Package org.wildfly.security.util
Class PasswordBasedEncryptionUtil
- java.lang.Object
-
- org.wildfly.security.util.PasswordBasedEncryptionUtil
-
public final class PasswordBasedEncryptionUtil extends Object
Password Based Encryption utility class for tooling. It provides builder to build PBE masked strings for usage withCredentialStore
.- Author:
- Peter Skopek
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
PasswordBasedEncryptionUtil.Builder
Builder class to buildPasswordBasedEncryptionUtil
class with all necessary parameters to support password based encryption algorithms.
-
Field Summary
Fields Modifier and Type Field Description private AlgorithmParameters
algorithmParameters
private org.wildfly.common.codec.Alphabet
alphabet
private Cipher
cipher
private static String
DEFAULT_PBE_ALGORITHM
private static String
DEFAULT_PICKETBOX_ALGORITHM
private static String
DEFAULT_PICKETBOX_INITIAL_KEY_MATERIAL
private static char
PAD
static org.wildfly.common.codec.Base64Alphabet
PICKETBOX_COMPATIBILITY
The alphabet used by PicketBox project base 64 encoding.private boolean
picketBoxCompatibility
private static String
REGEX
private boolean
usePadding
-
Constructor Summary
Constructors Constructor Description PasswordBasedEncryptionUtil(Cipher cipher, AlgorithmParameters algorithmParameters, org.wildfly.common.codec.Alphabet alphabet)
PasswordBasedEncryptionUtil(Cipher cipher, AlgorithmParameters algorithmParameters, org.wildfly.common.codec.Alphabet alphabet, boolean usePadding, boolean picketBoxCompatibility)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static char[]
byteArrayDecode(byte[] buffer)
private static byte[]
charArrayEncode(char[] buffer)
char[]
decodeAndDecrypt(String encodedPayload)
Decode given payload and decrypt it to original.private byte[]
decodeUsingAlphabet(String payload)
private byte[]
decrypt(byte[] payload)
private String
encodeUsingAlphabet(byte[] payload)
private byte[]
encrypt(byte[] payload)
String
encryptAndEncode(char[] payload)
Encrypt a payload and encode the result usingAlphabet
given to builder.AlgorithmParameters
getAlgorithmParameters()
Returns algorithm parameters used in the process of encryption.private static org.wildfly.common.codec.Base32Alphabet
getAlphabet32(org.wildfly.common.codec.Alphabet alphabet)
private static org.wildfly.common.codec.Base64Alphabet
getAlphabet64(org.wildfly.common.codec.Alphabet alphabet)
String
getEncodedIV()
Returns encrypted IV (initial vector) as generated by AES algorithm in the process of encryption.private static boolean
isBase64(org.wildfly.common.codec.Alphabet alphabet)
private static byte[]
picketBoxBase64Decode(String picketBoxBase64)
private String
picketBoxBased64Encode(byte[] buffer)
-
-
-
Field Detail
-
PAD
private static final char PAD
- See Also:
- Constant Field Values
-
REGEX
private static final String REGEX
- See Also:
- Constant Field Values
-
DEFAULT_PICKETBOX_ALGORITHM
private static final String DEFAULT_PICKETBOX_ALGORITHM
- See Also:
- Constant Field Values
-
DEFAULT_PICKETBOX_INITIAL_KEY_MATERIAL
private static final String DEFAULT_PICKETBOX_INITIAL_KEY_MATERIAL
- See Also:
- Constant Field Values
-
DEFAULT_PBE_ALGORITHM
private static final String DEFAULT_PBE_ALGORITHM
- See Also:
- Constant Field Values
-
cipher
private final Cipher cipher
-
algorithmParameters
private final AlgorithmParameters algorithmParameters
-
alphabet
private final org.wildfly.common.codec.Alphabet alphabet
-
picketBoxCompatibility
private final boolean picketBoxCompatibility
-
usePadding
private final boolean usePadding
-
PICKETBOX_COMPATIBILITY
public static final org.wildfly.common.codec.Base64Alphabet PICKETBOX_COMPATIBILITY
The alphabet used by PicketBox project base 64 encoding.0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./
-
-
Constructor Detail
-
PasswordBasedEncryptionUtil
PasswordBasedEncryptionUtil(Cipher cipher, AlgorithmParameters algorithmParameters, org.wildfly.common.codec.Alphabet alphabet, boolean usePadding, boolean picketBoxCompatibility)
-
PasswordBasedEncryptionUtil
PasswordBasedEncryptionUtil(Cipher cipher, AlgorithmParameters algorithmParameters, org.wildfly.common.codec.Alphabet alphabet)
-
-
Method Detail
-
encryptAndEncode
public String encryptAndEncode(char[] payload) throws GeneralSecurityException
Encrypt a payload and encode the result usingAlphabet
given to builder. All necessary parameters are supplied throughPasswordBasedEncryptionUtil.Builder
.- Parameters:
payload
- secret to encrypt- Returns:
- String encrypted and encoded using given parameters
- Throws:
GeneralSecurityException
- when problem occurs like non-existent algorithm or similar problems
-
decodeAndDecrypt
public char[] decodeAndDecrypt(String encodedPayload) throws GeneralSecurityException
Decode given payload and decrypt it to original. All necessary parameters are supplied throughPasswordBasedEncryptionUtil.Builder
.- Parameters:
encodedPayload
- text to decode and decrypt- Returns:
- decrypted secret
- Throws:
GeneralSecurityException
- when problem occurs like non-existent algorithm or similar problems
-
getAlgorithmParameters
public AlgorithmParameters getAlgorithmParameters()
Returns algorithm parameters used in the process of encryption. Might be useful to store them separately after encryption happened. It depends on used algorithm.- Returns:
AlgorithmParameters
as generated by encryption process
-
getEncodedIV
public String getEncodedIV()
Returns encrypted IV (initial vector) as generated by AES algorithm in the process of encryption. Other algorithms are not using it. In case of no such data available it returnsnull
. It uses already setAlphabet
to encode it.- Returns:
- encoded form of IV or
null
when not available
-
decodeUsingAlphabet
private byte[] decodeUsingAlphabet(String payload)
-
encodeUsingAlphabet
private String encodeUsingAlphabet(byte[] payload)
-
isBase64
private static boolean isBase64(org.wildfly.common.codec.Alphabet alphabet)
-
getAlphabet64
private static org.wildfly.common.codec.Base64Alphabet getAlphabet64(org.wildfly.common.codec.Alphabet alphabet)
-
getAlphabet32
private static org.wildfly.common.codec.Base32Alphabet getAlphabet32(org.wildfly.common.codec.Alphabet alphabet)
-
encrypt
private byte[] encrypt(byte[] payload) throws GeneralSecurityException
- Throws:
GeneralSecurityException
-
decrypt
private byte[] decrypt(byte[] payload) throws GeneralSecurityException
- Throws:
GeneralSecurityException
-
byteArrayDecode
private static char[] byteArrayDecode(byte[] buffer)
-
charArrayEncode
private static byte[] charArrayEncode(char[] buffer)
-
picketBoxBase64Decode
private static byte[] picketBoxBase64Decode(String picketBoxBase64)
-
picketBoxBased64Encode
private String picketBoxBased64Encode(byte[] buffer)
-
-