a> */ -public final class CryptoStreamFactoryImpl implements CryptoStreamFactory +public class CryptoStreamFactoryImpl implements CryptoStreamFactory { /** the salt for the PBE algorithm */ - private byte[] salt; + protected byte[] salt; /** the count paramter for the PBE algorithm */ - private int count; + protected int count; /** the name of the JCE provider */ - private String providerName; + protected String providerName; /** the algorithm to use */ - private String algorithm; + protected String algorithm; /** the default instance */ private static CryptoStreamFactory instance; @@ -74,7 +74,7 @@ public final class CryptoStreamFactoryIm * is set to null an appropriate provider will be * used. */ - private static final String PROVIDERNAME = null; + protected static final String PROVIDERNAME = null; /** * Factory method to get a default instance @@ -124,7 +124,6 @@ public final class CryptoStreamFactoryIm this.algorithm = CryptoParameters.ALGORITHM; } - /** * @see org.apache.fulcrum.jce.crypto.CryptoStreamFactory#getInputStream(java.io.InputStream, String) */ @@ -134,11 +133,11 @@ public final class CryptoStreamFactoryIm if( "auto".equalsIgnoreCase(decryptionMode) ) { - result = CryptoStreamFactoryImpl.getInstance().getSmartInputStream(is); + result = getSmartInputStream(is); } else if( "true".equalsIgnoreCase(decryptionMode) ) { - result = CryptoStreamFactoryImpl.getInstance().getInputStream(is); + result = getInputStream(is); } else { @@ -156,11 +155,11 @@ public final class CryptoStreamFactoryIm if( "auto".equalsIgnoreCase(decryptionMode) ) { - result = CryptoStreamFactoryImpl.getInstance().getSmartInputStream(is, password); + result = getSmartInputStream(is, password); } else if( "true".equalsIgnoreCase(decryptionMode) ) { - result = CryptoStreamFactoryImpl.getInstance().getInputStream(is, password); + result = getInputStream(is, password); } else { @@ -175,7 +174,7 @@ public final class CryptoStreamFactoryIm public InputStream getInputStream( InputStream is ) throws GeneralSecurityException, IOException { - Cipher cipher = this.createCipher( Cipher.DECRYPT_MODE, PasswordFactory.create() ); + Cipher cipher = this.createCipher( Cipher.DECRYPT_MODE, PasswordFactory.getInstance().create() ); return new CipherInputStream( is, cipher ); } @@ -197,7 +196,7 @@ public final class CryptoStreamFactoryIm { return this.getSmartInputStream( is, - PasswordFactory.create() + PasswordFactory.getInstance().create() ); } @@ -224,7 +223,7 @@ public final class CryptoStreamFactoryIm public OutputStream getOutputStream( OutputStream os ) throws GeneralSecurityException, IOException { - Cipher cipher = this.createCipher( Cipher.ENCRYPT_MODE, PasswordFactory.create() ); + Cipher cipher = this.createCipher( Cipher.ENCRYPT_MODE, PasswordFactory.getInstance().create() ); return new CipherOutputStream( os, cipher ); } /** @@ -240,7 +239,7 @@ public final class CryptoStreamFactoryIm /** * @return Returns the algorithm. */ - private String getAlgorithm() + protected String getAlgorithm() { return algorithm; } @@ -248,7 +247,7 @@ public final class CryptoStreamFactoryIm /** * @return Returns the count. */ - private int getCount() + protected int getCount() { return count; } @@ -256,7 +255,7 @@ public final class CryptoStreamFactoryIm /** * @return Returns the providerName. */ - private String getProviderName() + protected String getProviderName() { return providerName; } @@ -264,7 +263,7 @@ public final class CryptoStreamFactoryIm /** * @return Returns the salt. */ - private byte [] getSalt() + protected byte [] getSalt() { return salt; } Added: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8.java?rev=1849320&view=auto ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8.java (added) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8.java Wed Dec 19 16:43:34 2018 @@ -0,0 +1,47 @@ +package org.apache.fulcrum.jce.crypto; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.GeneralSecurityException; + +/** + * Interface for creating encrypting/decrypting streams. + * + * @author <a href="mailto:siegfried.goes...@it20one.at">Siegfried Goeschl </a> + */ + +public interface CryptoStreamFactoryJ8 extends CryptoStreamFactory +{ + /** + * Creates an encrypting output stream using the given password. + * + * @param is the input stream to be encoded + * @param os the output stream to be wrapped + * @param password the password to be used + * @return the encrypting output stream + * @throws GeneralSecurityException creating the output stream failed + * @throws IOException creating the output stream failed + */ + OutputStream getOutputStream(InputStream is, OutputStream os, char[] password) + throws GeneralSecurityException, IOException; +} Propchange: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8.java ------------------------------------------------------------------------------ svn:eol-style = native Added: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8Impl.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8Impl.java?rev=1849320&view=auto ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8Impl.java (added) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8Impl.java Wed Dec 19 16:43:34 2018 @@ -0,0 +1,277 @@ +package org.apache.fulcrum.jce.crypto; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.AlgorithmParameters; +import java.security.GeneralSecurityException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.util.Arrays; + +import javax.crypto.Cipher; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.PBEParameterSpec; + +/** + * Concrete factory for creating encrypting/decrypting streams. The + * implementation uses the JCA (Java Crypto Extension) supplied + * by SUN (using SunJCE 1.42). + * + * The implementation uses as PBEWithHmacSHA256AndAES_128 for encryption which + * should be sufficent for most applications. + * + * The implementation also supplies a default password in the case that + * the programmer don't want to have additional hassles. It is easy to + * reengineer the password being used but much better than a hard-coded + * password in the application. + * + * The code uses parts from Markus Hahn's Blowfish library found at + * http://blowfishj.sourceforge.net/ + * + * @author <a href="mailto:g...