org.opendaylight.aaa.encrypt.impl.AAAEncryptionServiceImpl Maven / Gradle / Ivy
/*
* Copyright (c) 2016, 2017 Cisco Systems, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
package org.opendaylight.aaa.encrypt.impl;
import static com.google.common.base.Verify.verifyNotNull;
import static java.util.Objects.requireNonNull;
import java.security.GeneralSecurityException;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.yang.gen.v1.config.aaa.authn.encrypt.service.config.rev160915.EncryptServiceConfig;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Provides a basic encryption service implementation with configuration knobs.
*
* @author - Sharon Aicler ([email protected])
*/
@Deprecated
@Component(factory = AAAEncryptionServiceImpl.FACTORY_NAME)
public final class AAAEncryptionServiceImpl implements AAAEncryptionService {
static final String FACTORY_NAME = "org.opendaylight.aaa.encrypt.impl.AAAEncryptionServiceImpl";
private static final Logger LOG = LoggerFactory.getLogger(AAAEncryptionServiceImpl.class);
private static final String CONFIG_PROP = ".config";
private final SecretKey key;
private final Cipher encryptCipher;
private final Cipher decryptCipher;
public AAAEncryptionServiceImpl(final EncryptServiceConfig configuration) {
final byte[] encryptionKeySalt = configuration.requireEncryptSalt();
final IvParameterSpec ivSpec;
try {
final var keyFactory = SecretKeyFactory.getInstance(configuration.getEncryptMethod());
final var spec = new PBEKeySpec(configuration.requireEncryptKey().toCharArray(), encryptionKeySalt,
configuration.getEncryptIterationCount(), configuration.getEncryptKeyLength());
key = new SecretKeySpec(keyFactory.generateSecret(spec).getEncoded(), configuration.getEncryptType());
ivSpec = new IvParameterSpec(encryptionKeySalt);
} catch (GeneralSecurityException e) {
throw new IllegalStateException("Failed to initialize secret key", e);
}
try {
final var cipher = Cipher.getInstance(configuration.getCipherTransforms());
cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
encryptCipher = cipher;
} catch (GeneralSecurityException e) {
throw new IllegalStateException("Failed to create encrypt cipher.", e);
}
try {
final var cipher = Cipher.getInstance(configuration.getCipherTransforms());
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
decryptCipher = cipher;
} catch (GeneralSecurityException e) {
throw new IllegalStateException("Failed to create decrypt cipher.", e);
}
LOG.info("AAAEncryptionService activated");
}
@Activate
public AAAEncryptionServiceImpl(final Map properties) {
this((EncryptServiceConfig) verifyNotNull(properties.get(CONFIG_PROP)));
}
static Map props(final EncryptServiceConfig configuration) {
return Map.of(CONFIG_PROP, requireNonNull(configuration));
}
@Deactivate
@SuppressWarnings("static-method")
void deactivate() {
LOG.info("AAAEncryptionService deactivated");
}
@Override
public byte[] encrypt(final byte[] data) throws BadPaddingException, IllegalBlockSizeException {
synchronized (encryptCipher) {
return encryptCipher.doFinal(requireNonNull(data));
}
}
@Override
public byte[] decrypt(final byte[] encryptedData) throws BadPaddingException, IllegalBlockSizeException {
return decryptCipher.doFinal(requireNonNull(encryptedData));
}
}