• Home
• no.difi.oxalis
• oxalis-statistics
• 4.0.0-RC2
• source code
• OxalisCipher.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

no.difi.oxalis.statistics.security.OxalisCipher Maven / Gradle / Ivy

/*
 * Copyright 2010-2017 Norwegian Agency for Public Management and eGovernment (Difi)
 *
 * Licensed under the EUPL, Version 1.1 or – as soon they
 * will be approved by the European Commission - subsequent
 * versions of the EUPL (the "Licence");
 *
 * You may not use this work except in compliance with the Licence.
 *
 * You may obtain a copy of the Licence at:
 *
 * https://joinup.ec.europa.eu/community/eupl/og_page/eupl
 *
 * Unless required by applicable law or agreed to in
 * writing, software distributed under the Licence is
 * distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied.
 * See the Licence for the specific language governing
 * permissions and limitations under the Licence.
 */

package no.difi.oxalis.statistics.security;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.crypto.*;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

/**
 * Oxalis' cipher implementation. Encapsulates information required for encryption and decryption of data using
 * a symmetric key.
 *
 * @author steinar
 *         Date: 06.05.13
 *         Time: 21:22
 */
public class OxalisCipher {

    // Advanced Encryption Standard (AES) with Electronic Cookbook Mode (ECB) block mode and PKCS5 Padding
    // FIXME: Determine why specifying AES/ECB/PKCS5Padding fails when compiling with maven
    public static final String SYMMETRIC_KEY_ALGORITHM = "AES";

    /**
     * Name of our encrypted (wrapped) symmetric key. Typically used in HTTP headers, name and value pairs, etc.
     */
    public static final String WRAPPED_SYMMETRIC_KEY_HEADER_NAME = "PEPPOL-wrapped-key";

    public static final Logger log = LoggerFactory.getLogger(OxalisCipher.class);

    private SecretKey secretKey;

    public OxalisCipher() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(SYMMETRIC_KEY_ALGORITHM);
            secretKey = keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("Unable to create symmetric key for " + SYMMETRIC_KEY_ALGORITHM + e, e);
        }
    }

    public OxalisCipher(SecretKey secretKey) {
        this.secretKey = secretKey;
    }


    /**
     * Wraps the supplied OutputStream in a encrypted cipher stream, i.e. every plain text byte written
     * into the new OutputStream is encrypted using our SecretKey.
     *
     * @param outputStream the plaint text output stream to encrypted
     * @return a new OutputStream which will encrypt every byte written to it.
     * @see #decryptStream(java.io.InputStream)
     */
    public OutputStream encryptStream(OutputStream outputStream) {
        Cipher cipher = createCipher(Cipher.ENCRYPT_MODE);
        return new CipherOutputStream(outputStream, cipher);
    }

    /**
     * Wraps the supplied InputStream in a decrypted cipher stream, i.e. every encrypted byte read from
     * the new InputStream reads is decrypted using our SecretKey.
     *
     * @param inputStream the encrypted input stream
     * @return new InputStream which will decrypt every byte read from it.
     */
    public InputStream decryptStream(InputStream inputStream) {

        Cipher cipher = createCipher(Cipher.DECRYPT_MODE);
        return new CipherInputStream(inputStream, cipher);
    }


    Cipher createCipher(int encryptMode) {
        if (secretKey == null) {
            throw new IllegalStateException("No symmetric secret key available");
        }

        Cipher cipher = null;
        try {
            cipher = Cipher.getInstance(SYMMETRIC_KEY_ALGORITHM);
            cipher.init(encryptMode, secretKey);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("Unable to create cipher for algorithm " + SYMMETRIC_KEY_ALGORITHM, e);
        } catch (NoSuchPaddingException e) {
            throw new IllegalStateException("Default padding does not work with algorithm " + SYMMETRIC_KEY_ALGORITHM, e);
        } catch (InvalidKeyException e) {
            throw new IllegalStateException("Invalid " + SYMMETRIC_KEY_ALGORITHM + " key");
        }
        return cipher;
    }


    public SecretKey getSecretKey() {
        return secretKey;
    }

    byte[] encrypt(byte[] bytes) throws BadPaddingException, IllegalBlockSizeException {
        Cipher cipher = createCipher(Cipher.ENCRYPT_MODE);
        return cipher.doFinal(bytes);
    }

    byte[] decrypt(byte[] encryptedBytes) throws BadPaddingException, IllegalBlockSizeException {
        Cipher cipher = createCipher(Cipher.DECRYPT_MODE);
        return cipher.doFinal(encryptedBytes);
    }
}