mindol1004/spring-boot-rest
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[BAEL-9555] - Created a core-java-modules folder

Browse Source
This commit is contained in:
amit2103
2019-05-05 17:22:09 +05:30
parent 8b63b0d90a
commit 3bae5e5334
1480 changed files with 25600 additions and 5594 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
core-java-modules/core-java-security/README.md Normal file
View File

@@ -0,0 +1,12 @@
## Core Java Security
### Relevant Articles:
- [MD5 Hashing in Java](http://www.baeldung.com/java-md5)
- [Guide to the Cipher Class](http://www.baeldung.com/java-cipher-class)
- [Introduction to SSL in Java](http://www.baeldung.com/java-ssl)
- [Java KeyStore API](http://www.baeldung.com/java-keystore)
- [Encrypting and Decrypting Files in Java](http://www.baeldung.com/java-cipher-input-output-stream)
- [Hashing a Password in Java](https://www.baeldung.com/java-password-hashing)
- [SSL Handshake Failures](https://www.baeldung.com/java-ssl-handshake-failures)
- [SHA-256 and SHA3-256 Hashing in Java](https://www.baeldung.com/sha-256-hashing-java)
- [Enabling TLS v1.2 in Java 7](https://www.baeldung.com/java-7-tls-v12)

55
core-java-modules/core-java-security/pom.xml Normal file
View File

@@ -0,0 +1,55 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.baeldung</groupId>
<artifactId>core-java-security</artifactId>
<version>0.1.0-SNAPSHOT</version>
<name>core-java-security</name>
<packaging>jar</packaging>
<parent>
<groupId>com.baeldung</groupId>
<artifactId>parent-java</artifactId>
<version>0.0.1-SNAPSHOT</version>
<relativePath>../../parent-java</relativePath>
</parent>
<dependencies>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>${commons-lang3.version}</version>
</dependency>
<!-- test scoped -->
<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
<version>${assertj-core.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${commons-codec.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bouncycastle.version}</version>
</dependency>
</dependencies>
<properties>
<!-- util -->
<commons-lang3.version>3.8.1</commons-lang3.version>
<bouncycastle.version>1.60</bouncycastle.version>
<commons-codec.version>1.11</commons-codec.version>
<!-- testing -->
<assertj-core.version>3.10.0</assertj-core.version>
</properties>
</project>

35
core-java-modules/core-java-security/src/main/java/com/baeldung/cipher/Encryptor.java Normal file
View File

@@ -0,0 +1,35 @@
package com.baeldung.cipher;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
public class Encryptor {
public byte[] encryptMessage(byte[] message, byte[] keyBytes) throws InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
SecretKey secretKey = new SecretKeySpec(keyBytes, "AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] encryptedMessage = cipher.doFinal(message);
return encryptedMessage;
}
public byte[] encryptMessage(byte[] message, Certificate publicKeyCertificate) throws InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, publicKeyCertificate);
byte[] encryptedMessage = cipher.doFinal(message);
return encryptedMessage;
}
public byte[] decryptMessage(byte[] encryptedMessage, byte[] keyBytes) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
SecretKey secretKey = new SecretKeySpec(keyBytes, "AES");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] clearMessage = cipher.doFinal(encryptedMessage);
return clearMessage;
}
}

60
core-java-modules/core-java-security/src/main/java/com/baeldung/encrypt/FileEncrypterDecrypter.java Normal file
View File

@@ -0,0 +1,60 @@
package com.baeldung.encrypt;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import java.io.*;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
class FileEncrypterDecrypter {
private SecretKey secretKey;
private Cipher cipher;
FileEncrypterDecrypter(SecretKey secretKey, String cipher) throws NoSuchPaddingException, NoSuchAlgorithmException {
this.secretKey = secretKey;
this.cipher = Cipher.getInstance(cipher);
}
void encrypt(String content, String fileName) throws InvalidKeyException, IOException {
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] iv = cipher.getIV();
try (
FileOutputStream fileOut = new FileOutputStream(fileName);
CipherOutputStream cipherOut = new CipherOutputStream(fileOut, cipher)
) {
fileOut.write(iv);
cipherOut.write(content.getBytes());
}
}
String decrypt(String fileName) throws InvalidAlgorithmParameterException, InvalidKeyException, IOException {
String content;
try (FileInputStream fileIn = new FileInputStream(fileName)) {
byte[] fileIv = new byte[16];
fileIn.read(fileIv);
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(fileIv));
try (
CipherInputStream cipherIn = new CipherInputStream(fileIn, cipher);
InputStreamReader inputReader = new InputStreamReader(cipherIn);
BufferedReader reader = new BufferedReader(inputReader)
) {
StringBuilder sb = new StringBuilder();
String line;
while ((line = reader.readLine()) != null) {
sb.append(line);
}
content = sb.toString();
}
}
return content;
}
}

9
core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/DigestAlgorithms.java Normal file
View File

@@ -0,0 +1,9 @@
package com.baeldung.hashing;
public class DigestAlgorithms {
public static final String SHA3_256 = "SHA3-256";
public static final String SHA_256 = "SHA-256";
public static final String KECCAK_256 = "Keccak-256";
}

30
core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/Keccak256Hashing.java Normal file
View File

