Package org.wildfly.security.util

Class PasswordBasedEncryptionUtil

  • public final class PasswordBasedEncryptionUtil
extends Object
    Password Based Encryption utility class for tooling. It provides builder to build PBE masked strings for usage with CredentialStore.
    Author:
    Peter Skopek

    • Field Detail

      • DEFAULT_PICKETBOX_INITIAL_KEY_MATERIAL

        private static final String DEFAULT_PICKETBOX_INITIAL_KEY_MATERIAL
        See Also:
        Constant Field Values

      • cipher

        private final Cipher cipher

      • alphabet

        private final org.wildfly.common.codec.Alphabet alphabet

      • picketBoxCompatibility

        private final boolean picketBoxCompatibility

      • usePadding

        private final boolean usePadding

      • PICKETBOX_COMPATIBILITY

        public static final org.wildfly.common.codec.Base64Alphabet PICKETBOX_COMPATIBILITY
        The alphabet used by PicketBox project base 64 encoding. 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./

    • Constructor Detail

      • PasswordBasedEncryptionUtil

        PasswordBasedEncryptionUtil​(Cipher cipher,
                            AlgorithmParameters algorithmParameters,
                            org.wildfly.common.codec.Alphabet alphabet,
                            boolean usePadding,
                            boolean picketBoxCompatibility)

      • PasswordBasedEncryptionUtil

        PasswordBasedEncryptionUtil​(Cipher cipher,
                            AlgorithmParameters algorithmParameters,
                            org.wildfly.common.codec.Alphabet alphabet)

    • Method Detail

      • encryptAndEncode

        public String encryptAndEncode​(char[] payload)
                        throws GeneralSecurityException
        Encrypt a payload and encode the result using Alphabet given to builder. All necessary parameters are supplied through PasswordBasedEncryptionUtil.Builder.
        Parameters:
        payload - secret to encrypt
        Returns:
        String encrypted and encoded using given parameters
        Throws:
        GeneralSecurityException - when problem occurs like non-existent algorithm or similar problems

      • getAlgorithmParameters

        public AlgorithmParameters getAlgorithmParameters()
        Returns algorithm parameters used in the process of encryption. Might be useful to store them separately after encryption happened. It depends on used algorithm.
        Returns:
        AlgorithmParameters as generated by encryption process

      • getEncodedIV

        public String getEncodedIV()
        Returns encrypted IV (initial vector) as generated by AES algorithm in the process of encryption. Other algorithms are not using it. In case of no such data available it returns null. It uses already set Alphabet to encode it.
        Returns:
        encoded form of IV or null when not available

      • decodeUsingAlphabet

        private byte[] decodeUsingAlphabet​(String payload)

      • encodeUsingAlphabet

        private String encodeUsingAlphabet​(byte[] payload)

      • isBase64

        private static boolean isBase64​(org.wildfly.common.codec.Alphabet alphabet)

      • getAlphabet64

        private static org.wildfly.common.codec.Base64Alphabet getAlphabet64​(org.wildfly.common.codec.Alphabet alphabet)

      • getAlphabet32

        private static org.wildfly.common.codec.Base32Alphabet getAlphabet32​(org.wildfly.common.codec.Alphabet alphabet)

      • byteArrayDecode

        private static char[] byteArrayDecode​(byte[] buffer)

      • charArrayEncode

        private static byte[] charArrayEncode​(char[] buffer)

      • picketBoxBase64Decode

        private static byte[] picketBoxBase64Decode​(String picketBoxBase64)

      • picketBoxBased64Encode

        private String picketBoxBased64Encode​(byte[] buffer)