org.nervousync.security.crypto.AsymmetricCryptoAdapter Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of utils-jdk11 Show documentation
Show all versions of utils-jdk11 Show documentation
Java utility collections, development by Nervousync Studio (NSYC)
/*
* Licensed to the Nervousync Studio (NSYC) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.nervousync.security.crypto;
import org.nervousync.commons.Globals;
import org.nervousync.security.config.CipherConfig;
import org.nervousync.enumerations.crypto.CryptoMode;
import org.nervousync.exceptions.crypto.CryptoException;
import org.nervousync.utils.SecurityUtils;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import java.nio.ByteBuffer;
import java.security.*;
import java.util.Arrays;
/**
* Abstract asymmetric crypto adapter class
* 非对称加密解密适配器的抽象类
*
* @author Steven Wee [email protected]
* @version $Revision: 1.0.0 $ $Date: Jan 13, 2012 12:27:33 $
*/
public abstract class AsymmetricCryptoAdapter extends BaseCryptoAdapter {
/**
* Asymmetric crypto key instance
* 非对称算法密钥实例对象
*/
private final Key key;
/**
* Cipher block length
* 加密块长度
*/
private final int blockLength;
/**
* Cipher block size
* 块数据大小
*/
private final int blockSize;
/**
* Data append buffer
* 数据填充缓冲器
*/
private byte[] appendBuffer;
/**
* Result data bytes
* 结果数据二进制数组
*/
private byte[] dataBytes;
/**
* Signature instance
* 签名实例对象
*/
protected Signature signature;
/**
* Constructor for AsymmetricCryptoAdapter
* 非对称加密解密适配器的抽象类的构造方法
*
* @param cipherConfig Cipher configure
* 密码设置
* @param cryptoMode Crypto mode
* 加密解密模式
* @param cipherKey Crypto key
* 加密解密密钥
*
* @throws CryptoException
* If an error occurs when initialize cipher
* 当初始化加密解密实例对象时出现异常
*/
protected AsymmetricCryptoAdapter(final CipherConfig cipherConfig, final CryptoMode cryptoMode,
final CipherKey cipherKey, final int paddingLength) throws CryptoException {
super(cipherConfig, cryptoMode, cipherKey);
this.key = cipherKey.getKey();
this.blockLength = SecurityUtils.rsaKeySize(this.key) >> 3;
if (paddingLength > 0) {
this.blockSize = this.blockLength - paddingLength;
} else {
this.blockSize = this.blockLength;
}
this.appendBuffer = new byte[0];
this.dataBytes = new byte[0];
this.reset();
}
/**
* Append parts of given binary data array to current adapter
* 追加给定的二进制字节数组到当前适配器
*
* @param dataBytes binary data array
* 二进制字节数组
* @param position Data begin position
* 数据起始坐标
* @param length Length of data append
* 追加的数据长度
*
* @throws CryptoException
* If an error occurs when process data
* 当处理数据时出现异常
*/
@Override
public final void append(final byte[] dataBytes, final int position, final int length) throws CryptoException {
if (dataBytes.length < (position + length)) {
throw new CryptoException(0x000000150001L, "Length_Not_Enough_Crypto_Error");
}
switch (this.cryptoMode) {
case ENCRYPT:
case DECRYPT:
this.appendBuffer(dataBytes, position, length);
this.process();
break;
case SIGNATURE:
case VERIFY:
try {
this.signature.update(dataBytes);
} catch (SignatureException e) {
throw new CryptoException(0x000000150002L, "Append_Data_Crypto_Error", e);
}
break;
default:
throw new CryptoException(0x000000150003L, "Mode_Invalid_Crypto_Error");
}
}
/**
* Append parts of given binary data array to data append buffer
* 追加给定的二进制字节数组到当前数据追加缓冲器中
*
* @param dataBytes binary data array
* 二进制字节数组
* @param position Data begin position
* 数据起始坐标
* @param length Length of data append
* 追加的数据长度
*/
private void appendBuffer(final byte[] dataBytes, final int position, final int length) {
this.appendBuffer = ByteBuffer.allocate(this.appendBuffer.length + length)
.put(this.appendBuffer)
.put(dataBytes, position, length)
.array();
}
/**
* Process append buffer data
* 处理追加缓冲区中的数据
*
* @throws CryptoException
* If an error occurs when process data
* 当处理数据时出现异常
*/
private void process() throws CryptoException {
int blockLength = CryptoMode.ENCRYPT.equals(this.cryptoMode) ? this.blockSize : this.blockLength;
if (blockLength == Globals.DEFAULT_VALUE_INT || this.appendBuffer.length < blockLength) {
return;
}
int position = 0;
while (position + blockLength < this.appendBuffer.length) {
byte[] dataBytes = new byte[blockLength];
System.arraycopy(this.appendBuffer, position, dataBytes, Globals.INITIALIZE_INT_VALUE, blockLength);
try {
byte[] encBytes = this.cipher.doFinal(dataBytes);
this.dataBytes = concat(this.dataBytes, encBytes);
} catch (IllegalBlockSizeException | BadPaddingException e) {
throw new CryptoException(0x000000150004L, "Process_Data_Crypto_Error", e);
} finally {
this.reset();
}
position += blockLength;
}
int remainLength = this.appendBuffer.length - position;
this.appendBuffer = ByteBuffer.allocate(remainLength).put(this.appendBuffer, position, remainLength).array();