@@ -0,0 +1,30 @@
package com.baeldung.hashing;
import org.bouncycastle.jcajce.provider.digest.Keccak;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Hex;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import static com.baeldung.hashing.DigestAlgorithms.KECCAK_256;
import static com.baeldung.hashing.SHACommonUtils.bytesToHex;
public class Keccak256Hashing {
public static String hashWithJavaMessageDigest(final String originalString) throws NoSuchAlgorithmException {
Security.addProvider(new BouncyCastleProvider());
final MessageDigest digest = MessageDigest.getInstance(KECCAK_256);
final byte[] encodedhash = digest.digest(originalString.getBytes(StandardCharsets.UTF_8));
return bytesToHex(encodedhash);
}
public static String hashWithBouncyCastle(final String originalString) {
Keccak.Digest256 digest256 = new Keccak.Digest256();
byte[] hashbytes = digest256.digest(originalString.getBytes(StandardCharsets.UTF_8));
return new String(Hex.encode(hashbytes));
}
}

39
core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/SHA256Hashing.java Normal file
View File

@@ -0,0 +1,39 @@
package com.baeldung.hashing;
import com.google.common.hash.Hashing;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.util.encoders.Hex;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import static com.baeldung.hashing.DigestAlgorithms.SHA_256;
import static com.baeldung.hashing.SHACommonUtils.bytesToHex;
public class SHA256Hashing {
public static String HashWithJavaMessageDigest(final String originalString) throws NoSuchAlgorithmException {
final MessageDigest digest = MessageDigest.getInstance(SHA_256);
final byte[] encodedhash = digest.digest(originalString.getBytes(StandardCharsets.UTF_8));
return bytesToHex(encodedhash);
}
public static String hashWithGuava(final String originalString) {
final String sha256hex = Hashing.sha256().hashString(originalString, StandardCharsets.UTF_8).toString();
return sha256hex;
}
public static String HashWithApacheCommons(final String originalString) {
final String sha256hex = DigestUtils.sha256Hex(originalString);
return sha256hex;
}
public static String HashWithBouncyCastle(final String originalString) throws NoSuchAlgorithmException {
final MessageDigest digest = MessageDigest.getInstance(SHA_256);
final byte[] hash = digest.digest(originalString.getBytes(StandardCharsets.UTF_8));
final String sha256hex = new String(Hex.encode(hash));
return sha256hex;
}
}

45
core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/SHA3Hashing.java Normal file
View File

@@ -0,0 +1,45 @@
package com.baeldung.hashing;
import com.google.common.hash.Hashing;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.digests.SHA3Digest;
import org.bouncycastle.jcajce.provider.digest.SHA3;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Hex;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import static com.baeldung.hashing.DigestAlgorithms.SHA3_256;
import static com.baeldung.hashing.SHACommonUtils.bytesToHex;
public class SHA3Hashing {
/* works with JDK9+ only */
public static String hashWithJavaMessageDigestJDK9(final String originalString) throws NoSuchAlgorithmException {
final MessageDigest digest = MessageDigest.getInstance(SHA3_256);
final byte[] hashbytes = digest.digest(originalString.getBytes(StandardCharsets.UTF_8));
return bytesToHex(hashbytes);
}
public static String hashWithJavaMessageDigest(final String originalString) throws NoSuchAlgorithmException {
Security.addProvider(new BouncyCastleProvider());
final MessageDigest digest = MessageDigest.getInstance(SHA3_256);
final byte[] hashbytes = digest.digest(originalString.getBytes(StandardCharsets.UTF_8));
return bytesToHex(hashbytes);
}
/* works with JDK9+ only */
public static String hashWithApacheCommonsJDK9(final String originalString) {
return new DigestUtils(SHA3_256).digestAsHex(originalString);
}
public static String hashWithBouncyCastle(final String originalString) {
SHA3.Digest256 digest256 = new SHA3.Digest256();
byte[] hashbytes = digest256.digest(originalString.getBytes(StandardCharsets.UTF_8));
return new String(Hex.encode(hashbytes));
}
}

16
core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/SHACommonUtils.java Normal file
View File

@@ -0,0 +1,16 @@
package com.baeldung.hashing;
class SHACommonUtils {
public static String bytesToHex(byte[] hash) {
StringBuffer hexString = new StringBuffer();
for (byte h : hash) {
String hex = Integer.toHexString(0xff & h);
if (hex.length() == 1)
hexString.append('0');
hexString.append(hex);
}
return hexString.toString();
}
}

92
core-java-modules/core-java-security/src/main/java/com/baeldung/keystore/JavaKeyStore.java Normal file
View File

@@ -0,0 +1,92 @@
package com.baeldung.keystore;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;
/**
* Created by adi on 3/7/18.
*/
public class JavaKeyStore {
private KeyStore keyStore;
private String keyStoreName;
private String keyStoreType;
private String keyStorePassword;
JavaKeyStore(String keyStoreType, String keyStorePassword, String keyStoreName) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
this.keyStoreName = keyStoreName;
this.keyStoreType = keyStoreType;
this.keyStorePassword = keyStorePassword;
}
void createEmptyKeyStore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
if(keyStoreType ==null || keyStoreType.isEmpty()){
keyStoreType = KeyStore.getDefaultType();
}
keyStore = KeyStore.getInstance(keyStoreType);
//load
char[] pwdArray = keyStorePassword.toCharArray();
keyStore.load(null, pwdArray);
// Save the keyStore
FileOutputStream fos = new FileOutputStream(keyStoreName);
keyStore.store(fos, pwdArray);
fos.close();
}
void loadKeyStore() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
char[] pwdArray = keyStorePassword.toCharArray();
keyStore.load(new FileInputStream(keyStoreName), pwdArray);
}
void setEntry(String alias, KeyStore.SecretKeyEntry secretKeyEntry, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
keyStore.setEntry(alias, secretKeyEntry, protectionParameter);
}
KeyStore.Entry getEntry(String alias) throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException {
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(keyStorePassword.toCharArray());
return keyStore.getEntry(alias, protParam);
}
void setKeyEntry(String alias, PrivateKey privateKey, String keyPassword, Certificate[] certificateChain) throws KeyStoreException {
keyStore.setKeyEntry(alias, privateKey, keyPassword.toCharArray(), certificateChain);
}
void setCertificateEntry(String alias, Certificate certificate) throws KeyStoreException {
keyStore.setCertificateEntry(alias, certificate);
}
Certificate getCertificate(String alias) throws KeyStoreException {
return keyStore.getCertificate(alias);
}
void deleteEntry(String alias) throws KeyStoreException {
keyStore.deleteEntry(alias);
}
void deleteKeyStore() throws KeyStoreException, IOException {
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
keyStore.deleteEntry(alias);
}
keyStore = null;
Files.delete(Paths.get(keyStoreName));
}
KeyStore getKeyStore() {
return this.keyStore;
}
}

