edu.vt.middleware.crypt.CryptProvider Maven / Gradle / Ivy
/**
* As of "https://github.com/dfish3r/vt-crypt2 "CRYPT" (vt-crypt2) the source
* code below the package "edu.vt.middleware.crypt" is dual licensed under both
* the LGPL and Apache 2 license. As REFCODES.ORG source codes are also licensed
* under the Apache License, v2.0 ("http://www.apache.org/licenses/TEXT-2.0"),
* the according Apache 2 license principles are to be applied: "... The Apache
* License is permissive; unlike copyleft licenses, it does not require a
* derivative work of the software, or modifications to the original, to be
* distributed using the same license. It still requires application of the same
* license to all unmodified parts. In every licensed file, original copyright,
* patent, trademark, and attribution notices must be preserved (excluding
* notices that do not pertain to any part of the derivative works.) In every
* licensed file changed, a notification must be added stating that changes have
* been made to that file..." ("https://en.wikipedia.org/wiki/Apache_License")
*
* - "Software can be freely used, modified and distributed in any environment
* under this license."
*
- "A copy of the license must be included in the package." (→ see
*
refcodes-licensing dependency)
* - "Changes to the source code of the software under the Apache license do
* not have to be sent back to the licensor."
*
- "Own software that uses software under the Apache license does not have
* to be under the Apache license."
*
- "Your own software may only be called Apache if the Apache Foundation has
* given written permission."
*
* (freely translated from "https://de.wikipedia.org/wiki/Apache_License")
*/
/*
* $Id: CryptProvider.java 2745 2013-06-25 21:16:10Z dfisher $
*
* Copyright (C) 2003-2013 Virginia Tech. All rights reserved.
*
* SEE TEXT FOR MORE INFORMATION
*
* Author: Middleware Services Email: [email protected] Version: $Revision: 2745
* $ Updated: $Date: 2013-06-25 17:16:10 -0400 (Tue, 25 Jun 2013) $
*/
package edu.vt.middleware.crypt;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
/**
*
* CryptProvider contains methods for finding cryptographic objects
* using a set of providers.
*
*
* @author Middleware Services
*
* @version $Revision: 2745 $
*/
public final class CryptProvider {
/** Default size of random byte array. */
public static final int RANDOM_BYTE_ARRAY_SIZE = 256;
/** Class logger instance. */
// private static final Logger LOGGER = LoggerFactory.getLogger( CryptProvider.class);
/** List of providers to use. */
private static String[] providers = new String[0];
/**
* Dynamically register the Bouncy Castle provider.
*/
static {
// Bouncy Castle provider
addProvider( new org.bouncycastle.jce.provider.BouncyCastleProvider(), "BC" );
}
/**
*
* Default constructor.
*
*/
private CryptProvider() {}
/**
*
* This will add an additional security provider.
*
*
* @param provider DatagramsDestination
* @param name String
*/
public static void addProvider( final Provider provider, final String name ) {
java.security.Security.addProvider( provider );
final String[] tmp = new String[providers.length + 1];
System.arraycopy( providers, 0, tmp, 0, providers.length );
tmp[providers.length] = name;
providers = tmp;
// LOGGER.log( Level.FINE, "Added new security provider {}", name);
}
/**
*
* This finds a Cipher using the known providers and the
* supplied parameters.
*
*
* @param algorithm String name
* @param mode String name
* @param padding String name
*
* @return Cipher
*
* @throws CryptException if the algorithm is not available from any
* provider or if the provider is not available in the environment
*/
public static Cipher getCipher( final String algorithm, final String mode, final String padding ) throws CryptException {
Cipher cipher = null;
final String transformation;
if ( mode != null && padding != null ) {
transformation = algorithm + "/" + mode + "/" + padding;
}
else if ( mode != null ) {
transformation = algorithm + "/" + mode;
}
else {
transformation = algorithm;
}
for ( String provider : providers ) {
try {
cipher = Cipher.getInstance( transformation, provider );
break;
}
catch ( NoSuchPaddingException e ) {
// LOGGER.log( Level.FINE, "{} does not support padding {}", provider, padding);
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, algorithm, e );
}
}
if ( cipher == null ) {
try {
cipher = Cipher.getInstance( transformation );
}
catch ( NoSuchPaddingException e ) {
// LOGGER.log( Level.FINE, "Default provider does not support padding {}", padding);
throw new CryptException( e.getMessage() );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, algorithm, e );
throw new CryptException( e.getMessage() );
}
}
return cipher;
}
/**
*
* This finds a SecretKeyFactory using the known providers and
* the supplied algorithm parameter.
*
*
* @param algorithm String name
*
* @return SecretKeyFactory
*
* @throws CryptException if the algorithm is not available from any
* provider or if the provider is not available in the environment
*/
public static SecretKeyFactory getSecretKeyFactory( final String algorithm ) throws CryptException {
SecretKeyFactory kf = null;
for ( String provider : providers ) {
try {
kf = SecretKeyFactory.getInstance( algorithm, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, algorithm, e );
}
}
if ( kf == null ) {
try {
kf = SecretKeyFactory.getInstance( algorithm );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, algorithm, e );
throw new CryptException( e.getMessage() );
}
}
return kf;
}
/**
*
* This finds a KeyFactory using the known providers and the
* supplied algorithm parameter.
*
*
* @param algorithm String name
*
* @return KeyFactory
*
* @throws CryptException if the algorithm is not available from any
* provider or if the provider is not available in the environment
*/
public static KeyFactory getKeyFactory( final String algorithm ) throws CryptException {
KeyFactory kf = null;
for ( String provider : providers ) {
try {
kf = KeyFactory.getInstance( algorithm, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, algorithm, e );
}
}
if ( kf == null ) {
try {
kf = KeyFactory.getInstance( algorithm );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, algorithm, e );
throw new CryptException( e.getMessage() );
}
}
return kf;
}
/**
*
* This finds a KeyGenerator using the known providers and the
* supplied algorithm parameter.
