de.cismet.tools

Class PasswordEncrypter

java.lang.Object

java.awt.Component

java.awt.Container

java.awt.Window

java.awt.Frame

javax.swing.JFrame

de.cismet.tools.PasswordEncrypter

All Implemented Interfaces:

ImageObserver, MenuContainer, Serializable, Accessible, RootPaneContainer, WindowConstants

public class PasswordEncrypter
extends JFrame

Applet Password Encrypter.

Version:

$Revision$, $Date$

Author:

thorsten.hell@cismet.de, martin.scholl@cismet.de

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class javax.swing.JFrame

JFrame.AccessibleJFrame

Nested classes/interfaces inherited from class java.awt.Frame

Frame.AccessibleAWTFrame

Nested classes/interfaces inherited from class java.awt.Window

Window.AccessibleAWTWindow, Window.Type

Nested classes/interfaces inherited from class java.awt.Container

Container.AccessibleAWTContainer

Nested classes/interfaces inherited from class java.awt.Component

Component.AccessibleAWTComponent, Component.BaselineResizeBehavior, Component.BltBufferStrategy, Component.FlipBufferStrategy

Field Summary

Fields

Modifier and Type	Field and Description
static String	CRYPT_PREFIX Deprecated.

Fields inherited from class javax.swing.JFrame

accessibleContext, EXIT_ON_CLOSE, rootPane, rootPaneCheckingEnabled

Fields inherited from class java.awt.Frame

CROSSHAIR_CURSOR, DEFAULT_CURSOR, E_RESIZE_CURSOR, HAND_CURSOR, ICONIFIED, MAXIMIZED_BOTH, MAXIMIZED_HORIZ, MAXIMIZED_VERT, MOVE_CURSOR, N_RESIZE_CURSOR, NE_RESIZE_CURSOR, NORMAL, NW_RESIZE_CURSOR, S_RESIZE_CURSOR, SE_RESIZE_CURSOR, SW_RESIZE_CURSOR, TEXT_CURSOR, W_RESIZE_CURSOR, WAIT_CURSOR

Fields inherited from class java.awt.Component

BOTTOM_ALIGNMENT, CENTER_ALIGNMENT, LEFT_ALIGNMENT, RIGHT_ALIGNMENT, TOP_ALIGNMENT

Fields inherited from interface javax.swing.WindowConstants

DISPOSE_ON_CLOSE, DO_NOTHING_ON_CLOSE, HIDE_ON_CLOSE

Fields inherited from interface java.awt.image.ImageObserver

ABORT, ALLBITS, ERROR, FRAMEBITS, HEIGHT, PROPERTIES, SOMEBITS, WIDTH

Constructor Summary

Constructors

Constructor and Description
PasswordEncrypter() Creates new form PasswordEncrypter.

Method Summary

Modifier and Type	Method and Description
static byte[]	bytesFromChars(char[] chars, boolean wipeInput) Converts a char[] into a byte[] assuming byte i is the high byte and byte i + 2 is the low byte of a two byte char representation.
static char[]	charsFromBytes(byte[] bytes, boolean wipeInput) Converts a byte[] into a char[] assuming byte i is the high byte and byte i + 2 is the low byte of a two byte char representation.
static char[]	decrypt(char[] string, boolean wipeInput) Decrypts a given string that was created by encrypt(char[], boolean).
static String	decryptString(String code) Deprecated.
static char[]	encrypt(char[] string, boolean wipeInput) Encrypts a given string using Password-based Encryption with MD5 and DES that can be decrypted using decrypt(char[], boolean).
static String	encryptString(String pwd) Deprecated.
static byte	getWipe() Get a random byte to wipe data.
static void	main(String[] args) main program.
static byte[]	safeRead(InputStream propertyStream, char[] property) Reads a property as safe as possible.
static void	wipe(byte[] bytes) Wipes a given byte[] using random bytes.
static void	wipe(char[] chars) Wipes a given char[] using random bytes.