149
core-java-modules/core-java-security/src/main/java/com/baeldung/passwordhashing/PBKDF2Hasher.java Normal file
View File

@@ -0,0 +1,149 @@
package com.baeldung.passwordhashing;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
/**
* Hash passwords for storage, and test passwords against password tokens.
*
* Instances of this class can be used concurrently by multiple threads.
*
* @author erickson
* @see <a href="http://stackoverflow.com/a/2861125/3474">StackOverflow</a>
*/
public final class PBKDF2Hasher
{
/**
* Each token produced by this class uses this identifier as a prefix.
*/
public static final String ID = "$31$";
/**
* The minimum recommended cost, used by default
*/
public static final int DEFAULT_COST = 16;
private static final String ALGORITHM = "PBKDF2WithHmacSHA1";
private static final int SIZE = 128;
private static final Pattern layout = Pattern.compile("\\$31\\$(\\d\\d?)\\$(.{43})");
private final SecureRandom random;
private final int cost;
public PBKDF2Hasher()
{
this(DEFAULT_COST);
}
/**
* Create a password manager with a specified cost
*
* @param cost the exponential computational cost of hashing a password, 0 to 30
*/
public PBKDF2Hasher(int cost)
{
iterations(cost); /* Validate cost */
this.cost = cost;
this.random = new SecureRandom();
}
private static int iterations(int cost)
{
if ((cost < 0) || (cost > 30))
throw new IllegalArgumentException("cost: " + cost);
return 1 << cost;
}
/**
* Hash a password for storage.
*
* @return a secure authentication token to be stored for later authentication
*/
public String hash(char[] password)
{
byte[] salt = new byte[SIZE / 8];
random.nextBytes(salt);
byte[] dk = pbkdf2(password, salt, 1 << cost);
byte[] hash = new byte[salt.length + dk.length];
System.arraycopy(salt, 0, hash, 0, salt.length);
System.arraycopy(dk, 0, hash, salt.length, dk.length);
Base64.Encoder enc = Base64.getUrlEncoder().withoutPadding();
return ID + cost + '$' + enc.encodeToString(hash);
}
/**
* Authenticate with a password and a stored password token.
*
* @return true if the password and token match
*/
public boolean checkPassword(char[] password, String token)
{
Matcher m = layout.matcher(token);
if (!m.matches())
throw new IllegalArgumentException("Invalid token format");
int iterations = iterations(Integer.parseInt(m.group(1)));
byte[] hash = Base64.getUrlDecoder().decode(m.group(2));
byte[] salt = Arrays.copyOfRange(hash, 0, SIZE / 8);
byte[] check = pbkdf2(password, salt, iterations);
int zero = 0;
for (int idx = 0; idx < check.length; ++idx)
zero |= hash[salt.length + idx] ^ check[idx];
return zero == 0;
}
private static byte[] pbkdf2(char[] password, byte[] salt, int iterations)
{
KeySpec spec = new PBEKeySpec(password, salt, iterations, SIZE);
try {
SecretKeyFactory f = SecretKeyFactory.getInstance(ALGORITHM);
return f.generateSecret(spec).getEncoded();
}
catch (NoSuchAlgorithmException ex) {
throw new IllegalStateException("Missing algorithm: " + ALGORITHM, ex);
}
catch (InvalidKeySpecException ex) {
throw new IllegalStateException("Invalid SecretKeyFactory", ex);
}
}
/**
* Hash a password in an immutable {@code String}.
*
* <p>Passwords should be stored in a {@code char[]} so that it can be filled
* with zeros after use instead of lingering on the heap and elsewhere.
*
* @deprecated Use {@link #hash(char[])} instead
*/
@Deprecated
public String hash(String password)
{
return hash(password.toCharArray());
}
/**
* Authenticate with a password in an immutable {@code String} and a stored
* password token.
*
* @deprecated Use {@link #checkPassword(char[],String)} instead.
* @see #hash(String)
*/
@Deprecated
public boolean checkPassword(String password, String token)
{
return checkPassword(password.toCharArray(), token);
}
}

35
core-java-modules/core-java-security/src/main/java/com/baeldung/passwordhashing/SHA512Hasher.java Normal file
View File

@@ -0,0 +1,35 @@
package com.baeldung.passwordhashing;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/** A really simple SHA_512 Encryption example.
*
*/
public class SHA512Hasher {
public String hash(String passwordToHash, byte[] salt){
String generatedPassword = null;
try {
MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(salt);
byte[] bytes = md.digest(passwordToHash.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for(int i=0; i< bytes.length ;i++){
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
generatedPassword = sb.toString();
}
catch (NoSuchAlgorithmException e){
e.printStackTrace();
}
return generatedPassword;
}
public boolean checkPassword(String hash, String attempt, byte[] salt){
String generatedHash = hash(attempt, salt);
return hash.equals(generatedHash);
}
}