}
/**
* Concat binary data arrays
* 处理追加缓冲区中的数据
*
* @param dataBytes Original data bytes
* 原有字节数组
* @param concatBytes Concat data bytes
* 合并连接的字节数组
*
* @return Concat data bytes
* 合并连接后的字节数组
*/
private static byte[] concat(final byte[] dataBytes, final byte[] concatBytes) {
if (dataBytes == null || dataBytes.length == 0) {
return concatBytes;
}
if (concatBytes == null || concatBytes.length == 0) {
return dataBytes;
}
byte[] newBytes = Arrays.copyOf(dataBytes, dataBytes.length + concatBytes.length);
System.arraycopy(concatBytes, Globals.INITIALIZE_INT_VALUE, newBytes, dataBytes.length, concatBytes.length);
return newBytes;
}
/**
* Append parts of given binary data array to current adapter and calculate final result
* 追加给定的二进制字节数组到当前适配器并计算最终结果
*
* @param dataBytes binary data array
* 二进制字节数组
* @param position Data begin position
* 数据起始坐标
* @param length Length of data append
* 追加的数据长度
*
* @return Calculate result data byte array
* 计算的二进制字节数组结果
*
* @throws CryptoException
* If an error occurs when process data
* 当处理数据时出现异常
*/
@Override
public final byte[] finish(final byte[] dataBytes, final int position, final int length) throws CryptoException {
byte[] result;
switch (this.cryptoMode) {
case ENCRYPT:
case DECRYPT:
this.appendBuffer(dataBytes, position, length);
this.process();
if (this.appendBuffer.length > 0) {
byte[] finalBytes = new byte[this.appendBuffer.length];
System.arraycopy(this.appendBuffer, Globals.INITIALIZE_INT_VALUE, finalBytes,
Globals.INITIALIZE_INT_VALUE, this.appendBuffer.length);
try {
byte[] encBytes = this.cipher.doFinal(finalBytes);
result = concat(this.dataBytes, encBytes);
} catch (IllegalBlockSizeException | BadPaddingException e) {
throw new CryptoException(0x000000150004L, "Process_Data_Crypto_Error", e);
} finally {
this.reset();
this.appendBuffer = new byte[0];
}
} else {
result = this.dataBytes;
}
this.dataBytes = new byte[0];
break;
case SIGNATURE:
try {
this.signature.update(dataBytes);
result = this.signature.sign();
} catch (SignatureException e) {
throw new CryptoException(0x000000150005L, "Signature_Data_Crypto_Error", e);
} finally {
this.reset();
}
break;
case VERIFY:
throw new CryptoException(0x000000150006L, "Finish_Verify_Crypto_Error");
default:
throw new CryptoException(0x000000150003L, "Mode_Invalid_Crypto_Error");
}
return result;
}
/**
* Verify given signature data bytes is valid
* 验证给定的签名二进制数据是合法的
*
* @param signature signature data bytes
* 签名二进制数据
*
* @return Verify result
* 验证结果
*
* @throws CryptoException
* If an error occurs when process data
* 当处理数据时出现异常
*/
@Override
public final boolean verify(final byte[] signature) throws CryptoException {
if (!CryptoMode.VERIFY.equals(this.cryptoMode)) {
throw new CryptoException(0x000000150007L, "Verify_Method_Crypto_Error");
}
try {
boolean result = this.signature.verify(signature);
this.reset();
return result;
} catch (SignatureException e) {
throw new CryptoException(0x000000150008L, "Verify_Signature_Crypto_Error", e);
}
}
/**
* Reset current adapter
* 重置当前适配器
*
* @throws CryptoException
* If an error occurs when process data
* 当处理数据时出现异常
*/
@Override
public final void reset() throws CryptoException {
switch (this.cryptoMode) {
case ENCRYPT:
case DECRYPT:
this.cipher = this.initCipher();
break;
case SIGNATURE:
case VERIFY:
this.signature = this.initSignature();
break;
default:
throw new CryptoException(0x000000150003L, "Mode_Invalid_Crypto_Error");
}
}
/**
* Abstract method for initialize cipher instance
* 抽象方法用于初始化加密解密实例对象
*
* @return Initialized cipher instance
* 初始化的加密解密实例对象
*
* @throws CryptoException
* If an error occurs when initialize cipher
* 当初始化加密解密实例对象时出现异常
*/
@Override
protected Cipher initCipher() throws CryptoException {
switch (this.cryptoMode) {
case ENCRYPT:
case DECRYPT:
return super.generateCipher(this.key, Globals.INITIALIZE_INT_VALUE);
default:
throw new CryptoException(0x000000150003L, "Mode_Invalid_Crypto_Error");
}
}
/**
* Abstract method for initialize signature instance
* 抽象方法用于初始化签名实例对象
*
* @return Initialized signature instance
* 初始化的签名实例对象
*
* @throws CryptoException
* If an error occurs when initialize cipher
* 当初始化加密解密实例对象时出现异常
*/
private Signature initSignature() throws CryptoException {
try {
Signature signInstance = Signature.getInstance(this.cipherConfig.getAlgorithm());
switch (this.cryptoMode) {
case SIGNATURE:
signInstance.initSign((PrivateKey) this.key);
break;
case VERIFY:
signInstance.initVerify((PublicKey) this.key);
break;
default:
throw new CryptoException(0x000000150003L, "Mode_Invalid_Crypto_Error");
}
return signInstance;
} catch (NoSuchAlgorithmException | InvalidKeyException | ClassCastException e) {
throw new CryptoException(0x000000150009L, "Init_Signature_Crypto_Error", e);
}
}
}