salt and pepper #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

Bilnaa merged 2 commits into develop from feat/Story20_Sel_Poivre_HMAC

Dec 20, 2024

.idea/libraries/bytedeco_javacv_platform.xml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

.idea/libraries/fasterxml_jackson_core_databind.xml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

ByteWarden.iml

-Original file line number
+Diff line change
@@ Expand Up / @@ -19,5 +19,6 @@ @@
         </orderEntry>
         <orderEntry type="library" name="google.code.gson" level="project" />
         <orderEntry type="library" name="bytedeco.javacv.platform" level="project" />
+        <orderEntry type="library" name="fasterxml.jackson.core.databind" level="project" />
       </component>
     </module>

databases.json

-Original file line number
+Diff line change
@@ -1,2 +1,18 @@
     {
+      "llucas": {
+        "name": "llucas",
+        "hashPassword": "eebc1115b82aea1ee598f927e19500c75d2e318eaa9d83fa5a7513e26dea608b",
+        "encryptionMap": {
+          "RotX": "12"
+        },
+        "salt": "NTNcG1Mv\u002604K"
+      },
+      "test": {
+        "name": "test",
+        "hashPassword": "6b3fcb519f1dac8495538eed6bf3963faf7d7a6762d6789869a2cb51a9bca91d",
+        "encryptionMap": {
+          "RotX": "12"
+        },
+        "salt": "sP5s3cWwMsOX"
+      }
     }

llucas.json

-Original file line number
+Diff line change
@@ -0,0 +1,9 @@
+    {
+      "eufqe": [
+        {
+          "bmeeiadp": "rlrqlr",
+          "eufqZmyq": "kagfgnq",
+          "geqdzmyq": "lplp"
+        }
+      ]
+    }

pepper.json

-Original file line number
+Diff line change
@@ -0,0 +1,3 @@
+    {
+      "pepper": "jesuisunpoivre"
+    }

src/Classes/DatabasesManager.java

-Original file line number
+Diff line change
@@ -1,5 +1,6 @@
     package Classes;
+    import com.fasterxml.jackson.databind.ObjectMapper;
     import com.google.gson.Gson;
     import com.google.gson.GsonBuilder;
     import com.google.gson.reflect.TypeToken;
@@ Expand All / @@ -25,21 +26,34 @@ public DatabasesManager(File databasesFile) { @@
         public boolean verifyDatabase(String dbName, String password) {
             if (!databases.containsKey(dbName)) return false;
             Database database = databases.get(dbName);
-            String hashedPassword = sha256.calculateHash(password);
+            String pepper = readPepperFromJson("pepper.json");
+            String hashedPassword = sha256.calculateHash(database.getSalt() + password + pepper);
             return database.getHashPassword().equals(hashedPassword);
         }
         //create database object with user inputs
         public void createDatabase(String dbName, String password, Map<String, String> encryptionMap) {
             if (databases.containsKey(dbName)) {
                 throw new IllegalArgumentException("Database already exists.");
             }
-            String hashedPassword = sha256.calculateHash(password);
-            Database newDatabase = new Database(dbName, hashedPassword, encryptionMap);
-            databases.put(dbName, newDatabase); //add the dbname and the db object to a map
-            saveDatabases();//save the map
+            String pepper = readPepperFromJson("pepper.json");
+            String salt = PasswordUtils.generateRandomPassword(12);
+            String hashedPassword = sha256.calculateHash(salt + password + pepper);
+            Database newDatabase = new Database(dbName, hashedPassword, encryptionMap, salt);
+            databases.put(dbName, newDatabase);
+            saveDatabases();
         }
+        private String readPepperFromJson(String filePath) {
+            ObjectMapper objectMapper = new ObjectMapper();
+            try {
+                Map<String, String> jsonMap = objectMapper.readValue(new File(filePath), Map.class);
+                return jsonMap.get("pepper");
+            } catch (IOException e) {
+                e.printStackTrace();
+                return "";
+            }
+        }
         private Map<String, Database> loadDatabases() {
             if (!databasesFile.exists()) return new HashMap<>();
             try (FileReader reader = new FileReader(databasesFile)) {
@@ Expand Down Expand Up / @@ -67,11 +81,12 @@ public static class Database { @@
             private final String name;
             private final String hashPassword;
             private final Map<String, String> encryptionMap;
-            public Database(String name, String hashPassword, Map<String, String> encryptionMap) {
+            private final String salt;
+            public Database(String name, String hashPassword, Map<String, String> encryptionMap, String salt) {
                 this.name = name;
                 this.hashPassword = hashPassword;
                 this.encryptionMap = encryptionMap;
+                this.salt = salt;
             }
             public String getName() {
@@ Expand All / @@ -85,6 +100,11 @@ public String getHashPassword() { @@
             public Map<String, String> getEncryptionMap() {
                 return encryptionMap;
             }
+            public String getSalt(){
+                return salt;
+            }
         }
         //method to get the encryption map for the encryption and decryption during the database user selection
         public Map<String, String> getEncryptionMap(String dbName) {
@@ Expand Down @@

