diff --git a/encryption/.gitignore b/encryption/.gitignore new file mode 100644 index 0000000..6c01878 --- /dev/null +++ b/encryption/.gitignore @@ -0,0 +1,32 @@ +HELP.md +.gradle +build/ +!gradle/wrapper/gradle-wrapper.jar +!**/src/main/** +!**/src/test/** + +### STS ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache + +### IntelliJ IDEA ### +.idea +*.iws +*.iml +*.ipr +out/ + +### NetBeans ### +/nbproject/private/ +/nbbuild/ +/dist/ +/nbdist/ +/.nb-gradle/ + +### VS Code ### +.vscode/ diff --git a/encryption/build.gradle b/encryption/build.gradle new file mode 100644 index 0000000..108abb2 --- /dev/null +++ b/encryption/build.gradle @@ -0,0 +1,20 @@ +plugins { + id 'org.springframework.boot' version '2.1.8.RELEASE' + id 'io.spring.dependency-management' version '1.0.8.RELEASE' + id 'java' +} + +group = 'com.bvn13.test' +version = '0.0.1-SNAPSHOT' +sourceCompatibility = '1.8' + +repositories { + mavenCentral() +} + +dependencies { + implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-logging' + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testImplementation 'org.springframework.security:spring-security-test' +} diff --git a/encryption/gradle/wrapper/gradle-wrapper.jar b/encryption/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000..5c2d1cf Binary files /dev/null and b/encryption/gradle/wrapper/gradle-wrapper.jar differ diff --git a/encryption/gradle/wrapper/gradle-wrapper.properties b/encryption/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 0000000..6853167 --- /dev/null +++ b/encryption/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,6 @@ +#Fri Sep 13 20:22:23 MSK 2019 +distributionUrl=https\://services.gradle.org/distributions/gradle-5.6.2-all.zip +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +zipStorePath=wrapper/dists +zipStoreBase=GRADLE_USER_HOME diff --git a/encryption/gradlew b/encryption/gradlew new file mode 100755 index 0000000..5ce4a33 --- /dev/null +++ b/encryption/gradlew @@ -0,0 +1,188 @@ +#!/usr/bin/env sh + +# +# Copyright 2015 the original author or authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +############################################################################## +## +## Gradle start up script for UN*X +## +############################################################################## + +# Attempt to set APP_HOME +# Resolve links: $0 may be a link +PRG="$0" +# Need this for relative symlinks. +while [ -h "$PRG" ]; do + ls=$(ls -ld "$PRG") + link=$(expr "$ls" : '.*-> \(.*\)$') + if expr "$link" : '/.*' >/dev/null; then + PRG="$link" + else + PRG=$(dirname "$PRG")"/$link" + fi +done +SAVED="$(pwd)" +cd "$(dirname \"$PRG\")/" >/dev/null +APP_HOME="$(pwd -P)" +cd "$SAVED" >/dev/null + +APP_NAME="Gradle" +APP_BASE_NAME=$(basename "$0") + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD="maximum" + +warn() { + echo "$*" +} + +die() { + echo + echo "$*" + echo + exit 1 +} + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "$(uname)" in +CYGWIN*) + cygwin=true + ;; +Darwin*) + darwin=true + ;; +MINGW*) + msys=true + ;; +NONSTOP*) + nonstop=true + ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ]; then + if [ -x "$JAVA_HOME/jre/sh/java" ]; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ]; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ]; then + MAX_FD_LIMIT=$(ulimit -H -n) + if [ $? -eq 0 ]; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ]; then + MAX_FD="$MAX_FD_LIMIT" + fi + ulimit -n $MAX_FD + if [ $? -ne 0 ]; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi +fi + +# For Darwin, add options to specify how the application appears in the dock +if $darwin; then + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" +fi + +# For Cygwin or MSYS, switch paths to Windows format before running java +if [ "$cygwin" = "true" -o "$msys" = "true" ]; then + APP_HOME=$(cygpath --path --mixed "$APP_HOME") + CLASSPATH=$(cygpath --path --mixed "$CLASSPATH") + JAVACMD=$(cygpath --unix "$JAVACMD") + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=$(find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null) + SEP="" + for dir in $ROOTDIRSRAW; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ]; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@"; do + CHECK=$(echo "$arg" | egrep -c "$OURCYGPATTERN" -) + CHECK2=$(echo "$arg" | egrep -c "^-") ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ]; then ### Added a condition + eval $(echo args$i)=$(cygpath --path --ignore --mixed "$arg") + else + eval $(echo args$i)="\"$arg\"" + fi + i=$((i + 1)) + done + case $i in + 0) set -- ;; + 1) set -- "$args0" ;; + 2) set -- "$args0" "$args1" ;; + 3) set -- "$args0" "$args1" "$args2" ;; + 4) set -- "$args0" "$args1" "$args2" "$args3" ;; + 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac +fi + +# Escape application args +save() { + for i; do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/"; done + echo " " +} +APP_ARGS=$(save "$@") + +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong +if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then + cd "$(dirname "$0")" +fi + +exec "$JAVACMD" "$@" diff --git a/encryption/gradlew.bat b/encryption/gradlew.bat new file mode 100644 index 0000000..9618d8d --- /dev/null +++ b/encryption/gradlew.bat @@ -0,0 +1,100 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/encryption/settings.gradle b/encryption/settings.gradle new file mode 100644 index 0000000..6a18968 --- /dev/null +++ b/encryption/settings.gradle @@ -0,0 +1 @@ +rootProject.name = 'encryption' diff --git a/encryption/src/main/java/com/bvn13/test/encryption/CryptoHelper.java b/encryption/src/main/java/com/bvn13/test/encryption/CryptoHelper.java new file mode 100644 index 0000000..7430cc6 --- /dev/null +++ b/encryption/src/main/java/com/bvn13/test/encryption/CryptoHelper.java @@ -0,0 +1,97 @@ +package com.bvn13.test.encryption; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.crypto.*; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; +import java.nio.ByteBuffer; +import java.nio.charset.StandardCharsets; +import java.security.AlgorithmParameters; +import java.security.SecureRandom; +import java.util.Base64; + +/** + * @author bvn13 + * @since 13.09.2019 + */ +public class CryptoHelper { + private static final String FACTORY_INIT_DATA = "PBKDF2WithHmacSHA1"; + private static final String TRANSFORMATION = "AES/CBC/PKCS5Padding"; + private static final String ALGORITHM = "AES"; + + private static final Logger log = LoggerFactory.getLogger(CryptoHelper.class); + + public static String encrypt(String word, String password) throws Exception { + SecureRandom random = new SecureRandom(); + byte[] bytes = new byte[20]; + random.nextBytes(bytes); + + // Derive the key + + SecretKeyFactory factory = SecretKeyFactory.getInstance(FACTORY_INIT_DATA); + PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), bytes, 65556, 256); + SecretKey secretKey = factory.generateSecret(spec); + SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(), ALGORITHM); + + //encrypting the word + + Cipher cipher = Cipher.getInstance(TRANSFORMATION); + cipher.init(Cipher.ENCRYPT_MODE, secret); + + AlgorithmParameters params = cipher.getParameters(); + + byte[] ivBytes = params.getParameterSpec(IvParameterSpec.class).getIV(); + byte[] encryptedTextBytes = cipher.doFinal(word.getBytes(StandardCharsets.UTF_8)); + + //prepend salt and vi + + byte[] buffer = new byte[bytes.length + ivBytes.length + encryptedTextBytes.length]; + + System.arraycopy(bytes, 0, buffer, 0, bytes.length); + System.arraycopy(ivBytes, 0, buffer, bytes.length, ivBytes.length); + System.arraycopy(encryptedTextBytes, 0, buffer, bytes.length + ivBytes.length, encryptedTextBytes.length); + + return Base64.getEncoder().encodeToString(buffer); + } + + public static