org.apache.nifi.security.util.crypto

Class BcryptCipherProvider

java.lang.Object

org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider

org.apache.nifi.security.util.crypto.BcryptCipherProvider

All Implemented Interfaces:

CipherProvider, PBECipherProvider

public class BcryptCipherProvider
extends RandomIVPBECipherProvider

Field Summary

Fields

Modifier and Type	Field and Description
private static Pattern	BCRYPT_SALT_FORMAT
private static String	BCRYPT_SALT_FORMAT_MSG
private static int	DEFAULT_SALT_LENGTH
private static int	DEFAULT_WORK_FACTOR This can be calculated automatically using the code BcryptCipherProviderGroovyTest#calculateMinimumWorkFactor or manually updated by a maintainer
private static org.slf4j.Logger	logger
private int	workFactor

Fields inherited from class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider

IV_DELIMITER, MAX_IV_LIMIT, MAX_SALT_LIMIT, SALT_DELIMITER

Constructor Summary

Constructors

Constructor and Description
BcryptCipherProvider() Instantiates a Bcrypt cipher provider with the default work factor 12 (2^12 key expansion rounds).
BcryptCipherProvider(int workFactor) Instantiates a Bcrypt cipher provider with the specified work factor w (2^w key expansion rounds).

Method Summary

Modifier and Type	Method and Description
private Cipher	createCipherAndHandleExceptions(EncryptionMethod encryptionMethod, String password, byte[] salt, byte[] iv, int keyLength, boolean encryptMode, boolean useLegacyKeyDerivation)
private SecretKey	deriveKey(String password, int keyLength, String algorithm, String provider, byte[] rawSalt, int workFactor, boolean useLegacyKeyDerivation)
static byte[]	extractRawSalt(String fullSalt) Returns the raw salt as a byte[] extracted from the Bcrypt formatted salt byte[].
static String	formatSaltForBcrypt(byte[] salt, int workFactor)
byte[]	generateSalt() Returns the full salt in a byte[] for this cipher provider (i.e.
Cipher	getCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, byte[] iv, int keyLength, boolean encryptMode) Returns an initialized cipher for the specified algorithm.
Cipher	getCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, int keyLength, boolean encryptMode) Returns an initialized cipher for the specified algorithm.
int	getDefaultSaltLength() Returns the default salt length for this implementation.
protected Cipher	getInitializedCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, byte[] iv, int keyLength, boolean encryptMode, boolean useLegacyKeyDerivation)
Cipher	getLegacyDecryptCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, byte[] iv, int keyLength) Returns a Cipher instance in Cipher.DECRYPT_MODE configured with the provided inputs and using the legacy key derivation process for Bcrypt where the complete Bcrypt hash output (including algorithm, work factor, and salt) was used as the input to the key stretching SHA-512 digest function.
(package private) org.slf4j.Logger	getLogger()
protected int	getWorkFactor()
static boolean	isBcryptFormattedSalt(String salt) Returns true if the salt string is a valid Bcrypt salt string ($2a$10$abcdefghi..{22}).
private int	parseSalt(String bcryptSalt, byte[] rawSalt)

Methods inherited from class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider

readIV, readSalt, writeIV, writeSalt

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

private static final org.slf4j.Logger logger

workFactor

private final int workFactor

DEFAULT_WORK_FACTOR

private static final int DEFAULT_WORK_FACTOR

This can be calculated automatically using the code BcryptCipherProviderGroovyTest#calculateMinimumWorkFactor or manually updated by a maintainer

See Also:

Constant Field Values

DEFAULT_SALT_LENGTH

private static final int DEFAULT_SALT_LENGTH

See Also:

Constant Field Values

BCRYPT_SALT_FORMAT

private static final Pattern BCRYPT_SALT_FORMAT

BCRYPT_SALT_FORMAT_MSG

private static final String BCRYPT_SALT_FORMAT_MSG

See Also:

Constant Field Values

Constructor Detail

BcryptCipherProvider

public BcryptCipherProvider()

Instantiates a Bcrypt cipher provider with the default work factor 12 (2^12 key expansion rounds).

BcryptCipherProvider

public BcryptCipherProvider(int workFactor)

Instantiates a Bcrypt cipher provider with the specified work factor w (2^w key expansion rounds).