src/Classes/Menu.java

-Original file line number
+Diff line change
@@ Expand Up / @@ -64,6 +64,7 @@ else if (dbChoice == 2) { @@
                 System.out.println("Generated password: " + password);
                 // Ask the user for encryption methods
                 Map<String, String> encryptionMap = new HashMap<>();
                 boolean addMoreEncryptions = true;
@@ Expand Down Expand Up / @@ -102,7 +103,6 @@ else if (dbChoice == 2) { @@
                         default -> System.out.println("Invalid choice. Please choose a valid encryption method.");
                     }
                 }
                 // Create the new database with the given name, password, and encryption map
                 dbManager.createDatabase(dbName, password, encryptionMap);
@@ Expand Down @@

src/Classes/Sha256.java

-Original file line number
+Diff line change
@@ Expand Up / @@ -4,6 +4,7 @@ @@
     public class Sha256 extends Hash {
+        // function to calculate hash
         @Override
         public String calculateHash(String input) {
             try {
@@ Expand Down @@

src/Classes/VigenereAlgo.java

-Original file line number
+Diff line change
@@ Expand Up @@
                 // Only encrypt alphabetic characters
                 if (Character.isLetter(pi)) {
                     boolean isUpperCase = Character.isUpperCase(pi);
-                    char normalizedPi = Character.toLowerCase(pi);
+                    char normalizedPi = Character.toLowerCase(pi); // the calculations are based on lowerCase alphabet
                     char ki = key.charAt(keyIndex++);
-                    // Encryption formula: Ci = (Pi + Ki) mod 26
+                    // encrypt formula
+                    // normalizedPi - a : converts the character to an index between 0 and 25 (ex : normalizedPi = 'c' (ASCII 99), then 'c' - 'a' = 99-97 = 2)
+                    // ki - 'a' similarly normalizes the key character to the same 0–25 range.
+                    // normalizedPi - 'a' and ki - 'a' are added together to combine the plaintext and key in the normalized alphabet range.
+                    // % 26 ensures the result wraps around if it exceeds 25 (e.g., for 'z').
+                    // Example: If normalizedPi = 'z' (25) and ki = 'y' (24), then:
+                    // (25 + 24) % 26 = 49 % 26 = 23 (which corresponds to 'x').
+                    // + 'a' converts the normalized result (0–25) back into a valid ASCII character (alphabetical range).
+                    // Example: If the result is 2, adding 'a' (97) gives 99, which corresponds to 'c' in ASCII.
+                   // (char) : Casts the result back to a character
                     char ci = (char) (((normalizedPi - 'a' + ki - 'a') % 26) + 'a');
+                    // + 'a' converts the normalized result (0 - 25) back into a valid ASCII character (97-122)
                     encryptedText.append(isUpperCase ? Character.toUpperCase(ci) : ci);
                 } else {
                     // Keep non-alphabetic characters unchanged
@@ Expand Down @@

