• Home
• network.oxalis
• oxalis-statistics
• 7.0.0-RC1
• source code
• OxalisCipherConverter.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

network.oxalis.statistics.security.OxalisCipherConverter Maven / Gradle / Ivy

/*
 * Copyright 2010-2018 Norwegian Agency for Public Management and eGovernment (Difi)
 *
 * Licensed under the EUPL, Version 1.1 or – as soon they
 * will be approved by the European Commission - subsequent
 * versions of the EUPL (the "Licence");
 *
 * You may not use this work except in compliance with the Licence.
 *
 * You may obtain a copy of the Licence at:
 *
 * https://joinup.ec.europa.eu/community/eupl/og_page/eupl
 *
 * Unless required by applicable law or agreed to in
 * writing, software distributed under the Licence is
 * distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied.
 * See the Licence for the specific language governing
 * permissions and limitations under the Licence.
 */

package network.oxalis.statistics.security;

import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;

import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;

/**
 * @author steinar
 *         Date: 14.05.13
 *         Time: 09:57
 */
public class OxalisCipherConverter {

    /**
     * Creates an instance of OxalisCipher:
     * 

     * 
Decodes the supplied hex string representation of a wrapped key into an array of bytes representation
     * 
Creates a cipher, which is initialized with a private key
     * 
Unwraps (decrypts) the secret key represented by an array of bytes into a SecretKey
     * 
Creates an OxalisCipher using the unwrapped SecretKey
     * 
     */
    public OxalisCipher createCipherFromWrappedHexKey(String wrappedSymmetricKeyAsHexString, PrivateKey privateKey) {

        // 1) Decodes the hex string representation of a wrapped key
        byte[] encodedBytes = encodedBytesFromHexString(wrappedSymmetricKeyAsHexString);

        try {
            // 2) Creates the Cipher using supplied private key
            Cipher cipher = Cipher.getInstance(StatisticsKeyTool.ASYMMETRIC_KEY_ALGORITHM);
            cipher.init(Cipher.UNWRAP_MODE, privateKey);

            // 3) Unwraps (decrypts) the secret key using our private key
            SecretKey secretKey = (SecretKey) cipher.unwrap(encodedBytes, OxalisCipher.SYMMETRIC_KEY_ALGORITHM, Cipher.SECRET_KEY);

            // 4) creates the Oxalis cipher
            OxalisCipher oxalisCipher = new OxalisCipher(secretKey);
            return oxalisCipher;

        } catch (NoSuchAlgorithmException e) {
            throw new UnwrapSymmetricKeyException(wrappedSymmetricKeyAsHexString, e);
        } catch (NoSuchPaddingException e) {
            throw new UnwrapSymmetricKeyException(wrappedSymmetricKeyAsHexString, e);
        } catch (InvalidKeyException e) {
            throw new UnwrapSymmetricKeyException(wrappedSymmetricKeyAsHexString, e);
        }
    }

    /**
     * Encrypts the secret key (symmetric key) held inside the OxalisCipher instance using the supplied PublicKey, after
     * which the resulting wrapped secret key is transformed into a hex string suitable for transmission, persistence etc.
     *
     * @param publicKey    the public asymmetric key to use for encrypting the secret symmetric key
     * @param oxalisCipher the instance of OxalisCipher in which the secret symmetric key is held.
     * @return
     */
    public String getWrappedSymmetricKeyAsString(PublicKey publicKey, OxalisCipher oxalisCipher) {

        try {
            Cipher cipher = Cipher.getInstance(StatisticsKeyTool.ASYMMETRIC_KEY_ALGORITHM);
            cipher.init(Cipher.WRAP_MODE, publicKey);
            SecretKey secretKey = oxalisCipher.getSecretKey();
            byte[] encodedBytes = cipher.wrap(secretKey);

            return new String(Hex.encodeHex(encodedBytes));

        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("Unable to create cipher with algorithm: " + StatisticsKeyTool.ASYMMETRIC_KEY_ALGORITHM, e);
        } catch (NoSuchPaddingException e) {
            throw new IllegalStateException("Unable to create cipher with default padding for algorithm " + StatisticsKeyTool.ASYMMETRIC_KEY_ALGORITHM, e);
        } catch (InvalidKeyException e) {
            throw new IllegalStateException("The public key is invalid " + e.getMessage(), e);
        } catch (IllegalBlockSizeException e) {
            throw new IllegalStateException("Error during encryption of symmetric key: " + e.getMessage(), e);
        }
    }


    private byte[] encodedBytesFromHexString(String wrappedSymmetricKeyAsHexString) {
        byte[] encodedBytes;

        try {
            encodedBytes = Hex.decodeHex(wrappedSymmetricKeyAsHexString.toCharArray());
        } catch (DecoderException e) {
            throw new IllegalArgumentException("Unable to decode hex string " + wrappedSymmetricKeyAsHexString + "; " + e.getMessage(), e);
        }
        return encodedBytes;
    }
}