Parameters:

workFactor - the (log) number of key expansion rounds [4..30]

Method Detail

getLogger

org.slf4j.Logger getLogger()

Specified by:

getLogger in class RandomIVPBECipherProvider

getCipher

public Cipher getCipher(EncryptionMethod encryptionMethod,
                        String password,
                        byte[] salt,
                        byte[] iv,
                        int keyLength,
                        boolean encryptMode)
                 throws Exception

Returns an initialized cipher for the specified algorithm. The key is derived by the KDF of the implementation. The IV is provided externally to allow for non-deterministic IVs, as IVs deterministically derived from the password are a potential vulnerability and compromise semantic security. See Ilmari Karonen's answer on Crypto Stack Exchange

Specified by:

getCipher in class RandomIVPBECipherProvider

Parameters:

encryptionMethod - the EncryptionMethod

password - the secret input

salt - the complete salt (e.g. "$2a$10$gUVbkVzp79H8YaCOsCVZNu".getBytes(StandardCharsets.UTF_8))

iv - the IV

keyLength - the desired key length in bits

encryptMode - true for encrypt, false for decrypt

Returns:

the initialized cipher

Throws:

Exception - if there is a problem initializing the cipher

createCipherAndHandleExceptions

private Cipher createCipherAndHandleExceptions(EncryptionMethod encryptionMethod,
                                               String password,
                                               byte[] salt,
                                               byte[] iv,
                                               int keyLength,
                                               boolean encryptMode,
                                               boolean useLegacyKeyDerivation)

getCipher

public Cipher getCipher(EncryptionMethod encryptionMethod,
                        String password,
                        byte[] salt,
                        int keyLength,
                        boolean encryptMode)
                 throws Exception

Returns an initialized cipher for the specified algorithm. The key (and IV if necessary) are derived by the KDF of the implementation.

The IV can be retrieved by the calling method using Cipher.getIV().

Parameters:

encryptionMethod - the EncryptionMethod

password - the secret input

salt - the complete salt (e.g. "$2a$10$gUVbkVzp79H8YaCOsCVZNu".getBytes(StandardCharsets.UTF_8))

keyLength - the desired key length in bits

encryptMode - true for encrypt, false for decrypt

Returns:

the initialized cipher

Throws:

Exception - if there is a problem initializing the cipher

getLegacyDecryptCipher

public Cipher getLegacyDecryptCipher(EncryptionMethod encryptionMethod,
                                     String password,
                                     byte[] salt,
                                     byte[] iv,
                                     int keyLength)

Returns a Cipher instance in Cipher.DECRYPT_MODE configured with the provided inputs and using the legacy key derivation process for Bcrypt where the complete Bcrypt hash output (including algorithm, work factor, and salt) was used as the input to the key stretching SHA-512 digest function. This is only used for backward-compatibility decryptions for NiFi versions prior to 1.12.0. All encryption operations moving forward use the correct key derivation process.

Parameters:

encryptionMethod - the EncryptionMethod

password - the secret input

salt - the complete salt (e.g. "$2a$10$gUVbkVzp79H8YaCOsCVZNu".getBytes(StandardCharsets.UTF_8))

iv - the Initialization Vector in bits

keyLength - the desired key length in bits

Returns:

the initialized cipher using the legacy key derivation process

Throws:

Exception - if there is a problem initializing the cipher

getInitializedCipher

protected Cipher getInitializedCipher(EncryptionMethod encryptionMethod,
                                      String password,
                                      byte[] salt,
                                      byte[] iv,
                                      int keyLength,
                                      boolean encryptMode,
                                      boolean useLegacyKeyDerivation)
                               throws Exception

Throws:

Exception

deriveKey

private SecretKey deriveKey(String password,
                            int keyLength,
                            String algorithm,
                            String provider,
                            byte[] rawSalt,
                            int workFactor,
                            boolean useLegacyKeyDerivation)
                     throws NoSuchAlgorithmException,
                            NoSuchProviderException

Throws:

NoSuchAlgorithmException

NoSuchProviderException

isBcryptFormattedSalt

public static boolean isBcryptFormattedSalt(String salt)

Returns true if the salt string is a valid Bcrypt salt string ($2a$10$abcdefghi..{22}).

Parameters:

salt - the salt string to evaluate

Returns:

true if valid Bcrypt salt

parseSalt

private int parseSalt(String bcryptSalt,
                      byte[] rawSalt)

formatSaltForBcrypt

public static String formatSaltForBcrypt(byte[] salt,
                                         int workFactor)

generateSalt

public byte[] generateSalt()

Returns the full salt in a byte[] for this cipher provider (i.e. $2a$10$abcdef... format).

Returns:

the full salt as a byte[]

See Also:

PBECipherProvider.getDefaultSaltLength()

extractRawSalt

public static byte[] extractRawSalt(String fullSalt)

Returns the raw salt as a byte[] extracted from the Bcrypt formatted salt byte[].

Parameters:

fullSalt - the Bcrypt salt sequence as bytes

Returns:

the raw salt (16 bytes) without Radix 64 encoding

getDefaultSaltLength

public int getDefaultSaltLength()

Description copied from interface: PBECipherProvider

Returns the default salt length for this implementation.

Returns:

the default salt length in bytes

getWorkFactor

protected int getWorkFactor()