18
core-java-modules/core-java-security/src/main/java/com/baeldung/passwordhashing/SimplePBKDF2Hasher.java Normal file
View File

@@ -0,0 +1,18 @@
package com.baeldung.passwordhashing;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import java.security.spec.KeySpec;
/** A really simple SimplePBKDF2 Encryption example.
*
*/
public class SimplePBKDF2Hasher {
public static String hashSimple(String password, byte[] salt) throws Exception{
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 65536, 128);
SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
byte[] hash = f.generateSecret(spec).getEncoded();
return String.valueOf(hash);
}
}

115
core-java-modules/core-java-security/src/main/java/com/baeldung/ssl/EnableTLSv12.java Normal file
View File

@@ -0,0 +1,115 @@
package com.baeldung.ssl;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class EnableTLSv12 {
private final Logger logger = LoggerFactory.getLogger(EnableTLSv12.class);
public String url = "";
public Integer port = null;
public EnableTLSv12() {
}
public static void main(String[] args) throws IOException, KeyManagementException, NoSuchAlgorithmException {
EnableTLSv12 enableTLSv12 = new EnableTLSv12();
if (args.length != 2) {
System.out.println("Provide the server url and the secure port:");
System.exit(-1);
}
enableTLSv12.setHost(args);
enableTLSv12.setPort(args);
enableTLSv12.enableTLSv12UsingHttpConnection();
enableTLSv12.enableTLSv12UsingProtocol();
enableTLSv12.enableTLSv12UsingSSLContext();
enableTLSv12.enableTLSv12UsingSSLParameters();
}
private void setPort(String[] args) {
url = args[0];
}
private void setHost(String[] args) {
String portNumber = args[1];
port = Integer.parseInt(portNumber);
}
private void handleCommunication(SSLSocket socket, String usedTLSProcess) throws IOException {
logger.debug("Enabled TLS v1.2 on " + usedTLSProcess);
try (PrintWriter out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()))); BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()))) {
out.println("GET / HTTP/1.0");
out.println();
out.flush();
if (out.checkError()) {
logger.error("SSLSocketClient: java.io.PrintWriter error");
return;
}
String inputLine;
while ((inputLine = in.readLine()) != null)
logger.info(inputLine);
}
}
public void enableTLSv12UsingSSLParameters() throws UnknownHostException, IOException {
SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) socketFactory.createSocket(url.trim(), port);
SSLParameters params = new SSLParameters();
params.setProtocols(new String[] { "TLSv1.2" });
sslSocket.setSSLParameters(params);
sslSocket.startHandshake();
handleCommunication(sslSocket, "SSLSocketFactory-SSLParameters");
}
public void enableTLSv12UsingProtocol() throws IOException {
SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) socketFactory.createSocket(url, port);
sslSocket.setEnabledProtocols(new String[] { "TLSv1.2" });
sslSocket.startHandshake();
handleCommunication(sslSocket, "SSLSocketFactory-EnabledProtocols");
}
public void enableTLSv12UsingHttpConnection() throws IOException, NoSuchAlgorithmException, KeyManagementException {
URL urls = new URL("https://" + url + ":" + port);
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, null, new SecureRandom());
HttpsURLConnection connection = (HttpsURLConnection) urls.openConnection();
connection.setSSLSocketFactory(sslContext.getSocketFactory());
try (BufferedReader br = new BufferedReader(new InputStreamReader(connection.getInputStream()))) {
String input;
while ((input = br.readLine()) != null) {
logger.info(input);
}
}
logger.debug("Created TLSv1.2 connection on HttpsURLConnection");
}
public void enableTLSv12UsingSSLContext() throws NoSuchAlgorithmException, KeyManagementException, UnknownHostException, IOException {
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, null, new SecureRandom());
SSLSocketFactory socketFactory = sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) socketFactory.createSocket(url, port);
handleCommunication(socket, "SSLContext");
}
}

54
core-java-modules/core-java-security/src/main/java/com/baeldung/ssl/SecureConnection.java Normal file
View File

@@ -0,0 +1,54 @@
package com.baeldung.ssl;
import java.io.InputStream;
import java.io.OutputStream;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
public class SecureConnection {
public static void main(String[] args) {
if (args.length != 2) {
System.out.println("Use: SecureConnection host port");
System.exit(1);
}
try {
String host = getHost(args);
Integer port = getPort(args);
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(host, port);
InputStream in = sslsocket.getInputStream();
OutputStream out = sslsocket.getOutputStream();
out.write(1);
while (in.available() > 0) {
System.out.print(in.read());
}
System.out.println("Secured connection performed successfully");
} catch (Exception exception) {
exception.printStackTrace();
}
}
/**
* Get the host from arguments
* @param args the arguments
* @return the host
*/
private static String getHost(String[] args) {
return args[0];
}
/**
* Get the port from arguments
* @param args the arguments
* @return the port
*/
private static Integer getPort(String[] args) {
return Integer.parseInt(args[1]);
}
}

33
core-java-modules/core-java-security/src/main/java/com/baeldung/ssl/example/SimpleClient.java Normal file
View File