src/Tests/DatabasesManagerTest.java

-Original file line number
+Diff line change
@@ -1,109 +0,0 @@
-    package Tests;
-    import Classes.DatabasesManager;
-    import Classes.Sha256;
-    import org.junit.*;
-    import static org.junit.Assert.*;
-    import java.io.File;
-    import java.io.FileWriter;
-    import java.io.IOException;
-    import java.util.HashMap;
-    import java.util.Map;
-    public class DatabasesManagerTest {
-        private static File testFile;
-        private DatabasesManager manager;
-        @BeforeClass
-        public static void setUpBeforeClass() throws IOException {
-            testFile = new File("testDatabases.json");
-            if (testFile.exists()) {
-                testFile.delete();
-            }
-            testFile.createNewFile();
-        }
-        @AfterClass
-        public static void tearDownAfterClass() {
-            if (testFile.exists()) {
-                testFile.delete();
-            }
-        }
-        @Before
-        public void setUp() {
-            manager = new DatabasesManager(testFile);
-        }
-        @After
-        public void tearDown() {
-            if (testFile.exists()) {
-                testFile.delete();
-            }
-        }
-        @Test
-        public void testCreateDatabase() {
-            String dbName = "TestDB";
-            String password = "password123";
-            Map<String, String> encryptionMap = new HashMap<>();
-            encryptionMap.put("key1", "value1");
-            manager.createDatabase(dbName, password, encryptionMap);
-            assertTrue(manager.verifyDatabase(dbName, password));
-            assertEquals(encryptionMap, manager.getEncryptionMap(dbName));
-        }
-        @Test(expected = IllegalArgumentException.class)
-        public void testCreateDatabaseDuplicate() {
-            String dbName = "TestDB";
-            String password = "password123";
-            Map<String, String> encryptionMap = new HashMap<>();
-            manager.createDatabase(dbName, password, encryptionMap);
-            manager.createDatabase(dbName, password, encryptionMap);
-        }
-        @Test
-        public void testVerifyDatabase() {
-            String dbName = "TestDB";
-            String password = "password123";
-            Map<String, String> encryptionMap = new HashMap<>();
-            manager.createDatabase(dbName, password, encryptionMap);
-            assertTrue(manager.verifyDatabase(dbName, password));
-            assertFalse(manager.verifyDatabase(dbName, "wrongPassword"));
-            assertFalse(manager.verifyDatabase("NonExistentDB", password));
-        }
-        @Test
-        public void testLoadDatabases() throws IOException {
-            // Pre-populate the test file with data
-            String dbName = "TestDB";
-            Sha256 sha256 = new Sha256();
-            String passwordHash = sha256    .calculateHash("password123");
-            Map<String, String> encryptionMap = new HashMap<>();
-            encryptionMap.put("key1", "value1");
-            Map<String, DatabasesManager.Database> preloadedData = new HashMap<>();
-            preloadedData.put(dbName, new DatabasesManager.Database(dbName, passwordHash, encryptionMap));
-            try (FileWriter writer = new FileWriter(testFile)) {
-                writer.write(new com.google.gson.GsonBuilder().setPrettyPrinting().create().toJson(preloadedData));
-            }
-            manager = new DatabasesManager(testFile);
-            assertTrue(manager.verifyDatabase(dbName, "password123"));
-            assertEquals(encryptionMap, manager.getEncryptionMap(dbName));
-        }
-        @Test(expected = IllegalArgumentException.class)
-        public void testGetEncryptionMapForNonExistentDatabase() {
-            manager.getEncryptionMap("NonExistentDB");
-        }
-    }

test.json

-Original file line number
+Diff line change
@@ -0,0 +1,9 @@
+    {
+      "eufqe": [
+        {
+          "bmeeiadp": "xutosh",
+          "eufqZmyq": "uzefm",
+          "geqdzmyq": "xgome"
+        }
+      ]
+    }

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

salt and pepper #19

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!

Uh oh!

Uh oh!