possibilité d'afficher la version cryptée avec AES d'un mot de passe

upassword

@@ -4,6 +4,7 @@ compiler=javac
 mainClass=upassword
 compileAndGo
 
+import java.io.FileInputStream;
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.io.UnsupportedEncodingException;
@@ -15,6 +16,12 @@ import java.util.List;
 import java.util.Random;
 import java.util.regex.Pattern;
 
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+
 public class upassword {
     public static final String UTF_8 = "UTF-8";
 
@@ -86,6 +93,7 @@ public class upassword {
         }
         return ba;
     }
+
     public static final boolean strIsempty(String str) {
         return str == null || str.length() == 0;
     }
@@ -4542,6 +4550,81 @@ public class upassword {
         }
     }
 
+    // ------------------------------------------------------------------------
+    public static class AESEnc {
+        private static final String AES = "AES";
+
+        private static final String CIPHER = "AES/ECB/PKCS5Padding";
+
+        public static final byte[] genkey(String password, byte[] salt, int iterations)
+                throws Exception {
+            if (salt == null) salt = Salt.getInstance().newBinarySalt();
+            if (iterations <= 0) iterations = 10000;
+            SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+            SecretKey tmp = factory.generateSecret(new PBEKeySpec(password.toCharArray(), salt,
+                    iterations, 128));
+            SecretKeySpec key = new SecretKeySpec(tmp.getEncoded(), AES);
+            return key.getEncoded();
+        }
+
+        public static final byte[] genkey(String password) throws Exception {
+            return genkey(password, null, -1);
+        }
+
+        public static final String genskey(String password, byte[] salt, int iterations)
+                throws Exception {
+            return Base64.encodeBytes(genkey(password, salt, iterations));
+        }
+
+        public static final String genskey(String password) throws Exception {
+            return Base64.encodeBytes(genkey(password));
+        }
+
+        public static final byte[] getKey(String skey) {
+            return Base64.decode(skey);
+        }
+
+        public static final byte[] encrypt(byte[] clear, byte[] key) throws Exception {
+            if (clear == null) return null;
+            if (key == null) throw new NullPointerException("key is required");
+
+            Cipher aes = Cipher.getInstance(CIPHER);
+            aes.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, AES));
+            return aes.doFinal(clear);
+        }
+
+        public static final String sencrypt(String sclear, byte[] key) throws Exception {
+            if (sclear == null) return null;
+            byte[] input = sclear.getBytes(UTF_8);
+            byte[] output = encrypt(input, key);
+            return Base64.encodeBytes(output, Base64.DONT_BREAK_LINES);
+        }
+
+        public static final String sencrypt(String sclear, String skey) throws Exception {
+            return sencrypt(sclear, getKey(skey));
+        }
+
+        public static final byte[] decrypt(byte[] crypted, byte[] key) throws Exception {
+            if (crypted == null) return null;
+            if (key == null) throw new NullPointerException("key is required");
+
+            Cipher aes = Cipher.getInstance(CIPHER);
+            aes.init(Cipher.DECRYPT_MODE, new SecretKeySpec(key, AES));
+            return aes.doFinal(crypted);
+        }
+
+        public static final String sdecrypt(String scrypted, byte[] key) throws Exception {
+            if (scrypted == null) return null;
+            byte[] input = Base64.decode(scrypted);
+            byte[] output = decrypt(input, key);
+            return new String(output, UTF_8);
+        }
+
+        public static final String sdecrypt(String scrypted, String skey) throws Exception {
+            return sdecrypt(scrypted, getKey(skey));
+        }
+    }
+
     // ------------------------------------------------------------------------
 
     private Password getPasswordAnySalt(String clear, String scheme, final String anySalt) {
@@ -4588,10 +4671,42 @@ public class upassword {
 
     private void run(String[] args) {
         if (args.length == 1 && strEquals(args[0], "--help")) {
-            println("USAGE: upassword [clear [salts...]]");
+            println("USAGE: upassword [-f aeskeyfile] [clear [salts...]]");
             System.exit(0);
         }
 
+        String aeskeyfile = null;
+        if (args.length > 0 && args[0].substring(0, 2).equals("-f")) {
+            String opt = args[0];
+            int shift = 1;
+            if (opt.equals("-f")) {
+                if (args.length > 1) {
+                    aeskeyfile = args[1];
+                    shift = 2;
+                }
+            } else {
+                aeskeyfile = args[0].substring(2);
+            }
+            String[] newargs = new String[args.length - shift];
+            System.arraycopy(args, shift, newargs, 0, newargs.length);
+            args = newargs;
+        }
+        byte[] aeskey = null;
+        if (aeskeyfile != null) {
+            try {
+                FileInputStream fis = new FileInputStream(aeskeyfile);
+                try {
+                    aeskey = new byte[16];
+                    fis.read(aeskey);
+                } finally {
+                    fis.close();
+                }
+            } catch (Exception e) {
+                e.printStackTrace(System.err);
+                System.exit(1);
+            }
+        }
+
         String clear = null;
         if (args.length > 0) clear = args[0];
         String salt = null;
@@ -4619,6 +4734,13 @@ public class upassword {
             String ssha = getPasswordAnySalt(clear, Password.SSHA, salt).getNormalized();
             String md5 = getPasswordAnySalt(clear, Password.MD5, salt).getNormalized();
             String smd5 = getPasswordAnySalt(clear, Password.SMD5, salt).getNormalized();
+            String aes = null;
+            if (aeskey != null) {
+                try {
+                    aes = AESEnc.sencrypt(clear, aeskey);
+                } catch (Exception e) {
+                }
+            }
 
             println("clear: " + clear);
             println("lm:    " + lm);
@@ -4628,6 +4750,7 @@ public class upassword {
             println("ssha:  " + ssha);
             println("md5:   " + md5);
             println("smd5:  " + smd5);
+            if (aes != null) println("aes:   " + aes);
         } else {
             // Afficher uniquement les versions cryptées des mots de passe avec
             // les schemes correspondant aux salts spécifiés, pour chacun des