Methods inherited from class javax.swing.JFrame

addImpl, createRootPane, frameInit, getAccessibleContext, getContentPane, getDefaultCloseOperation, getGlassPane, getGraphics, getJMenuBar, getLayeredPane, getRootPane, getTransferHandler, isDefaultLookAndFeelDecorated, isRootPaneCheckingEnabled, paramString, processWindowEvent, remove, repaint, setContentPane, setDefaultCloseOperation, setDefaultLookAndFeelDecorated, setGlassPane, setIconImage, setJMenuBar, setLayeredPane, setLayout, setRootPane, setRootPaneCheckingEnabled, setTransferHandler, update

Methods inherited from class java.awt.Frame

addNotify, getCursorType, getExtendedState, getFrames, getIconImage, getMaximizedBounds, getMenuBar, getState, getTitle, isResizable, isUndecorated, remove, removeNotify, setBackground, setCursor, setExtendedState, setMaximizedBounds, setMenuBar, setOpacity, setResizable, setShape, setState, setTitle, setUndecorated

Methods inherited from class java.awt.Window

addPropertyChangeListener, addPropertyChangeListener, addWindowFocusListener, addWindowListener, addWindowStateListener, applyResourceBundle, applyResourceBundle, createBufferStrategy, createBufferStrategy, dispose, getBackground, getBufferStrategy, getFocusableWindowState, getFocusCycleRootAncestor, getFocusOwner, getFocusTraversalKeys, getIconImages, getInputContext, getListeners, getLocale, getModalExclusionType, getMostRecentFocusOwner, getOpacity, getOwnedWindows, getOwner, getOwnerlessWindows, getShape, getToolkit, getType, getWarningString, getWindowFocusListeners, getWindowListeners, getWindows, getWindowStateListeners, hide, isActive, isAlwaysOnTop, isAlwaysOnTopSupported, isAutoRequestFocus, isFocusableWindow, isFocusCycleRoot, isFocused, isLocationByPlatform, isOpaque, isShowing, isValidateRoot, pack, paint, postEvent, processEvent, processWindowFocusEvent, processWindowStateEvent, removeWindowFocusListener, removeWindowListener, removeWindowStateListener, reshape, setAlwaysOnTop, setAutoRequestFocus, setBounds, setBounds, setCursor, setFocusableWindowState, setFocusCycleRoot, setIconImages, setLocation, setLocation, setLocationByPlatform, setLocationRelativeTo, setMinimumSize, setModalExclusionType, setSize, setSize, setType, setVisible, show, toBack, toFront

Methods inherited from class java.awt.Container

add, add, add, add, add, addContainerListener, applyComponentOrientation, areFocusTraversalKeysSet, countComponents, deliverEvent, doLayout, findComponentAt, findComponentAt, getAlignmentX, getAlignmentY, getComponent, getComponentAt, getComponentAt, getComponentCount, getComponents, getComponentZOrder, getContainerListeners, getFocusTraversalPolicy, getInsets, getLayout, getMaximumSize, getMinimumSize, getMousePosition, getPreferredSize, insets, invalidate, isAncestorOf, isFocusCycleRoot, isFocusTraversalPolicyProvider, isFocusTraversalPolicySet, layout, list, list, locate, minimumSize, paintComponents, preferredSize, print, printComponents, processContainerEvent, remove, removeAll, removeContainerListener, setComponentZOrder, setFocusTraversalKeys, setFocusTraversalPolicy, setFocusTraversalPolicyProvider, setFont, transferFocusDownCycle, validate, validateTree