@@ -0,0 +1,33 @@
package com.baeldung.ssl.example;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.Socket;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.SSLParameters;
public class SimpleClient {
static String startClient(String host, int port) throws IOException {
SocketFactory factory = SSLSocketFactory.getDefault();
try (Socket connection = factory.createSocket(host, port)) {
((SSLSocket) connection).setEnabledCipherSuites(
new String[] { "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"});
((SSLSocket) connection).setEnabledProtocols(
new String[] { "TLSv1.2"});
SSLParameters sslParams = new SSLParameters();
sslParams.setEndpointIdentificationAlgorithm("HTTPS");
((SSLSocket) connection).setSSLParameters(sslParams);
BufferedReader input = new BufferedReader(new InputStreamReader(connection.getInputStream()));
return input.readLine();
}
}
public static void main(String[] args) throws IOException {
System.out.println(startClient("localhost", 8443));
}
}

34
core-java-modules/core-java-security/src/main/java/com/baeldung/ssl/example/SimpleServer.java Normal file
View File

@@ -0,0 +1,34 @@
package com.baeldung.ssl.example;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.ServerSocket;
import java.net.Socket;
import javax.net.ServerSocketFactory;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
public class SimpleServer {
static void startServer(int port) throws IOException {
ServerSocketFactory factory = SSLServerSocketFactory.getDefault();
try (ServerSocket listener = factory.createServerSocket(port)) {
((SSLServerSocket) listener).setNeedClientAuth(true);
((SSLServerSocket) listener).setEnabledCipherSuites(
new String[] { "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"});
((SSLServerSocket) listener).setEnabledProtocols(
new String[] { "TLSv1.2"});
while (true) {
try (Socket socket = listener.accept()) {
PrintWriter out = new PrintWriter(socket.getOutputStream(), true);
out.println("Hello World!");
}
}
}
}
public static void main(String[] args) throws IOException {
startServer(8443);
}
}

19
core-java-modules/core-java-security/src/main/resources/logback.xml Normal file
View File

@@ -0,0 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
</pattern>
</encoder>
</appender>
<logger name="org.springframework" level="WARN" />
<logger name="org.springframework.transaction" level="WARN" />
<!-- in order to debug some marshalling issues, this needs to be TRACE -->
<logger name="org.springframework.web.servlet.mvc" level="WARN" />
<root level="INFO">
<appender-ref ref="STDOUT" />
</root>
</configuration>

70
core-java-modules/core-java-security/src/test/java/com/baeldung/cipher/EncryptorUnitTest.java Normal file
View File

@@ -0,0 +1,70 @@
package com.baeldung.cipher;
import org.junit.Before;
import org.junit.Test;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import static org.assertj.core.api.Assertions.assertThat;
public class EncryptorUnitTest {
private String encKeyString;
private String message;
private String certificateString;
private Encryptor encryptor;
@Before
public void init(){
encKeyString = "1234567890123456";
message = "This is a secret message";
encryptor = new Encryptor();
certificateString = "-----BEGIN CERTIFICATE-----\n" +
"MIICVjCCAb8CAg37MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG\n" +
"A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE\n" +
"MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl\n" +
"YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw\n" +
"ODIyMDUyNzIzWhcNMTcwODIxMDUyNzIzWjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE\n" +
"CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs\n" +
"ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYBBrx5PlP0WNI/ZdzD\n" +
"+6Pktmurn+F2kQYbtc7XQh8/LTBvCo+P6iZoLEmUA9e7EXLRxgU1CVqeAi7QcAn9\n" +
"MwBlc8ksFJHB0rtf9pmf8Oza9E0Bynlq/4/Kb1x+d+AyhL7oK9tQwB24uHOueHi1\n" +
"C/iVv8CSWKiYe6hzN1txYe8rAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAASPdjigJ\n" +
"kXCqKWpnZ/Oc75EUcMi6HztaW8abUMlYXPIgkV2F7YanHOB7K4f7OOLjiz8DTPFf\n" +
"jC9UeuErhaA/zzWi8ewMTFZW/WshOrm3fNvcMrMLKtH534JKvcdMg6qIdjTFINIr\n" +
"evnAhf0cwULaebn+lMs8Pdl7y37+sfluVok=\n" +
"-----END CERTIFICATE-----";
}
@Test
public void givenEncryptionKey_whenMessageIsPassedToEncryptor_thenMessageIsEncrypted() throws Exception {
byte[] encryptedMessage = encryptor.encryptMessage(message.getBytes(),encKeyString.getBytes());
assertThat(encryptedMessage).isNotNull();
assertThat(encryptedMessage.length % 32).isEqualTo(0);
}
@Test
public void givenCertificateWithPublicKey_whenMessageIsPassedToEncryptor_thenMessageIsEncrypted() throws Exception {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
InputStream is = new ByteArrayInputStream(certificateString.getBytes());
X509Certificate certificate = (X509Certificate) factory.generateCertificate(is);
byte[] encryptedMessage = encryptor.encryptMessage(message.getBytes(),certificate);
assertThat(encryptedMessage).isNotNull();
assertThat(encryptedMessage.length % 128).isEqualTo(0);
}
@Test
public void givenEncryptionKey_whenMessageIsEncrypted_thenDecryptMessage() throws Exception{
byte[] encryptedMessageBytes = encryptor.encryptMessage(message.getBytes(),encKeyString.getBytes());
byte[] clearMessageBytes = encryptor.decryptMessage(encryptedMessageBytes, encKeyString.getBytes());
assertThat(message).isEqualTo(new String(clearMessageBytes));
}
}

32
core-java-modules/core-java-security/src/test/java/com/baeldung/encrypt/FileEncrypterDecrypterIntegrationTest.java Normal file
View File

