├── .gitignore ├── CryptoAPI-Bench_details.xlsx ├── LICENSE ├── README.md ├── build.gradle ├── settings.gradle └── src └── main └── java └── org └── cryptoapi └── bench ├── brokencrypto ├── BrokenCryptoABICase1.java ├── BrokenCryptoABICase10.java ├── BrokenCryptoABICase11.java ├── BrokenCryptoABICase12.java ├── BrokenCryptoABICase13.java ├── BrokenCryptoABICase14.java ├── BrokenCryptoABICase15.java ├── BrokenCryptoABICase2.java ├── BrokenCryptoABICase3.java ├── BrokenCryptoABICase4.java ├── BrokenCryptoABICase5.java ├── BrokenCryptoABICase6.java ├── BrokenCryptoABICase7.java ├── BrokenCryptoABICase8.java ├── BrokenCryptoABICase9.java ├── BrokenCryptoABMC1.java ├── BrokenCryptoABMC2.java ├── BrokenCryptoABMC3.java ├── BrokenCryptoABMC4.java ├── BrokenCryptoABMC5.java ├── BrokenCryptoABMCCase1.java ├── BrokenCryptoABMCCase2.java ├── BrokenCryptoABMCCase3.java ├── BrokenCryptoABMCCase4.java ├── BrokenCryptoABMCCase5.java ├── BrokenCryptoABPSCase1.java ├── BrokenCryptoABPSCase2.java ├── BrokenCryptoABPSCase3.java ├── BrokenCryptoABPSCase4.java ├── BrokenCryptoABPSCase5.java ├── BrokenCryptoABSCase1.java ├── BrokenCryptoABSCase2.java ├── BrokenCryptoABSCase3.java ├── BrokenCryptoABSCase4.java ├── BrokenCryptoABSCase5.java ├── BrokenCryptoBBCase1.java ├── BrokenCryptoBBCase2.java ├── BrokenCryptoBBCase3.java ├── BrokenCryptoBBCase4.java ├── BrokenCryptoBBCase5.java └── BrokenCryptoCorrected.java ├── brokenhash ├── BrokenHashABICase1.java ├── BrokenHashABICase10.java ├── BrokenHashABICase11.java ├── BrokenHashABICase12.java ├── BrokenHashABICase2.java ├── BrokenHashABICase3.java ├── BrokenHashABICase4.java ├── BrokenHashABICase5.java ├── BrokenHashABICase6.java ├── BrokenHashABICase7.java ├── BrokenHashABICase8.java ├── BrokenHashABICase9.java ├── BrokenHashABMC1.java ├── BrokenHashABMC2.java ├── BrokenHashABMC3.java ├── BrokenHashABMC4.java ├── BrokenHashABMCCase1.java ├── BrokenHashABMCCase2.java ├── BrokenHashABMCCase3.java ├── BrokenHashABMCCase4.java ├── BrokenHashABPSCase1.java ├── BrokenHashABPSCase2.java ├── BrokenHashABPSCase3.java ├── BrokenHashABPSCase4.java ├── BrokenHashABSCase1.java ├── BrokenHashABSCase2.java ├── BrokenHashABSCase3.java ├── BrokenHashABSCase4.java ├── BrokenHashBBCase1.java ├── BrokenHashBBCase2.java ├── BrokenHashBBCase3.java ├── BrokenHashBBCase4.java └── BrokenHashCorrected.java ├── dummycertvalidation ├── DummyCertValidationCase1.java ├── DummyCertValidationCase2.java └── DummyCertValidationCase3.java ├── dummyhostnameverifier ├── DummyHostNameVerifierCase1.java └── DummyHostNameVerifierCorrected.java ├── ecbcrypto ├── EcbInSymmCryptoABICase1.java ├── EcbInSymmCryptoABICase2.java ├── EcbInSymmCryptoABICase3.java ├── EcbInSymmCryptoABMC1.java ├── EcbInSymmCryptoABMCCase1.java ├── EcbInSymmCryptoABPSCase1.java ├── EcbInSymmCryptoABSCase1.java ├── EcbInSymmCryptoBBCase1.java └── EcbInSymmCryptoCorrected.java ├── http ├── HttpProtocolABICase1.java ├── HttpProtocolABICase2.java ├── HttpProtocolABICase3.java ├── HttpProtocolABMC1.java ├── HttpProtocolABMCCase1.java ├── HttpProtocolABPSCase1.java ├── HttpProtocolABSCase1.java ├── HttpProtocolBBCase1.java ├── HttpProtocolCase1Corrected.java └── HttpProtocolCase2Corrected.java ├── impropersslsocketfactory ├── ImproperSocketManualHostABICase1.java ├── ImproperSocketManualHostABICase2.java ├── ImproperSocketManualHostABSCase1.java └── ImproperSocketManualHostBBCase1.java ├── insecureasymmetriccrypto ├── InsecureAsymmetricCipherABICase1.java ├── InsecureAsymmetricCipherABICase2.java ├── InsecureAsymmetricCipherABICase3.java ├── InsecureAsymmetricCipherABMC1.java ├── InsecureAsymmetricCipherABMCCase1.java ├── InsecureAsymmetricCipherABPSCase1.java └── InsecureAsymmetricCipherBBCase1.java ├── pbeiteration ├── LessThan1000IterationPBEABHCase1.java ├── LessThan1000IterationPBEABICase1.java ├── LessThan1000IterationPBEABICase2.java ├── LessThan1000IterationPBEABICase3.java ├── LessThan1000IterationPBEABMC1.java ├── LessThan1000IterationPBEABMCCase1.java ├── LessThan1000IterationPBEABPSCase1.java ├── LessThan1000IterationPBEABSCase1.java ├── LessThan1000IterationPBEBBCase1.java └── LessThan1000IterationPBECorrected.java ├── predictablecryptographickey ├── PredictableCryptographicKeyABHCase1.java ├── PredictableCryptographicKeyABHCase2.java ├── PredictableCryptographicKeyABICase1.java ├── PredictableCryptographicKeyABICase2.java ├── PredictableCryptographicKeyABICase3.java ├── PredictableCryptographicKeyABMC1.java ├── PredictableCryptographicKeyABMCCase1.java ├── PredictableCryptographicKeyABPSCase1.java ├── PredictableCryptographicKeyABSCase1.java ├── PredictableCryptographicKeyBBCase1.java └── PredictableCryptographicKeyCorrected.java ├── predictablekeystorepassword ├── PredictableKeyStorePasswordABHCase1.java ├── PredictableKeyStorePasswordABHCase2.java ├── PredictableKeyStorePasswordABICase1.java ├── PredictableKeyStorePasswordABICase2.java ├── PredictableKeyStorePasswordABICase3.java ├── PredictableKeyStorePasswordABMC1.java ├── PredictableKeyStorePasswordABMCCase1.java ├── PredictableKeyStorePasswordABPSCase1.java ├── PredictableKeyStorePasswordABSCase1.java ├── PredictableKeyStorePasswordBBCase1.java └── PredictableKeyStorePasswordCorrected.java ├── predictablepbepassword ├── PredictablePBEPasswordABHCase1.java ├── PredictablePBEPasswordABHCase2.java ├── PredictablePBEPasswordABICase1.java ├── PredictablePBEPasswordABICase2.java ├── PredictablePBEPasswordABICase3.java ├── PredictablePBEPasswordABMC1.java ├── PredictablePBEPasswordABMCCase1.java ├── PredictablePBEPasswordABPSCase1.java ├── PredictablePBEPasswordABSCase1.java ├── PredictablePBEPasswordBBCase1.java ├── PredictablePBEPasswordBBCase2.java └── PredictablePBEPasswordCorrected.java ├── predictableseeds ├── PredictableSeedsABHCase2.java ├── PredictableSeedsABHCase4.java ├── PredictableSeedsABICase1.java ├── PredictableSeedsABICase2.java ├── PredictableSeedsABICase3.java ├── PredictableSeedsABICase4.java ├── PredictableSeedsABICase5.java ├── PredictableSeedsABICase6.java ├── PredictableSeedsABMC1.java ├── PredictableSeedsABMC2.java ├── PredictableSeedsABMCCase1.java ├── PredictableSeedsABMCCase2.java ├── PredictableSeedsABPSCase1.java ├── PredictableSeedsABPSCase2.java ├── PredictableSeedsABSCase1.java ├── PredictableSeedsABSCase2.java ├── PredictableSeedsBBCase1.java ├── PredictableSeedsBBCase2.java └── PredictableSeedsCorrected.java ├── staticinitializationvector ├── StaticInitializationVectorABHCase1.java ├── StaticInitializationVectorABHCase2.java ├── StaticInitializationVectorABICase1.java ├── StaticInitializationVectorABICase2.java ├── StaticInitializationVectorABICase3.java ├── StaticInitializationVectorABMC1.java ├── StaticInitializationVectorABMCCase1.java ├── StaticInitializationVectorABPSCase1.java ├── StaticInitializationVectorABSCase1.java ├── StaticInitializationVectorBBCase1.java └── StaticInitializationVectorCorrected.java ├── staticsalts ├── StaticSaltsABHCase1.java ├── StaticSaltsABICase1.java ├── StaticSaltsABICase2.java ├── StaticSaltsABICase3.java ├── StaticSaltsABMC1.java ├── StaticSaltsABMCCase1.java ├── StaticSaltsABPSCase1.java ├── StaticSaltsABSCase1.java ├── StaticSaltsBBCase1.java └── StaticSaltsCorrected.java └── untrustedprng ├── UntrustedPRNGCase1.java └── UntrustedPRNGCorrected.java /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | *.iml 3 | .gradle 4 | gradle 5 | gradlew 6 | gradlew.bat 7 | out 8 | cov-int 9 | myproject.tgz 10 | build 11 | -------------------------------------------------------------------------------- /CryptoAPI-Bench_details.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CryptoGuardOSS/cryptoapi-bench/759622ff29c73eba4c47e6a8fe2f505c3fef8526/CryptoAPI-Bench_details.xlsx -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Sharmin Afrose 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ### Build Cryptoapi-bench 2 | 1. Run `cd /path/to/cryptoapi-bench` 3 | 2. Run `gradle clean build` 4 | 5 | A Jar will be created in `cd /path/to/cryptoapi-bench/build/libs/` folder. Use different Cryptographic vulnerability detection tools to analyze the Jar. 6 | 7 | The `CryptoAPI-Bench_details.xlsx` contains the summary of secure and nonsecure code and pointed out the vulnerability. 8 | 9 | A new version of CryptoAPI-Bench containing 171 test cases can be found in https://github.com/CryptoAPI-Bench/CryptoAPI-Bench/tree/master/src/main/java/org/cryptoapi/bench. 10 | 11 | ### Paper 12 | If you use this code or these benchmarks in your research, please cite the following publication. 13 | ``` 14 | @inproceedings{afrose2019cryptoapi, 15 | title={CryptoAPI-Bench: A Comprehensive Benchmark on Java Cryptographic API Misuses}, 16 | author={Afrose, Sharmin and Rahaman, Sazzadur and Yao, Danfeng}, 17 | booktitle={2019 IEEE Cybersecurity Development (SecDev)}, 18 | pages={49--61}, 19 | year={2019}, 20 | organization={IEEE} 21 | } 22 | 23 | @inproceedings{rahaman2019cryptoguard, 24 | title={Cryptoguard: High precision detection of cryptographic vulnerabilities in massive-sized java projects}, 25 | author={Rahaman, Sazzadur and Xiao, Ya and Afrose, Sharmin and Shaon, Fahad and Tian, Ke and Frantz, Miles and Kantarcioglu, Murat and Yao, Danfeng}, 26 | booktitle={Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security}, 27 | pages={2455--2472}, 28 | year={2019} 29 | } 30 | ``` 31 | 32 | ### Contact 33 | 34 | If you have any questions or suggestions, please email to sharminafrose@vt.edu 35 | -------------------------------------------------------------------------------- /build.gradle: -------------------------------------------------------------------------------- 1 | plugins { 2 | id 'java' 3 | } 4 | 5 | group 'org.sharmin' 6 | version '1.0-SNAPSHOT' 7 | 8 | sourceCompatibility = 1.8 9 | 10 | repositories { 11 | mavenCentral() 12 | } 13 | 14 | dependencies { 15 | testCompile group: 'junit', name: 'junit', version: '4.12' 16 | } 17 | -------------------------------------------------------------------------------- /settings.gradle: -------------------------------------------------------------------------------- 1 | rootProject.name = 'rigorityj-samples' 2 | 3 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase1 { 11 | public void go(String crypto, String keyAlgo) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(keyAlgo); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoABICase1 bc = new BrokenCryptoABICase1(); 20 | String crypto = "DES/ECB/PKCS5Padding"; 21 | String keyAlgo = "DES"; 22 | bc.go(crypto,keyAlgo); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase10.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase10 { 11 | public static final String DEFAULT_CRYPTO = "IDEA"; 12 | private static char[] CRYPTO; 13 | private static char[] crypto; 14 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 15 | KeyGenerator keyGen = KeyGenerator.getInstance(String.valueOf(crypto)); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance(String.valueOf(crypto)); 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | private static void go2(){ 21 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 22 | } 23 | private static void go3(){ 24 | crypto = CRYPTO; 25 | } 26 | 27 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 28 | BrokenCryptoABICase10 bc = new BrokenCryptoABICase10(); 29 | go2(); 30 | go3(); 31 | bc.go(); 32 | } 33 | 34 | } 35 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase11.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase11 { 11 | public static void method2(String c, String key) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | String cryptoAlgo = c; 13 | method1(cryptoAlgo,key); 14 | } 15 | public static void method1(String crypto,String cryptoKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 16 | KeyGenerator keyGen = KeyGenerator.getInstance(cryptoKey); 17 | SecretKey key = keyGen.generateKey(); 18 | Cipher cipher = Cipher.getInstance(crypto); 19 | cipher.init(Cipher.ENCRYPT_MODE, key); 20 | } 21 | 22 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 23 | String key = "DES"; 24 | String crypto = "DES/ECB/PKCS5Padding"; 25 | method2(crypto,key); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase12.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | import javax.crypto.Cipher; 3 | import javax.crypto.KeyGenerator; 4 | import javax.crypto.NoSuchPaddingException; 5 | import javax.crypto.SecretKey; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | public class BrokenCryptoABICase12 { 10 | public static void method2(String c) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 11 | String cryptoAlgo = c; 12 | method1(cryptoAlgo); 13 | } 14 | public static void method1(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 15 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance(crypto); 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | 21 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 22 | 23 | String crypto = "Blowfish"; 24 | method2(crypto); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase13.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | 4 | import javax.crypto.Cipher; 5 | import javax.crypto.KeyGenerator; 6 | import javax.crypto.NoSuchPaddingException; 7 | import javax.crypto.SecretKey; 8 | import java.security.InvalidKeyException; 9 | import java.security.NoSuchAlgorithmException; 10 | 11 | public class BrokenCryptoABICase13 { 12 | public static void method2(String c) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 13 | String cryptoAlgo = c; 14 | method1(cryptoAlgo); 15 | } 16 | public static void method1(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 17 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 18 | SecretKey key = keyGen.generateKey(); 19 | Cipher cipher = Cipher.getInstance(crypto); 20 | cipher.init(Cipher.ENCRYPT_MODE, key); 21 | } 22 | 23 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 24 | String crypto = "RC4"; 25 | method2(crypto); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase14.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase14 { 11 | public static void method2(String c) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | String cryptoAlgo = c; 13 | method1(cryptoAlgo); 14 | } 15 | public static void method1(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 16 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 17 | SecretKey key = keyGen.generateKey(); 18 | Cipher cipher = Cipher.getInstance(crypto); 19 | cipher.init(Cipher.ENCRYPT_MODE, key); 20 | } 21 | 22 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 23 | 24 | String crypto = "RC2"; 25 | method2(crypto); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase15.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase15 { 11 | public static void method2(String c) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | String cryptoAlgo = c; 13 | method1(cryptoAlgo); 14 | } 15 | public static void method1(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 16 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 17 | SecretKey key = keyGen.generateKey(); 18 | Cipher cipher = Cipher.getInstance(crypto); 19 | cipher.init(Cipher.ENCRYPT_MODE, key); 20 | } 21 | 22 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 23 | 24 | String crypto = "IDEA"; 25 | method2(crypto); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase2 { 11 | public void go(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoABICase2 bc = new BrokenCryptoABICase2(); 20 | String crypto = "Blowfish"; 21 | bc.go(crypto); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase3 { 11 | public void go(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoABICase3 bc = new BrokenCryptoABICase3(); 20 | String crypto = "RC4"; 21 | bc.go(crypto); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase4 { 11 | public void go(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoABICase4 bc = new BrokenCryptoABICase4(); 20 | String crypto = "RC2"; 21 | bc.go(crypto); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase5 { 11 | public static final String DEFAULT_CRYPTO = "DES/ECB/PKCS5Padding"; 12 | private static char[] CRYPTO; 13 | private static char[] crypto; 14 | 15 | public static final String DEFAULT_CRYPTO_ALGO = "DES"; 16 | private static char[] CRYPTO_ALGO; 17 | private static char[] crypto_algo; 18 | 19 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 20 | KeyGenerator keyGen = KeyGenerator.getInstance(String.valueOf(crypto_algo)); 21 | SecretKey key = keyGen.generateKey(); 22 | Cipher cipher = Cipher.getInstance(String.valueOf(crypto)); 23 | cipher.init(Cipher.ENCRYPT_MODE, key); 24 | } 25 | private static void go2(){ 26 | 27 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 28 | CRYPTO_ALGO = DEFAULT_CRYPTO_ALGO.toCharArray(); 29 | } 30 | private static void go3(){ 31 | 32 | crypto = CRYPTO; 33 | crypto_algo = CRYPTO_ALGO; 34 | } 35 | 36 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 37 | BrokenCryptoABICase5 bc = new BrokenCryptoABICase5(); 38 | go2(); 39 | go3(); 40 | bc.go(); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase6.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase6 { 11 | public static final String DEFAULT_CRYPTO = "Blowfish"; 12 | private static char[] CRYPTO; 13 | private static char[] crypto; 14 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 15 | KeyGenerator keyGen = KeyGenerator.getInstance(String.valueOf(crypto)); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance(String.valueOf(crypto)); 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | private static void go2(){ 21 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 22 | } 23 | private static void go3(){ 24 | crypto = CRYPTO; 25 | } 26 | 27 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 28 | BrokenCryptoABICase6 bc = new BrokenCryptoABICase6(); 29 | go2(); 30 | go3(); 31 | bc.go(); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase7.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase7 { 11 | public static final String DEFAULT_CRYPTO = "RC4"; 12 | private static char[] CRYPTO; 13 | private static char[] crypto; 14 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 15 | KeyGenerator keyGen = KeyGenerator.getInstance(String.valueOf(crypto)); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance(String.valueOf(crypto)); 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | private static void go2(){ 21 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 22 | } 23 | private static void go3(){ 24 | crypto = CRYPTO; 25 | } 26 | 27 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 28 | BrokenCryptoABICase7 bc = new BrokenCryptoABICase7(); 29 | go2(); 30 | go3(); 31 | bc.go(); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase8.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase8 { 11 | public static final String DEFAULT_CRYPTO = "RC2"; 12 | private static char[] CRYPTO; 13 | private static char[] crypto; 14 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 15 | KeyGenerator keyGen = KeyGenerator.getInstance(String.valueOf(crypto)); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance(String.valueOf(crypto)); 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | private static void go2(){ 21 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 22 | } 23 | private static void go3(){ 24 | crypto = CRYPTO; 25 | } 26 | 27 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 28 | BrokenCryptoABICase8 bc = new BrokenCryptoABICase8(); 29 | go2(); 30 | go3(); 31 | bc.go(); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABICase9.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABICase9 { 11 | public void go(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoABICase9 bc = new BrokenCryptoABICase9(); 20 | String crypto = "IDEA"; 21 | bc.go(crypto); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABMC1 { 11 | public void go(String crypto, String cryptoKey) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(cryptoKey); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMC2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABMC2 { 11 | public void go(String crypto) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMC3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABMC3 { 11 | public void go(String crypto) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMC4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABMC4 { 11 | public void go(String crypto) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMC5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABMC5 { 11 | public void go(String crypto) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance(crypto); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.NoSuchPaddingException; 4 | import java.security.InvalidKeyException; 5 | import java.security.NoSuchAlgorithmException; 6 | 7 | public class BrokenCryptoABMCCase1 { 8 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 9 | BrokenCryptoABMC1 bc = new BrokenCryptoABMC1(); 10 | String crypto = "DES/ECB/PKCS5Padding"; 11 | String cryptokey = "DES"; 12 | bc.go(crypto,cryptokey); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMCCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.NoSuchPaddingException; 4 | import java.security.InvalidKeyException; 5 | import java.security.NoSuchAlgorithmException; 6 | 7 | public class BrokenCryptoABMCCase2 { 8 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 9 | BrokenCryptoABMC2 bc = new BrokenCryptoABMC2(); 10 | String crypto = "Blowfish"; 11 | bc.go(crypto); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMCCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | 4 | import javax.crypto.NoSuchPaddingException; 5 | import java.security.InvalidKeyException; 6 | import java.security.NoSuchAlgorithmException; 7 | 8 | public class BrokenCryptoABMCCase3 { 9 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 10 | BrokenCryptoABMC3 bc = new BrokenCryptoABMC3(); 11 | String crypto = "RC4"; 12 | bc.go(crypto); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMCCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.NoSuchPaddingException; 4 | import java.security.InvalidKeyException; 5 | import java.security.NoSuchAlgorithmException; 6 | 7 | public class BrokenCryptoABMCCase4 { 8 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 9 | BrokenCryptoABMC4 bc = new BrokenCryptoABMC4(); 10 | String crypto = "RC2"; 11 | bc.go(crypto); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABMCCase5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.NoSuchPaddingException; 4 | import java.security.InvalidKeyException; 5 | import java.security.NoSuchAlgorithmException; 6 | 7 | public class BrokenCryptoABMCCase5 { 8 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 9 | BrokenCryptoABMC5 bc = new BrokenCryptoABMC5(); 10 | String crypto = "IDEA"; 11 | bc.go(crypto); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABPSCase1 { 11 | public void go(int choice) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); 15 | if (choice > 1) 16 | cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 17 | 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | 21 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 22 | BrokenCryptoABPSCase1 bc = new BrokenCryptoABPSCase1(); 23 | int choice=2; 24 | bc.go(choice); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABPSCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | import javax.crypto.Cipher; 3 | import javax.crypto.KeyGenerator; 4 | import javax.crypto.NoSuchPaddingException; 5 | import javax.crypto.SecretKey; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | public class BrokenCryptoABPSCase2 { 10 | public void go(int choice) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 11 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 12 | SecretKey key = keyGen.generateKey(); 13 | Cipher cipher = Cipher.getInstance("Blowfish"); 14 | if (choice > 1) 15 | cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 16 | 17 | cipher.init(Cipher.ENCRYPT_MODE, key); 18 | } 19 | 20 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 21 | BrokenCryptoABPSCase2 bc = new BrokenCryptoABPSCase2(); 22 | int choice=2; 23 | bc.go(choice); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABPSCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | import javax.crypto.Cipher; 3 | import javax.crypto.KeyGenerator; 4 | import javax.crypto.NoSuchPaddingException; 5 | import javax.crypto.SecretKey; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | 10 | public class BrokenCryptoABPSCase3 { 11 | public void go(int choice) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("RC4"); 15 | if (choice > 1) 16 | cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 17 | 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | 21 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 22 | BrokenCryptoABPSCase3 bc = new BrokenCryptoABPSCase3(); 23 | int choice=2; 24 | bc.go(choice); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABPSCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoABPSCase4 { 11 | public void go(int choice) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("RC2"); 15 | if (choice > 1) 16 | cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 17 | 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | 21 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 22 | BrokenCryptoABPSCase4 bc = new BrokenCryptoABPSCase4(); 23 | int choice=2; 24 | bc.go(choice); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABPSCase5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | import javax.crypto.Cipher; 3 | import javax.crypto.KeyGenerator; 4 | import javax.crypto.NoSuchPaddingException; 5 | import javax.crypto.SecretKey; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | public class BrokenCryptoABPSCase5 { 10 | public void go(int choice) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 11 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 12 | SecretKey key = keyGen.generateKey(); 13 | Cipher cipher = Cipher.getInstance("IDEA"); 14 | if (choice > 1) 15 | cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 16 | 17 | cipher.init(Cipher.ENCRYPT_MODE, key); 18 | } 19 | 20 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 21 | BrokenCryptoABPSCase5 bc = new BrokenCryptoABPSCase5(); 22 | int choice=2; 23 | bc.go(choice); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.UnsupportedEncodingException; 5 | import java.security.InvalidKeyException; 6 | import java.security.NoSuchAlgorithmException; 7 | 8 | public class BrokenCryptoABSCase1 { 9 | Crypto2 crypto; 10 | public BrokenCryptoABSCase1() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 11 | crypto = new Crypto2("DES/ECB/PKCS5Padding"); 12 | crypto.encrypt("abc",""); 13 | } 14 | } 15 | 16 | class Crypto2 { 17 | Cipher cipher; 18 | String defaultAlgo; 19 | public Crypto2(String defAlgo) throws NoSuchPaddingException, NoSuchAlgorithmException { 20 | defaultAlgo = defAlgo; 21 | } 22 | 23 | public byte[] encrypt(String txt, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 24 | if(passedAlgo.isEmpty()){ 25 | passedAlgo = defaultAlgo; 26 | } 27 | 28 | KeyGenerator keyGen = KeyGenerator.getInstance(defaultAlgo); 29 | SecretKey key = keyGen.generateKey(); 30 | Cipher cipher = Cipher.getInstance(defaultAlgo); 31 | cipher.init(Cipher.ENCRYPT_MODE, key); 32 | 33 | byte [] txtBytes = txt.getBytes(); 34 | return cipher.doFinal(txtBytes); 35 | } 36 | } 37 | 38 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABSCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.UnsupportedEncodingException; 5 | import java.security.InvalidKeyException; 6 | import java.security.NoSuchAlgorithmException; 7 | 8 | public class BrokenCryptoABSCase2 { 9 | Crypto3 crypto; 10 | public BrokenCryptoABSCase2() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 11 | crypto = new Crypto3("Blowfish"); 12 | crypto.encrypt("abc",""); 13 | } 14 | } 15 | 16 | class Crypto3 { 17 | Cipher cipher; 18 | String defaultAlgo; 19 | public Crypto3(String defAlgo) throws NoSuchPaddingException, NoSuchAlgorithmException { 20 | defaultAlgo = defAlgo; 21 | } 22 | 23 | public byte[] encrypt(String txt, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 24 | if(passedAlgo.isEmpty()){ 25 | passedAlgo = defaultAlgo; 26 | } 27 | 28 | KeyGenerator keyGen = KeyGenerator.getInstance(defaultAlgo); 29 | SecretKey key = keyGen.generateKey(); 30 | Cipher cipher = Cipher.getInstance(defaultAlgo); 31 | cipher.init(Cipher.ENCRYPT_MODE, key); 32 | 33 | byte [] txtBytes = txt.getBytes(); 34 | return cipher.doFinal(txtBytes); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABSCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.UnsupportedEncodingException; 5 | import java.security.InvalidKeyException; 6 | import java.security.NoSuchAlgorithmException; 7 | 8 | public class BrokenCryptoABSCase3 { 9 | Crypto4 crypto; 10 | public BrokenCryptoABSCase3() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 11 | crypto = new Crypto4("RC4"); 12 | crypto.encrypt("abc",""); 13 | } 14 | } 15 | 16 | class Crypto4 { 17 | Cipher cipher; 18 | String defaultAlgo; 19 | public Crypto4(String defAlgo) throws NoSuchPaddingException, NoSuchAlgorithmException { 20 | defaultAlgo = defAlgo; 21 | } 22 | 23 | public byte[] encrypt(String txt, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 24 | if(passedAlgo.isEmpty()){ 25 | passedAlgo = defaultAlgo; 26 | } 27 | 28 | KeyGenerator keyGen = KeyGenerator.getInstance(defaultAlgo); 29 | SecretKey key = keyGen.generateKey(); 30 | Cipher cipher = Cipher.getInstance(defaultAlgo); 31 | cipher.init(Cipher.ENCRYPT_MODE, key); 32 | 33 | byte [] txtBytes = txt.getBytes(); 34 | return cipher.doFinal(txtBytes); 35 | } 36 | } 37 | 38 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABSCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.UnsupportedEncodingException; 5 | import java.security.InvalidKeyException; 6 | import java.security.NoSuchAlgorithmException; 7 | 8 | public class BrokenCryptoABSCase4 { 9 | Crypto5 crypto; 10 | public BrokenCryptoABSCase4() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 11 | crypto = new Crypto5("RC2"); 12 | crypto.encrypt("abc",""); 13 | } 14 | } 15 | 16 | 17 | class Crypto5 { 18 | Cipher cipher; 19 | String defaultAlgo; 20 | public Crypto5(String defAlgo) throws NoSuchPaddingException, NoSuchAlgorithmException { 21 | defaultAlgo = defAlgo; 22 | } 23 | 24 | public byte[] encrypt(String txt, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 25 | if(passedAlgo.isEmpty()){ 26 | passedAlgo = defaultAlgo; 27 | } 28 | 29 | KeyGenerator keyGen = KeyGenerator.getInstance(defaultAlgo); 30 | SecretKey key = keyGen.generateKey(); 31 | Cipher cipher = Cipher.getInstance(defaultAlgo); 32 | cipher.init(Cipher.ENCRYPT_MODE, key); 33 | 34 | byte [] txtBytes = txt.getBytes(); 35 | return cipher.doFinal(txtBytes); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoABSCase5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.UnsupportedEncodingException; 5 | import java.security.InvalidKeyException; 6 | import java.security.NoSuchAlgorithmException; 7 | 8 | public class BrokenCryptoABSCase5 { 9 | Crypto6 crypto; 10 | public BrokenCryptoABSCase5() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 11 | crypto = new Crypto6("IDEA"); 12 | crypto.encrypt("abc",""); 13 | } 14 | } 15 | 16 | 17 | class Crypto6 { 18 | Cipher cipher; 19 | String defaultAlgo; 20 | public Crypto6(String defAlgo) throws NoSuchPaddingException, NoSuchAlgorithmException { 21 | defaultAlgo = defAlgo; 22 | } 23 | 24 | public byte[] encrypt(String txt, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 25 | if(passedAlgo.isEmpty()){ 26 | passedAlgo = defaultAlgo; 27 | } 28 | 29 | KeyGenerator keyGen = KeyGenerator.getInstance(defaultAlgo); 30 | SecretKey key = keyGen.generateKey(); 31 | Cipher cipher = Cipher.getInstance(defaultAlgo); 32 | cipher.init(Cipher.ENCRYPT_MODE, key); 33 | 34 | byte [] txtBytes = txt.getBytes(); 35 | return cipher.doFinal(txtBytes); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | 11 | public class BrokenCryptoBBCase1 { 12 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 13 | KeyGenerator keyGen = KeyGenerator.getInstance("DES"); 14 | SecretKey key = keyGen.generateKey(); 15 | Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); 16 | cipher.init(Cipher.ENCRYPT_MODE, key); 17 | } 18 | 19 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 20 | BrokenCryptoBBCase1 bc = new BrokenCryptoBBCase1(); 21 | bc.go(); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoBBCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoBBCase2 { 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("Blowfish"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("Blowfish"); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoBBCase2 bc = new BrokenCryptoBBCase2(); 20 | bc.go(); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoBBCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoBBCase3 { 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("RC4"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("RC4"); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoBBCase3 bc = new BrokenCryptoBBCase3(); 20 | bc.go(); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoBBCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoBBCase4 { 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("RC2"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("RC2"); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoBBCase4 bc = new BrokenCryptoBBCase4(); 20 | bc.go(); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoBBCase5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoBBCase5 { 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("IDEA"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("IDEA"); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoBBCase5 bc = new BrokenCryptoBBCase5(); 20 | bc.go(); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokencrypto/BrokenCryptoCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokencrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class BrokenCryptoCorrected { 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | BrokenCryptoBBCase1 bc = new BrokenCryptoBBCase1(); 20 | bc.go(); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase1 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "SHA1"; 10 | go(str,crypto); 11 | } 12 | public static void go (String str, String crypto) throws NoSuchAlgorithmException { 13 | MessageDigest md = MessageDigest.getInstance(crypto); 14 | md.update(str.getBytes()); 15 | System.out.println(md.digest()); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase10.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase10 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "MD5"; 10 | method2(str,crypto); 11 | } 12 | public static void method2 (String s, String cryptoHash) throws NoSuchAlgorithmException { 13 | String str2 = s; 14 | String hashAlgo = cryptoHash; 15 | method1(str2,hashAlgo); 16 | } 17 | public static void method1 (String str, String crypto) throws NoSuchAlgorithmException { 18 | MessageDigest md = MessageDigest.getInstance(crypto); 19 | md.update(str.getBytes()); 20 | System.out.println(md.digest()); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase11.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase11 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "MD4"; 10 | method2(str,crypto); 11 | } 12 | public static void method2 (String s, String cryptoHash) throws NoSuchAlgorithmException { 13 | String str2 = s; 14 | String hashAlgo = cryptoHash; 15 | method1(str2,hashAlgo); 16 | } 17 | public static void method1 (String str, String crypto) throws NoSuchAlgorithmException { 18 | MessageDigest md = MessageDigest.getInstance(crypto); 19 | md.update(str.getBytes()); 20 | System.out.println(md.digest()); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase12.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase12 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "MD2"; 10 | method2(str,crypto); 11 | } 12 | public static void method2 (String s, String cryptoHash) throws NoSuchAlgorithmException { 13 | String str2 = s; 14 | String hashAlgo = cryptoHash; 15 | method1(str2,hashAlgo); 16 | } 17 | public static void method1 (String str, String crypto) throws NoSuchAlgorithmException { 18 | MessageDigest md = MessageDigest.getInstance(crypto); 19 | md.update(str.getBytes()); 20 | System.out.println(md.digest()); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase2 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "MD5"; 10 | go(str,crypto); 11 | } 12 | public static void go (String str, String crypto) throws NoSuchAlgorithmException { 13 | MessageDigest md = MessageDigest.getInstance(crypto); 14 | md.update(str.getBytes()); 15 | System.out.println(md.digest()); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase3 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "MD4"; 10 | go(str,crypto); 11 | } 12 | public static void go (String str, String crypto) throws NoSuchAlgorithmException { 13 | MessageDigest md = MessageDigest.getInstance(crypto); 14 | md.update(str.getBytes()); 15 | System.out.println(md.digest()); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase4 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "MD2"; 10 | go(str,crypto); 11 | } 12 | public static void go (String str, String crypto) throws NoSuchAlgorithmException { 13 | MessageDigest md = MessageDigest.getInstance(crypto); 14 | md.update(str.getBytes()); 15 | System.out.println(md.digest()); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase5 { 7 | public static final String DEFAULT_CRYPTO = "SHA1"; 8 | private static char[] CRYPTO; 9 | private static char[] crypto; 10 | public static void main (String [] args) throws NoSuchAlgorithmException { 11 | String str = "abcdef"; 12 | go2(); 13 | go3(); 14 | go(str); 15 | } 16 | 17 | private static void go2(){ 18 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 19 | } 20 | private static void go3(){ 21 | crypto = CRYPTO; 22 | } 23 | 24 | public static void go (String str) throws NoSuchAlgorithmException { 25 | MessageDigest md = MessageDigest.getInstance(String.valueOf(crypto)); 26 | md.update(str.getBytes()); 27 | System.out.println(md.digest()); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase6.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase6 { 7 | public static final String DEFAULT_CRYPTO = "MD5"; 8 | private static char[] CRYPTO; 9 | private static char[] crypto; 10 | public static void main (String [] args) throws NoSuchAlgorithmException { 11 | String str = "abcdef"; 12 | go2(); 13 | go3(); 14 | go(str); 15 | } 16 | 17 | private static void go2(){ 18 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 19 | } 20 | private static void go3(){ 21 | crypto = CRYPTO; 22 | } 23 | 24 | public static void go (String str) throws NoSuchAlgorithmException { 25 | MessageDigest md = MessageDigest.getInstance(String.valueOf(crypto)); 26 | md.update(str.getBytes()); 27 | System.out.println(md.digest()); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase7.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase7 { 7 | public static final String DEFAULT_CRYPTO = "MD4"; 8 | private static char[] CRYPTO; 9 | private static char[] crypto; 10 | public static void main (String [] args) throws NoSuchAlgorithmException { 11 | String str = "abcdef"; 12 | go2(); 13 | go3(); 14 | go(str); 15 | } 16 | 17 | private static void go2(){ 18 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 19 | } 20 | private static void go3(){ 21 | crypto = CRYPTO; 22 | } 23 | 24 | public static void go (String str) throws NoSuchAlgorithmException { 25 | MessageDigest md = MessageDigest.getInstance(String.valueOf(crypto)); 26 | md.update(str.getBytes()); 27 | System.out.println(md.digest()); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase8.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase8 { 7 | public static final String DEFAULT_CRYPTO = "MD2"; 8 | private static char[] CRYPTO; 9 | private static char[] crypto; 10 | public static void main (String [] args) throws NoSuchAlgorithmException { 11 | String str = "abcdef"; 12 | go2(); 13 | go3(); 14 | go(str); 15 | } 16 | 17 | private static void go2(){ 18 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 19 | } 20 | private static void go3(){ 21 | crypto = CRYPTO; 22 | } 23 | 24 | public static void go (String str) throws NoSuchAlgorithmException { 25 | MessageDigest md = MessageDigest.getInstance(String.valueOf(crypto)); 26 | md.update(str.getBytes()); 27 | System.out.println(md.digest()); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABICase9.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABICase9 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String str = "abcdef"; 9 | String crypto = "SHA1"; 10 | method2(str,crypto); 11 | } 12 | public static void method2 (String s, String cryptoHash) throws NoSuchAlgorithmException { 13 | String str2 = s; 14 | String hashAlgo = cryptoHash; 15 | method1(str2,hashAlgo); 16 | } 17 | public static void method1 (String str, String crypto) throws NoSuchAlgorithmException { 18 | MessageDigest md = MessageDigest.getInstance(crypto); 19 | md.update(str.getBytes()); 20 | System.out.println(md.digest()); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABMC1 { 7 | public void go(String str, String crypto) throws NoSuchAlgorithmException { 8 | MessageDigest md = MessageDigest.getInstance(crypto); 9 | md.update(str.getBytes()); 10 | System.out.println(md.digest()); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMC2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABMC2 { 7 | public void go(String str, String crypto) throws NoSuchAlgorithmException { 8 | MessageDigest md = MessageDigest.getInstance(crypto); 9 | md.update(str.getBytes()); 10 | System.out.println(md.digest()); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMC3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABMC3 { 7 | public void go(String str, String crypto) throws NoSuchAlgorithmException { 8 | MessageDigest md = MessageDigest.getInstance(crypto); 9 | md.update(str.getBytes()); 10 | System.out.println(md.digest()); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMC4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashABMC4 { 7 | public void go(String str, String crypto) throws NoSuchAlgorithmException { 8 | MessageDigest md = MessageDigest.getInstance(crypto); 9 | md.update(str.getBytes()); 10 | System.out.println(md.digest()); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABMCCase1 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | BrokenHashABMC1 bh = new BrokenHashABMC1(); 8 | String str = "abcdef"; 9 | String crypto = "SHA1"; 10 | bh.go(str,crypto); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMCCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABMCCase2 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | BrokenHashABMC2 bh = new BrokenHashABMC2(); 8 | String str = "abcdef"; 9 | String crypto = "MD5"; 10 | bh.go(str,crypto); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMCCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABMCCase3 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | BrokenHashABMC3 bh = new BrokenHashABMC3(); 8 | String str = "abcdef"; 9 | String crypto = "MD4"; 10 | bh.go(str,crypto); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABMCCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABMCCase4 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | BrokenHashABMC4 bh = new BrokenHashABMC4(); 8 | String str = "abcdef"; 9 | String crypto = "MD2"; 10 | bh.go(str,crypto); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | import java.security.MessageDigest; 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABPSCase1 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | String name = "abcdef"; 8 | int choice = 2; 9 | MessageDigest md = MessageDigest.getInstance("SHA1"); 10 | if(choice>1) 11 | md = MessageDigest.getInstance("SHA-256"); 12 | md.update(name.getBytes()); 13 | System.out.println(md.digest()); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABPSCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | import java.security.MessageDigest; 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABPSCase2 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | String name = "abcdef"; 8 | int choice = 2; 9 | MessageDigest md = MessageDigest.getInstance("MD5"); 10 | if(choice>1) 11 | md = MessageDigest.getInstance("SHA-256"); 12 | md.update(name.getBytes()); 13 | System.out.println(md.digest()); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABPSCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | import java.security.MessageDigest; 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABPSCase3 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | String name = "abcdef"; 8 | int choice = 2; 9 | MessageDigest md = MessageDigest.getInstance("MD4"); 10 | if(choice>1) 11 | md = MessageDigest.getInstance("SHA-256"); 12 | md.update(name.getBytes()); 13 | System.out.println(md.digest()); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABPSCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | import java.security.MessageDigest; 3 | import java.security.NoSuchAlgorithmException; 4 | 5 | public class BrokenHashABPSCase4 { 6 | public static void main (String [] args) throws NoSuchAlgorithmException { 7 | String name = "abcdef"; 8 | int choice = 2; 9 | MessageDigest md = MessageDigest.getInstance("MD2"); 10 | if(choice>1) 11 | md = MessageDigest.getInstance("SHA-256"); 12 | md.update(name.getBytes()); 13 | System.out.println(md.digest()); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import javax.crypto.*; 4 | import java.io.UnsupportedEncodingException; 5 | import java.security.InvalidKeyException; 6 | import java.security.MessageDigest; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | public class BrokenHashABSCase1 { 10 | CryptoHash1 crypto; 11 | public BrokenHashABSCase1() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 12 | crypto = new CryptoHash1("SHA1"); 13 | crypto.encrypt("abc",""); 14 | } 15 | } 16 | 17 | class CryptoHash1 { 18 | String crypto; 19 | 20 | public CryptoHash1(String defCrypto) throws NoSuchPaddingException, NoSuchAlgorithmException { 21 | crypto = defCrypto; 22 | } 23 | 24 | public void encrypt(String str, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 25 | if(passedAlgo.isEmpty()){ 26 | passedAlgo = crypto; 27 | } 28 | 29 | MessageDigest md = MessageDigest.getInstance(crypto); 30 | md.update(str.getBytes()); 31 | System.out.println(md.digest()); 32 | 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABSCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.IllegalBlockSizeException; 5 | import javax.crypto.NoSuchPaddingException; 6 | import java.io.UnsupportedEncodingException; 7 | import java.security.InvalidKeyException; 8 | import java.security.MessageDigest; 9 | import java.security.NoSuchAlgorithmException; 10 | 11 | public class BrokenHashABSCase2 { 12 | CryptoHash2 crypto; 13 | public BrokenHashABSCase2() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 14 | crypto = new CryptoHash2("MD5"); 15 | crypto.encrypt("abc",""); 16 | } 17 | } 18 | 19 | class CryptoHash2 { 20 | String crypto; 21 | 22 | public CryptoHash2(String defCrypto) throws NoSuchPaddingException, NoSuchAlgorithmException { 23 | crypto = defCrypto; 24 | } 25 | 26 | public void encrypt(String str, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 27 | if(passedAlgo.isEmpty()){ 28 | passedAlgo = crypto; 29 | } 30 | 31 | MessageDigest md = MessageDigest.getInstance(crypto); 32 | md.update(str.getBytes()); 33 | System.out.println(md.digest()); 34 | 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABSCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.IllegalBlockSizeException; 5 | import javax.crypto.NoSuchPaddingException; 6 | import java.io.UnsupportedEncodingException; 7 | import java.security.InvalidKeyException; 8 | import java.security.MessageDigest; 9 | import java.security.NoSuchAlgorithmException; 10 | 11 | public class BrokenHashABSCase3 { 12 | CryptoHash3 crypto; 13 | public BrokenHashABSCase3() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 14 | crypto = new CryptoHash3("MD4"); 15 | crypto.encrypt("abc",""); 16 | } 17 | } 18 | 19 | class CryptoHash3 { 20 | String crypto; 21 | 22 | public CryptoHash3(String defCrypto) throws NoSuchPaddingException, NoSuchAlgorithmException { 23 | crypto = defCrypto; 24 | } 25 | 26 | public void encrypt(String str, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 27 | if(passedAlgo.isEmpty()){ 28 | passedAlgo = crypto; 29 | } 30 | 31 | MessageDigest md = MessageDigest.getInstance(crypto); 32 | md.update(str.getBytes()); 33 | System.out.println(md.digest()); 34 | 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashABSCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.IllegalBlockSizeException; 5 | import javax.crypto.NoSuchPaddingException; 6 | import java.io.UnsupportedEncodingException; 7 | import java.security.InvalidKeyException; 8 | import java.security.MessageDigest; 9 | import java.security.NoSuchAlgorithmException; 10 | 11 | public class BrokenHashABSCase4 { 12 | CryptoHash4 crypto; 13 | public BrokenHashABSCase4() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 14 | crypto = new CryptoHash4("MD2"); 15 | crypto.encrypt("abc",""); 16 | } 17 | } 18 | 19 | class CryptoHash4 { 20 | String crypto; 21 | 22 | public CryptoHash4(String defCrypto) throws NoSuchPaddingException, NoSuchAlgorithmException { 23 | crypto = defCrypto; 24 | } 25 | 26 | public void encrypt(String str, String passedAlgo) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 27 | if(passedAlgo.isEmpty()){ 28 | passedAlgo = crypto; 29 | } 30 | 31 | MessageDigest md = MessageDigest.getInstance(crypto); 32 | md.update(str.getBytes()); 33 | System.out.println(md.digest()); 34 | 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashBBCase1 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String name = "abcdef"; 9 | MessageDigest md = MessageDigest.getInstance("SHA1"); 10 | md.update(name.getBytes()); 11 | System.out.println(md.digest()); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashBBCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashBBCase2 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String name = "abcdef"; 9 | MessageDigest md = MessageDigest.getInstance("MD5"); 10 | md.update(name.getBytes()); 11 | System.out.println(md.digest()); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashBBCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashBBCase3 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String name = "abcdef"; 9 | MessageDigest md = MessageDigest.getInstance("MD4"); 10 | md.update(name.getBytes()); 11 | System.out.println(md.digest()); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashBBCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashBBCase4 { 7 | public static void main (String [] args) throws NoSuchAlgorithmException { 8 | String name = "abcdef"; 9 | MessageDigest md = MessageDigest.getInstance("MD2"); 10 | md.update(name.getBytes()); 11 | System.out.println(md.digest()); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/brokenhash/BrokenHashCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.brokenhash; 2 | 3 | import java.security.MessageDigest; 4 | import java.security.NoSuchAlgorithmException; 5 | 6 | public class BrokenHashCorrected { 7 | public static void main (String [] args) { 8 | try { 9 | MessageDigest md = MessageDigest.getInstance("SHA-256"); 10 | } catch (NoSuchAlgorithmException e) { 11 | e.printStackTrace(); 12 | } 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/dummycertvalidation/DummyCertValidationCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.dummycertvalidation; 2 | 3 | import javax.net.ssl.X509TrustManager; 4 | import java.security.cert.CertificateException; 5 | import java.security.cert.X509Certificate; 6 | 7 | public class DummyCertValidationCase1 implements X509TrustManager { 8 | private X509TrustManager trustManager; 9 | @Override 10 | public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { 11 | //Trust any client connecting (no certificate validation) 12 | trustManager.checkClientTrusted(x509Certificates,s); 13 | } 14 | 15 | @Override 16 | public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { 17 | //Trust any remote server (no certificate validation) 18 | 19 | } 20 | 21 | @Override 22 | public X509Certificate[] getAcceptedIssuers() { 23 | 24 | //return null; 25 | return new X509Certificate[0]; 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/dummycertvalidation/DummyCertValidationCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.dummycertvalidation; 2 | 3 | import javax.net.ssl.X509TrustManager; 4 | import java.security.cert.CertificateException; 5 | import java.security.cert.X509Certificate; 6 | 7 | public class DummyCertValidationCase2 implements X509TrustManager { 8 | 9 | @Override 10 | public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { 11 | 12 | } 13 | 14 | @Override 15 | public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { 16 | } 17 | 18 | @Override 19 | public X509Certificate[] getAcceptedIssuers() { 20 | return new X509Certificate[0]; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/dummycertvalidation/DummyCertValidationCase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.dummycertvalidation; 2 | 3 | import javax.net.ssl.X509TrustManager; 4 | import java.security.cert.CertificateException; 5 | import java.security.cert.X509Certificate; 6 | 7 | public class DummyCertValidationCase3 implements X509TrustManager { 8 | @Override 9 | public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { 10 | 11 | } 12 | 13 | @Override 14 | public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { 15 | 16 | } 17 | 18 | @Override 19 | public X509Certificate[] getAcceptedIssuers() { 20 | return null; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/dummyhostnameverifier/DummyHostNameVerifierCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.dummyhostnameverifier; 2 | 3 | import javax.net.ssl.HostnameVerifier; 4 | import javax.net.ssl.SSLSession; 5 | 6 | public class DummyHostNameVerifierCase1 implements HostnameVerifier { 7 | public boolean verify(String s, SSLSession sslSession) { 8 | return true; 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/dummyhostnameverifier/DummyHostNameVerifierCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.dummyhostnameverifier; 2 | 3 | import javax.net.ssl.HostnameVerifier; 4 | import javax.net.ssl.HttpsURLConnection; 5 | import javax.net.ssl.SSLSession; 6 | 7 | public class DummyHostNameVerifierCorrected implements HostnameVerifier { 8 | public boolean verify(String hostname, SSLSession sslSession) { 9 | if ("192.168.0.10".equals(hostname)) { 10 | return true; 11 | } else { 12 | HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier(); 13 | return hv.verify(hostname, sslSession); 14 | } 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class EcbInSymmCryptoABICase1 { 11 | public void go(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance(crypto); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | EcbInSymmCryptoABICase1 bc = new EcbInSymmCryptoABICase1(); 20 | String crypto = "AES/ECB/PKCS5Padding"; 21 | bc.go(crypto); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class EcbInSymmCryptoABICase2 { 11 | public static final String DEFAULT_CRYPTO = "AES/ECB/PKCS5Padding"; 12 | private static char[] CRYPTO; 13 | private static char[] crypto; 14 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 15 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance(String.valueOf(crypto)); 18 | cipher.init(Cipher.ENCRYPT_MODE, key); 19 | } 20 | private static void go2(){ 21 | CRYPTO = DEFAULT_CRYPTO.toCharArray(); 22 | } 23 | private static void go3(){ 24 | crypto = CRYPTO; 25 | } 26 | 27 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 28 | EcbInSymmCryptoABICase2 bc = new EcbInSymmCryptoABICase2(); 29 | go2(); 30 | go3(); 31 | bc.go(); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class EcbInSymmCryptoABICase3 { 11 | public static void method2(String c) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | String cryptoAlgo = c; 13 | method1(cryptoAlgo); 14 | } 15 | public static void method1(String crypto) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 16 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 17 | SecretKey key = keyGen.generateKey(); 18 | Cipher cipher = Cipher.getInstance(crypto); 19 | cipher.init(Cipher.ENCRYPT_MODE, key); 20 | } 21 | 22 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 23 | String crypto = "AES/ECB/PKCS5Padding"; 24 | method2(crypto); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class EcbInSymmCryptoABMC1 { 11 | 12 | public void go(String crypto) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { 13 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 14 | SecretKey key = keyGen.generateKey(); 15 | Cipher cipher = Cipher.getInstance(crypto); 16 | cipher.init(Cipher.ENCRYPT_MODE, key); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | 3 | import javax.crypto.NoSuchPaddingException; 4 | import java.security.InvalidKeyException; 5 | import java.security.NoSuchAlgorithmException; 6 | 7 | public class EcbInSymmCryptoABMCCase1 { 8 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 9 | EcbInSymmCryptoABMC1 bc = new EcbInSymmCryptoABMC1(); 10 | String crypto = "AES/ECB/PKCS5Padding"; 11 | bc.go(crypto); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | import javax.crypto.Cipher; 3 | import javax.crypto.KeyGenerator; 4 | import javax.crypto.NoSuchPaddingException; 5 | import javax.crypto.SecretKey; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | public class EcbInSymmCryptoABPSCase1 { 10 | public void go(int choice) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 11 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 12 | SecretKey key = keyGen.generateKey(); 13 | Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); 14 | if(choice>1) 15 | cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 16 | cipher.init(Cipher.ENCRYPT_MODE, key); 17 | } 18 | 19 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 20 | EcbInSymmCryptoABPSCase1 bc = new EcbInSymmCryptoABPSCase1(); 21 | int choice = 2; 22 | bc.go(choice); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class EcbInSymmCryptoABSCase1 { 11 | CryptoECB1 crypto; 12 | public EcbInSymmCryptoABSCase1() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 13 | String cryptoAlgo = "AES/ECB/PKCS5Padding"; 14 | crypto = new CryptoECB1(cryptoAlgo); 15 | crypto.method1(""); 16 | } 17 | } 18 | 19 | class CryptoECB1 { 20 | String defAlgo; 21 | 22 | public CryptoECB1(String algo) { 23 | defAlgo = algo; 24 | } 25 | 26 | public void method1(String passedAlgo) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { 27 | 28 | if(passedAlgo.isEmpty()){ 29 | passedAlgo = defAlgo; 30 | } 31 | 32 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 33 | SecretKey key = keyGen.generateKey(); 34 | Cipher cipher = Cipher.getInstance(passedAlgo); 35 | cipher.init(Cipher.ENCRYPT_MODE, key); 36 | 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | import javax.crypto.Cipher; 3 | import javax.crypto.KeyGenerator; 4 | import javax.crypto.NoSuchPaddingException; 5 | import javax.crypto.SecretKey; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | public class EcbInSymmCryptoBBCase1 { 10 | 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | EcbInSymmCryptoBBCase1 bc = new EcbInSymmCryptoBBCase1(); 20 | bc.go(); 21 | } 22 | 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/ecbcrypto/EcbInSymmCryptoCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.ecbcrypto; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class EcbInSymmCryptoCorrected { 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 15 | cipher.init(Cipher.ENCRYPT_MODE, key); 16 | } 17 | 18 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException { 19 | EcbInSymmCryptoBBCase1 bc = new EcbInSymmCryptoBBCase1(); 20 | bc.go(); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.MalformedURLException; 4 | import java.net.URL; 5 | 6 | public class HttpProtocolABICase1 { 7 | 8 | public static void main(String [] args) throws MalformedURLException { 9 | String url = "http://www.google.com"; 10 | go(url); 11 | 12 | } 13 | 14 | private static void go(String url) throws MalformedURLException { 15 | System.out.println(new URL(url)); 16 | } 17 | 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.MalformedURLException; 4 | import java.net.URL; 5 | 6 | public class HttpProtocolABICase2 { 7 | public static final String DEFAULT_URL = "http://www.google.com"; 8 | private static char[] URL; 9 | private static char[] url; 10 | public static void main(String [] args) throws MalformedURLException { 11 | go2(); 12 | go3(); 13 | go(); 14 | } 15 | private static void go2(){ 16 | URL = DEFAULT_URL.toCharArray(); 17 | } 18 | private static void go3(){ 19 | url = URL; 20 | } 21 | 22 | private static void go() throws MalformedURLException { 23 | System.out.println(new URL(url.toString())); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | import java.net.MalformedURLException; 3 | import java.net.URL; 4 | 5 | 6 | public class HttpProtocolABICase3 { 7 | public static void main(String [] args) throws MalformedURLException { 8 | String url = "http://www.google.com"; 9 | method1(url); 10 | } 11 | 12 | private static void method1 (String url) throws MalformedURLException { 13 | String url2 = url; 14 | method2(url2); 15 | } 16 | 17 | private static void method2(String url) throws MalformedURLException { 18 | System.out.println(new URL(url)); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.MalformedURLException; 4 | import java.net.URL; 5 | 6 | public class HttpProtocolABMC1 { 7 | public void go(String url) throws MalformedURLException { 8 | System.out.println(new URL(url)); 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.MalformedURLException; 4 | 5 | public class HttpProtocolABMCCase1 { 6 | public static void main(String [] args) throws MalformedURLException { 7 | HttpProtocolABMC1 hp = new HttpProtocolABMC1(); 8 | String url = "http://www.google.com"; 9 | hp.go(url); 10 | 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | import java.net.URL; 3 | 4 | public class HttpProtocolABPSCase1 { 5 | public static void main(String[] args) throws Exception { 6 | int choice = 2; 7 | String url = "http://www.facebook.com"; 8 | if(choice>1) 9 | url = "https://www.google.com"; 10 | System.out.println(new URL(url)); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.MalformedURLException; 4 | import java.net.URL; 5 | 6 | public class HttpProtocolABSCase1 { 7 | CryptoHTTP1 crypto; 8 | public HttpProtocolABSCase1() throws MalformedURLException { 9 | String url = "http://gmail.com"; 10 | crypto = new CryptoHTTP1(url); 11 | crypto.method1(""); 12 | } 13 | } 14 | 15 | class CryptoHTTP1 { 16 | String defURL; 17 | 18 | public CryptoHTTP1(String url){ 19 | defURL = url; 20 | } 21 | 22 | public void method1(String passedURL) throws MalformedURLException { 23 | 24 | if(passedURL.isEmpty()){ 25 | passedURL = defURL; 26 | } 27 | System.out.println(new URL(passedURL)); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.URL; 4 | 5 | public class HttpProtocolBBCase1 { 6 | public static void main(String[] args) throws Exception { 7 | String url = "http://www.facebook.com"; 8 | System.out.println(new URL(url)); 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolCase1Corrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.URL; 4 | 5 | public class HttpProtocolCase1Corrected { 6 | public static void main(String[] args) throws Exception { 7 | String url = "https://www.google.com"; 8 | System.out.println(new URL(url)); 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/http/HttpProtocolCase2Corrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.http; 2 | 3 | import java.net.MalformedURLException; 4 | import java.net.URL; 5 | 6 | public class HttpProtocolCase2Corrected { 7 | 8 | public static void main(String [] args) throws MalformedURLException { 9 | String url = "https://www.google.com"; 10 | go(url); 11 | 12 | } 13 | 14 | private static void go(String url) throws MalformedURLException { 15 | System.out.println(new URL(url)); 16 | } 17 | 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/impropersslsocketfactory/ImproperSocketManualHostABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.impropersslsocketfactory; 2 | 3 | import javax.net.ssl.SSLSocket; 4 | import javax.net.ssl.SSLSocketFactory; 5 | import java.io.IOException; 6 | 7 | public class ImproperSocketManualHostABICase1 { 8 | public static void main(String [] args) throws IOException { 9 | String hostname = "my.host.name"; 10 | int soc = 443; 11 | go(hostname,soc); 12 | 13 | } 14 | 15 | private static void go(String hostname, int soc) throws IOException { 16 | SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); 17 | SSLSocket socket = (SSLSocket) ssf.createSocket(hostname,soc); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/impropersslsocketfactory/ImproperSocketManualHostABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.impropersslsocketfactory; 2 | 3 | import javax.net.ssl.SSLSocket; 4 | import javax.net.ssl.SSLSocketFactory; 5 | import java.io.IOException; 6 | 7 | public class ImproperSocketManualHostABICase2 { 8 | public static final String DEFAULT_HOST_NAME = "my.host.name"; 9 | private static char[] HOST_NAME; 10 | private static char[] hostName; 11 | 12 | public static void main(String [] args) throws IOException { 13 | int soc = 443; 14 | go2(); 15 | go3(); 16 | go(soc); 17 | 18 | } 19 | private static void go2(){ 20 | HOST_NAME = DEFAULT_HOST_NAME.toCharArray(); 21 | } 22 | private static void go3(){ 23 | hostName = HOST_NAME; 24 | } 25 | 26 | private static void go(int soc) throws IOException { 27 | SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); 28 | SSLSocket socket = (SSLSocket) ssf.createSocket(hostName.toString(),soc); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/impropersslsocketfactory/ImproperSocketManualHostABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.impropersslsocketfactory; 2 | 3 | import javax.net.ssl.SSLSocket; 4 | import javax.net.ssl.SSLSocketFactory; 5 | import java.io.IOException; 6 | 7 | public class ImproperSocketManualHostABSCase1 { 8 | CryptoImproperSocketManualHostname1 crypto; 9 | public ImproperSocketManualHostABSCase1() { 10 | String hostname = "my.host.name"; 11 | int soc = 443; 12 | crypto = new CryptoImproperSocketManualHostname1(hostname, soc); 13 | } 14 | } 15 | 16 | class CryptoImproperSocketManualHostname1 { 17 | String defHostname; 18 | int defSoc; 19 | 20 | public CryptoImproperSocketManualHostname1(String hostname, int soc) { 21 | defHostname = hostname; 22 | defSoc = soc; 23 | } 24 | 25 | public void encrypt(String passedHostname,int passedSoc) throws IOException { 26 | 27 | if(passedHostname.isEmpty()) { 28 | passedHostname = defHostname; 29 | passedSoc = defSoc; 30 | } 31 | 32 | SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); 33 | SSLSocket socket = (SSLSocket) ssf.createSocket(passedHostname,passedSoc); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/impropersslsocketfactory/ImproperSocketManualHostBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.impropersslsocketfactory; 2 | 3 | import javax.net.ssl.SSLSocket; 4 | import javax.net.ssl.SSLSocketFactory; 5 | import java.io.IOException; 6 | 7 | public class ImproperSocketManualHostBBCase1 { 8 | public static void main(String [] args) throws IOException { 9 | SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); 10 | SSLSocket socket = (SSLSocket) ssf.createSocket("my.host.name", 443); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/insecureasymmetriccrypto/InsecureAsymmetricCipherABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.insecureasymmetriccrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.IOException; 5 | import java.security.InvalidKeyException; 6 | import java.security.KeyPair; 7 | import java.security.KeyPairGenerator; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class InsecureAsymmetricCipherABICase1 { 11 | public void go(int keySize) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 12 | KeyPairGenerator kgp = KeyPairGenerator.getInstance("RSA"); 13 | kgp.initialize(keySize); 14 | KeyPair kp = kgp.generateKeyPair(); 15 | 16 | Cipher cipher = Cipher.getInstance("RSA"); 17 | cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic()); 18 | 19 | //encrypting 20 | String myMessage = new String("Secret Message"); 21 | SealedObject encryptedMessage = new SealedObject(myMessage,cipher); 22 | 23 | //decrypting 24 | Cipher dec = Cipher.getInstance("RSA"); 25 | dec.init(Cipher.DECRYPT_MODE, kp.getPrivate()); 26 | 27 | String message = (String) encryptedMessage.getObject(dec); 28 | System.out.println(message); 29 | } 30 | 31 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 32 | InsecureAsymmetricCipherABICase1 bc = new InsecureAsymmetricCipherABICase1(); 33 | 34 | int keySize = 1024; 35 | bc.go(keySize); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/insecureasymmetriccrypto/InsecureAsymmetricCipherABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.insecureasymmetriccrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.IOException; 5 | import java.security.InvalidKeyException; 6 | import java.security.KeyPair; 7 | import java.security.KeyPairGenerator; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class InsecureAsymmetricCipherABICase2 { 11 | public static final int DEFAULT_KEY_SIZE = 1024; 12 | private static int KEY_SIZE; 13 | private static int keysize; 14 | public void go(KeyPairGenerator kgp, KeyPair kp) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 15 | 16 | Cipher cipher = Cipher.getInstance("RSA"); 17 | cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic()); 18 | 19 | //encrypting 20 | String myMessage = new String("Secret Message"); 21 | SealedObject encryptedMessage = new SealedObject(myMessage,cipher); 22 | 23 | //decrypting 24 | Cipher dec = Cipher.getInstance("RSA"); 25 | dec.init(Cipher.DECRYPT_MODE, kp.getPrivate()); 26 | 27 | String message = (String) encryptedMessage.getObject(dec); 28 | System.out.println(message); 29 | } 30 | private static void go2(){ 31 | KEY_SIZE = DEFAULT_KEY_SIZE; 32 | } 33 | private static void go3(){ 34 | keysize = KEY_SIZE; 35 | } 36 | 37 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 38 | InsecureAsymmetricCipherABICase2 bc = new InsecureAsymmetricCipherABICase2(); 39 | go2(); 40 | go3(); 41 | KeyPairGenerator kgp = KeyPairGenerator.getInstance("RSA"); 42 | kgp.initialize(keysize); 43 | KeyPair kp = kgp.generateKeyPair(); 44 | bc.go(kgp,kp); 45 | } 46 | 47 | } 48 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/insecureasymmetriccrypto/InsecureAsymmetricCipherABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.insecureasymmetriccrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.IOException; 5 | import java.security.InvalidKeyException; 6 | import java.security.KeyPair; 7 | import java.security.KeyPairGenerator; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class InsecureAsymmetricCipherABICase3 { 11 | public static void method2(int k) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 12 | int keySize = k; 13 | method1(keySize); 14 | } 15 | 16 | public static void method1(int key) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 17 | 18 | KeyPairGenerator kgp = KeyPairGenerator.getInstance("RSA"); 19 | kgp.initialize(key); 20 | KeyPair kp = kgp.generateKeyPair(); 21 | 22 | 23 | Cipher cipher = Cipher.getInstance("RSA"); 24 | cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic()); 25 | 26 | //encrypting 27 | String myMessage = new String("Secret Message"); 28 | SealedObject encryptedMessage = new SealedObject(myMessage,cipher); 29 | 30 | //decrypting 31 | Cipher dec = Cipher.getInstance("RSA"); 32 | dec.init(Cipher.DECRYPT_MODE, kp.getPrivate()); 33 | 34 | String message = (String) encryptedMessage.getObject(dec); 35 | System.out.println(message); 36 | } 37 | 38 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 39 | int key = 1024; 40 | method2(key); 41 | 42 | 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/insecureasymmetriccrypto/InsecureAsymmetricCipherABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.insecureasymmetriccrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.IOException; 5 | import java.security.InvalidKeyException; 6 | import java.security.KeyPair; 7 | import java.security.KeyPairGenerator; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class InsecureAsymmetricCipherABMC1 { 11 | public void go(int keySize) throws IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException { 12 | 13 | KeyPairGenerator kgp = KeyPairGenerator.getInstance("RSA"); 14 | kgp.initialize(keySize); 15 | KeyPair kp = kgp.generateKeyPair(); 16 | Cipher cipher = Cipher.getInstance("RSA"); 17 | Cipher dec = Cipher.getInstance("RSA"); 18 | 19 | cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic()); 20 | 21 | //encrypting 22 | String myMessage = new String("Secret Message"); 23 | SealedObject encryptedMessage = new SealedObject(myMessage,cipher); 24 | 25 | //decrypting 26 | dec.init(Cipher.DECRYPT_MODE, kp.getPrivate()); 27 | 28 | String message = (String) encryptedMessage.getObject(dec); 29 | System.out.println(message); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/insecureasymmetriccrypto/InsecureAsymmetricCipherABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.insecureasymmetriccrypto; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.IllegalBlockSizeException; 5 | import javax.crypto.NoSuchPaddingException; 6 | import java.io.IOException; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | 10 | public class InsecureAsymmetricCipherABMCCase1 { 11 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 12 | InsecureAsymmetricCipherABMC1 bc = new InsecureAsymmetricCipherABMC1(); 13 | int keySize = 1024; 14 | 15 | bc.go(keySize); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/insecureasymmetriccrypto/InsecureAsymmetricCipherABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.insecureasymmetriccrypto; 2 | import javax.crypto.*; 3 | import java.io.IOException; 4 | import java.security.*; 5 | 6 | public class InsecureAsymmetricCipherABPSCase1 { 7 | public void go(int choice) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 8 | KeyPairGenerator kgp = KeyPairGenerator.getInstance("RSA"); 9 | 10 | int keysize; 11 | if (choice>1) 12 | keysize = 2048; 13 | else 14 | keysize = 1024; 15 | 16 | kgp.initialize(keysize); 17 | KeyPair kp = kgp.generateKeyPair(); 18 | 19 | 20 | Cipher cipher = Cipher.getInstance("RSA"); 21 | cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic()); 22 | 23 | //encrypting 24 | String myMessage = new String("Secret Message"); 25 | SealedObject encryptedMessage = new SealedObject(myMessage,cipher); 26 | 27 | System.out.println(encryptedMessage); 28 | } 29 | 30 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 31 | InsecureAsymmetricCipherABPSCase1 bc = new InsecureAsymmetricCipherABPSCase1(); 32 | int choice = 2; 33 | bc.go(choice); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/insecureasymmetriccrypto/InsecureAsymmetricCipherBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.insecureasymmetriccrypto; 2 | 3 | import javax.crypto.*; 4 | import java.io.IOException; 5 | import java.security.*; 6 | 7 | public class InsecureAsymmetricCipherBBCase1 { 8 | public void go() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 9 | KeyPairGenerator kgp = KeyPairGenerator.getInstance("RSA"); 10 | int keysize = 1024; 11 | kgp.initialize(keysize); 12 | KeyPair kp = kgp.generateKeyPair(); 13 | 14 | 15 | Cipher cipher = Cipher.getInstance("RSA"); 16 | cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic()); 17 | 18 | //encrypting 19 | String myMessage = new String("Secret Message"); 20 | SealedObject encryptedMessage = new SealedObject(myMessage,cipher); 21 | 22 | //decrypting 23 | Cipher dec = Cipher.getInstance("RSA"); 24 | dec.init(Cipher.DECRYPT_MODE, kp.getPrivate()); 25 | 26 | String message = (String) encryptedMessage.getObject(dec); 27 | System.out.println(message); 28 | } 29 | 30 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 31 | InsecureAsymmetricCipherBBCase1 bc = new InsecureAsymmetricCipherBBCase1(); 32 | bc.go(); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABHCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.security.SecureRandom; 5 | import java.util.HashMap; 6 | import java.util.Map; 7 | 8 | public class LessThan1000IterationPBEABHCase1 { 9 | public static void main(){ 10 | LessThan1000IterationPBEABHCase1 lt = new LessThan1000IterationPBEABHCase1(); 11 | lt.key2(); 12 | } 13 | public void key2(){ 14 | String name = "abcdef"; 15 | Map hm = new HashMap(); 16 | hm.put("aaa", new Integer(1020)); 17 | hm.put("bbb", new Integer(20)); 18 | 19 | 20 | int iteration = hm.get("bbb"); 21 | 22 | SecureRandom random = new SecureRandom(); 23 | PBEParameterSpec pbeParamSpec = null; 24 | byte[] salt = new byte[32]; 25 | random.nextBytes(salt); 26 | //int count = 20; 27 | pbeParamSpec = new PBEParameterSpec(salt, iteration); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.security.SecureRandom; 5 | 6 | public class LessThan1000IterationPBEABICase1 { 7 | 8 | public static void main(){ 9 | LessThan1000IterationPBEABICase1 lt = new LessThan1000IterationPBEABICase1(); 10 | int count = 20; 11 | lt.go(count); 12 | } 13 | public void go(int count){ 14 | SecureRandom random = new SecureRandom(); 15 | PBEParameterSpec pbeParamSpec = null; 16 | byte[] salt = new byte[32]; 17 | random.nextBytes(salt); 18 | 19 | pbeParamSpec = new PBEParameterSpec(salt, count); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.security.SecureRandom; 5 | 6 | public class LessThan1000IterationPBEABICase2 { 7 | public static final String DEFAULT_COUNT = "20"; 8 | private static char[] COUNT; 9 | private static char[] count; 10 | public static void main(){ 11 | LessThan1000IterationPBEABICase2 lt = new LessThan1000IterationPBEABICase2(); 12 | go2(); 13 | go3(); 14 | lt.key2(); 15 | } 16 | private static void go2(){ 17 | COUNT = DEFAULT_COUNT.toCharArray(); 18 | } 19 | private static void go3(){ 20 | count = COUNT; 21 | } 22 | public void key2(){ 23 | SecureRandom random = new SecureRandom(); 24 | PBEParameterSpec pbeParamSpec = null; 25 | byte[] salt = new byte[32]; 26 | random.nextBytes(salt); 27 | 28 | pbeParamSpec = new PBEParameterSpec(salt, Integer.parseInt(String.valueOf(count))); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import java.security.*; 4 | import javax.crypto.*; 5 | import javax.crypto.spec.PBEParameterSpec; 6 | import java.security.spec.InvalidKeySpecException; 7 | import javax.crypto.spec.PBEKeySpec; 8 | 9 | public class LessThan1000IterationPBEABICase3 { 10 | public static void main(String[] args) { 11 | int count = 20; 12 | SecureRandom random = new SecureRandom(); 13 | method2(count,random); 14 | } 15 | public static void method2(int c, SecureRandom random) { 16 | PBEParameterSpec pbeParamSpec = null; 17 | method1(c,random,pbeParamSpec); 18 | } 19 | public static void method1(int count, SecureRandom random, PBEParameterSpec pbe) { 20 | byte[] salt = new byte[32]; 21 | random.nextBytes(salt); 22 | 23 | pbe = new PBEParameterSpec(salt, count); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.security.SecureRandom; 5 | 6 | public class LessThan1000IterationPBEABMC1 { 7 | public void go(int count) { 8 | SecureRandom random = new SecureRandom(); 9 | PBEParameterSpec pbeParamSpec = null; 10 | byte[] salt = new byte[32]; 11 | random.nextBytes(salt); 12 | 13 | pbeParamSpec = new PBEParameterSpec(salt, count); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | public class LessThan1000IterationPBEABMCCase1 { 4 | public static void main(){ 5 | LessThan1000IterationPBEABMC1 lt = new LessThan1000IterationPBEABMC1(); 6 | int count = 20; 7 | lt.go(count); 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | import java.security.*; 3 | import javax.crypto.*; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.spec.InvalidKeySpecException; 6 | import javax.crypto.spec.PBEKeySpec; 7 | 8 | public class LessThan1000IterationPBEABPSCase1 { 9 | public static void main(String[] args) { 10 | byte[] salt = new byte[32]; 11 | int choice = 2; 12 | int count = 5; 13 | SecureRandom random = new SecureRandom(); 14 | random.nextBytes(salt); 15 | if(choice > 1) 16 | count = 1050; 17 | 18 | PBEParameterSpec pbeParamSpec = null; 19 | pbeParamSpec = new PBEParameterSpec(salt, count); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.IllegalBlockSizeException; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.spec.PBEParameterSpec; 7 | import java.io.UnsupportedEncodingException; 8 | import java.security.InvalidKeyException; 9 | import java.security.NoSuchAlgorithmException; 10 | import java.security.SecureRandom; 11 | 12 | public class LessThan1000IterationPBEABSCase1 { 13 | CryptoPBEIteration1 crypto; 14 | public LessThan1000IterationPBEABSCase1() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 15 | crypto = new CryptoPBEIteration1(20); 16 | crypto.method1(0); 17 | 18 | } 19 | } 20 | 21 | class CryptoPBEIteration1 { 22 | int defcount; 23 | 24 | public CryptoPBEIteration1(int count) throws NoSuchPaddingException, NoSuchAlgorithmException { 25 | defcount = count; 26 | } 27 | 28 | public void method1(int passedCount) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 29 | 30 | passedCount = defcount; 31 | 32 | SecureRandom random = new SecureRandom(); 33 | PBEParameterSpec pbeParamSpec = null; 34 | byte[] salt = new byte[32]; 35 | random.nextBytes(salt); 36 | 37 | pbeParamSpec = new PBEParameterSpec(salt,passedCount); 38 | 39 | 40 | 41 | } 42 | } 43 | 44 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBEBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.security.SecureRandom; 5 | 6 | public class LessThan1000IterationPBEBBCase1 { 7 | public static void main(){ 8 | LessThan1000IterationPBEBBCase1 lt = new LessThan1000IterationPBEBBCase1(); 9 | lt.key2(); 10 | } 11 | public void key2(){ 12 | SecureRandom random = new SecureRandom(); 13 | PBEParameterSpec pbeParamSpec = null; 14 | byte[] salt = new byte[32]; 15 | random.nextBytes(salt); 16 | int count = 20; 17 | pbeParamSpec = new PBEParameterSpec(salt, count); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/pbeiteration/LessThan1000IterationPBECorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.pbeiteration; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.security.SecureRandom; 5 | 6 | public class LessThan1000IterationPBECorrected { 7 | public static void main(){ 8 | LessThan1000IterationPBECorrected lt = new LessThan1000IterationPBECorrected(); 9 | lt.key2(); 10 | } 11 | public void key2(){ 12 | SecureRandom random = new SecureRandom(); 13 | PBEParameterSpec pbeParamSpec = null; 14 | byte[] salt = new byte[32]; 15 | random.nextBytes(salt); 16 | int count = 1020; 17 | pbeParamSpec = new PBEParameterSpec(salt, count); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABHCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.spec.SecretKeySpec; 4 | import java.io.UnsupportedEncodingException; 5 | import java.security.SecureRandom; 6 | import java.util.Arrays; 7 | 8 | public class PredictableCryptographicKeyABHCase1 { 9 | public static void main(String [] args) throws UnsupportedEncodingException { 10 | SecureRandom random = new SecureRandom(); 11 | String defaultKey = String.valueOf(random.ints()); 12 | 13 | byte [] keyBytes = defaultKey.getBytes("UTF-8"); 14 | keyBytes = Arrays.copyOf(keyBytes,16); 15 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABHCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.spec.SecretKeySpec; 4 | import java.io.UnsupportedEncodingException; 5 | import java.util.Arrays; 6 | import java.util.HashMap; 7 | import java.util.Map; 8 | 9 | public class PredictableCryptographicKeyABHCase2 { 10 | public static void main(String [] args) throws UnsupportedEncodingException { 11 | 12 | Map hm = new HashMap(); 13 | hm.put("aaa", "afix"); 14 | hm.put("bbb", "bfix"); 15 | hm.put("ccc", "cfix"); 16 | hm.put("ddd", "dfix"); 17 | 18 | String key = hm.get("aaa"); 19 | 20 | byte [] keyBytes = key.getBytes(); 21 | keyBytes = Arrays.copyOf(keyBytes,16); 22 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.spec.SecretKeySpec; 5 | import java.util.Arrays; 6 | 7 | public class PredictableCryptographicKeyABICase1 { 8 | public static void main(String [] args){ 9 | String key = "defaultkey"; 10 | go(key); 11 | } 12 | 13 | private static void go(String key) { 14 | byte[] keyBytes = key.getBytes(); 15 | keyBytes = Arrays.copyOf(keyBytes,16); 16 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.spec.SecretKeySpec; 4 | import java.security.SecureRandom; 5 | import java.util.Arrays; 6 | 7 | public class PredictableCryptographicKeyABICase2 { 8 | public static final String DEFAULT_ENCRYPT_KEY = "defaultkey"; 9 | private static char[] ENCRYPT_KEY; 10 | private static char[] encryptKey; 11 | public static void main(String [] args){ 12 | go2(); 13 | go3(); 14 | go(); 15 | } 16 | 17 | private static void go2(){ 18 | ENCRYPT_KEY = DEFAULT_ENCRYPT_KEY.toCharArray(); 19 | } 20 | private static void go3(){ 21 | encryptKey = ENCRYPT_KEY; 22 | } 23 | 24 | private static void go() { 25 | byte[] keyBytes = encryptKey.toString().getBytes(); 26 | keyBytes = Arrays.copyOf(keyBytes,16); 27 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | import javax.crypto.spec.SecretKeySpec; 3 | import java.util.Arrays; 4 | 5 | public class PredictableCryptographicKeyABICase3 { 6 | public static void main(String [] args){ 7 | String key = "defaultkey"; 8 | method1(key); 9 | } 10 | public static void method1(String k){ 11 | String key2 = k; 12 | method2(key2); 13 | } 14 | 15 | private static void method2(String key) { 16 | byte[] keyBytes = key.getBytes(); 17 | keyBytes = Arrays.copyOf(keyBytes,16); 18 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.spec.SecretKeySpec; 4 | import java.util.Arrays; 5 | 6 | public class PredictableCryptographicKeyABMC1 { 7 | public void go(String key) { 8 | byte[] keyBytes = key.getBytes(); 9 | keyBytes = Arrays.copyOf(keyBytes,16); 10 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | public class PredictableCryptographicKeyABMCCase1 { 4 | public static void main(String [] args){ 5 | PredictableCryptographicKeyABMC1 pc = new PredictableCryptographicKeyABMC1(); 6 | String key = "defaultkey"; 7 | pc.go(key); 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | import javax.crypto.spec.SecretKeySpec; 3 | import java.security.SecureRandom; 4 | import java.util.Arrays; 5 | 6 | public class PredictableCryptographicKeyABPSCase1 { 7 | public static void main(String [] args){ 8 | String defaultKey = "defaultkey"; 9 | int choice = 2; 10 | byte[] keyBytes = defaultKey.getBytes(); 11 | 12 | if(choice>1){ 13 | SecureRandom random = new SecureRandom(); 14 | keyBytes = String.valueOf(random.ints()).getBytes(); 15 | } 16 | 17 | keyBytes = Arrays.copyOf(keyBytes,16); 18 | 19 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 20 | } 21 | 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.Cipher; 5 | import javax.crypto.IllegalBlockSizeException; 6 | import javax.crypto.NoSuchPaddingException; 7 | import javax.crypto.spec.SecretKeySpec; 8 | import java.io.UnsupportedEncodingException; 9 | import java.security.InvalidKeyException; 10 | import java.security.NoSuchAlgorithmException; 11 | import java.util.Arrays; 12 | 13 | public class PredictableCryptographicKeyABSCase1 { 14 | Crypto crypto; 15 | public PredictableCryptographicKeyABSCase1() throws NoSuchAlgorithmException, NoSuchPaddingException { 16 | String passKey = PredictableCryptographicKeyABSCase1.getKey("pass.key"); 17 | 18 | if(passKey == null) { 19 | crypto = new Crypto("defaultkey"); 20 | } 21 | crypto = new Crypto(passKey); 22 | } 23 | 24 | byte[] encryptPass(String pass, String src) throws IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 25 | String keyStr = PredictableCryptographicKeyABSCase1.getKey(src); 26 | return crypto.method1(pass, keyStr); 27 | } 28 | 29 | public static String getKey(String s) { 30 | return System.getProperty(s); 31 | } 32 | } 33 | 34 | class Crypto { 35 | Cipher cipher; 36 | String algoSpec = "AES/CBC/PKCS5Padding"; 37 | String algo = "AES"; 38 | String defaultKey; 39 | public Crypto(String defkey) throws NoSuchPaddingException, NoSuchAlgorithmException { 40 | cipher = Cipher.getInstance(algoSpec); 41 | defaultKey = defkey; 42 | } 43 | 44 | public byte[] method1(String txt, String key) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException { 45 | if(key.isEmpty()){ 46 | key = defaultKey; 47 | } 48 | byte[] keyBytes = key.getBytes("UTF-8"); 49 | byte [] txtBytes = txt.getBytes(); 50 | keyBytes = Arrays.copyOf(keyBytes,16); 51 | 52 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes,algo); 53 | cipher.init(Cipher.ENCRYPT_MODE,keySpec); 54 | return cipher.doFinal(txtBytes); 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.spec.SecretKeySpec; 4 | import java.security.SecureRandom; 5 | import java.util.Arrays; 6 | 7 | public class PredictableCryptographicKeyBBCase1 { 8 | public static void main(String [] args){ 9 | String defaultKey = "defaultkey"; 10 | byte[] keyBytes = defaultKey.getBytes(); 11 | keyBytes = Arrays.copyOf(keyBytes,16); 12 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablecryptographickey/PredictableCryptographicKeyCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablecryptographickey; 2 | 3 | import javax.crypto.*; 4 | import javax.crypto.spec.SecretKeySpec; 5 | import java.io.IOException; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.SecureRandom; 9 | import java.util.Arrays; 10 | import java.util.Base64; 11 | 12 | public class PredictableCryptographicKeyCorrected { 13 | public static void main(String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException { 14 | SecureRandom random = new SecureRandom(); 15 | String defaultKey = String.valueOf(random.ints()); 16 | 17 | String originalString = "Testing"; 18 | byte[] keyBytes = defaultKey.getBytes(); 19 | keyBytes = Arrays.copyOf(keyBytes,16); 20 | SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 21 | 22 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING"); 23 | cipher.init(Cipher.ENCRYPT_MODE, keySpec); 24 | String encrypt = Base64.getEncoder().encodeToString(cipher.doFinal(originalString.getBytes("UTF-8"))); 25 | System.out.println(encrypt); 26 | 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABHCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.SecureRandom; 9 | import java.security.cert.CertificateException; 10 | 11 | public class PredictableKeyStorePasswordABHCase1 { 12 | URL cacerts; 13 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 14 | PredictableKeyStorePasswordBBCase1 pksp = new PredictableKeyStorePasswordBBCase1(); 15 | pksp.go(); 16 | } 17 | 18 | public void go() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 19 | String type = "JKS"; 20 | SecureRandom random = new SecureRandom(); 21 | String password = String.valueOf(random.ints()); 22 | byte [] keyBytes = password.getBytes("UTF-8"); 23 | 24 | KeyStore ks = KeyStore.getInstance(type); 25 | cacerts = new URL("https://www.google.com"); 26 | ks.load(cacerts.openStream(), new String(keyBytes).toCharArray()); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABHCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.cert.CertificateException; 9 | import java.util.HashMap; 10 | import java.util.Map; 11 | 12 | public class PredictableKeyStorePasswordABHCase2 { 13 | URL cacerts; 14 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 15 | PredictableKeyStorePasswordBBCase1 pksp = new PredictableKeyStorePasswordBBCase1(); 16 | pksp.go(); 17 | } 18 | 19 | public void go() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 20 | String type = "JKS"; 21 | Map hm = new HashMap(); 22 | hm.put("aaa", "afix"); 23 | hm.put("bbb", "bfix"); 24 | hm.put("ccc", "cfix"); 25 | hm.put("ddd", "dfix"); 26 | 27 | String key = hm.get("aaa"); 28 | 29 | KeyStore ks = KeyStore.getInstance(type); 30 | cacerts = new URL("https://www.google.com"); 31 | ks.load(cacerts.openStream(), key.toCharArray()); 32 | } 33 | 34 | } 35 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.cert.CertificateException; 9 | 10 | public class PredictableKeyStorePasswordABICase1 { 11 | URL cacerts; 12 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 13 | PredictableKeyStorePasswordABICase1 pksp = new PredictableKeyStorePasswordABICase1(); 14 | String key = "changeit"; 15 | pksp.go(key); 16 | } 17 | 18 | public void go(String key) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 19 | String type = "JKS"; 20 | KeyStore ks = KeyStore.getInstance(type); 21 | cacerts = new URL("https://www.google.com"); 22 | ks.load(cacerts.openStream(), key.toCharArray()); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.cert.CertificateException; 9 | 10 | public class PredictableKeyStorePasswordABICase2 { 11 | public static final String DEFAULT_ENCRYPT_KEY = "changeit"; 12 | private static char[] ENCRYPT_KEY; 13 | private static char[] encryptKey; 14 | URL cacerts; 15 | public static void main(String [] args) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { 16 | PredictableKeyStorePasswordABICase2 pksp = new PredictableKeyStorePasswordABICase2(); 17 | go2(); 18 | go3(); 19 | pksp.go(); 20 | } 21 | 22 | private static void go2(){ 23 | ENCRYPT_KEY = DEFAULT_ENCRYPT_KEY.toCharArray(); 24 | } 25 | private static void go3(){ 26 | encryptKey = ENCRYPT_KEY; 27 | } 28 | 29 | private void go() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 30 | String type = "JKS"; 31 | KeyStore ks = KeyStore.getInstance(type); 32 | cacerts = new URL("https://www.google.com"); 33 | ks.load(cacerts.openStream(), encryptKey); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.cert.CertificateException; 9 | 10 | public class PredictableKeyStorePasswordABICase3 { 11 | URL cacerts; 12 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 13 | PredictableKeyStorePasswordABICase3 pkspac = new PredictableKeyStorePasswordABICase3(); 14 | String key = "changeit"; 15 | pkspac.method1(key); 16 | } 17 | 18 | public void method1(String k) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 19 | String key2 = k; 20 | method2(key2); 21 | } 22 | 23 | public void method2(String key) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 24 | String type = "JKS"; 25 | KeyStore ks = KeyStore.getInstance(type); 26 | cacerts = new URL("https://www.google.com"); 27 | ks.load(cacerts.openStream(), key.toCharArray()); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.MalformedURLException; 5 | import java.net.URL; 6 | import java.security.KeyStore; 7 | import java.security.KeyStoreException; 8 | import java.security.NoSuchAlgorithmException; 9 | import java.security.cert.CertificateException; 10 | 11 | public class PredictableKeyStorePasswordABMC1 { 12 | URL cacerts; 13 | public void go(String key) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 14 | String type = "JKS"; 15 | KeyStore ks = KeyStore.getInstance(type); 16 | cacerts = new URL("https://www.google.com"); 17 | ks.load(cacerts.openStream(), key.toCharArray()); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.security.KeyStoreException; 5 | import java.security.NoSuchAlgorithmException; 6 | import java.security.cert.CertificateException; 7 | 8 | public class PredictableKeyStorePasswordABMCCase1 { 9 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 10 | PredictableKeyStorePasswordABMC1 pksp = new PredictableKeyStorePasswordABMC1(); 11 | String key = "changeit"; 12 | pksp.go(key); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.SecureRandom; 9 | import java.security.cert.CertificateException; 10 | 11 | public class PredictableKeyStorePasswordABPSCase1 { 12 | URL cacerts; 13 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 14 | PredictableKeyStorePasswordABPSCase1 pksp = new PredictableKeyStorePasswordABPSCase1(); 15 | int choice=2; 16 | pksp.go(choice); 17 | } 18 | 19 | public void go(int choice) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 20 | String type = "JKS"; 21 | KeyStore ks = KeyStore.getInstance(type); 22 | cacerts = new URL("https://www.google.com"); 23 | String defaultKey = "changeit"; 24 | if(choice>1){ 25 | SecureRandom random = new SecureRandom(); 26 | defaultKey = String.valueOf(random.ints()); 27 | } 28 | ks.load(cacerts.openStream(), defaultKey.toCharArray()); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.cert.CertificateException; 9 | 10 | public class PredictableKeyStorePasswordABSCase1 { 11 | CryptoPredictableKeyStorePassword1 crypto; 12 | public PredictableKeyStorePasswordABSCase1() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { 13 | String key = "changeit"; 14 | crypto = new CryptoPredictableKeyStorePassword1(key); 15 | crypto.method1(""); 16 | } 17 | } 18 | 19 | class CryptoPredictableKeyStorePassword1 { 20 | String defKey; 21 | URL cacerts; 22 | 23 | public CryptoPredictableKeyStorePassword1(String key){ 24 | defKey = key; 25 | } 26 | 27 | public void method1(String passedKey) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 28 | 29 | passedKey = defKey; 30 | 31 | String type = "JKS"; 32 | KeyStore ks = KeyStore.getInstance(type); 33 | cacerts = new URL("https://www.google.com"); 34 | ks.load(cacerts.openStream(), passedKey.toCharArray()); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.cert.CertificateException; 9 | 10 | public class PredictableKeyStorePasswordBBCase1 { 11 | 12 | URL cacerts; 13 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 14 | PredictableKeyStorePasswordBBCase1 pksp = new PredictableKeyStorePasswordBBCase1(); 15 | pksp.go(); 16 | } 17 | 18 | public void go() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 19 | String type = "JKS"; 20 | KeyStore ks = KeyStore.getInstance(type); 21 | cacerts = new URL("https://www.google.com"); 22 | String defaultKey = "changeit"; 23 | ks.load(cacerts.openStream(), defaultKey.toCharArray()); 24 | } 25 | 26 | 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablekeystorepassword/PredictableKeyStorePasswordCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablekeystorepassword; 2 | 3 | import java.io.IOException; 4 | import java.net.URL; 5 | import java.security.KeyStore; 6 | import java.security.KeyStoreException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.SecureRandom; 9 | import java.security.cert.CertificateException; 10 | 11 | public class PredictableKeyStorePasswordCorrected { 12 | URL cacerts; 13 | public static void main(String args[]) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 14 | PredictableKeyStorePasswordCorrected pksp = new PredictableKeyStorePasswordCorrected(); 15 | pksp.go(); 16 | } 17 | 18 | public void go() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { 19 | String type = "JKS"; 20 | KeyStore ks = KeyStore.getInstance(type); 21 | cacerts = new URL("https://www.google.com"); 22 | 23 | SecureRandom random = new SecureRandom(); 24 | String password = String.valueOf(random.ints()); 25 | 26 | ks.load(cacerts.openStream(), password.toCharArray()); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABHCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.io.UnsupportedEncodingException; 6 | import java.security.SecureRandom; 7 | 8 | public class PredictablePBEPasswordABHCase1 { 9 | private PBEKeySpec pbeKeySpec = null; 10 | private PBEParameterSpec pbeParamSpec = null; 11 | 12 | public static void main(String [] args) throws UnsupportedEncodingException { 13 | PredictablePBEPasswordABHCase1 ckp = new PredictablePBEPasswordABHCase1(); 14 | SecureRandom random = new SecureRandom(); 15 | String defaultKey = String.valueOf(random.ints()); 16 | byte [] keyBytes = defaultKey.getBytes("UTF-8"); 17 | ckp.key(keyBytes); 18 | } 19 | public void key(byte [] keyBytes) { 20 | byte [] salt = new byte[16]; 21 | SecureRandom sr = new SecureRandom(); 22 | sr.nextBytes(salt); 23 | int iterationCount = 11010; 24 | int keyLength = 16; 25 | pbeKeySpec = new PBEKeySpec(new String(keyBytes).toCharArray(),salt,iterationCount,keyLength); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABHCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | import java.util.HashMap; 7 | import java.util.Map; 8 | 9 | public class PredictablePBEPasswordABHCase2 { 10 | private PBEKeySpec pbeKeySpec = null; 11 | private PBEParameterSpec pbeParamSpec = null; 12 | 13 | public static void main(String [] args){ 14 | PredictablePBEPasswordABHCase2 ckp = new PredictablePBEPasswordABHCase2(); 15 | Map hm = new HashMap(); 16 | hm.put("aaa", "afix"); 17 | hm.put("bbb", "bfix"); 18 | hm.put("ccc", "cfix"); 19 | hm.put("ddd", "dfix"); 20 | 21 | String key = hm.get("aaa"); 22 | ckp.key(key); 23 | } 24 | public void key(String key) { 25 | byte [] salt = new byte[16]; 26 | SecureRandom sr = new SecureRandom(); 27 | sr.nextBytes(salt); 28 | int iterationCount = 11010; 29 | int keyLength = 16; 30 | pbeKeySpec = new PBEKeySpec(key.toCharArray(),salt,iterationCount,keyLength); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordABICase1 { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | 11 | public static void main(String [] args){ 12 | PredictablePBEPasswordABICase1 ckp = new PredictablePBEPasswordABICase1(); 13 | String password = "sagar"; 14 | ckp.go(password); 15 | } 16 | public void go(String password) { 17 | byte [] salt = new byte[16]; 18 | SecureRandom sr = new SecureRandom(); 19 | sr.nextBytes(salt); 20 | int iterationCount = 11010; 21 | int keyLength = 16; 22 | pbeKeySpec = new PBEKeySpec(password.toCharArray(),salt,iterationCount,keyLength); 23 | } 24 | 25 | } 26 | 27 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordABICase2 { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | public static String KEY = "sagar"; 11 | public static char [] DEFAULT_ENCRYPT_KEY = KEY.toCharArray(); 12 | private static char[] ENCRYPT_KEY; 13 | private static char[] encryptKey; 14 | 15 | public static void main(String [] args) { 16 | PredictablePBEPasswordABICase2 pksp = new PredictablePBEPasswordABICase2(); 17 | go2(); 18 | go3(); 19 | pksp.go(); 20 | } 21 | 22 | private static void go2(){ 23 | ENCRYPT_KEY = DEFAULT_ENCRYPT_KEY; 24 | } 25 | private static void go3(){ 26 | encryptKey = ENCRYPT_KEY; 27 | } 28 | 29 | private void go() { 30 | SecureRandom sr = new SecureRandom(); 31 | byte [] salt = new byte[16]; 32 | sr.nextBytes(salt); 33 | pbeKeySpec = new PBEKeySpec(encryptKey,salt,10000,16); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordABICase3 { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | 11 | public static void main(String [] args){ 12 | PredictablePBEPasswordABICase3 pppac = new PredictablePBEPasswordABICase3(); 13 | String password = "sagar"; 14 | pppac.method1(password); 15 | } 16 | 17 | public void method1(String k){ 18 | String key2 = k; 19 | method2(key2); 20 | } 21 | 22 | public void method2(String password) { 23 | byte [] salt = new byte[16]; 24 | SecureRandom sr = new SecureRandom(); 25 | sr.nextBytes(salt); 26 | int iterationCount = 11010; 27 | int keyLength = 16; 28 | pbeKeySpec = new PBEKeySpec(password.toCharArray(),salt,iterationCount,keyLength); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordABMC1 { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | public void key(String password) { 11 | byte [] salt = new byte[16]; 12 | SecureRandom sr = new SecureRandom(); 13 | sr.nextBytes(salt); 14 | int iterationCount = 11010; 15 | int keyLength = 16; 16 | pbeKeySpec = new PBEKeySpec(password.toCharArray(),salt,iterationCount,keyLength); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | public class PredictablePBEPasswordABMCCase1 { 4 | public static void main(String [] args){ 5 | PredictablePBEPasswordABMC1 ckp = new PredictablePBEPasswordABMC1(); 6 | String password = "sagar"; 7 | ckp.key(password); 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordABPSCase1 { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | 11 | public static void main(String [] args){ 12 | PredictablePBEPasswordABPSCase1 ckp = new PredictablePBEPasswordABPSCase1(); 13 | int choice=2; 14 | ckp.key(choice); 15 | } 16 | public void key(int choice) { 17 | String defaultKey = "saagar"; 18 | if (choice>1){ 19 | SecureRandom random = new SecureRandom(); 20 | defaultKey = String.valueOf(random.ints()); 21 | } 22 | byte [] salt = new byte[16]; 23 | SecureRandom sr = new SecureRandom(); 24 | sr.nextBytes(salt); 25 | int iterationCount = 11010; 26 | int keyLength = 16; 27 | pbeKeySpec = new PBEKeySpec(defaultKey.toCharArray(),salt,iterationCount,keyLength); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordABSCase1 { 8 | CryptoPredictablePBE crypto; 9 | public PredictablePBEPasswordABSCase1(){ 10 | String password = "sagar"; 11 | crypto = new CryptoPredictablePBE(password); 12 | crypto.method1(""); 13 | } 14 | } 15 | 16 | 17 | class CryptoPredictablePBE { 18 | String defPassword; 19 | private PBEKeySpec pbeKeySpec = null; 20 | private PBEParameterSpec pbeParamSpec = null; 21 | 22 | public CryptoPredictablePBE(String password){ 23 | 24 | defPassword = password; 25 | } 26 | 27 | public void method1(String passedPassword) { 28 | 29 | if(passedPassword.isEmpty()){ 30 | passedPassword = defPassword; 31 | } 32 | byte [] salt = new byte[16]; 33 | SecureRandom sr = new SecureRandom(); 34 | sr.nextBytes(salt); 35 | int iterationCount = 11010; 36 | int keyLength = 16; 37 | pbeKeySpec = new PBEKeySpec(passedPassword.toCharArray(),salt,iterationCount,keyLength); 38 | } 39 | } -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordBBCase1 { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | 11 | public static void main(String [] args){ 12 | PredictablePBEPasswordBBCase1 ckp = new PredictablePBEPasswordBBCase1(); 13 | ckp.key(); 14 | } 15 | public void key() { 16 | String defaultKey = "saagar"; 17 | byte [] salt = new byte[16]; 18 | SecureRandom sr = new SecureRandom(); 19 | sr.nextBytes(salt); 20 | int iterationCount = 11010; 21 | int keyLength = 16; 22 | pbeKeySpec = new PBEKeySpec(defaultKey.toCharArray(),salt,iterationCount,keyLength); 23 | } 24 | 25 | } 26 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordBBCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordBBCase2 { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | 11 | public static void main(String [] args){ 12 | PredictablePBEPasswordBBCase2 ckp = new PredictablePBEPasswordBBCase2(); 13 | ckp.key(); 14 | } 15 | public void key() { 16 | char [] defaultKey = {'s'}; 17 | byte [] salt = new byte[16]; 18 | SecureRandom sr = new SecureRandom(); 19 | sr.nextBytes(salt); 20 | int iterationCount = 11010; 21 | int keyLength = 16; 22 | pbeKeySpec = new PBEKeySpec(defaultKey,salt,iterationCount,keyLength); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictablepbepassword/PredictablePBEPasswordCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictablepbepassword; 2 | 3 | import javax.crypto.spec.PBEKeySpec; 4 | import javax.crypto.spec.PBEParameterSpec; 5 | import java.security.SecureRandom; 6 | 7 | public class PredictablePBEPasswordCorrected { 8 | private PBEKeySpec pbeKeySpec = null; 9 | private PBEParameterSpec pbeParamSpec = null; 10 | 11 | public static void main(String [] args){ 12 | PredictablePBEPasswordCorrected ckp = new PredictablePBEPasswordCorrected(); 13 | ckp.key(); 14 | } 15 | public void key() { 16 | SecureRandom random = new SecureRandom(); 17 | String password = String.valueOf(random.ints()); 18 | byte [] salt = new byte[16]; 19 | random.nextBytes(salt); 20 | int iterationCount = 11010; 21 | int keyLength = 16; 22 | pbeKeySpec = new PBEKeySpec(password.toCharArray(),salt,iterationCount,keyLength); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABHCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | import java.util.HashMap; 5 | import java.util.Map; 6 | 7 | public class PredictableSeedsABHCase2 { 8 | public static void main (String [] args){ 9 | Map hm = new HashMap(); 10 | hm.put("aaa", new Byte((byte) 100)); 11 | hm.put("bbb", new Byte((byte) 200)); 12 | hm.put("ccc", new Byte((byte) 300)); 13 | hm.put("ddd", new Byte((byte) 400)); 14 | 15 | byte b = hm.get("aaa"); 16 | byte [] seed = {b,b}; 17 | SecureRandom sr = new SecureRandom(); 18 | 19 | sr.setSeed(seed); 20 | int v = sr.nextInt(); 21 | System.out.println(v); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABHCase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | import java.util.HashMap; 5 | import java.util.Map; 6 | 7 | public class PredictableSeedsABHCase4 { 8 | public static void main (String [] args){ 9 | //byte seed = 100; 10 | SecureRandom random = new SecureRandom(); 11 | String str = String.valueOf(random.ints()); 12 | byte[] seed = str.getBytes(); 13 | 14 | Map hm = new HashMap(); 15 | hm.put("aaa", new Byte((byte) 100)); 16 | hm.put("bbb", new Byte((byte) 200)); 17 | hm.put("ccc", new Byte((byte) 300)); 18 | hm.put("ddd", new Byte((byte) 400)); 19 | 20 | byte b = hm.get("aaa"); 21 | 22 | SecureRandom sr = new SecureRandom(new byte[]{b}); 23 | int v = sr.nextInt(); 24 | System.out.println(v); 25 | } 26 | 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsABICase1 { 6 | public static void main (String [] args){ 7 | //long seed = 456789L; 8 | byte [] seed = {(byte) 100, (byte) 200}; 9 | go(seed); 10 | } 11 | private static void go(byte [] seed) { 12 | SecureRandom sr = new SecureRandom(); 13 | sr.setSeed(seed); 14 | int v = sr.nextInt(); 15 | System.out.println(v); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsABICase2 { 6 | public static void main (String [] args){ 7 | byte seed = 100; 8 | go(seed); 9 | } 10 | 11 | private static void go(byte seed) { 12 | SecureRandom sr = new SecureRandom(new byte[]{seed}); 13 | int v = sr.nextInt(); 14 | System.out.println(v); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsABICase3 { 6 | //public static final String DEFAULT_SEED = "456789"; 7 | public static final byte [] DEFAULT_SEED = {(byte) 100, (byte) 200}; 8 | private static byte[] SEED; 9 | private static byte[] seed; 10 | public static void main (String [] args){ 11 | go2(); 12 | go3(); 13 | go(); 14 | } 15 | 16 | private static void go2(){ 17 | SEED = DEFAULT_SEED; 18 | } 19 | private static void go3(){ 20 | seed = SEED; 21 | } 22 | 23 | private static void go() { 24 | SecureRandom sr = new SecureRandom(); 25 | sr.setSeed(seed); 26 | int v = sr.nextInt(); 27 | System.out.println(v); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABICase4.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsABICase4 { 6 | public static final String DEFAULT_SEED = "100"; 7 | private static char[] SEED; 8 | private static char[] seed; 9 | public static void main (String [] args){ 10 | go2(); 11 | go3(); 12 | go(); 13 | 14 | } 15 | 16 | private static void go2(){ 17 | SEED = DEFAULT_SEED.toCharArray(); 18 | } 19 | private static void go3(){ 20 | seed = SEED; 21 | } 22 | 23 | private static void go() { 24 | SecureRandom sr = new SecureRandom(new byte[]{Byte.parseByte(seed.toString())}); 25 | int v = sr.nextInt(); 26 | System.out.println(v); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABICase5.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | import java.security.SecureRandom; 3 | 4 | 5 | public class PredictableSeedsABICase5 { 6 | public static void main (String [] args){ 7 | //long seed = 456789L; 8 | byte [] seed = {(byte) 100, (byte) 200}; 9 | method1(seed); 10 | } 11 | public static void method1(byte[] s) { 12 | byte [] seed2 = s; 13 | method2(seed2); 14 | } 15 | private static void method2(byte [] seed) { 16 | SecureRandom sr = new SecureRandom(); 17 | sr.setSeed(seed); 18 | int v = sr.nextInt(); 19 | System.out.println(v); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABICase6.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsABICase6 { 6 | public static void main (String [] args){ 7 | byte seed = 100; 8 | method1(seed); 9 | } 10 | public static void method1(byte s) { 11 | byte seed2 = s; 12 | method2(seed2); 13 | } 14 | 15 | private static void method2(byte seed) { 16 | SecureRandom sr = new SecureRandom(new byte[]{seed}); 17 | int v = sr.nextInt(); 18 | System.out.println(v); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsABMC1 { 6 | public void go(byte[] seed) { 7 | SecureRandom sr = new SecureRandom(); 8 | sr.setSeed(seed); 9 | int v = sr.nextInt(); 10 | System.out.println(v); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABMC2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsABMC2 { 6 | public void go(byte seed) { 7 | SecureRandom sr = new SecureRandom(new byte[]{seed}); 8 | int v = sr.nextInt(); 9 | System.out.println(v); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | public class PredictableSeedsABMCCase1 { 4 | public static void main (String [] args){ 5 | //long seed = 456789L; 6 | PredictableSeedsABMC1 ps = new PredictableSeedsABMC1(); 7 | byte [] seed = {(byte) 100, (byte) 200}; 8 | ps.go(seed); 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABMCCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | public class PredictableSeedsABMCCase2 { 4 | public static void main (String [] args){ 5 | PredictableSeedsABMC2 ps = new PredictableSeedsABMC2(); 6 | byte seed = 100; 7 | ps.go(seed); 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | import java.security.SecureRandom; 3 | 4 | 5 | public class PredictableSeedsABPSCase1 { 6 | public static void main (String [] args){ 7 | SecureRandom sr = new SecureRandom(); 8 | int choice=2; 9 | byte [] bytes = {(byte) 100, (byte) 200}; 10 | if(choice>1) 11 | sr.nextBytes(bytes); 12 | 13 | sr.setSeed(bytes); 14 | int v = sr.nextInt(); 15 | System.out.println(v); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABPSCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | import java.security.SecureRandom; 3 | 4 | public class PredictableSeedsABPSCase2 { 5 | public static void main (String [] args){ 6 | SecureRandom sr2 = new SecureRandom(); 7 | int choice=2; 8 | byte [] seed = {(byte) 100, (byte) 200}; 9 | if(choice>1) 10 | sr2.nextBytes(seed); 11 | 12 | //byte seed = 100; 13 | //SecureRandom sr = new SecureRandom(new byte[]{seed}); 14 | SecureRandom sr = new SecureRandom(seed); 15 | int v = sr.nextInt(); 16 | System.out.println(v); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.IllegalBlockSizeException; 5 | import javax.crypto.NoSuchPaddingException; 6 | import java.io.UnsupportedEncodingException; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | import java.security.SecureRandom; 10 | 11 | public class PredictableSeedsABSCase1 { 12 | CryptoPredictableSeed1 crypto; 13 | public PredictableSeedsABSCase1() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 14 | 15 | //long seed = 456789L; 16 | byte [] seed = {(byte) 100, (byte) 200}; 17 | crypto = new CryptoPredictableSeed1(seed); 18 | crypto.method1(new byte[]{(byte)0, (byte)0}); 19 | } 20 | } 21 | 22 | class CryptoPredictableSeed1 { 23 | byte [] defSeed; 24 | 25 | public CryptoPredictableSeed1(byte [] seed) throws NoSuchPaddingException, NoSuchAlgorithmException { 26 | defSeed = seed; 27 | } 28 | 29 | public void method1(byte [] passedSeed) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 30 | 31 | passedSeed = defSeed; 32 | 33 | SecureRandom sr = new SecureRandom(); 34 | sr.setSeed(passedSeed); 35 | int v = sr.nextInt(); 36 | System.out.println(v); 37 | } 38 | } -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsABSCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import javax.crypto.BadPaddingException; 4 | import javax.crypto.IllegalBlockSizeException; 5 | import javax.crypto.NoSuchPaddingException; 6 | import java.io.UnsupportedEncodingException; 7 | import java.security.InvalidKeyException; 8 | import java.security.NoSuchAlgorithmException; 9 | import java.security.SecureRandom; 10 | 11 | public class PredictableSeedsABSCase2 { 12 | CryptoPredictableSeed2 crypto; 13 | public PredictableSeedsABSCase2() throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, UnsupportedEncodingException { 14 | byte seed = 100; 15 | crypto = new CryptoPredictableSeed2(seed); 16 | crypto.method1((byte) 20); 17 | } 18 | } 19 | 20 | class CryptoPredictableSeed2 { 21 | byte defSeed; 22 | 23 | public CryptoPredictableSeed2(byte seed) throws NoSuchPaddingException, NoSuchAlgorithmException { 24 | defSeed = seed; 25 | } 26 | 27 | public void method1(byte passedSeed) throws UnsupportedEncodingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException { 28 | 29 | passedSeed = defSeed; 30 | SecureRandom sr = new SecureRandom(new byte[]{passedSeed}); 31 | int v = sr.nextInt(); 32 | System.out.println(v); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsBBCase1 { 6 | 7 | public static void main (String [] args){ 8 | SecureRandom sr = new SecureRandom(); 9 | byte [] bytes = {(byte) 100, (byte) 200}; 10 | sr.setSeed(bytes); 11 | //sr.setSeed(456789L); // Noncompliant 12 | int v = sr.nextInt(); 13 | System.out.println(v); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsBBCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsBBCase2 { 6 | public static void main (String [] args){ 7 | byte seed = 100; 8 | SecureRandom sr = new SecureRandom(new byte[]{seed}); 9 | int v = sr.nextInt(); 10 | System.out.println(v); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/predictableseeds/PredictableSeedsCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.predictableseeds; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class PredictableSeedsCorrected { 6 | public static void main (String [] args){ 7 | SecureRandom sr = new SecureRandom(); 8 | long l = sr.nextLong(); 9 | sr.setSeed(l); 10 | int v = sr.nextInt(); 11 | System.out.println(v); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABHCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.io.UnsupportedEncodingException; 9 | import java.security.InvalidAlgorithmParameterException; 10 | import java.security.InvalidKeyException; 11 | import java.security.NoSuchAlgorithmException; 12 | 13 | public class StaticInitializationVectorABHCase1 { 14 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, UnsupportedEncodingException { 15 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 18 | 19 | byte [] bytes = "abcde".getBytes("UTF-8"); 20 | 21 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 22 | 23 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 24 | } 25 | 26 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, UnsupportedEncodingException { 27 | StaticInitializationVectorABHCase1 siv = new StaticInitializationVectorABHCase1(); 28 | siv.go(); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABHCase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.security.InvalidAlgorithmParameterException; 9 | import java.security.InvalidKeyException; 10 | import java.security.NoSuchAlgorithmException; 11 | import java.util.HashMap; 12 | import java.util.Map; 13 | 14 | public class StaticInitializationVectorABHCase2 { 15 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 16 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 17 | SecretKey key = keyGen.generateKey(); 18 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 19 | 20 | String name = "abcdef"; 21 | Map hm = new HashMap(); 22 | hm.put("aaa", "abcde"); 23 | hm.put("bbb", "fghij"); 24 | hm.put("ccc", "klmno"); 25 | hm.put("ddd", "pqrst"); 26 | 27 | String str = hm.get("aaa"); 28 | 29 | byte [] bytes = str.getBytes(); 30 | 31 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 32 | 33 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 34 | } 35 | 36 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 37 | StaticInitializationVectorABHCase2 siv = new StaticInitializationVectorABHCase2(); 38 | siv.go(); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.security.*; 9 | 10 | public class StaticInitializationVectorABICase1 { 11 | public void go(byte[] bytes) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 12 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 13 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 14 | SecretKey key = keyGen.generateKey(); 15 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 16 | 17 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 18 | } 19 | 20 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 21 | StaticInitializationVectorABICase1 siv = new StaticInitializationVectorABICase1(); 22 | byte [] bytes = "abcde".getBytes(); 23 | siv.go(bytes); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.security.InvalidAlgorithmParameterException; 9 | import java.security.InvalidKeyException; 10 | import java.security.NoSuchAlgorithmException; 11 | 12 | public class StaticInitializationVectorABICase2 { 13 | public static final String DEFAULT_INITIALIZATION = "abcde"; 14 | private static char[] INITIALIZATION; 15 | private static char[] initialization; 16 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 17 | IvParameterSpec ivSpec = new IvParameterSpec(new byte[]{Byte.parseByte(String.valueOf(initialization))}); 18 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 19 | SecretKey key = keyGen.generateKey(); 20 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 21 | 22 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 23 | } 24 | private static void go2(){ 25 | INITIALIZATION = DEFAULT_INITIALIZATION.toCharArray(); 26 | } 27 | private static void go3(){ 28 | initialization = INITIALIZATION; 29 | } 30 | 31 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 32 | StaticInitializationVectorABICase2 siv = new StaticInitializationVectorABICase2(); 33 | go2(); 34 | go3(); 35 | 36 | siv.go(); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.security.*; 9 | 10 | public class StaticInitializationVectorABICase3 { 11 | public static void method2(byte[] bytes) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 12 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 13 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 14 | SecretKey key = keyGen.generateKey(); 15 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 16 | 17 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 18 | } 19 | public static void method1 (byte[] bytes) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 20 | 21 | method2(bytes); 22 | } 23 | 24 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 25 | byte [] bytes = "abcde".getBytes(); 26 | 27 | method1(bytes); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.security.InvalidAlgorithmParameterException; 9 | import java.security.InvalidKeyException; 10 | import java.security.NoSuchAlgorithmException; 11 | 12 | public class StaticInitializationVectorABMC1 { 13 | public void go(byte [] bytes) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException { 14 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 15 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 16 | SecretKey key = keyGen.generateKey(); 17 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 18 | 19 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.NoSuchPaddingException; 4 | import java.security.InvalidAlgorithmParameterException; 5 | import java.security.InvalidKeyException; 6 | import java.security.NoSuchAlgorithmException; 7 | 8 | public class StaticInitializationVectorABMCCase1 { 9 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 10 | StaticInitializationVectorABMC1 siv = new StaticInitializationVectorABMC1(); 11 | byte [] bytes = "abcde".getBytes(); 12 | 13 | siv.go(bytes); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.*; 4 | import javax.crypto.spec.IvParameterSpec; 5 | import java.security.InvalidAlgorithmParameterException; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | import java.security.SecureRandom; 9 | 10 | public class StaticInitializationVectorABPSCase1 { 11 | public void go(int choice) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 15 | SecureRandom sr = new SecureRandom(); 16 | 17 | byte [] bytes = "abcde".getBytes(); 18 | 19 | if(choice>1){ 20 | bytes = new byte[16]; 21 | sr.nextBytes(bytes); 22 | } 23 | 24 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 25 | 26 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 27 | } 28 | 29 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 30 | StaticInitializationVectorABPSCase1 siv = new StaticInitializationVectorABPSCase1(); 31 | int choice = 2; 32 | siv.go(choice); 33 | } 34 | 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.security.InvalidAlgorithmParameterException; 9 | import java.security.InvalidKeyException; 10 | import java.security.NoSuchAlgorithmException; 11 | 12 | public class StaticInitializationVectorABSCase1 { 13 | CryptoStaticIV1 crypto; 14 | public StaticInitializationVectorABSCase1() throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException { 15 | byte [] bytes = "abcde".getBytes(); 16 | 17 | crypto = new CryptoStaticIV1(bytes); 18 | crypto.method1(null); 19 | } 20 | } 21 | 22 | class CryptoStaticIV1 { 23 | byte [] defIV; 24 | 25 | public CryptoStaticIV1(byte[] bytes) { 26 | defIV = bytes; 27 | } 28 | 29 | public void method1(byte[] passedIV) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException { 30 | 31 | passedIV = defIV; 32 | IvParameterSpec ivSpec = new IvParameterSpec(passedIV); 33 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 34 | SecretKey key = keyGen.generateKey(); 35 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 36 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 37 | 38 | } 39 | } 40 | 41 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.*; 4 | import javax.crypto.spec.IvParameterSpec; 5 | import java.security.InvalidAlgorithmParameterException; 6 | import java.security.InvalidKeyException; 7 | import java.security.NoSuchAlgorithmException; 8 | 9 | 10 | public class StaticInitializationVectorBBCase1 { 11 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 12 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 13 | SecretKey key = keyGen.generateKey(); 14 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 15 | 16 | 17 | byte [] bytes = "abcde".getBytes(); 18 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 19 | 20 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 21 | } 22 | 23 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 24 | StaticInitializationVectorBBCase1 siv = new StaticInitializationVectorBBCase1(); 25 | siv.go(); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticinitializationvector/StaticInitializationVectorCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticinitializationvector; 2 | 3 | import javax.crypto.Cipher; 4 | import javax.crypto.KeyGenerator; 5 | import javax.crypto.NoSuchPaddingException; 6 | import javax.crypto.SecretKey; 7 | import javax.crypto.spec.IvParameterSpec; 8 | import java.security.InvalidAlgorithmParameterException; 9 | import java.security.InvalidKeyException; 10 | import java.security.NoSuchAlgorithmException; 11 | import java.security.SecureRandom; 12 | 13 | 14 | /* 15 | public class StaticInitializationVectorCorrected { 16 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 17 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 18 | SecretKey key = keyGen.generateKey(); 19 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 20 | 21 | SecureRandom sr = new SecureRandom(); 22 | 23 | BigInteger i = BigInteger.valueOf(sr.nextInt()); 24 | byte [] bytes = i.toByteArray(); 25 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 26 | 27 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 28 | } 29 | 30 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 31 | StaticInitializationVectorCorrected siv = new StaticInitializationVectorCorrected(); 32 | siv.go(); 33 | } 34 | } 35 | */ 36 | 37 | public class StaticInitializationVectorCorrected { 38 | public void go() throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 39 | KeyGenerator keyGen = KeyGenerator.getInstance("AES"); 40 | SecretKey key = keyGen.generateKey(); 41 | Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); 42 | 43 | SecureRandom sr = new SecureRandom(); 44 | 45 | byte [] bytes = new byte[16]; 46 | sr.nextBytes(bytes); 47 | 48 | IvParameterSpec ivSpec = new IvParameterSpec(bytes); 49 | 50 | cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec); 51 | } 52 | 53 | public static void main (String [] args) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException { 54 | StaticInitializationVectorCorrected siv = new StaticInitializationVectorCorrected(); 55 | siv.go(); 56 | } 57 | } -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABHCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.util.HashMap; 5 | import java.util.Map; 6 | 7 | public class StaticSaltsABHCase1 { 8 | public static void main (String [] args){ 9 | StaticSaltsABHCase1 cs = new StaticSaltsABHCase1(); 10 | cs.key2(); 11 | } 12 | 13 | public void key2(){ 14 | Map hm = new HashMap(); 15 | hm.put("aaa", new Byte((byte) 0xa2)); 16 | hm.put("bbb", new Byte((byte) 0xa4)); 17 | hm.put("ccc", new Byte((byte) 0xa6)); 18 | hm.put("ddd", new Byte((byte) 0xa8)); 19 | 20 | byte b = hm.get("aaa"); 21 | 22 | PBEParameterSpec pbeParamSpec = null; 23 | byte[] salt = {b,b}; 24 | int count = 1020; 25 | pbeParamSpec = new PBEParameterSpec(salt, count); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABICase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | 5 | public class StaticSaltsABICase1 { 6 | 7 | public static void main(String [] args){ 8 | StaticSaltsABICase1 cs = new StaticSaltsABICase1(); 9 | byte[] salt = {(byte) 0xa2}; 10 | int count = 1020; 11 | cs.key2(salt,count); 12 | 13 | } 14 | public void key2(byte[] salt, int count){ 15 | PBEParameterSpec pbeParamSpec = null; 16 | pbeParamSpec = new PBEParameterSpec(salt, count); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABICase2.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | 5 | public class StaticSaltsABICase2 { 6 | public static final String DEFAULT_SALT = "12345"; 7 | private static char[] SALT; 8 | private static char[] salt; 9 | public static void main(String [] args){ 10 | StaticSaltsABICase2 cs = new StaticSaltsABICase2(); 11 | int count = 1020; 12 | go2(); 13 | go3(); 14 | cs.key2(count); 15 | 16 | } 17 | 18 | private static void go2(){ 19 | SALT = DEFAULT_SALT.toCharArray(); 20 | } 21 | private static void go3(){ 22 | salt = SALT; 23 | } 24 | 25 | public void key2(int count){ 26 | PBEParameterSpec pbeParamSpec = null; 27 | pbeParamSpec = new PBEParameterSpec(new byte[]{Byte.parseByte(salt.toString())}, count); 28 | } 29 | } 30 | 31 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABICase3.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | 5 | public class StaticSaltsABICase3 { 6 | public static void main(String [] args){ 7 | byte[] salt = {(byte) 0xa2}; 8 | int count = 1020; 9 | method1(salt,count); 10 | } 11 | public static void method1(byte[] s, int c){ 12 | int count2 = c; 13 | method2(s,count2); 14 | } 15 | 16 | public static void method2(byte[] salt, int count){ 17 | PBEParameterSpec pbeParamSpec = null; 18 | pbeParamSpec = new PBEParameterSpec(salt, count); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABMC1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | 5 | public class StaticSaltsABMC1 { 6 | public void key2(byte[] salt, int count) { 7 | PBEParameterSpec pbeParamSpec = null; 8 | pbeParamSpec = new PBEParameterSpec(salt, count); 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABMCCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | public class StaticSaltsABMCCase1 { 4 | public static void main(String [] args){ 5 | StaticSaltsABMC1 cs = new StaticSaltsABMC1(); 6 | byte[] salt = {(byte) 0xa2}; 7 | int count = 1020; 8 | cs.key2(salt,count); 9 | 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABPSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | import javax.crypto.spec.PBEParameterSpec; 3 | import java.security.SecureRandom; 4 | 5 | public class StaticSaltsABPSCase1 { 6 | public static void main (String [] args){ 7 | StaticSaltsABPSCase1 cs = new StaticSaltsABPSCase1(); 8 | int choice=2; 9 | cs.key2(choice); 10 | } 11 | 12 | public void key2(int choice){ 13 | PBEParameterSpec pbeParamSpec = null; 14 | SecureRandom sr2 = new SecureRandom(); 15 | byte[] salt = {(byte) 0xa2}; 16 | if(choice>1) 17 | sr2.nextBytes(salt); 18 | int count = 1020; 19 | pbeParamSpec = new PBEParameterSpec(salt, count); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsABSCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | 5 | public class StaticSaltsABSCase1 { 6 | CryptoStaticSalt1 crypto; 7 | public StaticSaltsABSCase1() { 8 | byte[] salt = {(byte) 0xa2}; 9 | crypto = new CryptoStaticSalt1(salt); 10 | crypto.method1(null); 11 | } 12 | } 13 | 14 | 15 | class CryptoStaticSalt1 { 16 | byte[] defSalt; 17 | 18 | public CryptoStaticSalt1(byte [] salt) { 19 | defSalt = salt; 20 | } 21 | 22 | public void method1(byte[] passedSalt) { 23 | 24 | passedSalt = defSalt; 25 | int count = 1020; 26 | PBEParameterSpec pbeParamSpec = null; 27 | pbeParamSpec = new PBEParameterSpec(passedSalt, count); 28 | 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsBBCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | 5 | public class StaticSaltsBBCase1 { 6 | public static void main (String [] args){ 7 | StaticSaltsBBCase1 cs = new StaticSaltsBBCase1(); 8 | cs.key2(); 9 | } 10 | 11 | public void key2(){ 12 | PBEParameterSpec pbeParamSpec = null; 13 | byte[] salt = {(byte) 0xa2}; 14 | int count = 1020; 15 | pbeParamSpec = new PBEParameterSpec(salt, count); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/staticsalts/StaticSaltsCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.staticsalts; 2 | 3 | import javax.crypto.spec.PBEParameterSpec; 4 | import java.security.SecureRandom; 5 | 6 | public class StaticSaltsCorrected { 7 | public static void main(String [] args){ 8 | StaticSaltsCorrected cs = new StaticSaltsCorrected(); 9 | cs.key2(); 10 | } 11 | public void key2(){ 12 | SecureRandom random = new SecureRandom(); 13 | PBEParameterSpec pbeParamSpec = null; 14 | byte[] salt = new byte[32]; 15 | random.nextBytes(salt); 16 | int count = 1020; 17 | pbeParamSpec = new PBEParameterSpec(salt, count); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/untrustedprng/UntrustedPRNGCase1.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.untrustedprng; 2 | 3 | import java.util.Random; 4 | 5 | public class UntrustedPRNGCase1 { 6 | public static void main(String [] args) 7 | { 8 | Random randomGenerator = new Random(); 9 | int x = randomGenerator.nextInt(); 10 | System.out.println(x); 11 | } 12 | 13 | 14 | 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/org/cryptoapi/bench/untrustedprng/UntrustedPRNGCorrected.java: -------------------------------------------------------------------------------- 1 | package org.cryptoapi.bench.untrustedprng; 2 | 3 | import java.security.SecureRandom; 4 | 5 | public class UntrustedPRNGCorrected { 6 | 7 | 8 | public static void main(String [] args) 9 | { 10 | SecureRandom random = new SecureRandom(); 11 | int x = random.nextInt(); 12 | System.out.println(x); 13 | } 14 | } 15 | --------------------------------------------------------------------------------