Methods inherited from class java.awt.Component

action, add, addComponentListener, addFocusListener, addHierarchyBoundsListener, addHierarchyListener, addInputMethodListener, addKeyListener, addMouseListener, addMouseMotionListener, addMouseWheelListener, bounds, checkImage, checkImage, coalesceEvents, contains, contains, createImage, createImage, createVolatileImage, createVolatileImage, disable, disableEvents, dispatchEvent, enable, enable, enableEvents, enableInputMethods, firePropertyChange, firePropertyChange, firePropertyChange, firePropertyChange, firePropertyChange, firePropertyChange, firePropertyChange, firePropertyChange, firePropertyChange, getBaseline, getBaselineResizeBehavior, getBounds, getBounds, getColorModel, getComponentListeners, getComponentOrientation, getCursor, getDropTarget, getFocusListeners, getFocusTraversalKeysEnabled, getFont, getFontMetrics, getForeground, getGraphicsConfiguration, getHeight, getHierarchyBoundsListeners, getHierarchyListeners, getIgnoreRepaint, getInputMethodListeners, getInputMethodRequests, getKeyListeners, getLocation, getLocation, getLocationOnScreen, getMouseListeners, getMouseMotionListeners, getMousePosition, getMouseWheelListeners, getName, getParent, getPeer, getPropertyChangeListeners, getPropertyChangeListeners, getSize, getSize, getTreeLock, getWidth, getX, getY, gotFocus, handleEvent, hasFocus, imageUpdate, inside, isBackgroundSet, isCursorSet, isDisplayable, isDoubleBuffered, isEnabled, isFocusable, isFocusOwner, isFocusTraversable, isFontSet, isForegroundSet, isLightweight, isMaximumSizeSet, isMinimumSizeSet, isPreferredSizeSet, isValid, isVisible, keyDown, keyUp, list, list, list, location, lostFocus, mouseDown, mouseDrag, mouseEnter, mouseExit, mouseMove, mouseUp, move, nextFocus, paintAll, prepareImage, prepareImage, printAll, processComponentEvent, processFocusEvent, processHierarchyBoundsEvent, processHierarchyEvent, processInputMethodEvent, processKeyEvent, processMouseEvent, processMouseMotionEvent, processMouseWheelEvent, removeComponentListener, removeFocusListener, removeHierarchyBoundsListener, removeHierarchyListener, removeInputMethodListener, removeKeyListener, removeMouseListener, removeMouseMotionListener, removeMouseWheelListener, removePropertyChangeListener, removePropertyChangeListener, repaint, repaint, repaint, requestFocus, requestFocus, requestFocusInWindow, requestFocusInWindow, resize, resize, revalidate, setComponentOrientation, setDropTarget, setEnabled, setFocusable, setFocusTraversalKeysEnabled, setForeground, setIgnoreRepaint, setLocale, setMaximumSize, setName, setPreferredSize, show, size, toString, transferFocus, transferFocusBackward, transferFocusUpCycle

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.awt.MenuContainer

getFont, postEvent

Field Detail

CRYPT_PREFIX

@Deprecated
public static String CRYPT_PREFIX

Deprecated.

Constructor Detail

PasswordEncrypter

public PasswordEncrypter()

Creates new form PasswordEncrypter.

Method Detail

main

public static void main(String[] args)
                 throws Exception

main program.

Parameters:

args - the command line arguments

Throws:

Exception - throws Exeption if anything went wrong

decryptString

@Deprecated
public static String decryptString(String code)
                                        throws PasswordEncrypterException

Deprecated.

Decrypts String with BlowfishEasy.

Parameters:

code - String that should get decrypted

Returns:

Return decrypted code or null if code was set to null

Throws:

PasswordEncrypterException - throws PasswordEncrypterExeption if anything went wrong

encryptString

@Deprecated
public static String encryptString(String pwd)
                                        throws PasswordEncrypterException

Deprecated.

Encrypts a specified String using BlowfishEasy.

Parameters:

pwd - String that shoudl get encrypted

Returns:

encrypted String

Throws:

PasswordEncrypterException - throws PasswordEncrypterExeption if anything went wrong

encrypt

public static char[] encrypt(char[] string,
                             boolean wipeInput)
                      throws PasswordEncrypterException

Encrypts a given string using Password-based Encryption with MD5 and DES that can be decrypted using decrypt(char[], boolean). The caller is responsible for wiping the returned result himself. The given array can automatically be wiped by passing true to the wipeInput parameter. All temporary created data is immediately wiped, thus this implementation offers as little traces in memory as possible.

IMPORTANT: This operations requires the

PasswordEncrypter.properties

file containing the property

PasswordEncrypter.masterKey

to be located on the classpath within the package

de.cismet.tools

. Currently, it is also required, that the password only contains ASCII characters, see safeRead(java.io.InputStream, char[]). This operation also requires Salt as an input. However, though it is not recommended, this implementation offers a default-Salt, if none is provided. The Salt can be provided through the PasswordEncrypter.salt property within the PasswordEncrypter.properties in the de.cismet.tools package. It must have a fixed length of eight byte. If it is too small, missing bytes will be filled up using the default-Salt. If it is too big, only the first eight bytes are used. Every character provided by the Salt property is interpreted as a single byte, see safeRead(java.io.InputStream, char[]).