@apache.org">Georg Kallidis</a> + * @author <a href="mailto:siegfried.goes...@it20one.at">Siegfried Goeschl </a> + * @author <a href="mailto:maa...@earthlink.net">Markus Hahn</a> + */ + +public final class CryptoStreamFactoryJ8Impl extends CryptoStreamFactoryImpl implements CryptoStreamFactoryJ8 +{ + + /** the default instance */ + private static CryptoStreamFactoryJ8 instance; + + private AlgorithmParameters algorithmParameters;// used only for debugging + + /** + * Factory method to get a default instance + * @return an instance of the CryptoStreamFactory + */ + public synchronized static CryptoStreamFactoryJ8 getInstance() + { + if( CryptoStreamFactoryJ8Impl.instance == null ) + { + try { + CryptoStreamFactoryJ8Impl.instance = new CryptoStreamFactoryJ8Impl(); + } catch (GeneralSecurityException e) { + throw new RuntimeException(e); + } + } + + return CryptoStreamFactoryJ8Impl.instance; + } + + /** + * Set the default instance from an external application. + * @param instance the new default instance + */ + public static void setInstance( CryptoStreamFactoryJ8 instance ) + { + CryptoStreamFactoryJ8Impl.instance = instance; + } + + /** + * Constructor + */ + public CryptoStreamFactoryJ8Impl() throws GeneralSecurityException + { + this.salt = generateSalt(); + this.count = CryptoParameters.COUNT_J8; + this.providerName = PROVIDERNAME; + this.algorithm = CryptoParameters.ALGORITHM_J8; + } + + /** + * Constructor + * + * @param salt the salt for the PBE algorithm + * @param count the iteration for PBEParameterSpec + */ + public CryptoStreamFactoryJ8Impl( byte[] salt, int count) + { + this.salt = salt; + this.count = count; + this.providerName = PROVIDERNAME; + this.algorithm = CryptoParameters.ALGORITHM_J8; + } + + + /** + * @see org.apache.fulcrum.jce.crypto.CryptoStreamFactory#getSmartInputStream(java.io.InputStream) + */ + @Override + public InputStream getSmartInputStream(InputStream is) + throws GeneralSecurityException, IOException + { + return this.getSmartInputStream( + is, + PasswordFactory.getInstance("SHA-256").create() + ); + } + + /** + * @see org.apache.fulcrum.jce.crypto.CryptoStreamFactory#getInputStream(java.io.InputStream,char[]) + */ + @Override + public InputStream getInputStream( InputStream is, char[] password ) + throws GeneralSecurityException, IOException + { + byte[] encrypted = this.createCipher( is, Cipher.DECRYPT_MODE, password ); + InputStream eis = new ByteArrayInputStream(encrypted); + return eis; + } + + + @Override + public OutputStream getOutputStream(InputStream is, OutputStream os, char[] password) + throws GeneralSecurityException, IOException { + byte[] encrypted = this.createCipher( is, Cipher.ENCRYPT_MODE, password ); + InputStream eis = new ByteArrayInputStream(encrypted); + StreamUtil.copy(eis, os); + return os; + } + + /** + * Create a PBE key. + * + * @param password the password to use. + * @param salt if provided this is used, otherweise {@link #getSalt()}. + * @return the key + * @throws GeneralSecurityException creating the key failed + */ + private Key createKey( char[] password, byte[] salt ) + throws GeneralSecurityException + { + SecretKeyFactory keyFactory; + String algorithm = this.getAlgorithm(); + + PBEKeySpec keySpec = new PBEKeySpec(password, (salt == null)? this.getSalt(): salt, this.getCount(), 128 ); + byte[] encodedTmp = null; + try { + if( this.getProviderName() == null ) + { + keyFactory = SecretKeyFactory.getInstance( algorithm ); + } + else + { + keyFactory = SecretKeyFactory.getInstance( algorithm, this.getProviderName() ); + } + return keyFactory.generateSecret(keySpec); + + } catch (NoSuchAlgorithmException e) { + throw new GeneralSecurityException(e); + } finally { + if (encodedTmp != null) { + Arrays.fill(encodedTmp, (byte)0); + } + if (keySpec != null) { + keySpec.clearPassword(); + } + } + } + + /** + * Create a Cipher. + * + * @param mode the cipher mode + * @param password the password + * @return an instance of a cipher + * @throws GeneralSecurityException creating a cipher failed + * @throws IOException creating a cipher failed + */ + private byte[] createCipher(InputStream is, int mode, char[] password ) + throws GeneralSecurityException, IOException + { + Cipher cipher; + PBEParameterSpec paramSpec = null; + + ByteArrayOutputStream bos = new ByteArrayOutputStream(1024); + long total = StreamUtil.copy(is, bos); + byte[] input = bos.toByteArray(); + + byte[] ciphertext = null; + + byte[] salt = null; + byte[] iv = null; + if (mode == Cipher.DECRYPT_MODE) { + salt = Arrays.copyOfRange(input, 0, 128 / 8); + iv = Arrays.copyOfRange(input, salt.length, salt.length + 128 / 8); + ciphertext = Arrays.copyOfRange(input, salt.length + iv.length, input.length);// cut out salt and iv + } + + Key key = this.createKey( password, salt ); + + if( this.getProviderName() == null ) + { + cipher = Cipher.getInstance( this.getAlgorithm() ); + } + else + { + cipher = Cipher.getInstance( this.getAlgorithm(), this.getProviderName() ); + } + + // save + if (mode == Cipher.DECRYPT_MODE) { + paramSpec = new PBEParameterSpec( salt, this.getCount(), new IvParameterSpec(iv) ); + cipher.init( mode, key, paramSpec ); + //cipher.init( mode, key, algorithmParameters ); + ciphertext = cipher.doFinal(ciphertext); + } + + // save + if (mode == Cipher.ENCRYPT_MODE) { + paramSpec = new PBEParameterSpec( this.getSalt(), this.getCount() ); + salt = paramSpec.getSalt(); + cipher.init( mode, key, paramSpec ); + //algorithmParameters = cipher.getParameters(); + + byte[] result = cipher.doFinal(input); + iv = cipher.getIV(); + + // Salt and IV need to be stored with the result, otherwise we can't decrypt the message later. + ciphertext = new byte[salt.length + iv.length + result.length]; + System.arraycopy(salt, 0, ciphertext, 0, salt.length); + System.arraycopy(iv, 0, ciphertext, salt.length, iv.length); + System.arraycopy(result, 0, ciphertext, salt.length + iv.length, result.length);// push after salt and iv + } + return ciphertext; + } + + private byte[] generateSalt() throws GeneralSecurityException { + SecureRandom random; + try { + random = SecureRandom.getInstance("SHA1PRNG"); + byte[] salt = new byte[128 / 8]; + random.nextBytes(salt); + return salt; + } catch (NoSuchAlgorithmException e) { + throw new GeneralSecurityException(e); + } + + } + +} Propchange: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoStreamFactoryJ8Impl.java ------------------------------------------------------------------------------ svn:eol-style = native Modified: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtil.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtil.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtil.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtil.java Wed Dec 19 16:43:34 2018 @@ -19,7 +19,6 @@ package org.apache.fulcrum.jce.crypto; * under the License. */ - import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; @@ -36,168 +35,150 @@ import java.security.GeneralSecurityExce * @author <a href="mailto:maa...@earthlink.net">Markus Hahn</a> */ -public final class CryptoUtil -{ +public class CryptoUtil { + + /** the default instance */ + private static CryptoUtil instance; + + /** + * Factory method to get a default instance + * + * @return an instance of the CryptoStreamFactory + */ + public synchronized static CryptoUtil getInstance() { + if (CryptoUtil.instance == null) { + CryptoUtil.instance = new CryptoUtil(); + } + + return CryptoUtil.instance; + } + /** * Copies from a source to a target object using encryption * - * @param source the source object - * @param target the target object + * @param source the source object + * @param target the target object * @param password the password to use for encryption * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed * */ - public static void encrypt( Object source, Object target, char[] password ) - throws GeneralSecurityException, IOException - { - CryptoUtil.encrypt( - CryptoUtil.getCryptoStreamFactory(), - source, - target, - password - ); + public void encrypt(Object source, Object target, char[] password) throws GeneralSecurityException, IOException { + encrypt(getCryptoStreamFactory(), source, target, password); } /** - * Copies from a source to a target object using encryption and a - * caller supplied CryptoStreamFactory. + * Copies from a source to a target object using encryption and a caller + * supplied CryptoStreamFactory. * - * @param factory the factory to create the crypto streams - * @param source the source object - * @param target the target object + * @param factory the factory to create the crypto streams + * @param source the source object + * @param target the target object * @param password the password to use for encryption * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed */ - public static void encrypt( - CryptoStreamFactory factory, Object source, Object target, char[] password ) - throws GeneralSecurityException, IOException - { - InputStream is = StreamUtil.createInputStream( source ); - OutputStream os = StreamUtil.createOutputStream( target ); - OutputStream eos = factory.getOutputStream( os, password ); - StreamUtil.copy( is, eos ); + public void encrypt(CryptoStreamFactory factory, Object source, Object target, char[] password) + throws GeneralSecurityException, IOException { + InputStream is = StreamUtil.createInputStream(source); + OutputStream os = StreamUtil.createOutputStream(target); + OutputStream eos = factory.getOutputStream(os, password); + StreamUtil.copy(is, eos); } /** * Copies from a source to a target object using decryption. * - * @param source the source object - * @param target the target object + * @param source the source object + * @param target the target object * @param password the password to use for decryption * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed */ - public static void decrypt( Object source, Object target, char[] password ) - throws GeneralSecurityException, IOException - { - CryptoUtil.decrypt( - CryptoUtil.getCryptoStreamFactory(), - source, - target, - password - ); + public void decrypt(Object source, Object target, char[] password) throws GeneralSecurityException, IOException { + decrypt(getCryptoStreamFactory(), source, target, password); } /** - * Copies from a source to a target object using decryption and a - * caller-suppier CryptoStreamFactory. - * - * @param factory the factory to create the crypto streams - * @param source the source object - * @param target the target object + * Copies from a source to a target object using decryption and a caller-suppier + * CryptoStreamFactory. + * + * @param factory the factory to create the crypto streams + * @param source the source object + * @param target the target object * @param password the password to use for decryption * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed */ - public static void decrypt( - CryptoStreamFactory factory, Object source, Object target, char[] password ) - throws GeneralSecurityException, IOException - { - InputStream is = StreamUtil.createInputStream( source ); - OutputStream os = StreamUtil.createOutputStream( target ); - InputStream dis = factory.getInputStream( is, password ); - StreamUtil.copy( dis, os ); + public void decrypt(CryptoStreamFactory factory, Object source, Object target, char[] password) + throws GeneralSecurityException, IOException { + InputStream is = StreamUtil.createInputStream(source); + OutputStream os = StreamUtil.createOutputStream(target); + InputStream dis = factory.getInputStream(is, password); + StreamUtil.copy(dis, os); } /** * Encrypts a string into a hex string. * * @param plainText the plain text to be encrypted - * @param password the password for encryption + * @param password the password for encryption * @return the encrypted string * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed */ - public static String encryptString( String plainText, char[] password ) - throws GeneralSecurityException, IOException - { - return CryptoUtil.encryptString( - CryptoUtil.getCryptoStreamFactory(), - plainText, - password - ); + public String encryptString(String plainText, char[] password) throws GeneralSecurityException, IOException { + return encryptString(getCryptoStreamFactory(), plainText, password); } /** * Encrypts a string into a hex string. * - * @param factory the factory to create the crypto streams + * @param factory the factory to create the crypto streams * @param plainText the plain text to be encrypted - * @param password the password for encryption + * @param password the password for encryption * @return the encrypted string * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed */ - public static String encryptString( - CryptoStreamFactory factory, String plainText, char[] password ) - throws GeneralSecurityException, IOException - { + public String encryptString(CryptoStreamFactory factory, String plainText, char[] password) + throws GeneralSecurityException, IOException { ByteArrayOutputStream bais = new ByteArrayOutputStream(); - CryptoUtil.encrypt( factory, plainText, bais, password ); - return HexConverter.toString( bais.toByteArray() ); + encrypt(factory, plainText, bais, password); + return HexConverter.toString(bais.toByteArray()); } /** - * Decrypts an encrypted string into the plain text. The encrypted - * string must be a hex string created by encryptString. + * Decrypts an encrypted string into the plain text. The encrypted string must + * be a hex string created by encryptString. * * @param cipherText the encrypted text to be decrypted - * @param password the password for decryption + * @param password the password for decryption * @return the decrypted string * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed */ - public static String decryptString( String cipherText, char[] password ) - throws GeneralSecurityException, IOException - { - return CryptoUtil.decryptString( - CryptoUtil.getCryptoStreamFactory(), - cipherText, - password - ); + public String decryptString(String cipherText, char[] password) throws GeneralSecurityException, IOException { + return decryptString(getCryptoStreamFactory(), cipherText, password); } /** - * Decrypts an encrypted string into the plain text. The encrypted - * string must be a hex string created by encryptString. + * Decrypts an encrypted string into the plain text. The encrypted string must + * be a hex string created by encryptString. * - * @param factory the factory to create the crypto streams + * @param factory the factory to create the crypto streams * @param cipherText the encrypted text to be decrypted - * @param password the password for decryption + * @param password the password for decryption * @return the decrypted string * @throws GeneralSecurityException accessing JCE failed - * @throws IOException accessing the souce failed + * @throws IOException accessing the souce failed */ - public static String decryptString( - CryptoStreamFactory factory, String cipherText, char[] password ) - throws GeneralSecurityException, IOException - { - byte[] buffer = HexConverter.toBytes( cipherText ); + public String decryptString(CryptoStreamFactory factory, String cipherText, char[] password) + throws GeneralSecurityException, IOException { + byte[] buffer = HexConverter.toBytes(cipherText); ByteArrayOutputStream bais = new ByteArrayOutputStream(); - CryptoUtil.decrypt( factory, buffer, bais, password ); - return new String( bais.toByteArray(), "utf-8" ); + decrypt(factory, buffer, bais, password); + return new String(bais.toByteArray(), "utf-8"); } /** @@ -209,17 +190,14 @@ public final class CryptoUtil * @throws IOException the copying failed * @deprecated use StreamUtil instead */ - public static long copy( InputStream is, OutputStream os ) - throws IOException - { + public static long copy(InputStream is, OutputStream os) throws IOException { return StreamUtil.copy(is, os); } /** * @return the CryptoStreamFactory to be used */ - public static CryptoStreamFactory getCryptoStreamFactory() - { + public CryptoStreamFactory getCryptoStreamFactory() { return CryptoStreamFactoryImpl.getInstance(); } } Added: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtilJ8.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtilJ8.java?rev=1849320&view=auto ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtilJ8.java (added) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtilJ8.java Wed Dec 19 16:43:34 2018 @@ -0,0 +1,122 @@ +package org.apache.fulcrum.jce.crypto; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.GeneralSecurityException; + +/** + * Helper class to provde generic functions to work with CryptoStreams. + * + * The code uses parts from Markus Hahn's Blowfish library found at + * http://blowfishj.sourceforge.net/ + * + * @author <a href="mailto:siegfried.goes...@it20one.at">Siegfried Goeschl </a> + * @author <a href="mailto:maa...