@@ -0,0 +1,32 @@
package com.baeldung.encrypt;
import org.junit.Test;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import java.io.File;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import static org.hamcrest.Matchers.is;
import static org.junit.Assert.assertThat;
public class FileEncrypterDecrypterIntegrationTest {
@Test
public void givenStringAndFilename_whenEncryptingIntoFile_andDecryptingFileAgain_thenOriginalStringIsReturned() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, InvalidAlgorithmParameterException {
String originalContent = "foobar";
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
FileEncrypterDecrypter fileEncrypterDecrypter = new FileEncrypterDecrypter(secretKey, "AES/CBC/PKCS5Padding");
fileEncrypterDecrypter.encrypt(originalContent, "baz.enc");
String decryptedContent = fileEncrypterDecrypter.decrypt("baz.enc");
assertThat(decryptedContent, is(originalContent));
new File("baz.enc").delete(); // cleanup
}
}

22
core-java-modules/core-java-security/src/test/java/com/baeldung/hashing/Keccak256HashingUnitTest.java Normal file
View File

@@ -0,0 +1,22 @@
package com.baeldung.hashing;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
public class Keccak256HashingUnitTest {
private static String originalValue = "abc123";
private static String hashedValue = "719accc61a9cc126830e5906f9d672d06eab6f8597287095a2c55a8b775e7016";
@Test public void testHashWithJavaMessageDigest() throws Exception {
final String currentHashedValue = Keccak256Hashing.hashWithJavaMessageDigest(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
@Test public void testHashWithBouncyCastle() {
final String currentHashedValue = Keccak256Hashing.hashWithBouncyCastle(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
}

35
core-java-modules/core-java-security/src/test/java/com/baeldung/hashing/SHA256HashingUnitTest.java Normal file
View File

@@ -0,0 +1,35 @@
package com.baeldung.hashing;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
public class SHA256HashingUnitTest {
private static String originalValue = "abc123";
private static String hashedValue = "6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090";
@Test
public void testHashWithJavaMessageDigest() throws Exception {
final String currentHashedValue = SHA256Hashing.HashWithJavaMessageDigest(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
@Test
public void testHashWithGuava() throws Exception {
final String currentHashedValue = SHA256Hashing.hashWithGuava(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
@Test
public void testHashWithApacheCommans() throws Exception {
final String currentHashedValue = SHA256Hashing.HashWithApacheCommons(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
@Test
public void testHashWithBouncyCastle() throws Exception {
final String currentHashedValue = SHA256Hashing.HashWithBouncyCastle(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
}

38
core-java-modules/core-java-security/src/test/java/com/baeldung/hashing/SHA3HashingUnitTest.java Normal file
View File

@@ -0,0 +1,38 @@
package com.baeldung.hashing;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
public class SHA3HashingUnitTest {
private static String originalValue = "abc123";
private static String hashedValue = "f58fa3df820114f56e1544354379820cff464c9c41cb3ca0ad0b0843c9bb67ee";
/* works with JDK9+ only */
//@Test
public void testHashWithJavaMessageDigestJDK9() throws Exception {
final String currentHashedValue = SHA3Hashing.hashWithJavaMessageDigestJDK9(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
@Test
public void testHashWithJavaMessageDigest() throws Exception {
final String currentHashedValue = SHA3Hashing.hashWithJavaMessageDigest(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
/* works with JDK9+ only */
//@Test
public void testHashWithApacheCommonsJDK9() {
final String currentHashedValue = SHA3Hashing.hashWithApacheCommonsJDK9(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
@Test
public void testHashWithBouncyCastle() {
final String currentHashedValue = SHA3Hashing.hashWithBouncyCastle(originalValue);
assertEquals(hashedValue, currentHashedValue);
}
}

232
core-java-modules/core-java-security/src/test/java/com/baeldung/keystore/JavaKeyStoreUnitTest.java Normal file
View File

