2 * To change this template, choose Tools | Templates
3 * and open the template in the editor.
6 package org
.pmwiki
.cookbook
.aescrypt
;
8 import java
.security
.SecureRandom
;
9 import java
.util
.Random
;
10 import javax
.crypto
.Cipher
;
11 import javax
.crypto
.spec
.IvParameterSpec
;
12 import javax
.crypto
.spec
.SecretKeySpec
;
13 import org
.apache
.commons
.codec
.binary
.Base64
;
14 import org
.apache
.commons
.codec
.binary
.Hex
;
15 import org
.apache
.commons
.codec
.digest
.DigestUtils
;
23 public class AesCrypto
{
25 public static final byte[] ZERO_NONCE
= new byte[16];
27 public static final byte[] ONE_NONCE
= new byte[] {
28 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
31 public static final int BITS
= 256;
33 public static byte[] randomNonce() {
35 Random r
= new SecureRandom();
36 byte[] nonce
= new byte[16];
37 for (int i
= 0; i
< 8; i
++) {
38 nonce
[i
] = (byte) r
.nextInt();
43 public static byte[] encrypt(String plaintext
, String password
, byte[] nonce
, KDF kdf
) throws Exception
45 return encrypt(plaintext
, kdf
.getKey(password
, BITS
, nonce
), nonce
);
48 public static String
encryptToBase64(String plaintext
, String password
, byte[] nonce
, KDF kdf
) throws Exception
51 return Base64
.encodeBase64String(encrypt(plaintext
, password
, nonce
, kdf
)).trim();
54 public static byte[] encrypt(String plaintext
, byte[] keyData
, byte[] nonce
) throws Exception
57 SecretKeySpec key
= new SecretKeySpec(keyData
, "AES");
59 Cipher cipher
= Cipher
.getInstance("AES/CTR/NoPadding");
60 IvParameterSpec ivSpec
= new IvParameterSpec(nonce
);
61 cipher
.init(Cipher
.ENCRYPT_MODE
, key
, ivSpec
);
62 byte[] resultData
= cipher
.doFinal(plaintext
.getBytes());
64 byte enc
[] = new byte[8 + resultData
.length
];
66 System
.arraycopy(nonce
, 0, enc
, 0, 8);
67 System
.arraycopy(resultData
, 0, enc
, 8, resultData
.length
);
69 System
.out
.println(Hex
.encodeHexString(enc
));
70 System
.out
.println(Base64
.encodeBase64String(enc
));
74 public static String
decrypt(byte[] cipher
, String password
, byte[] nonce
, KDF kdf
) throws Exception
77 return decrypt(cipher
, kdf
.getKey(password
, BITS
, nonce
), nonce
);
80 public static String
decryptFromBase64(String ciphertext
, String password
, KDF kdf
) throws Exception
83 byte[] dataIn
= Base64
.decodeBase64(ciphertext
);
84 byte[] nonce
= new byte[16];
86 byte enc
[] = new byte[dataIn
.length
- 8];
88 System
.arraycopy(dataIn
, 0, nonce
, 0, 8);
89 System
.arraycopy(dataIn
, 8, enc
, 0, dataIn
.length
- 8);
91 return decrypt(enc
, password
, nonce
, kdf
);
94 public static String
decryptFromBase64RawKey(String ciphertext
, byte[] keyData
) throws Exception
97 byte[] dataIn
= Base64
.decodeBase64(ciphertext
);
98 byte[] nonce
= new byte[16];
100 byte enc
[] = new byte[dataIn
.length
- 8];
102 System
.arraycopy(dataIn
, 0, nonce
, 0, 8);
103 System
.arraycopy(dataIn
, 8, enc
, 0, dataIn
.length
- 8);
105 return decrypt(enc
, keyData
, nonce
);
108 public static String
decrypt(byte[] ciphertext
, byte[] keyData
, byte[] nonce
) throws Exception
111 SecretKeySpec key
= new SecretKeySpec(keyData
, "AES");
113 Cipher cipher
= Cipher
.getInstance("AES/CTR/NoPadding");
114 IvParameterSpec ivSpec
= new IvParameterSpec(nonce
);
115 cipher
.init(Cipher
.DECRYPT_MODE
, key
, ivSpec
);
116 byte[] resultData
= cipher
.doFinal(ciphertext
);
117 System
.out
.println(new String(resultData
));
118 return new String(resultData
);