org.apache.nifi.security.util.crypto

Class ScryptCipherProvider

java.lang.Object

org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider

org.apache.nifi.security.util.crypto.ScryptCipherProvider

All Implemented Interfaces:

CipherProvider, PBECipherProvider

public class ScryptCipherProvider
extends RandomIVPBECipherProvider

Field Summary

Fields

Modifier and Type	Field and Description
private static int	DEFAULT_N These values can be calculated automatically using the code ScryptCipherProviderGroovyTest#calculateMinimumParameters or manually updated by a maintainer
private static int	DEFAULT_P
private static int	DEFAULT_R
private static org.slf4j.Logger	logger
private static Pattern	MCRYPT_SALT_FORMAT
private int	n
private int	p
private int	r
private static Pattern	SCRYPT_SALT_FORMAT

Fields inherited from class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider

IV_DELIMITER, MAX_IV_LIMIT, MAX_SALT_LIMIT, SALT_DELIMITER

Constructor Summary

Constructors

Constructor and Description
ScryptCipherProvider() Instantiates a Scrypt cipher provider with the default parameters N=2^14, r=8, p=1.
ScryptCipherProvider(int n, int r, int p) Instantiates a Scrypt cipher provider with the specified N, r, p values.

Method Summary

Modifier and Type	Method and Description
static byte[]	extractRawSaltFromScryptSalt(String scryptSalt) Returns the raw salt contained in the provided Scrypt salt string.
String	formatSaltForScrypt(byte[] salt) Formats the salt into a string which Scrypt can understand containing the N, r, p values along with the salt value.
static String	formatSaltForScrypt(byte[] salt, int n, int r, int p) Formats the salt into a string which Scrypt can understand containing the N, r, p values along with the salt value.
byte[]	generateSalt() Returns a random salt suitable for this cipher provider.
Cipher	getCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, byte[] iv, int keyLength, boolean encryptMode) Returns an initialized cipher for the specified algorithm.
Cipher	getCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, int keyLength, boolean encryptMode) Returns an initialized cipher for the specified algorithm.
int	getDefaultSaltLength() Returns the default salt length for this implementation.
protected Cipher	getInitializedCipher(EncryptionMethod encryptionMethod, String password, byte[] salt, byte[] iv, int keyLength, boolean encryptMode)
(package private) org.slf4j.Logger	getLogger()
protected int	getN()
protected int	getP()
protected int	getR()
static boolean	isPValid(int r, int p) Returns whether the provided parallelization factor (p value) is within boundaries.
static boolean	isRValid(int r) Returns whether the provided block size (r value) is a positive integer or not.
static boolean	isScryptFormattedSalt(String salt) Returns true if the salt string is a valid Scrypt salt string ($s0$e0801$abcdefghi..{22}).
private void	parseSalt(String scryptSalt, byte[] rawSalt, List<Integer> params)
static String	translateSalt(String mcryptSalt) Translates a salt from the mcrypt format $n$r$p$salt_hex to the Java scrypt format $s0$params$saltBase64.

Methods inherited from class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider

readIV, readSalt, writeIV, writeSalt

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

private static final org.slf4j.Logger logger

n

private final int n

r

private final int r

p

private final int p

DEFAULT_N

private static final int DEFAULT_N

These values can be calculated automatically using the code ScryptCipherProviderGroovyTest#calculateMinimumParameters or manually updated by a maintainer

DEFAULT_R

private static final int DEFAULT_R

See Also:

Constant Field Values

DEFAULT_P

private static final int DEFAULT_P

See Also:

Constant Field Values

SCRYPT_SALT_FORMAT

private static final Pattern SCRYPT_SALT_FORMAT

MCRYPT_SALT_FORMAT

private static final Pattern MCRYPT_SALT_FORMAT

Constructor Detail

ScryptCipherProvider

public ScryptCipherProvider()

Instantiates a Scrypt cipher provider with the default parameters N=2^14, r=8, p=1.

ScryptCipherProvider

public ScryptCipherProvider(int n,
                            int r,
                            int p)

Instantiates a Scrypt cipher provider with the specified N, r, p values.

Parameters:

n - the number of iterations

r - the block size in bytes

p - the parallelization factor

Method Detail

isPValid

public static boolean isPValid(int r,
                               int p)

Returns whether the provided parallelization factor (p value) is within boundaries. The lower bound > 0 and the upper bound is calculated based on the provided block size (r value).

Parameters:

r - the block size in bytes

p - the parallelization factor

Returns:

true if p is within boundaries

isRValid

public static boolean isRValid(int r)

Returns whether the provided block size (r value) is a positive integer or not.

