Here is the sample code again, this time in plain text:
import java.security.Security;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.apache.shiro.crypto.CryptoException;
import org.apache.shiro.crypto.DefaultBlockCipherService;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class TooSimilarDemo {
private static final String ALGORITHM =
"PBEWITHSHAAND2-KEYTRIPLEDES-CBC";
private static DefaultBlockCipherService cipherService;
private static final String SALT =
"A long, but constant phrase that will be used each time as the
salt.";
private static final int ITERATIONS = 2000;
private static final int KEY_LENGTH = 8;
private static final String PLAIN_LOREM_IPSUM =
"Lorem ipsum dolor sit amet, consectetur adipiscing elit\n"
+ "Etiam in sem at dolor tempor volutpat\n"
+ "Nullam molestie libero nisl, ac sodales turpis\n"
+ "Maecenas porta nulla quis elit sodales id ultricies
metus vulputate\n"
+ "Suspendisse ut mi in nisi tempus consectetur\n"
+ "Etiam vel urna tellus, ut bibendum diam\n"
+ "Suspendisse hendrerit ipsum vel lectus posuere
faucibus\n"
+ "Praesent congue faucibus orci, ac suscipit nisi
tincidunt at";
public static void main(String[] args) throws CryptoException, Exception
{
Security.addProvider(new BouncyCastleProvider());
cipherService = new DefaultBlockCipherService(ALGORITHM);
cipherService.setInitializationVectorSize(64);
String slightlyChanged =
new StringBuilder(PLAIN_LOREM_IPSUM).replace(0, 5, "Ipsum")
.toString();
final String passphrase = "secret";
byte[] encryptedText =
encryptWithService(passphrase,
PLAIN_LOREM_IPSUM.getBytes());
byte[] encryptedSlightlyChanged =
encryptWithService(passphrase, slightlyChanged.getBytes());
String decryptedPlainText =
new String(decryptWithService(passphrase, encryptedText));
String decryptedSlightlyChanged =
new String(decryptWithService(passphrase,
encryptedSlightlyChanged));
if (!PLAIN_LOREM_IPSUM.equals(decryptedPlainText)) {
System.err.println(PLAIN_LOREM_IPSUM + " must match "
+ decryptedPlainText);
} else if (!slightlyChanged.equals(decryptedSlightlyChanged)) {
System.err.println(slightlyChanged + " must match "
+ decryptedSlightlyChanged);
} else {
int byteMatchCount = 0;
for (int i = 0; i < encryptedText.length
&& i < encryptedSlightlyChanged.length; i++) {
if (encryptedText[i] == encryptedSlightlyChanged[i]) {
byteMatchCount++;
}
}
System.out.println("Everything worked but " + byteMatchCount
+ " bytes out of " + encryptedText.length
+ " were the same. ("
+ (100.0 * byteMatchCount / encryptedText.length)
+ " percent)");
}
}
private static byte[] encryptWithService(String passphrase, byte[]
plainText)
throws CryptoException, Exception {
return cipherService.encrypt(plainText,
generateKey(passphrase).getEncoded()).getBytes();
}
private static byte[] decryptWithService(String passphrase,
byte[] cipherText) throws CryptoException, Exception {
return cipherService.decrypt(cipherText,
generateKey(passphrase).getEncoded()).getBytes();
}
private static SecretKey generateKey(String passphrase) throws Exception
{
PBEKeySpec keySpec =
new PBEKeySpec(passphrase.toCharArray(), SALT.getBytes(),
ITERATIONS, KEY_LENGTH);
SecretKeyFactory keyFactory =
SecretKeyFactory.getInstance(ALGORITHM);
return keyFactory.generateSecret(keySpec);
}
}
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Initialization-Vector-doesn-t-appear-to-be-doing-it-s-job-for-me-tp7577553p7577594.html
Sent from the Shiro User mailing list archive at Nabble.com.
