mirror of
https://github.com/sparrowwallet/drongo.git
synced 2024-12-27 02:26:44 +00:00
add argon2 key deriver
This commit is contained in:
parent
e20501d954
commit
7cb2f043a1
4 changed files with 84 additions and 1 deletions
|
@ -44,6 +44,10 @@ dependencies {
|
||||||
implementation ('org.bouncycastle:bcprov-jdk15on:1.64') {
|
implementation ('org.bouncycastle:bcprov-jdk15on:1.64') {
|
||||||
exclude group: 'org.hamcrest', module: 'hamcrest-core'
|
exclude group: 'org.hamcrest', module: 'hamcrest-core'
|
||||||
}
|
}
|
||||||
|
implementation ('de.mkammerer:argon2-jvm:2.7') {
|
||||||
|
exclude group: 'org.hamcrest', module: 'hamcrest-core'
|
||||||
|
exclude group: 'junit', module: 'junit'
|
||||||
|
}
|
||||||
implementation ('ch.qos.logback:logback-classic:1.2.3') {
|
implementation ('ch.qos.logback:logback-classic:1.2.3') {
|
||||||
exclude group: 'org.hamcrest', module: 'hamcrest-core'
|
exclude group: 'org.hamcrest', module: 'hamcrest-core'
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,35 @@
|
||||||
package com.sparrowwallet.drongo.crypto;
|
package com.sparrowwallet.drongo.crypto;
|
||||||
|
|
||||||
|
import de.mkammerer.argon2.Argon2Advanced;
|
||||||
|
import de.mkammerer.argon2.Argon2Factory;
|
||||||
|
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
|
||||||
public class Argon2KeyDeriver implements KeyDeriver {
|
public class Argon2KeyDeriver implements KeyDeriver {
|
||||||
|
private static final int SALT_LENGTH = 16;
|
||||||
|
private static final int HASH_LENGTH = 32;
|
||||||
|
private static final int ITERATIONS = 10;
|
||||||
|
private static final int MEMORY = 256 * 1024;
|
||||||
|
private static final int PARALLELISM = 4;
|
||||||
|
|
||||||
|
private final byte[] salt;
|
||||||
|
|
||||||
|
public Argon2KeyDeriver() {
|
||||||
|
SecureRandom secureRandom = new SecureRandom();
|
||||||
|
salt = new byte[SALT_LENGTH];
|
||||||
|
secureRandom.nextBytes(salt);
|
||||||
|
}
|
||||||
|
|
||||||
|
public Argon2KeyDeriver(byte[] salt) {
|
||||||
|
this.salt = salt;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Key deriveKey(String password) throws KeyCrypterException {
|
public Key deriveKey(String password) throws KeyCrypterException {
|
||||||
return null;
|
Argon2Advanced argon2 = Argon2Factory.createAdvanced(Argon2Factory.Argon2Types.ARGON2id, SALT_LENGTH, HASH_LENGTH);
|
||||||
|
byte[] hash = argon2.rawHash(ITERATIONS, MEMORY, PARALLELISM, password.getBytes(StandardCharsets.UTF_8), salt);
|
||||||
|
return new Key(hash, salt, getDeriverType());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
open module com.sparrowwallet.drongo {
|
open module com.sparrowwallet.drongo {
|
||||||
requires org.bouncycastle.provider;
|
requires org.bouncycastle.provider;
|
||||||
|
requires de.mkammerer.argon2;
|
||||||
requires slf4j.api;
|
requires slf4j.api;
|
||||||
exports com.sparrowwallet.drongo;
|
exports com.sparrowwallet.drongo;
|
||||||
exports com.sparrowwallet.drongo.psbt;
|
exports com.sparrowwallet.drongo.psbt;
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
package com.sparrowwallet.drongo.crypto;
|
||||||
|
|
||||||
|
import de.mkammerer.argon2.Argon2;
|
||||||
|
import de.mkammerer.argon2.Argon2Factory;
|
||||||
|
import de.mkammerer.argon2.Argon2Helper;
|
||||||
|
import org.junit.Assert;
|
||||||
|
import org.junit.Test;
|
||||||
|
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
|
||||||
|
public class Argon2KeyDeriverTest {
|
||||||
|
@Test
|
||||||
|
public void testArgon2() {
|
||||||
|
String password = "thisisapassword";
|
||||||
|
|
||||||
|
Argon2KeyDeriver keyDeriver = new Argon2KeyDeriver();
|
||||||
|
Key key = keyDeriver.deriveKey(password);
|
||||||
|
|
||||||
|
KeyCrypter keyCrypter = new AESKeyCrypter();
|
||||||
|
|
||||||
|
String message = "absent essay fox snake vast pumpkin height crouch silent bulb excuse razor";
|
||||||
|
byte[] messageBytes = message.getBytes(StandardCharsets.UTF_8);
|
||||||
|
|
||||||
|
byte[] iv = new byte[16];
|
||||||
|
SecureRandom secureRandom = new SecureRandom();
|
||||||
|
secureRandom.nextBytes(iv);
|
||||||
|
|
||||||
|
EncryptedData encrypted = keyCrypter.encrypt(messageBytes, iv, key);
|
||||||
|
|
||||||
|
//Decrypt
|
||||||
|
|
||||||
|
Argon2KeyDeriver keyDeriver2 = new Argon2KeyDeriver(encrypted.getKeySalt());
|
||||||
|
Key key2 = keyDeriver2.deriveKey(password);
|
||||||
|
|
||||||
|
byte[] decrypted = keyCrypter.decrypt(encrypted, key2);
|
||||||
|
String decryptedMessage = new String(decrypted, StandardCharsets.UTF_8);
|
||||||
|
|
||||||
|
Assert.assertEquals(message, decryptedMessage);
|
||||||
|
}
|
||||||
|
|
||||||
|
// @Test
|
||||||
|
// public void findIterations() {
|
||||||
|
// Argon2 argon2 = Argon2Factory.create();
|
||||||
|
// // 1000 = The hash call must take at most 1000 ms
|
||||||
|
// // 65536 = Memory cost
|
||||||
|
// // 1 = parallelism
|
||||||
|
// int iterations = Argon2Helper.findIterations(argon2, 500, 256*1024, 4);
|
||||||
|
//
|
||||||
|
// System.out.println("Optimal number of iterations: " + iterations);
|
||||||
|
// }
|
||||||
|
}
|
Loading…
Reference in a new issue