diff options
author | Alexander Marsalek <amarsalek@iaik.tugraz.at> | 2014-06-04 18:50:50 +0200 |
---|---|---|
committer | Alexander Marsalek <amarsalek@iaik.tugraz.at> | 2014-06-04 18:56:07 +0200 |
commit | f81b3716ac27094ab1845668cb38a1fe6a2d5f8c (patch) | |
tree | 933cd9ae96e6c7c01b78aea37b904b31419b1b0f /DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java | |
parent | 31c8bad4214bfee45eef0ca98faf3f6f32fe5b23 (diff) | |
download | moa-id-spss-f81b3716ac27094ab1845668cb38a1fe6a2d5f8c.tar.gz moa-id-spss-f81b3716ac27094ab1845668cb38a1fe6a2d5f8c.tar.bz2 moa-id-spss-f81b3716ac27094ab1845668cb38a1fe6a2d5f8c.zip |
added DocumentService
Diffstat (limited to 'DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java')
-rw-r--r-- | DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java b/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java new file mode 100644 index 000000000..1c55e59e3 --- /dev/null +++ b/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java @@ -0,0 +1,182 @@ +package eu.stork.documentservice.utils; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; +import java.security.AlgorithmParameters; +import java.security.PublicKey; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; + +import javax.crypto.*; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; + +import com.sun.org.apache.xml.internal.security.utils.Base64; + +import eu.stork.documentservice.exceptions.EncryptionException; + +public class EncryptionHelper { + + private static String key; + private static String iv; + private static Cipher cipher; + + public EncryptionHelper() throws EncryptionException + { + this.generateKeys(); + } + + public EncryptionHelper(String inKey, String inIv) throws EncryptionException + { + this.initKeys(inKey, inIv); + } + + /** + * Generate new symmetric keys + * @throws EncryptionException + */ + public void generateKeys() throws EncryptionException + { + try + { + KeyGenerator keyGen = KeyGenerator.getInstance("AES"); + keyGen.init(256); + SecretKey secretKey = keyGen.generateKey(); + cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + cipher.init(Cipher.ENCRYPT_MODE, secretKey); + AlgorithmParameters params = cipher.getParameters(); + key = Base64.encode(secretKey.getEncoded()); + iv = Base64.encode(params.getParameterSpec(IvParameterSpec.class).getIV()); + } + catch (Exception e) + { + e.printStackTrace(); + throw new EncryptionException("Unable to generate encryption key.", e); + } + } + + /** + * Initialize keys with specified keys + * @param inKey the key to use + * @param inIv the IV to use + * @throws EncryptionException the exception thrown + */ + public void initKeys(String inKey, String inIv) throws EncryptionException + { + try + { + key = inKey; + iv = inIv; + SecretKeySpec skeySpec = new SecretKeySpec(Base64.decode(inKey), "AES"); + cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(Base64.decode(inIv))); + } + catch (Exception e) + { + e.printStackTrace(); + throw new EncryptionException("Unable to initialize encryption key.", e); + } + } + + /** + * Encrypt data with key + * @param clearData the clear data + * @return the encrypted data + * @throws EncryptionException the exception thrown + */ + public byte[] encrypt(byte[] clearData) throws EncryptionException + { + if (clearData != null) + { + try + { + return cipher.doFinal(clearData); + } + catch (Exception ex) + { + throw new EncryptionException("Could not decrypt data.", ex); + } + } + else + throw new EncryptionException("Clear data is null."); + } + + /** + * Decrypt data with keys + * @param encData the encrypted data + * @return decrypted data + * @throws EncryptionException the exception thrown + */ + public byte[] decrypt(byte[] encData) throws EncryptionException + { + if (encData != null) + { + try + { + return cipher.doFinal(encData); + } + catch (Exception ex) + { + throw new EncryptionException("Could not encrypt data.", ex); + } + } + else + throw new EncryptionException("Encrypted data is null."); + } + + /** + * Get the key string + * @return the key + */ + public String getKey() + { + return key; + } + + /** + * Get the IV string + * @return the iv + */ + public String getIv() + { + return iv; + } + + /** + * Encrypt string with certificate + * @param certString the PEM formated certificate + * @param input the string to encrypt + * @return encrypted string + * @throws EncryptionException the exception thrown + */ + public String encryptWithCert(String certString, String input) throws EncryptionException + { + if (certString != null && !certString.isEmpty()) + { + if (input != null && !input.isEmpty()) + { + try { + certString = certString.replace("-----BEGIN CERTIFICATE-----", ""); + certString = certString.replace("-----END CERTIFICATE-----", ""); + InputStream inStream = new ByteArrayInputStream(Base64.decode(certString)); + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream); + PublicKey pk = cert.getPublicKey(); + Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); + rsaCipher.init(Cipher.ENCRYPT_MODE, pk); + byte[] encrypted = rsaCipher.doFinal(input.getBytes("UTF-8")); + return Base64.encode(encrypted); + } + catch (Exception e) { + e.printStackTrace(); + throw new EncryptionException("Unabled to encrypt string.", e); + } + } + else + throw new EncryptionException("Input is null or empty."); + } + else + throw new EncryptionException("Certificate is null or empty."); + } + +} |