init

.gitignore

@@ -1,6 +1,7 @@
-*.class
-
-# Package Files #
-*.jar
-*.war
-*.ear
+/target
+.idea
+.settings
+target
+.classpath
+.project
+PasswordSecurityModule.iml

README.md

@@ -1,4 +1,56 @@
-password-security
-=================
+# README #
 
-A module that encrypt and encode passwords. It also generate fake passwords.
+## Getting Started ##
+
+If you use maven, you need a maven build from the project. Then you can use the following dependency:
+
+    <groupId>com.lightszentip.module</groupId>
+	<artifactId>password-security</artifactId>
+	<version>1.0.0-RELEASE</version>
+
+## Use it ##
+**First**
+
+Create a new instance of "PasswordModule":
+
+    public PasswordModuleImpl(String secretId, String secretSaltPw, String secureSaltKey, EncryptionType typeEncrypt, AlgorithmType typeEncod, int randomPasswordLength) {
+
+> secretId - Salt value for encryption and encoding
+> secretSaltPw - Salt value for password encoding
+> secureSaltKey - Salt value for encryption
+> typeEncrypt - Type for encryption
+> typeEncod - Type for encoding
+> randomPasswordLength - Length for fake passwords (honeywords)
+
+**Second**
+
+This function generate a random password:
+
+    public String generateRandomPassword(int length);
+
+This function generate a password with encryption and encoding:
+
+    public String getCodePassword(String password)
+
+This function generate a password with encryption and encoding and fake passwords:
+
+    public String[] getHoneyPasswordList(String password, int size)
+
+This function checks, is the variable password the right password. For this you need the whole list from  "getHoneyPasswordList":
+
+    checkPassword(String[] passwordArray, String password)
+
+If you want to encryption other values, you can use the following functions:
+
+    public String encrypt(String value, String key, EncryptionType type);
+    public String decrypt(String value, String key, EncryptionType type);
+
+**Example**
+
+    PasswordModule passwordEncoder = new PasswordModuleImpl("secretid", "salt", "ThisIsaSaltValue", EncryptionType.AES, AlgorithmType.SHA_512, 20);
+    String[] passwordArray = passwordEncoder.getHoneyPasswordList("test", values);
+    Assert.assertTrue(passwordEncoder.checkPassword(passwordArray, passwordEncoder.getCodePassword("test")));
+
+## java.security.InvalidKeyException: Illegal key size or default parameters ##
+
+If you get the exception, then you need to download "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files".

pom.xml

@@ -0,0 +1,89 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<groupId>com.lightszentip.module</groupId>
+	<artifactId>password-security</artifactId>
+	<version>1.0.0-RELEASE</version>
+	<packaging>jar</packaging>
+
+	<name>PasswordSecurityModule</name>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<maven.compiler.source>1.6</maven.compiler.source>
+		<maven.compiler.target>1.6</maven.compiler.target>
+		<plugin.maven.jar.version>2.4</plugin.maven.jar.version>
+		<plugin.junit.version>4.11</plugin.junit.version>
+		<plugin.commoncodec.version>1.8</plugin.commoncodec.version>
+		<props.maven.version>3.0.3</props.maven.version>
+		<java-version>1.6</java-version>
+	</properties>
+
+	<prerequisites>
+		<maven>${props.maven.version}</maven>
+	</prerequisites>
+
+	<licenses>
+		<license>
+			<name>Apache 2</name>
+			<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+			<distribution>repo</distribution>
+			<comments>A business-friendly OSS license</comments>
+		</license>
+	</licenses>
+
+
+	<developers>
+		<developer>
+			<name>Tobias Gafner</name>
+			<email>lightszentip@googlemail.com</email>
+			<roles>
+				<role>Main Developer</role>
+			</roles>
+		</developer>
+	</developers>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcprov-jdk16</artifactId>
+			<version>1.46</version>
+		</dependency>
+		<!-- Utils -->
+		<dependency>
+			<groupId>commons-codec</groupId>
+			<artifactId>commons-codec</artifactId>
+			<version>${plugin.commoncodec.version}</version>
+		</dependency>
+		<!-- Tests -->
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<version>${plugin.junit.version}</version>
+			<scope>test</scope>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<version>3.1</version>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-jar-plugin</artifactId>
+				<version>${plugin.maven.jar.version}</version>
+				<configuration>
+					<archive>
+						<manifest>
+							<addClasspath>true</addClasspath>
+						</manifest>
+					</archive>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+</project>

src/main/java/com/lightszentip/module/security/password/PasswordModule.java

@@ -0,0 +1,83 @@
+/** 
+ * Copyright 2013 Tobias Gafner
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *     
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.lightszentip.module.security.password;
+
+import java.io.UnsupportedEncodingException;
+import java.security.GeneralSecurityException;
+import java.security.NoSuchAlgorithmException;
+
+import com.lightszentip.module.security.password.util.EncryptionType;
+
+public interface PasswordModule {
+
+    /**
+     * Password check
+     * 
+     * @param passwordArray
+     * @param password
+     * @return
+     * @throws UnsupportedEncodingException
+     * @throws GeneralSecurityException
+     */
+    public boolean checkPassword(String[] passwordArray, String password) throws UnsupportedEncodingException, GeneralSecurityException;
+
+    /**
+     * Decrtypt a value
+     * @param value
+     * @param key
+     * @param type
+     * @return
+     */
+    public String decrypt(String value, String key, EncryptionType type);
+
+    /**
+     * Encrypt a value
+     * @param value
+     * @param key
+     * @param type
+     * @return
+     */
+    public String encrypt(String value, String key, EncryptionType type);
+
+    /**
+     * 
+     * @param length
+     * @return
+     */
+    public String generateRandomPassword(int length);
+
+    /**
+     * Get password as code password
+     * 
+     * @param password
+     * @return
+     * @throws UnsupportedEncodingException
+     * @throws GeneralSecurityException
+     */
+    public String getCodePassword(String password) throws UnsupportedEncodingException, GeneralSecurityException;
+
+    /**
+     * Generate password list
+     * 
+     * @param password
+     * @param size
+     * @return
+     * @throws NoSuchAlgorithmException
+     * @throws UnsupportedEncodingException
+     */
+    public String[] getHoneyPasswordList(String password, int size) throws NoSuchAlgorithmException, UnsupportedEncodingException;
+
+}