Parameters:

r - the block size in bytes

Returns:

true if r is a positive integer

getCipher

public Cipher getCipher(EncryptionMethod encryptionMethod,
                        String password,
                        byte[] salt,
                        byte[] iv,
                        int keyLength,
                        boolean encryptMode)
                 throws Exception

Returns an initialized cipher for the specified algorithm. The key is derived by the KDF of the implementation. The IV is provided externally to allow for non-deterministic IVs, as IVs deterministically derived from the password are a potential vulnerability and compromise semantic security. See Ilmari Karonen's answer on Crypto Stack Exchange

Specified by:

getCipher in class RandomIVPBECipherProvider

Parameters:

encryptionMethod - the EncryptionMethod

password - the secret input

salt - the complete salt (e.g. "$2a$10$gUVbkVzp79H8YaCOsCVZNu".getBytes(StandardCharsets.UTF_8))

iv - the IV

keyLength - the desired key length in bits

encryptMode - true for encrypt, false for decrypt

Returns:

the initialized cipher

Throws:

Exception - if there is a problem initializing the cipher

getLogger

org.slf4j.Logger getLogger()

Specified by:

getLogger in class RandomIVPBECipherProvider

getCipher

public Cipher getCipher(EncryptionMethod encryptionMethod,
                        String password,
                        byte[] salt,
                        int keyLength,
                        boolean encryptMode)
                 throws Exception

Returns an initialized cipher for the specified algorithm. The key (and IV if necessary) are derived by the KDF of the implementation.

The IV can be retrieved by the calling method using Cipher.getIV().

Parameters:

encryptionMethod - the EncryptionMethod

password - the secret input

salt - the complete salt (e.g. "$s0$20101$gUVbkVzp79H8YaCOsCVZNu".getBytes(StandardCharsets.UTF_8))

keyLength - the desired key length in bits

encryptMode - true for encrypt, false for decrypt

Returns:

the initialized cipher

Throws:

Exception - if there is a problem initializing the cipher

getInitializedCipher

protected Cipher getInitializedCipher(EncryptionMethod encryptionMethod,
                                      String password,
                                      byte[] salt,
                                      byte[] iv,
                                      int keyLength,
                                      boolean encryptMode)
                               throws Exception

Throws:

Exception

extractRawSaltFromScryptSalt

public static byte[] extractRawSaltFromScryptSalt(String scryptSalt)

Returns the raw salt contained in the provided Scrypt salt string.

Parameters:

scryptSalt - the full Scrypt salt

Returns:

the raw salt decoded from Base64

isScryptFormattedSalt

public static boolean isScryptFormattedSalt(String salt)

Returns true if the salt string is a valid Scrypt salt string ($s0$e0801$abcdefghi..{22}).

Parameters:

salt - the salt string to evaluate

Returns:

true if valid Scrypt salt

parseSalt

private void parseSalt(String scryptSalt,
                       byte[] rawSalt,
                       List<Integer> params)

formatSaltForScrypt

public String formatSaltForScrypt(byte[] salt)

Formats the salt into a string which Scrypt can understand containing the N, r, p values along with the salt value. If the provided salt contains all values, the response will be unchanged. If it only contains the raw salt value, the resulting return value will also include the current instance version, and provided N, r, and p.

The salt is expected to be in the format new String(saltBytes, StandardCharsets.UTF_8) => "$s0$e0801$ABCDEF....".

Parameters:

salt - the provided salt

Returns:

the properly-formatted and complete salt

formatSaltForScrypt

public static String formatSaltForScrypt(byte[] salt,
                                         int n,
                                         int r,
                                         int p)

Formats the salt into a string which Scrypt can understand containing the N, r, p values along with the salt value. If the provided salt contains all values, the response will be unchanged. If it only contains the raw salt value, the resulting return value will also include the provided N, r, and p.

The salt is expected to be in the format new String(saltBytes, StandardCharsets.UTF_8) => "$s0$e0801$ABCDEF....".

Parameters:

salt - the provided salt

n - the N param

r - the r param

p - the p param

Returns:

the properly-formatted and complete salt

translateSalt

public static String translateSalt(String mcryptSalt)

Translates a salt from the mcrypt format $n$r$p$salt_hex to the Java scrypt format $s0$params$saltBase64.

Parameters:

mcryptSalt - the mcrypt-formatted salt string

Returns:

the formatted salt to use with Java Scrypt

generateSalt

public byte[] generateSalt()

Description copied from interface: PBECipherProvider

Returns a random salt suitable for this cipher provider.

Returns:

a random salt

See Also:

PBECipherProvider.getDefaultSaltLength()

getDefaultSaltLength

public int getDefaultSaltLength()

Description copied from interface: PBECipherProvider

Returns the default salt length for this implementation.

Returns:

the default salt length in bytes

getN

protected int getN()

getR

protected int getR()

getP

protected int getP()