updates code (pbkdf2 iterations to 10000, salt size to 32 bytes, exception only log name)

Author: kmindi

CHANGELOG.md

@@ -7,6 +7,13 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Changed
+- Increased PBKDF2 salt size to 32 bytes (equal to SHA-256 size)
+- Increased PBKDF2 iterations to 10000
+
+### Fixed
+- Exceptions were logged including the stack trace, now only the localized message is logged
+
 ## [0.2.0] - 2018-05-13
 
 ### Changed

src/main/java/com/cryptoexamples/java/ExampleAsymmetricStringEncryptionInOneMethod.java

@@ -49,7 +49,7 @@ public static void main(String[] args) {
 
       LOGGER.log(Level.INFO, () -> String.format("Decrypted and original plain text are the same: %b", decryptedCipherText.compareTo(plainText) == 0));
     } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | InvalidParameterException  e) {
-      LOGGER.log(Level.SEVERE, e.getMessage(), e);
+      LOGGER.log(Level.SEVERE, e.getLocalizedMessage());
     }
   }
 }

src/main/java/com/cryptoexamples/java/ExampleFileEncryptionInOneMethod.java

@@ -36,14 +36,14 @@ public static void main(String[] args) {
       String password = Base64.getEncoder().encodeToString(keyGen.generateKey().getEncoded());
 
       // GENERATE random salt
-      final byte[] salt = new byte[12];
+      final byte[] salt = new byte[32];
       SecureRandom random = SecureRandom.getInstanceStrong();
       random.nextBytes(salt);
 
       // DERIVE key (from password and salt)
       SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
       // Needs unlimited strength policy files http://www.oracle.com/technetwork/java/javase/downloads
-      KeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
+      KeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 10000, 256);
       SecretKey tmp = factory.generateSecret(keyspec);
       SecretKey key = new SecretKeySpec(tmp.getEncoded(), "AES");
 
@@ -98,7 +98,7 @@ public static void main(String[] args) {
             InvalidAlgorithmParameterException |
             InvalidKeySpecException |
             IOException e) {
-      LOGGER.log(Level.SEVERE, e.getMessage(), e);
+      LOGGER.log(Level.SEVERE, e.getLocalizedMessage());
     }
   }
 

src/main/java/com/cryptoexamples/java/ExampleHashInOneMethod.java

@@ -32,7 +32,7 @@ public static void main(String[] args) {
 
       LOGGER.log(Level.INFO, hashString);
     } catch (NoSuchAlgorithmException e) {
-      LOGGER.log(Level.SEVERE, e.getLocalizedMessage(), e);
+      LOGGER.log(Level.SEVERE, e.getLocalizedMessage());
     }
   }
 }

src/main/java/com/cryptoexamples/java/ExampleSignatureInOneMethod.java

@@ -47,7 +47,7 @@ public static void main(String[] args) {
       boolean isSignatureCorrect = signature.verify(Base64.getDecoder().decode(signatureForPlainTextString));
       LOGGER.log(Level.INFO, () -> String.format("Signature is correct: %b", isSignatureCorrect));
     } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
-      LOGGER.log(Level.SEVERE, e.getLocalizedMessage(), e);
+      LOGGER.log(Level.SEVERE, e.getLocalizedMessage());
     }
   }
 }

src/main/java/com/cryptoexamples/java/ExampleStringEncryptionKeyBasedInOneMethod.java

@@ -59,7 +59,7 @@ public static void main(String[] args) {
 
       LOGGER.log(Level.INFO, () -> String.format("Decrypted and original plain text are the same: %b", decryptedCipherText.compareTo(plainText) == 0));
     } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | InvalidParameterException | InvalidAlgorithmParameterException e) {
-      LOGGER.log(Level.SEVERE, e.getMessage(), e);
+      LOGGER.log(Level.SEVERE, e.getLocalizedMessage());
     }
   }
 }

src/main/java/com/cryptoexamples/java/ExampleStringEncryptionPasswordBasedInOneMethod.java

@@ -50,7 +50,7 @@ public static void main(String[] args) {
 
       // DERIVE key (from password and salt)
       SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
-      KeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
+      KeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 10000, 256);
       SecretKey tmp = factory.generateSecret(keyspec);
       SecretKey key = new SecretKeySpec(tmp.getEncoded(), "AES");
 
@@ -74,7 +74,7 @@ public static void main(String[] args) {
 
       LOGGER.log(Level.INFO, () -> String.format("Decrypted and original plain text are the same: %b", decryptedCipherText.compareTo(plainText) == 0));
     } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | InvalidParameterException | InvalidAlgorithmParameterException | InvalidKeySpecException e) {
-      LOGGER.log(Level.SEVERE, e.getMessage(), e);
+      LOGGER.log(Level.SEVERE, e.getLocalizedMessage());
     }
   }