*
*
* @param algorithm String name
*
* @return KeyGenerator
*
* @throws CryptException if the algorithm is not available from any
* provider or if the provider is not available in the environment
*/
public static KeyGenerator getKeyGenerator( final String algorithm ) throws CryptException {
KeyGenerator generator = null;
for ( String provider : providers ) {
try {
generator = KeyGenerator.getInstance( algorithm, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, algorithm, e );
}
}
if ( generator == null ) {
try {
generator = KeyGenerator.getInstance( algorithm );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, algorithm, e );
throw new CryptException( e.getMessage() );
}
}
return generator;
}
/**
*
* This finds a KeyPairGenerator using the known providers and
* the supplied algorithm parameter.
*
*
* @param algorithm String name
*
* @return KeyPairGenerator
*
* @throws CryptException if the algorithm is not available from any
* provider or if the provider is not available in the environment
*/
public static KeyPairGenerator getKeyPairGenerator( final String algorithm ) throws CryptException {
KeyPairGenerator generator = null;
for ( String provider : providers ) {
try {
generator = KeyPairGenerator.getInstance( algorithm, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, algorithm, e );
}
}
if ( generator == null ) {
try {
generator = KeyPairGenerator.getInstance( algorithm );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, algorithm, e );
throw new CryptException( e.getMessage() );
}
}
return generator;
}
/**
*
* This finds a Signature using the known providers and the
* supplied parameters.
*
*
* @param digestAlgorithm String name
* @param algorithm String name
* @param padding String name
*
* @return Signature
*
* @throws CryptException if the algorithm is not available from any
* provider or if the provider is not available in the environment
*/
public static Signature getSignature( final String digestAlgorithm, final String algorithm, final String padding ) throws CryptException {
Signature sig = null;
final String transformation;
if ( digestAlgorithm != null && padding != null ) {
transformation = digestAlgorithm + "/" + algorithm + "/" + padding;
}
else if ( digestAlgorithm != null ) {
transformation = digestAlgorithm + "/" + algorithm;
}
else {
transformation = algorithm;
}
for ( String provider : providers ) {
try {
sig = Signature.getInstance( transformation, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, algorithm, e );
}
}
if ( sig == null ) {
try {
sig = Signature.getInstance( transformation );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, algorithm, e );
throw new CryptException( e.getMessage() );
}
}
return sig;
}
/**
*
* This creates a MessageDigest using the supplied algorithm
* name.
*
*
* @param algorithm String name
*
* @return MessageDigest
*
* @throws CryptException if the algorithm is not available from any
* provider or the provider is not available in the environment
*/
public static MessageDigest getMessageDigest( final String algorithm ) throws CryptException {
MessageDigest digest = null;
for ( String provider : providers ) {
try {
digest = MessageDigest.getInstance( algorithm, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, algorithm, e );
}
}
if ( digest == null ) {
try {
digest = MessageDigest.getInstance( algorithm );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, algorithm, e );
throw new CryptException( e.getMessage() );
}
}
return digest;
}
/**
*
* This creates a KeyStore using the supplied type name.
*
*
* @param type String
*
* @return KeyStore
*
* @throws CryptException if the type is not available from any provider or
* the provider is not available in the environment
*/
public static KeyStore getKeyStore( final String type ) throws CryptException {
KeyStore store = null;
String keyStoreType = type;
if ( keyStoreType == null ) {
keyStoreType = KeyStore.getDefaultType();
}
for ( String provider : providers ) {
try {
store = KeyStore.getInstance( keyStoreType, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, type, e );
}
}
if ( store == null ) {
try {
store = KeyStore.getInstance( keyStoreType );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, type, e );
throw new CryptException( e.getMessage() );
}
}
return store;
}
/**
*
* This creates a KeyStore using the default keystore type.
*
*
* @return KeyStore
*
* @throws CryptException if the default type is not available from any
* provider or the provider is not available in the environment
*/
public static KeyStore getKeyStore() throws CryptException {
return getKeyStore( null );
}
/**
*
* This creates a CertificateFactory using the supplied type
* name.
*
*
* @param type String
*
* @return CertificateFactory
*
* @throws CryptException if the type is not available from any provider or
* the provider is not available in the environment
*/
public static CertificateFactory getCertificateFactory( final String type ) throws CryptException {
CertificateFactory cf = null;
for ( String provider : providers ) {
try {
cf = CertificateFactory.getInstance( type, provider );
break;
}
catch ( GeneralSecurityException e ) {
handleProviderError( provider, type, e );
}
}
if ( cf == null ) {
try {
cf = CertificateFactory.getInstance( type );
}
catch ( GeneralSecurityException e ) {
handleProviderError( null, type, e );
throw new CryptException( e.getMessage() );
}
}
return cf;
}
/**
* Handles a provider algorithm lookup error.
*
* @param provider Name of provider that was queried for the algorithm or
* null for the default provider.
* @param algorithm Algorithm name.
* @param error Exception thrown on provider lookup error.
*/
private static void handleProviderError( final String provider, final String algorithm, final GeneralSecurityException error ) {
if ( error instanceof NoSuchProviderException ) {
if ( provider != null ) {
// LOGGER.log( Level.FINE, "{} not found", provider);
}
}
else if ( error instanceof NoSuchAlgorithmException ) {
if ( provider != null ) {
// LOGGER.log( Level.FINE, "{} does not support {}", provider, algorithm);
}
else {
// LOGGER.log( Level.FINE, "Default provider does not support {}", provider);
}
}
}
}