@@ -0,0 +1,232 @@
package com.baeldung.keystore;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.SubjectAlternativeNameExtension;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;
import sun.security.x509.CertificateExtensions;
import sun.security.x509.GeneralNames;
import sun.security.x509.GeneralName;
import sun.security.x509.GeneralNameInterface;
import sun.security.x509.DNSName;
import sun.security.x509.IPAddressName;
import sun.security.util.DerOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
/**
* Created by adi on 4/14/18.
*/
public class JavaKeyStoreUnitTest {
private JavaKeyStore keyStore;
private static final String KEYSTORE_PWD = "abc123";
private static final String KEYSTORE_NAME = "myKeyStore";
private static final String KEY_STORE_TYPE = "JCEKS";
private static final String MY_SECRET_ENTRY = "mySecretEntry";
private static final String DN_NAME = "CN=test, OU=test, O=test, L=test, ST=test, C=CY";
private static final String SHA1WITHRSA = "SHA1withRSA";
private static final String MY_PRIVATE_KEY = "myPrivateKey";
private static final String MY_CERTIFICATE = "myCertificate";
@Before
public void setUp() throws Exception {
//using java cryptography extension keyStore instead of Keystore.getDefaultType
keyStore = new JavaKeyStore(KEY_STORE_TYPE, KEYSTORE_PWD, KEYSTORE_NAME);
}
@After
public void tearDown() throws Exception {
if (keyStore.getKeyStore() != null) {
keyStore.deleteKeyStore();
}
}
@Test
public void givenNoKeyStore_whenCreateEmptyKeyStore_thenGetKeyStoreNotNull() throws Exception {
keyStore.createEmptyKeyStore();
KeyStore result = keyStore.getKeyStore();
Assert.assertNotNull(result);
}
@Test
public void givenEmptyKeystore_whenLoadKeyStore_thenKeyStoreLoadedAndSizeZero() throws Exception {
keyStore.createEmptyKeyStore();
keyStore.loadKeyStore();
KeyStore result = keyStore.getKeyStore();
Assert.assertNotNull(result);
Assert.assertTrue(result.size() == 0);
}
@Test
public void givenLoadedKeyStore_whenSetEntry_thenSizeIsOneAndGetKeyNotNull() throws Exception {
keyStore.createEmptyKeyStore();
keyStore.loadKeyStore();
KeyGenerator keygen = KeyGenerator.getInstance("HmacSHA256");
SecretKey secretKey = keygen.generateKey();
//ideally, password should be different for every key
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(KEYSTORE_PWD.toCharArray());
KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(secretKey);
keyStore.setEntry(MY_SECRET_ENTRY, secretKeyEntry, protParam);
KeyStore result = keyStore.getKeyStore();
Assert.assertTrue(result.size() == 1);
KeyStore.Entry entry = keyStore.getEntry(MY_SECRET_ENTRY);
Assert.assertTrue(entry != null);
}
@Test
public void givenLoadedKeyStore_whenSetKeyEntry_thenSizeIsOneAndGetEntryNotNull() throws Exception {
keyStore.createEmptyKeyStore();
keyStore.loadKeyStore();
// Generate the key pair
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// Generate a self signed certificate
X509Certificate certificate = generateSelfSignedCertificate(keyPair);
X509Certificate[] certificateChain = new X509Certificate[1];
certificateChain[0] = certificate;
keyStore.setKeyEntry(MY_PRIVATE_KEY, keyPair.getPrivate(), KEYSTORE_PWD, certificateChain);
KeyStore result = keyStore.getKeyStore();
Assert.assertTrue(result.size() == 1);
KeyStore.Entry entry = keyStore.getEntry(MY_PRIVATE_KEY);
Assert.assertTrue(entry != null);
}
@Test
public void givenLoadedKeyStore_whenSetCertificateEntry_thenSizeIsOneAndGetCertificateEntryNotNull() throws Exception {
keyStore.createEmptyKeyStore();
keyStore.loadKeyStore();
// Generate the key pair
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// Generate a self signed certificate
X509Certificate certificate = generateSelfSignedCertificate(keyPair);
keyStore.setCertificateEntry(MY_CERTIFICATE, certificate);
KeyStore result = this.keyStore.getKeyStore();
Assert.assertTrue(result.size() == 1);
java.security.cert.Certificate resultCertificate = keyStore.getCertificate(MY_CERTIFICATE);
Assert.assertNotNull(resultCertificate);
}
@Test
public void givenLoadedKeyStoreWithOneEntry_whenDeleteEntry_thenKeyStoreSizeIsZero() throws Exception {
keyStore.createEmptyKeyStore();
keyStore.loadKeyStore();
KeyGenerator keygen = KeyGenerator.getInstance("HmacSHA256");
SecretKey secretKey = keygen.generateKey();
//ideally, password should be different for every key
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(KEYSTORE_PWD.toCharArray());
KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(secretKey);
keyStore.setEntry(MY_SECRET_ENTRY, secretKeyEntry, protParam);
keyStore.deleteEntry(MY_SECRET_ENTRY);
KeyStore result = this.keyStore.getKeyStore();
Assert.assertTrue(result.size() == 0);
}
@Test
public void givenLoadedKeystore_whenDeleteKeyStore_thenKeyStoreIsNull() throws Exception {
keyStore.createEmptyKeyStore();
keyStore.loadKeyStore();
keyStore.deleteKeyStore();
KeyStore result = this.keyStore.getKeyStore();
Assert.assertTrue(result == null);
}
private X509Certificate generateSelfSignedCertificate(KeyPair keyPair) throws CertificateException, IOException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
X509CertInfo certInfo = new X509CertInfo();
// Serial number and version
certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(new BigInteger(64, new SecureRandom())));
certInfo.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
// Subject & Issuer
X500Name owner = new X500Name(DN_NAME);
certInfo.set(X509CertInfo.SUBJECT, owner);
certInfo.set(X509CertInfo.ISSUER, owner);
// Key and algorithm
certInfo.set(X509CertInfo.KEY, new CertificateX509Key(keyPair.getPublic()));
AlgorithmId algorithm = new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid);
certInfo.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algorithm));
// Validity
Date validFrom = new Date();
Date validTo = new Date(validFrom.getTime() + 50L * 365L * 24L * 60L * 60L * 1000L); //50 years
CertificateValidity validity = new CertificateValidity(validFrom, validTo);
certInfo.set(X509CertInfo.VALIDITY, validity);
GeneralNameInterface dnsName = new DNSName("baeldung.com");
DerOutputStream dnsNameOutputStream = new DerOutputStream();
dnsName.encode(dnsNameOutputStream);
GeneralNameInterface ipAddress = new IPAddressName("127.0.0.1");
DerOutputStream ipAddressOutputStream = new DerOutputStream();
ipAddress.encode(ipAddressOutputStream);
GeneralNames generalNames = new GeneralNames();
generalNames.add(new GeneralName(dnsName));
generalNames.add(new GeneralName(ipAddress));
CertificateExtensions ext = new CertificateExtensions();
ext.set(SubjectAlternativeNameExtension.NAME, new SubjectAlternativeNameExtension(generalNames));
certInfo.set(X509CertInfo.EXTENSIONS, ext);
// Create certificate and sign it
X509CertImpl cert = new X509CertImpl(certInfo);
cert.sign(keyPair.getPrivate(), SHA1WITHRSA);
// Since the SHA1withRSA provider may have a different algorithm ID to what we think it should be,
// we need to reset the algorithm ID, and resign the certificate
AlgorithmId actualAlgorithm = (AlgorithmId) cert.get(X509CertImpl.SIG_ALG);
certInfo.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, actualAlgorithm);
X509CertImpl newCert = new X509CertImpl(certInfo);
newCert.sign(keyPair.getPrivate(), SHA1WITHRSA);
return newCert;
}
}