String decrypt(String encryptedText, String password) throws Exception { + Cipher cipher = Cipher.getInstance(TRANSFORMATION); + + //strip off the salt and iv + + ByteBuffer buffer = ByteBuffer.wrap(Base64.getDecoder().decode(encryptedText)); + + byte[] saltBytes = new byte[20]; + buffer.get(saltBytes, 0, saltBytes.length); + byte[] ivBytes = new byte[cipher.getBlockSize()]; + buffer.get(ivBytes, 0, ivBytes.length); + byte[] encryptedTextBytes = new byte[buffer.capacity() - saltBytes.length - ivBytes.length]; + + buffer.get(encryptedTextBytes); + + // Deriving the key + + SecretKeyFactory factory = SecretKeyFactory.getInstance(FACTORY_INIT_DATA); + PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), saltBytes, 65556, 256); + SecretKey secretKey = factory.generateSecret(spec); + SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(), ALGORITHM); + + cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(ivBytes)); + + byte[] decryptedTextBytes; + + try { + decryptedTextBytes = cipher.doFinal(encryptedTextBytes); + } catch (IllegalBlockSizeException | BadPaddingException e) { + log.error("Could not decrypt data: <"+encryptedText+">", e); + throw e; + } + + return new String(decryptedTextBytes); + } + + +} diff --git a/encryption/src/main/java/com/bvn13/test/encryption/EncryptionApplication.java b/encryption/src/main/java/com/bvn13/test/encryption/EncryptionApplication.java new file mode 100644 index 0000000..7801fb2 --- /dev/null +++ b/encryption/src/main/java/com/bvn13/test/encryption/EncryptionApplication.java @@ -0,0 +1,13 @@ +package com.bvn13.test.encryption; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class EncryptionApplication { + + public static void main(String[] args) { + SpringApplication.run(EncryptionApplication.class, args); + } + +} diff --git a/encryption/src/main/resources/application.properties b/encryption/src/main/resources/application.properties new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/encryption/src/main/resources/application.properties @@ -0,0 +1 @@ + diff --git a/encryption/src/test/java/com/bvn13/test/encryption/CryptoHelperTests.java b/encryption/src/test/java/com/bvn13/test/encryption/CryptoHelperTests.java new file mode 100644 index 0000000..a6c2c68 --- /dev/null +++ b/encryption/src/test/java/com/bvn13/test/encryption/CryptoHelperTests.java @@ -0,0 +1,46 @@ +package com.bvn13.test.encryption; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +import javax.crypto.BadPaddingException; +import java.util.UUID; + +import static org.junit.Assert.*; + +/** + * @author bvn13 + * @since 13.09.2019 + */ +@RunWith(JUnit4.class) +public class CryptoHelperTests { + + @Test + public void testEncryptionWithPassword() throws Exception { + test("12345"); + } + + @Test + public void testRepeatingEncryptionWithPassword() throws Exception { + for (int i=0; i<50; i++) { + test(UUID.randomUUID().toString()); + } + } + + private void test(String password) throws Exception { + String test = UUID.randomUUID().toString(); + + String enc = CryptoHelper.encrypt(test, password); + String dec = CryptoHelper.decrypt(enc, password); + + assertEquals(test, dec); + + try { + CryptoHelper.decrypt(enc, password+"1"); + } catch (Exception e) { + assertTrue(e instanceof BadPaddingException); + } + } + +} diff --git a/encryption/src/test/java/com/bvn13/test/encryption/EncryptionApplicationTests.java b/encryption/src/test/java/com/bvn13/test/encryption/EncryptionApplicationTests.java new file mode 100644 index 0000000..03dfc09 --- /dev/null +++ b/encryption/src/test/java/com/bvn13/test/encryption/EncryptionApplicationTests.java @@ -0,0 +1,16 @@ +package com.bvn13.test.encryption; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.junit4.SpringRunner; + +@RunWith(SpringRunner.class) +@SpringBootTest +public class EncryptionApplicationTests { + + @Test + public void contextLoads() { + } + +}