possibilité d'afficher la version cryptée avec AES d'un mot de passe

This commit is contained in:
Jephté Clain 2014-02-14 14:24:25 +04:00
parent 6353686d4a
commit 704f34029b
1 changed files with 124 additions and 1 deletions

125
upassword
View File

@ -4,6 +4,7 @@ compiler=javac
mainClass=upassword mainClass=upassword
compileAndGo compileAndGo
import java.io.FileInputStream;
import java.io.PrintWriter; import java.io.PrintWriter;
import java.io.StringWriter; import java.io.StringWriter;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
@ -15,6 +16,12 @@ import java.util.List;
import java.util.Random; import java.util.Random;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
public class upassword { public class upassword {
public static final String UTF_8 = "UTF-8"; public static final String UTF_8 = "UTF-8";
@ -86,6 +93,7 @@ public class upassword {
} }
return ba; return ba;
} }
public static final boolean strIsempty(String str) { public static final boolean strIsempty(String str) {
return str == null || str.length() == 0; return str == null || str.length() == 0;
} }
@ -4542,6 +4550,81 @@ public class upassword {
} }
} }
// ------------------------------------------------------------------------
public static class AESEnc {
private static final String AES = "AES";
private static final String CIPHER = "AES/ECB/PKCS5Padding";
public static final byte[] genkey(String password, byte[] salt, int iterations)
throws Exception {
if (salt == null) salt = Salt.getInstance().newBinarySalt();
if (iterations <= 0) iterations = 10000;
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
SecretKey tmp = factory.generateSecret(new PBEKeySpec(password.toCharArray(), salt,
iterations, 128));
SecretKeySpec key = new SecretKeySpec(tmp.getEncoded(), AES);
return key.getEncoded();
}
public static final byte[] genkey(String password) throws Exception {
return genkey(password, null, -1);
}
public static final String genskey(String password, byte[] salt, int iterations)
throws Exception {
return Base64.encodeBytes(genkey(password, salt, iterations));
}
public static final String genskey(String password) throws Exception {
return Base64.encodeBytes(genkey(password));
}
public static final byte[] getKey(String skey) {
return Base64.decode(skey);
}
public static final byte[] encrypt(byte[] clear, byte[] key) throws Exception {
if (clear == null) return null;
if (key == null) throw new NullPointerException("key is required");
Cipher aes = Cipher.getInstance(CIPHER);
aes.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, AES));
return aes.doFinal(clear);
}
public static final String sencrypt(String sclear, byte[] key) throws Exception {
if (sclear == null) return null;
byte[] input = sclear.getBytes(UTF_8);
byte[] output = encrypt(input, key);
return Base64.encodeBytes(output, Base64.DONT_BREAK_LINES);
}
public static final String sencrypt(String sclear, String skey) throws Exception {
return sencrypt(sclear, getKey(skey));
}
public static final byte[] decrypt(byte[] crypted, byte[] key) throws Exception {
if (crypted == null) return null;
if (key == null) throw new NullPointerException("key is required");
Cipher aes = Cipher.getInstance(CIPHER);
aes.init(Cipher.DECRYPT_MODE, new SecretKeySpec(key, AES));
return aes.doFinal(crypted);
}
public static final String sdecrypt(String scrypted, byte[] key) throws Exception {
if (scrypted == null) return null;
byte[] input = Base64.decode(scrypted);
byte[] output = decrypt(input, key);
return new String(output, UTF_8);
}
public static final String sdecrypt(String scrypted, String skey) throws Exception {
return sdecrypt(scrypted, getKey(skey));
}
}
// ------------------------------------------------------------------------ // ------------------------------------------------------------------------
private Password getPasswordAnySalt(String clear, String scheme, final String anySalt) { private Password getPasswordAnySalt(String clear, String scheme, final String anySalt) {
@ -4588,10 +4671,42 @@ public class upassword {
private void run(String[] args) { private void run(String[] args) {
if (args.length == 1 && strEquals(args[0], "--help")) { if (args.length == 1 && strEquals(args[0], "--help")) {
println("USAGE: upassword [clear [salts...]]"); println("USAGE: upassword [-f aeskeyfile] [clear [salts...]]");
System.exit(0); System.exit(0);
} }
String aeskeyfile = null;
if (args.length > 0 && args[0].substring(0, 2).equals("-f")) {
String opt = args[0];
int shift = 1;
if (opt.equals("-f")) {
if (args.length > 1) {
aeskeyfile = args[1];
shift = 2;
}
} else {
aeskeyfile = args[0].substring(2);
}
String[] newargs = new String[args.length - shift];
System.arraycopy(args, shift, newargs, 0, newargs.length);
args = newargs;
}
byte[] aeskey = null;
if (aeskeyfile != null) {
try {
FileInputStream fis = new FileInputStream(aeskeyfile);
try {
aeskey = new byte[16];
fis.read(aeskey);
} finally {
fis.close();
}
} catch (Exception e) {
e.printStackTrace(System.err);
System.exit(1);
}
}
String clear = null; String clear = null;
if (args.length > 0) clear = args[0]; if (args.length > 0) clear = args[0];
String salt = null; String salt = null;
@ -4619,6 +4734,13 @@ public class upassword {
String ssha = getPasswordAnySalt(clear, Password.SSHA, salt).getNormalized(); String ssha = getPasswordAnySalt(clear, Password.SSHA, salt).getNormalized();
String md5 = getPasswordAnySalt(clear, Password.MD5, salt).getNormalized(); String md5 = getPasswordAnySalt(clear, Password.MD5, salt).getNormalized();
String smd5 = getPasswordAnySalt(clear, Password.SMD5, salt).getNormalized(); String smd5 = getPasswordAnySalt(clear, Password.SMD5, salt).getNormalized();
String aes = null;
if (aeskey != null) {
try {
aes = AESEnc.sencrypt(clear, aeskey);
} catch (Exception e) {
}
}
println("clear: " + clear); println("clear: " + clear);
println("lm: " + lm); println("lm: " + lm);
@ -4628,6 +4750,7 @@ public class upassword {
println("ssha: " + ssha); println("ssha: " + ssha);
println("md5: " + md5); println("md5: " + md5);
println("smd5: " + smd5); println("smd5: " + smd5);
if (aes != null) println("aes: " + aes);
} else { } else {
// Afficher uniquement les versions cryptées des mots de passe avec // Afficher uniquement les versions cryptées des mots de passe avec
// les schemes correspondant aux salts spécifiés, pour chacun des // les schemes correspondant aux salts spécifiés, pour chacun des