41
core-java-modules/core-java-security/src/test/java/com/baeldung/passwordhashing/PBKDF2HasherUnitTest.java Normal file
View File

@@ -0,0 +1,41 @@
package com.baeldung.passwordhashing;
import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.*;
public class PBKDF2HasherUnitTest {
private PBKDF2Hasher mPBKDF2Hasher;
@Before
public void setUp() throws Exception {
mPBKDF2Hasher = new PBKDF2Hasher();
}
@Test
public void givenCorrectMessageAndHash_whenAuthenticated_checkAuthenticationSucceeds() throws Exception {
String message1 = "password123";
String hash1 = mPBKDF2Hasher.hash(message1.toCharArray());
assertTrue(mPBKDF2Hasher.checkPassword(message1.toCharArray(), hash1));
}
@Test
public void givenWrongMessage_whenAuthenticated_checkAuthenticationFails() throws Exception {
String message1 = "password123";
String hash1 = mPBKDF2Hasher.hash(message1.toCharArray());
String wrongPasswordAttempt = "IamWrong";
assertFalse(mPBKDF2Hasher.checkPassword(wrongPasswordAttempt.toCharArray(), hash1));
}
}

70
core-java-modules/core-java-security/src/test/java/com/baeldung/passwordhashing/SHA512HasherUnitTest.java Normal file
View File

@@ -0,0 +1,70 @@
package com.baeldung.passwordhashing;
import org.junit.Before;
import org.junit.Test;
import java.security.SecureRandom;
import static org.junit.Assert.*;
/**
* Created by PhysicsSam on 06-Sep-18.
*/
public class SHA512HasherUnitTest {
private SHA512Hasher hasher;
private SecureRandom secureRandom;
@Before
public void setUp() throws Exception {
hasher = new SHA512Hasher();
secureRandom = new SecureRandom();
}
@Test
public void givenSamePasswordAndSalt_whenHashed_checkResultingHashesAreEqual() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String hash1 = hasher.hash("password", salt);
String hash2 = hasher.hash("password", salt);
assertEquals(hash1, hash2);
}
@Test
public void givenSamePasswordAndDifferentSalt_whenHashed_checkResultingHashesNotEqual() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String hash1 = hasher.hash("password", salt);
//generate a second salt
byte[] secondSalt = new byte[16];
String hash2 = hasher.hash("password", secondSalt);
assertNotEquals(hash1, hash2);
}
@Test
public void givenPredefinedHash_whenCorrectAttemptGiven_checkAuthenticationSucceeds() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String originalHash = hasher.hash("password123", salt);
assertTrue(hasher.checkPassword(originalHash, "password123", salt));
}
@Test
public void givenPredefinedHash_whenIncorrectAttemptGiven_checkAuthenticationFails() throws Exception {
byte[] salt = new byte[16];
secureRandom.nextBytes(salt);
String originalHash = hasher.hash("password123", salt);
assertFalse(hasher.checkPassword(originalHash, "password124", salt));
}
}

75
core-java-modules/core-java-security/src/test/java/org/baeldung/java/md5/JavaMD5UnitTest.java Normal file
View File

@@ -0,0 +1,75 @@
package org.baeldung.java.md5;
import static org.assertj.core.api.Assertions.assertThat;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.codec.digest.DigestUtils;
import org.junit.Test;
import com.google.common.hash.HashCode;
import com.google.common.hash.Hashing;
public class JavaMD5UnitTest {
String filename = "src/test/resources/test_md5.txt";
String checksum = "5EB63BBBE01EEED093CB22BB8F5ACDC3";
String hash = "35454B055CC325EA1AF2126E27707052";
String password = "ILoveJava";
@Test
public void givenPassword_whenHashing_thenVerifying() throws NoSuchAlgorithmException {
String hash = "35454B055CC325EA1AF2126E27707052";
String password = "ILoveJava";
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(password.getBytes());
byte[] digest = md.digest();
String myHash = DatatypeConverter.printHexBinary(digest).toUpperCase();
assertThat(myHash.equals(hash)).isTrue();
}
@Test
public void givenFile_generatingChecksum_thenVerifying() throws NoSuchAlgorithmException, IOException {
String filename = "src/test/resources/test_md5.txt";
String checksum = "5EB63BBBE01EEED093CB22BB8F5ACDC3";
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(Files.readAllBytes(Paths.get(filename)));
byte[] digest = md.digest();
String myChecksum = DatatypeConverter.printHexBinary(digest).toUpperCase();
assertThat(myChecksum.equals(checksum)).isTrue();
}
@Test
public void givenPassword_whenHashingUsingCommons_thenVerifying() {
String hash = "35454B055CC325EA1AF2126E27707052";
String password = "ILoveJava";
String md5Hex = DigestUtils.md5Hex(password).toUpperCase();
assertThat(md5Hex.equals(hash)).isTrue();
}
@Test
public void givenFile_whenChecksumUsingGuava_thenVerifying() throws IOException {
String filename = "src/test/resources/test_md5.txt";
String checksum = "5EB63BBBE01EEED093CB22BB8F5ACDC3";
HashCode hash = com.google.common.io.Files.hash(new File(filename), Hashing.md5());
String myChecksum = hash.toString().toUpperCase();
assertThat(myChecksum.equals(checksum)).isTrue();
}
}

1
core-java-modules/core-java-security/src/test/resources/test_md5.txt Normal file
View File

@@ -0,0 +1 @@
hello world