Parameters:

string - the string to encrypt

wipeInput - whether to wipe the input array or not

Returns:

the base64 encoded encrypted string in a char[] or null if the given array is null

Throws:

PasswordEncrypterException - if an error occurs during encryption, e.g. the PasswordEncrypter.properties with the masterKey cannot be found, etc.

See Also:

safeRead(java.io.InputStream, char[])

decrypt

public static char[] decrypt(char[] string,
                             boolean wipeInput)
                      throws PasswordEncrypterException

Decrypts a given string that was created by encrypt(char[], boolean). The caller is responsible for wiping the returned result himself. The given array can automatically be wiped by passing true to the wipeInput parameter. All temporary created data is immediately wiped, thus this implementation offers as little traces in memory as possible.

NOTE: this operation can decrypt strings created by decryptString(java.lang.String), too, for compatibility reasons

IMPORTANT: This operations requires the

PasswordEncrypter.properties

file containing the property

PasswordEncrypter.masterKey

to be located on the classpath within the package

de.cismet.tools

. Currently, it is also required, that the password only contains ASCII characters, see safeRead(java.io.InputStream, char[]). This operation also requires Salt as an input. However, though it is not recommended, this implementation offers a default-Salt, if none is provided. The Salt can be provided through the PasswordEncrypter.salt property within the PasswordEncrypter.properties in the de.cismet.tools package. It must have a fixed length of eight byte. If it is too small, missing bytes will be filled up using the default-Salt. If it is too big, only the first eight bytes are used. Every character provided by the Salt property is interpreted as a single byte, see safeRead(java.io.InputStream, char[]).

Parameters:

string - the string to decript

wipeInput - whether to wipe the input array or not

Returns:

the decrypted string in a char[] or null if the given array is null or the given string itself, if the string is not correctly formatted

Throws:

PasswordEncrypterException - if an error occurs during decryption, e.g. the PasswordEncrypter.properties with the masterKey cannot be found or the given array is not base64 encoded, etc.

See Also:

safeRead(java.io.InputStream, char[])

charsFromBytes

public static char[] charsFromBytes(byte[] bytes,
                                    boolean wipeInput)

Converts a byte[] into a char[] assuming byte i is the high byte and byte i + 2 is the low byte of a two byte char representation. Thus the resulting char[] is half as long as the input array.

Parameters:

bytes - bytes to be converted to chars

wipeInput - whether to wipe the input array or not

Returns:

an array with chars created from the given bytes

Throws:

IllegalArgumentException - if the length of the given byte array is not even

wipe

public static void wipe(byte[] bytes)

Wipes a given byte[] using random bytes. The array will only contain a random mess afterwards.

Parameters:

bytes - the byte array to wipe

See Also:

getWipe()

bytesFromChars

public static byte[] bytesFromChars(char[] chars,
                                    boolean wipeInput)

Converts a char[] into a byte[] assuming byte i is the high byte and byte i + 2 is the low byte of a two byte char representation. Thus the resulting byte[] is twice the size of the input array.

Parameters:

chars - chars to be converted to bytes

wipeInput - whether to wipe the input array or not

Returns:

an array with bytes extracted from the given chars

wipe

public static void wipe(char[] chars)

Wipes a given char[] using random bytes. The array will only contain a random mess afterwards.

Parameters:

chars - the char array to wipe

See Also:

getWipe()

getWipe

public static byte getWipe()

Get a random byte to wipe data.

Returns:

a random byte

See Also:

SecureRandom

safeRead

public static byte[] safeRead(InputStream propertyStream,
                              char[] property)
                       throws PasswordEncrypterException

Reads a property as safe as possible. This operation is completely char[] based and won't put any property values into String objects. The given stream will be used as is, it won't be closed nor reset. However, if the InputStream.read() operation of this implementation will change some markers or similar they won't be reset, too.

IMPORTANT: Properties are supposed to be separated by a single '=' and terminated by a line feed or EOF.

IMPORTANT: Only ASCII encoded properties are currently supported

Parameters:

propertyStream - the stream to read from

property - the property to read

Returns:

the value of the property in a byte[]

Throws:

PasswordEncrypterException - throws PasswordEncrypterExeption if anything went wrong