GordianKnot
Parent Project
Modules
Project Documentation
PBE Ciphers are supported via the GordianCipherFactory interface.
Password-based encryption is available for both Block and Stream Ciphers. To use Password-based, the parameters for the init call are modified to provide a GordianPBESpec rather than a key
/* Access factory */
final GordianFactory myBaseFactory = GordianGenerator.createFactory();
final GordianCipherFactory myCipherFactory = myBaseFactory.getCipherFactory();
/* Create cipher */
final GordianSymKeySpec myKeySpec = GordianSymKeySpec.aes(GordianLength.LEN_256);
final GordianSymCipherSpec myCipherSpec = GordianSymSpec.cbc(myKeySpec, GordianPadding.PKCS7);
final GordianSymCipher myCipher = myCipherFactory.createSymKeyCipher(myCipherSpec);
/* Create pbeSpec */
final GordianPBESpec myPBESpec = GordianPBESpec.pbKDF2(GordianDigestSpec.sha2(GordianLength.LEN_256), 2000);
final byte[] myPassword = ....
/* Encrypt message with random nonce */
GordianCipherParameters myParams = GordianCipherParameters.pbe(myPBESpec, myPassword);
myCipher.init(true, myParams);
final byte[] myMessage = ...
int myOutLen = myCipher.getOutputLength(myMessage.length);
final byte[] myEncrypted = new byte[myOutLen];
int myProcessed = myCipher.update(myMessage, 0, myMessage.length, myEncrypted);
myCipher.finish(myEncrypted, myProcessed);
/* Decrypt message */
myParams = GordianCipherParameters.pbeAndNonce(myPBESpec, myCipher.getPBESalt());
myCipher.init(false, myParams);
myOutLen = myCipher.getOutputLength(myEncrypted.length);
final byte[] myResult = new byte[myOutLen];
myProcessed = myCipher.update(myEncrypted, 0, myEncrypted.length, myResult);
myCipher.finish(myResult, myProcessed);
The following pbe algorithms are supported.
| Algorithm |
|---|
| pbKDF2 |
| pkcs12 |
| scrypt |
| argon2 |