@earthlink.net">Markus Hahn</a> + */ + +public final class CryptoUtilJ8 extends CryptoUtil { + + + /** the default instance */ + private static CryptoUtilJ8 instance; + + /** + * Factory method to get a default instance + * @return an instance of the CryptoStreamFactory + */ + public synchronized static CryptoUtilJ8 getInstance() + { + if( CryptoUtilJ8.instance == null ) + { + CryptoUtilJ8.instance = new CryptoUtilJ8(); + } + + return CryptoUtilJ8.instance; + } + + /** + * Encrypts a string into a hex string. + * + * @param factory the factory to create the crypto streams + * @param plainText the plain text to be encrypted + * @param password the password for encryption + * @return the encrypted string + * @throws GeneralSecurityException accessing JCE failed + * @throws IOException accessing the souce failed + */ + @Override + public String encryptString(CryptoStreamFactory factory, String plainText, char[] password) + throws GeneralSecurityException, IOException { + ByteArrayOutputStream bais = new ByteArrayOutputStream(); + encrypt(factory, plainText, bais, password); + return HexConverter.toString(bais.toByteArray()); + } + + /** + * Copies from a source to a target object using encryption and a caller + * supplied CryptoStreamFactory. + * + * @param factory the factory to create the crypto streams + * @param source the source object + * @param target the target object + * @param password the password to use for encryption + * @throws GeneralSecurityException accessing JCE failed + * @throws IOException accessing the souce failed + */ + @Override + public void encrypt(CryptoStreamFactory factory, Object source, Object target, char[] password) + throws GeneralSecurityException, IOException { + InputStream is = StreamUtil.createInputStream(source); + OutputStream os = StreamUtil.createOutputStream(target); + OutputStream eos = ((CryptoStreamFactoryJ8)factory).getOutputStream(is, os, password); + // StreamUtil.copy( is, eos ); + } + + /** + * Copies from a source to a target object using decryption and a caller-suppier + * CryptoStreamFactory. + * + * @param factory the factory to create the crypto streams + * @param source the source object + * @param target the target object + * @param password the password to use for decryption + * @throws GeneralSecurityException accessing JCE failed + * @throws IOException accessing the souce failed + */ + @Override + public void decrypt(CryptoStreamFactory factory, Object source, Object target, char[] password) + throws GeneralSecurityException, IOException { + InputStream is = StreamUtil.createInputStream(source); + OutputStream os = StreamUtil.createOutputStream(target); + InputStream dis = factory.getInputStream(is, password); + StreamUtil.copy(dis, os); + } + + /** + * @return the CryptoStreamFactory to be used + */ + public CryptoStreamFactory getCryptoStreamFactory() { + return CryptoStreamFactoryJ8Impl.getInstance(); + } +} Propchange: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/CryptoUtilJ8.java ------------------------------------------------------------------------------ svn:eol-style = native Modified: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordFactory.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordFactory.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordFactory.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordFactory.java Wed Dec 19 16:43:34 2018 @@ -20,6 +20,7 @@ package org.apache.fulcrum.jce.crypto; */ import java.io.UnsupportedEncodingException; +import java.security.GeneralSecurityException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -39,6 +40,63 @@ import java.security.NoSuchAlgorithmExce public class PasswordFactory implements PasswordParameters { + private static PasswordFactory instance; + + String algo; + + int count = PasswordParameters.COUNT; + + public PasswordFactory(String algo) { + this.algo = algo; + } + + public PasswordFactory(String algo, int count) { + this.algo = algo; + this.count = count; + } + + /** + * Factory method to get a default instance + * @return an instance of the CryptoStreamFactory + */ + public synchronized static PasswordFactory getInstance() + { + if( PasswordFactory.instance == null ) + { + PasswordFactory.instance = new PasswordFactory("SHA1"); + } + + return PasswordFactory.instance; + } + + /** + * Factory method to get a default instance + * @return an instance of the CryptoStreamFactory + */ + public synchronized static PasswordFactory getInstance(String algo) + { + if( PasswordFactory.instance == null ) + { + PasswordFactory.instance = new PasswordFactory(algo); + } + + return PasswordFactory.instance; + } + + /** + * Factory method to get a default instance + * @return an instance of the CryptoStreamFactory + */ + public synchronized static PasswordFactory getInstance(String algo, int count) + { + if( PasswordFactory.instance == null ) + { + PasswordFactory.instance = new PasswordFactory(algo, count); + } + + return PasswordFactory.instance; + } + /** * Create a new password * @@ -47,13 +105,13 @@ public class PasswordFactory implements * @throws NoSuchAlgorithmException the encryption algorithm is not supported * @throws UnsupportedEncodingException the requested encoding is not supported */ - public static char[] create() + public char[] create() throws NoSuchAlgorithmException, UnsupportedEncodingException { return create( PasswordParameters.DEFAULTPASSWORD, PasswordParameters.SALT, - PasswordParameters.COUNT + count ); } @@ -66,7 +124,7 @@ public class PasswordFactory implements * @throws NoSuchAlgorithmException the encryption algorithm is not supported * @throws UnsupportedEncodingException the requested encoding is not supported */ - public static char[] create( String seed ) + public char[] create( String seed ) throws NoSuchAlgorithmException, UnsupportedEncodingException { return create( @@ -80,13 +138,13 @@ public class PasswordFactory implements * @throws NoSuchAlgorithmException the encryption algorithm is not supported * @throws UnsupportedEncodingException the requested encoding is not supported */ - public static final char[] create( char[] seed ) + public final char[] create( char[] seed ) throws NoSuchAlgorithmException, UnsupportedEncodingException { return create( seed, PasswordFactory.SALT, - PasswordFactory.COUNT + count ); } @@ -100,11 +158,11 @@ public class PasswordFactory implements * @throws NoSuchAlgorithmException the encryption algorithm is not supported * @throws UnsupportedEncodingException the requested encoding is not supported */ - public static char [] create( char[] password, byte[] salt, int count ) + public char [] create( char[] password, byte[] salt, int count ) throws NoSuchAlgorithmException, UnsupportedEncodingException { char [] result = null; - MessageDigest sha1 = MessageDigest.getInstance( "SHA1" ); + MessageDigest sha1 = MessageDigest.getInstance( algo ); byte [] passwordMask = new String( password ).getBytes( "UTF-8" ); byte [] temp = new byte[salt.length + passwordMask.length]; byte [] digest = null; Modified: turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordParameters.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordParameters.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordParameters.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/PasswordParameters.java Wed Dec 19 16:43:34 2018 @@ -27,8 +27,8 @@ package org.apache.fulcrum.jce.crypto; public interface PasswordParameters { - /** Parameter for the number of SHA1 invocation */ - int COUNT = 20; + /** Parameter for the number of SHA256 invocation */ + int COUNT = 1000; /** The default password used for creating the internal password */ char[] DEFAULTPASSWORD = { Added: turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilJ8Test.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilJ8Test.java?rev=1849320&view=auto ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilJ8Test.java (added) +++ turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilJ8Test.java Wed Dec 19 16:43:34 2018 @@ -0,0 +1,147 @@ +package org.apache.fulcrum.jce.crypto; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; + +import java.io.File; + +import org.junit.Before; +import org.junit.Test; + + +/** + * Test suite for crypto functionality + * + * @author <a href="mailto:siegfried.goes...@it20one.at">Siegfried Goeschl</a> + */ + +public class CryptoUtilJ8Test { + /** the password to be used */ + private String password; + + /** the test data directory */ + private File testDataDirectory; + + /** the temp data director */ + private File tempDataDirectory; + + /** + * Constructor + */ + public CryptoUtilJ8Test() { + + this.password = "mysecret"; + this.testDataDirectory = new File("./src/test/data"); + this.tempDataDirectory = new File("./target/temp"); + this.tempDataDirectory.mkdirs(); + } + + /** + * @see junit.framework.TestCase#setUp() byte[] salt, int count, String + * algorithm, String providerName ) + * + * @throws Exception Generic exception + */ + @Before + public void setUp() throws Exception { +// CryptoStreamFactoryImpl factory = new CryptoStreamFactoryJ8Impl(CryptoParameters.SALT, CryptoParameters.COUNT_J8); +// +// CryptoStreamFactoryImpl.setInstance(factory); + } + + /** + * @return Returns the password. + */ + protected char[] getPassword() { + return password.toCharArray(); + } + + /** + * @return Returns the tempDataDirectory. + */ + protected File getTempDataDirectory() { + return tempDataDirectory; + } + + /** + * @return Returns the testDataDirectory. + */ + protected File getTestDataDirectory() { + return testDataDirectory; + } + + /** Encrypt a text file + * @throws Exception Generic exception + */ + @Test + public void testTextEncryption() throws Exception { + File sourceFile = new File(this.getTestDataDirectory(), "plain.txt"); + File targetFile = new File(this.getTempDataDirectory(), "plain.j8.enc.txt"); + CryptoUtilJ8.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); + } + + /** Decrypt a text file + * @throws Exception Generic exception + */ + @Test + public void testTextDecryption() throws Exception { + testTextEncryption(); + File sourceFile = new File(this.getTempDataDirectory(), "plain.j8.enc.txt"); + File targetFile = new File(this.getTempDataDirectory(), "plain.j8.dec.txt"); + CryptoUtilJ8.getInstance().decrypt(sourceFile, targetFile.getAbsolutePath(), this.getPassword()); + } + + /** Encrypt a PDF file + * + * @throws Exception Generic exception + */ + @Test + public void testPdfEncryption() throws Exception { + File sourceFile = new File(this.getTestDataDirectory(), "plain.pdf"); + File targetFile = new File(this.getTempDataDirectory(), "plain.j8.enc.pdf"); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); + } + + /** Decrypt a PDF file + * + * @throws Exception Generic exception + */ + @Test + public void testPdfDecryption() throws Exception { + testPdfEncryption(); + File sourceFile = new File(this.getTempDataDirectory(), "plain.j8.enc.pdf"); + File targetFile = new File(this.getTempDataDirectory(), "plain.j8.dec.pdf"); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile, this.getPassword()); + } + + + /** Test creating a password + * @throws Exception Generic exception + */ + @Test + public void testPasswordFactory() throws Exception { + char[] result = null; + result = PasswordFactory.getInstance("SHA-256").create(); + System.out.println(new String(result)); + result = PasswordFactory.getInstance("SHA-256",10_000).create(this.getPassword()); + System.out.println(new String(result)); + assertNotNull(result); + return; + } + + /** Test encryption and decryption of Strings + * @throws Exception Generic exception + */ + @Test + public void testStringWithPasswordEncryption() throws Exception { + char[] password = "57cb-4a23-d838-45222".toCharArray(); + String source = "e02c-3b76-ff1e-5d9a1"; + String cipherText = CryptoUtilJ8.getInstance().encryptString(source, password); + System.out.println(cipherText);// 128bit + assertEquals(128, cipherText.length()); + //CryptoStreamFactoryJ8Impl.setInstance(null); + String plainText = CryptoUtilJ8.getInstance().decryptString(cipherText, password); + assertEquals(source, plainText); + } + +} Propchange: turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilJ8Test.java ------------------------------------------------------------------------------ svn:eol-style = native Modified: turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilTest.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilTest.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilTest.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/CryptoUtilTest.java Wed Dec 19 16:43:34 2018 @@ -1,5 +1,7 @@ package org.apache.fulcrum.jce.crypto; +import static org.junit.Assert.assertEquals; + /* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file @@ -93,7 +95,7 @@ public class CryptoUtilTest extends Test public void testTextEncryption() throws Exception { File sourceFile = new File(this.getTestDataDirectory(), "plain.txt"); File targetFile = new File(this.getTempDataDirectory(), "plain.enc.txt"); - CryptoUtil.encrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); } /** Decrypt a text file @@ -103,7 +105,7 @@ public class CryptoUtilTest extends Test testTextEncryption(); File sourceFile = new File(this.getTempDataDirectory(), "plain.enc.txt"); File targetFile = new File(this.getTempDataDirectory(), "plain.dec.txt"); - CryptoUtil.decrypt(sourceFile, targetFile.getAbsolutePath(), this.getPassword()); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile.getAbsolutePath(), this.getPassword()); } /** Encrypt an empty text file @@ -113,7 +115,7 @@ public class CryptoUtilTest extends Test public void testEmptyTextEncryption() throws Exception { File sourceFile = new File(this.getTestDataDirectory(), "empty.txt"); File targetFile = new File(this.getTempDataDirectory(), "empty.enc.txt"); - CryptoUtil.encrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); } /** Decrypt a text file @@ -123,7 +125,7 @@ public class CryptoUtilTest extends Test testEmptyTextEncryption(); File sourceFile = new File(this.getTempDataDirectory(), "empty.enc.txt"); File targetFile = new File(this.getTempDataDirectory(), "empty.dec.txt"); - CryptoUtil.decrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile, this.getPassword()); } /** Encrypt a PDF file @@ -133,7 +135,7 @@ public class CryptoUtilTest extends Test public void testPdfEncryption() throws Exception { File sourceFile = new File(this.getTestDataDirectory(), "plain.pdf"); File targetFile = new File(this.getTempDataDirectory(), "plain.enc.pdf"); - CryptoUtil.encrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); } /** Decrypt a PDF file @@ -144,7 +146,7 @@ public class CryptoUtilTest extends Test testPdfEncryption(); File sourceFile = new File(this.getTempDataDirectory(), "plain.enc.pdf"); File targetFile = new File(this.getTempDataDirectory(), "plain.dec.pdf"); - CryptoUtil.decrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile, this.getPassword()); } /** Encrypt a ZIP file @@ -154,7 +156,7 @@ public class CryptoUtilTest extends Test public void testZipEncryption() throws Exception { File sourceFile = new File(this.getTestDataDirectory(), "plain.zip"); File targetFile = new File(this.getTempDataDirectory(), "plain.enc.zip"); - CryptoUtil.encrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); } /** Decrypt a ZIP file @@ -165,7 +167,7 @@ public class CryptoUtilTest extends Test testZipEncryption(); File sourceFile = new File(this.getTempDataDirectory(), "plain.enc.zip"); File targetFile = new File(this.getTempDataDirectory(), "plain.dec.zip"); - CryptoUtil.decrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile, this.getPassword()); } /** Encrypt a UTF-16 XML file @@ -175,7 +177,7 @@ public class CryptoUtilTest extends Test public void testXmlUTF16Encryption() throws Exception { File sourceFile = new File(this.getTestDataDirectory(), "plain-utf16.xml"); File targetFile = new File(this.getTempDataDirectory(), "plain-utf16.enc.xml"); - CryptoUtil.encrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); } /** @@ -187,7 +189,7 @@ public class CryptoUtilTest extends Test testXmlUTF16Encryption(); File sourceFile = new File(this.getTempDataDirectory(), "plain-utf16.enc.xml"); File targetFile = new File(this.getTempDataDirectory(), "plain-utf16.dec.xml"); - CryptoUtil.decrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile, this.getPassword()); } /** @@ -198,7 +200,7 @@ public class CryptoUtilTest extends Test public void testXmlUTF8Encryption() throws Exception { File sourceFile = new File(this.getTestDataDirectory(), "plain-utf8.xml"); File targetFile = new File(this.getTempDataDirectory(), "plain-utf8.enc.xml"); - CryptoUtil.encrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); } /** @@ -210,7 +212,7 @@ public class CryptoUtilTest extends Test testXmlUTF8Encryption(); File sourceFile = new File(this.getTempDataDirectory(), "plain-utf8.enc.xml"); File targetFile = new File(this.getTempDataDirectory(), "plain-utf8.dec.xml"); - CryptoUtil.decrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile, this.getPassword()); } /** @@ -221,7 +223,7 @@ public class CryptoUtilTest extends Test public void testXmlISO88591Encryption() throws Exception { File sourceFile = new File(this.getTestDataDirectory(), "plain-iso-8859-1.xml"); File targetFile = new File(this.getTempDataDirectory(), "plain-iso-8859-1.enc.xml"); - CryptoUtil.encrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().encrypt(sourceFile, targetFile, this.getPassword()); } /** @@ -233,7 +235,7 @@ public class CryptoUtilTest extends Test testXmlISO88591Encryption(); File sourceFile = new File(this.getTempDataDirectory(), "plain-iso-8859-1.enc.xml"); File targetFile = new File(this.getTempDataDirectory(), "plain-iso-8859-1.dec.xml"); - CryptoUtil.decrypt(sourceFile, targetFile, this.getPassword()); + CryptoUtil.getInstance().decrypt(sourceFile, targetFile, this.getPassword()); } /** Test encryption and decryption of Strings @@ -248,8 +250,8 @@ public class CryptoUtilTest extends Test } String source = new String(testVector); - String cipherText = CryptoUtil.encryptString(source, this.getPassword()); - String plainText = CryptoUtil.decryptString(cipherText, this.getPassword()); + String cipherText = CryptoUtil.getInstance().encryptString(source, this.getPassword()); + String plainText = CryptoUtil.getInstance().decryptString(cipherText, this.getPassword()); assertEquals(source, plainText); } @@ -258,8 +260,8 @@ public class CryptoUtilTest extends Test */ public void testStringHandling() throws Exception { String source = "Nobody knows the toubles I have seen ..."; - String cipherText = CryptoUtil.encryptString(source, this.getPassword()); - String plainText = CryptoUtil.decryptString(cipherText, this.getPassword()); + String cipherText = CryptoUtil.getInstance().encryptString(source, this.getPassword()); + String plainText = CryptoUtil.getInstance().decryptString(cipherText, this.getPassword()); assertEquals(source, plainText); } @@ -277,8 +279,8 @@ public class CryptoUtilTest extends Test ByteArrayOutputStream cipherText = new ByteArrayOutputStream(); ByteArrayOutputStream plainText = new ByteArrayOutputStream(); - CryptoUtil.encrypt(source, cipherText, this.getPassword()); - CryptoUtil.decrypt(cipherText, plainText, this.getPassword()); + CryptoUtil.getInstance().encrypt(source, cipherText, this.getPassword()); + CryptoUtil.getInstance().decrypt(cipherText, plainText, this.getPassword()); result = plainText.toByteArray(); @@ -294,9 +296,9 @@ public class CryptoUtilTest extends Test */ public void testPasswordFactory() throws Exception { char[] result = null; - result = PasswordFactory.create(); + result = PasswordFactory.getInstance().create(); System.out.println(new String(result)); - result = PasswordFactory.create(this.getPassword()); + result = PasswordFactory.getInstance().create(this.getPassword()); System.out.println(new String(result)); assertNotNull(result); return; @@ -318,8 +320,10 @@ public class CryptoUtilTest extends Test public void testPasswordEncryption() throws Exception { char[] password = "57cb-4a23-d838-45222".toCharArray(); String source = "e02c-3b76-ff1e-5d9a1"; - String cipherText = CryptoUtil.encryptString(source, password); - String plainText = CryptoUtil.decryptString(cipherText, password); + String cipherText = CryptoUtil.getInstance().encryptString(source, password); + System.out.println(cipherText);// len 48 + assertEquals(48, cipherText.length()); + String plainText = CryptoUtil.getInstance().decryptString(cipherText, password); assertEquals(source, plainText); } Modified: turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/Main.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/Main.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/Main.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/Main.java Wed Dec 19 16:43:34 2018 @@ -125,7 +125,7 @@ public class Main if( cipherMode.equals("dec") ) { System.out.println("Decrypting " + sourceFile.getAbsolutePath() ); - CryptoUtil.decrypt( fis, baos, password ); + CryptoUtil.getInstance().decrypt( fis, baos, password ); fis.close(); ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray()); @@ -137,7 +137,7 @@ public class Main else if( cipherMode.equals("enc") ) { System.out.println("Enrypting " + sourceFile.getAbsolutePath() ); - CryptoUtil.encrypt( fis, baos, password ); + CryptoUtil.getInstance().encrypt( fis, baos, password ); fis.close(); ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray()); @@ -169,11 +169,11 @@ public class Main if( cipherMode.equals("dec") ) { - result = CryptoUtil.decryptString(value,password); + result = CryptoUtil.getInstance().decryptString(value,password); } else { - result = CryptoUtil.encryptString(value,password); + result = CryptoUtil.getInstance().encryptString(value,password); } System.out.println( result ); Modified: turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/SmartDecryptingInputStreamTest.java URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/SmartDecryptingInputStreamTest.java?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/SmartDecryptingInputStreamTest.java (original) +++ turbine/fulcrum/trunk/yaafi-crypto/src/test/org/apache/fulcrum/jce/crypto/SmartDecryptingInputStreamTest.java Wed Dec 19 16:43:34 2018 @@ -173,7 +173,7 @@ public class SmartDecryptingInputStreamT ByteArrayOutputStream baos = new ByteArrayOutputStream(); FileInputStream fis = new FileInputStream( file ); - CryptoUtil.encrypt( + CryptoUtil.getInstance().encrypt( CryptoStreamFactoryImpl.getInstance(), fis, baos, Modified: turbine/fulcrum/trunk/yaafi-crypto/xdocs/downloads.xml URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/xdocs/downloads.xml?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/xdocs/downloads.xml (original) +++ turbine/fulcrum/trunk/yaafi-crypto/xdocs/downloads.xml Wed Dec 19 16:43:34 2018 @@ -34,6 +34,10 @@ <a href="http://www.apache.org/dyn/closer.cgi/turbine/fulcrum/fulcrum-yaafi-crypto/binaries/fulcrum-yaafi-crypto-1.0.6-bin.zip">Fulcrum's YAAFI Crypto v1.0.6</a> </td> <td> + <a href="http://www.apache.org/dyn/closer.cgi/turbine/fulcrum/fulcrum-yaafi-crypto/binaries/fulcrum-yaafi-crypto-1.0.7-bin.zip">Fulcrum's YAAFI Crypto v1.0.7</a> + </td> + + <td> <a href="announcements/announcement-1.0.6.txt">1.0.6</a> </td> </tr> Modified: turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml?rev=1849320&r1=1849319&r2=1849320&view=diff ============================================================================== --- turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml (original) +++ turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml Wed Dec 19 16:43:34 2018 @@ -96,7 +96,22 @@ <tr> <td>JDK 1.6.x</td> <td> The current JDK's have the JCA built-in therefore no extra configuration is - required. </td> + required. + <a href="https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html"> + Java Cryptography Architecture Sun Providers Documentation for JavaTM Platform Standard Edition 6</a> + </td> + </tr> + <tr> + <td>JDK 1.7.x</td> + <td> <a href="https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html"> + Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 7</a> + </td> + </tr> + <tr> + <td>JDK 1.8.x</td> + <td> <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html"> + Java Cryptography Architecture Oracle Providers Documentation for JDK 8</a> + </td> </tr> </table> </subsection> @@ -112,7 +127,11 @@ </tr> <tr> <td>SunJCE 1.42</td> - <td> PBEWithMD5AndDES </td> + <td>PBEWithMD5AndDES</td> + </tr> + <tr> + <td>SunJCE (Java 8)</td> + <td>PBEWithHmacSHA256AndAES_128</td> </tr> </table> </subsection>