• Home
• org.apache.nifi.registry
• nifi-registry-security-utils
• 0.3.0
• source code
• CryptoUtils.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.nifi.registry.security.util.CryptoUtils Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.nifi.registry.security.util;

import javax.crypto.Cipher;
import java.security.NoSuchAlgorithmException;

public class CryptoUtils {

    /**
     *  Required Cipher transformations according to Java SE 8 {@link Cipher} docs
     */
    private static final String[] standardCryptoTransformations = {
        "AES/CBC/NoPadding",
        "AES/CBC/PKCS5Padding",
        "AES/ECB/NoPadding",
        "AES/ECB/PKCS5Padding",
        "DES/CBC/NoPadding",
        "DES/CBC/PKCS5Padding",
        "DES/ECB/NoPadding",
        "DES/ECB/PKCS5Padding",
        "DESede/CBC/NoPadding",
        "DESede/CBC/PKCS5Padding",
        "DESede/ECB/NoPadding",
        "DESede/ECB/PKCS5Padding",
        "RSA/ECB/PKCS1Padding",
        "RSA/ECB/OAEPWithSHA-1AndMGF1Padding",
        "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"
    };

    /**
     * Check if cryptographic strength available in this Java Runtime is restricted.
     *
     * Not every Java Platform supports "unlimited strength encryption",
     * so this convenience method provides a way to check if strength of crypto
     * functions (i.e., max key length) is unlimited or restricted in the
     * current Java runtime environment.
     *
     * @return true if it can be determined that max key lengths are less than unlimited
     *         false if key lengths are restricted
     *         null if max key length cannot be determined for any known Cipher transformations */
    public static Boolean isCryptoRestricted() {

        Boolean isCryptoRestricted = null;

        for (String transformation : standardCryptoTransformations) {
            try {
                return Cipher.getMaxAllowedKeyLength(transformation) < Integer.MAX_VALUE;
            } catch (final NoSuchAlgorithmException e) {
                // Unexpected as we are pulling from a list of transforms that every
                // java platform is required to support, but try the next one
            }
        }

        // Tried every standard Cipher transformation and none were available,
        // so crypto strength restrictions cannot be determined.
        return null;

    }

}