Skip to content

Instantly share code, notes, and snippets.

@matzew
Last active August 29, 2015 13:56
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save matzew/9110948 to your computer and use it in GitHub Desktop.
Simple AeroGear Crypto Example
package net.wessendorf.aerogear;
import org.jboss.aerogear.AeroGearCrypto;
import org.jboss.aerogear.crypto.password.DefaultPbkdf2;
import org.jboss.aerogear.crypto.password.Pbkdf2;
import org.junit.Before;
import org.junit.Test;
import java.security.spec.InvalidKeySpecException;
import static org.assertj.core.api.Assertions.assertThat;
public class PasswordEncryption {
private byte[] encryptedPasswordToBeStoredInDatabase;
private byte[] saltToBeStoredInDatabase;
@Before
public void encryptionDance() throws InvalidKeySpecException {
Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
// encrypt the password given by a user
// store the salt + the encrypted password (e.g. in the database)
encryptedPasswordToBeStoredInDatabase = pbkdf2.encrypt("Like a boss");
saltToBeStoredInDatabase = ((DefaultPbkdf2) pbkdf2).getSalt();
}
@Test
public void verifySaltedPasswordOnLogin() throws InvalidKeySpecException {
String passwordEnteredByUser = "Like a boss";
boolean validationResult = AeroGearCrypto.pbkdf2().validate(passwordEnteredByUser, encryptedPasswordToBeStoredInDatabase, saltToBeStoredInDatabase);
// got a true back ?
assertThat(validationResult).isTrue();
}
@Test
public void verifySaltedPasswordOnLoginButUserMadeTypo() throws InvalidKeySpecException {
String passwordEnteredByUser = "Like a Boss";
boolean validationResult = AeroGearCrypto.pbkdf2().validate(passwordEnteredByUser, encryptedPasswordToBeStoredInDatabase, saltToBeStoredInDatabase);
// got a false back ?
assertThat(validationResult).isFalse();
}
}
package net.wessendorf.aerogear;
import org.jboss.aerogear.AeroGearCrypto;
import org.jboss.aerogear.crypto.Random;
import org.jboss.aerogear.crypto.password.DefaultPbkdf2;
import org.jboss.aerogear.crypto.password.Pbkdf2;
import org.junit.Before;
import org.junit.Test;
import java.security.spec.InvalidKeySpecException;
import static org.assertj.core.api.Assertions.assertThat;
public class EnhancedPasswordEncryption {
private byte[] encryptedPasswordToBeStoredInDatabase;
private byte[] saltToBeStoredInDatabase;
@Before
public void encryptionDance() throws InvalidKeySpecException {
Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
// encrypt the password given by a user
// store the salt + the encrypted password (e.g. in the database)
encryptedPasswordToBeStoredInDatabase = pbkdf2.encrypt("Like a boss");
saltToBeStoredInDatabase = ((DefaultPbkdf2) pbkdf2).getSalt();
}
@Test
public void verifySaltedPasswordOnLogin() throws InvalidKeySpecException {
Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
String passwordEnteredByUser = "Like a boss";
boolean validationResult = pbkdf2.validate(passwordEnteredByUser, encryptedPasswordToBeStoredInDatabase, saltToBeStoredInDatabase);
// got a true back ?
assertThat(validationResult).isTrue();
//be more secure, or paranoid :-)
if (validationResult) {
saltToBeStoredInDatabase = new Random().randomBytes();
encryptedPasswordToBeStoredInDatabase = pbkdf2.encrypt(passwordEnteredByUser, saltToBeStoredInDatabase);
}
// next login:
validationResult = pbkdf2.validate(passwordEnteredByUser, encryptedPasswordToBeStoredInDatabase, saltToBeStoredInDatabase);
// got a true back ?
assertThat(validationResult).isTrue();
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment