序

本文主要研究一下jasypt的IVGenerator

IVGenerator

org/jasypt/salt/IVGenerator.java

/*** <p>* Common interface for all IV generators which can be applied in digest* or encryption operations.* </p>* <p>* <b>Every implementation of this interface must be thread-safe</b>.* </p>** @since 1.9.3** @author Alex Scal**/
public interface IVGenerator {/*** <p>* This method will be called for requesting the generation of a new* IV of the specified length.* </p>** @param length the requested length for the IV.* @return the generated IV.*/byte[] generateIV(int length);/*** <p>* Determines if the digests and encrypted messages created with a* specific IV generator will include (prepended) the unencrypted* IV itself, so that it can be used for matching and decryption* operations.* </p>* <p>* Generally, including the IV unencrypted in encryption results will* be mandatory for randomly generated IVs, or for those generated in a* non-predictable manner.* Otherwise, digest matching and decryption operations will always fail.* </p>** @return whether the plain (unencrypted) IV has to be included in*         encryption results or not.*/public boolean includePlainIVInEncryptionResults();}

IVGenerator定义了generateIV及includePlainIVInEncryptionResults方法，它有三个实现类，分别是NoOpIVGenerator、StringFixedIVGenerator、RandomIVGenerator

NoOpIVGenerator

public class NoOpIVGenerator implements IVGenerator {/*** Return IV with the specified byte length.** @param lengthBytes length in bytes.* @return the generated salt.*/ @Overridepublic byte[] generateIV(final int lengthBytes) {return null;}/*** As this salt generator provides a fixed IV, its inclusion* unencrypted in encryption results* is not necessary, and in fact not desirable (so that it remains hidden).** @return false*/@Overridepublic boolean includePlainIVInEncryptionResults() {return false;}}

主要用于解密旧版(不使用iv)的密码

StringFixedIVGenerator

org/jasypt/salt/StringFixedIVGenerator.java

public class StringFixedIVGenerator implements IVGenerator {private static final String DEFAULT_CHARSET = "UTF-8";private final String iv;private final String charset;private final byte[] ivBytes;/*** Creates a new instance of <tt>FixedStringIVGenerator</tt> using* the default charset.** @param iv the specified salt.*/public StringFixedIVGenerator(final String iv) {this(iv, null);}/*** Creates a new instance of <tt>FixedStringIVGenerator</tt>** @param iv the specified salt.* @param charset the specified charset*/public StringFixedIVGenerator(final String iv, final String charset) {super();CommonUtils.validateNotNull(iv, "IV cannot be set null");this.iv = iv;this.charset = (charset != null? charset : DEFAULT_CHARSET);try {this.ivBytes = this.iv.getBytes(this.charset);} catch (UnsupportedEncodingException e) {throw new EncryptionInitializationException("Invalid charset specified: " + this.charset);}}/*** Return IV with the specified byte length.** @param lengthBytes length in bytes.* @return the generated salt.*/public byte[] generateIV(final int lengthBytes) {if (this.ivBytes.length < lengthBytes) {throw new EncryptionInitializationException("Requested IV larger than set");}final byte[] generatedIV = new byte[lengthBytes];System.arraycopy(this.ivBytes, 0, generatedIV, 0, lengthBytes);return generatedIV;}/*** As this salt generator provides a fixed IV, its inclusion* unencrypted in encryption results* is not necessary, and in fact not desirable (so that it remains hidden).** @return false*/@Overridepublic boolean includePlainIVInEncryptionResults() {return false;}}

StringFixedIVGenerator根据固定的值和长度来生成iv，如果固定值的长度小于请求生成iv的长度则抛出EncryptionInitializationException，否则从前面取指定长度返回

RandomIVGenerator

org/jasypt/salt/RandomIVGenerator.java

public class RandomIVGenerator implements IVGenerator {/*** The default algorithm to be used for secure random number* generation: set to SHA1PRNG.*/private static final String GENERATOR_ALGORITHM = "SHA1PRNG";private final SecureRandom random;/*** Creates a new instance of <tt>RandomIVGenerator</tt> using the* default secure random number generation algorithm.*/public RandomIVGenerator() {this(GENERATOR_ALGORITHM);}/*** Creates a new instance of <tt>RandomIVGenerator</tt> specifying a* secure random number generation algorithm.** @since 1.9.3**/public RandomIVGenerator(String secureRandomAlgorithm) {super();try {this.random = SecureRandom.getInstance(secureRandomAlgorithm);} catch (NoSuchAlgorithmException e) {throw new EncryptionInitializationException(e);}}/*** Generate a random IV of the specified length in bytes.** @param length length in bytes.* @return the generated IV.*/@Overridepublic byte[] generateIV(int length) {byte[] iv = new byte[length / 8];random.nextBytes(iv);return iv;}/*** This IV generator needs the salt to be included unencrypted in* encryption results, because of its being random. This method will always* return true.** @return true*/@Overridepublic boolean includePlainIVInEncryptionResults() {return true;}
}

RandomIVGenerator可以根据传入的secureRandomAlgorithm来生成iv，如果不传默认是SHA1PRNG

PBES2Core

com/sun/crypto/provider/PBES2Core.java

protected void engineInit(int opmode, Key key,AlgorithmParameterSpec params,SecureRandom random)throws InvalidKeyException, InvalidAlgorithmParameterException {if (key == null) {throw new InvalidKeyException("Null key");}byte[] passwdBytes = key.getEncoded();char[] passwdChars = null;PBEKeySpec pbeSpec;try {if ((passwdBytes == null) ||!(key.getAlgorithm().regionMatches(true, 0, "PBE", 0, 3))) {throw new InvalidKeyException("Missing password");}// TBD: consolidate the salt, ic and IV parameter checks below// Extract salt and iteration count from the key, if presentif (key instanceof javax.crypto.interfaces.PBEKey) {salt = ((javax.crypto.interfaces.PBEKey)key).getSalt();if (salt != null && salt.length < 8) {throw new InvalidAlgorithmParameterException("Salt must be at least 8 bytes long");}iCount = ((javax.crypto.interfaces.PBEKey)key).getIterationCount();if (iCount == 0) {iCount = DEFAULT_COUNT;} else if (iCount < 0) {throw new InvalidAlgorithmParameterException("Iteration count must be a positive number");}}// Extract salt, iteration count and IV from the params, if presentif (params == null) {if (salt == null) {// generate random salt and use default iteration countsalt = new byte[DEFAULT_SALT_LENGTH];random.nextBytes(salt);iCount = DEFAULT_COUNT;}if ((opmode == Cipher.ENCRYPT_MODE) ||(opmode == Cipher.WRAP_MODE)) {// generate random IVbyte[] ivBytes = new byte[blkSize];random.nextBytes(ivBytes);ivSpec = new IvParameterSpec(ivBytes);}} else {if (!(params instanceof PBEParameterSpec)) {throw new InvalidAlgorithmParameterException("Wrong parameter type: PBE expected");}// salt and iteration count from the params take precedencebyte[] specSalt = ((PBEParameterSpec) params).getSalt();if (specSalt != null && specSalt.length < 8) {throw new InvalidAlgorithmParameterException("Salt must be at least 8 bytes long");}salt = specSalt;int specICount = ((PBEParameterSpec) params).getIterationCount();if (specICount == 0) {specICount = DEFAULT_COUNT;} else if (specICount < 0) {throw new InvalidAlgorithmParameterException("Iteration count must be a positive number");}iCount = specICount;AlgorithmParameterSpec specParams =((PBEParameterSpec) params).getParameterSpec();if (specParams != null) {if (specParams instanceof IvParameterSpec) {ivSpec = (IvParameterSpec)specParams;} else {throw new InvalidAlgorithmParameterException("Wrong parameter type: IV expected");}} else if ((opmode == Cipher.ENCRYPT_MODE) ||(opmode == Cipher.WRAP_MODE)) {// generate random IVbyte[] ivBytes = new byte[blkSize];random.nextBytes(ivBytes);ivSpec = new IvParameterSpec(ivBytes);} else {throw new InvalidAlgorithmParameterException("Missing parameter type: IV expected");}}passwdChars = new char[passwdBytes.length];for (int i = 0; i < passwdChars.length; i++)passwdChars[i] = (char) (passwdBytes[i] & 0x7f);pbeSpec = new PBEKeySpec(passwdChars, salt, iCount, keyLength);// password char[] was cloned in PBEKeySpec constructor,// so we can zero it out here} finally {if (passwdChars != null) Arrays.fill(passwdChars, '\0');if (passwdBytes != null) Arrays.fill(passwdBytes, (byte)0x00);}SecretKey s = null;try {s = kdf.engineGenerateSecret(pbeSpec);} catch (InvalidKeySpecException ikse) {InvalidKeyException ike =new InvalidKeyException("Cannot construct PBE key");ike.initCause(ikse);throw ike;}byte[] derivedKey = s.getEncoded();SecretKeySpec cipherKey = new SecretKeySpec(derivedKey, cipherAlgo);// initialize the underlying ciphercipher.init(opmode, cipherKey, ivSpec, random);}

PBES2Core的engineInit在PBEParameterSpec的PBEParameterSpec不为null但又不是IvParameterSpec类型时抛出InvalidAlgorithmParameterException(“Wrong parameter type: IV expected”)异常；如果是encrypt或者wrap模式，如果不传iv则会自动生成，而不是encrypt或者wrap模式(一般是decrypt模式)，则在iv为null时抛出InvalidAlgorithmParameterException(“Missing parameter type: IV expected”)异常

小结

IVGenerator定义了generateIV及includePlainIVInEncryptionResults方法，它有三个实现类，分别是NoOpIVGenerator、StringFixedIVGenerator、RandomIVGenerator；对于PBE算法，如果iv不传，在decrypt模式会抛出InvalidAlgorithmParameterException(“Missing parameter type: IV expected”)异常。