diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-24 17:13:31 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-24 17:13:31 +0200 |
| commit | cfb70f755c45a2cad582e8030b1542add9949efb (patch) | |
| tree | 039123854ab630f81dd2387d0f7636056e9e304a /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java | |
| parent | 71da4a9bc7e2ff79b2fb4cf8903d15fd75372859 (diff) | |
| download | moa-id-spss-cfb70f755c45a2cad582e8030b1542add9949efb.tar.gz moa-id-spss-cfb70f755c45a2cad582e8030b1542add9949efb.tar.bz2 moa-id-spss-cfb70f755c45a2cad582e8030b1542add9949efb.zip | |
- SSO finalized
- SSO Session is not closed if a new single authentication operation is started
- PVP2 Configuration from Database (but without Metadata) --> TODO: change MetaDataProvider
- Add additional UserFrame in case of SSO
- MOASession encryption
TODO: MetaDataProvider, IdentityLink resign, SSO with Mandates, Legacy Template generation
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java new file mode 100644 index 000000000..4ae4e5c44 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java @@ -0,0 +1,82 @@ +package at.gv.egovernment.moa.id.util; + +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; + +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.logging.Logger; + +public class SessionEncrytionUtil { + + static SecretKey secret = null; + + static { + try { + String key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey(); + + if (key != null) { + SecretKeyFactory factory; + + factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); + KeySpec spec = new PBEKeySpec(key.toCharArray(), "TestSALT".getBytes(), 1024, 128); + SecretKey tmp = factory.generateSecret(spec); + secret = new SecretKeySpec(tmp.getEncoded(), "AES"); + + } else { + Logger.warn("MOASession encryption is deaktivated."); + } + + } catch (Exception e) { + Logger.warn("MOASession encryption can not be inizialized.", e); + } + + } + + public static byte[] encrypt(byte[] data) throws BuildException { + Cipher cipher; + + if (secret != null) { + try { + cipher = Cipher.getInstance("AES/ECB/"+"ISO10126Padding"); + cipher.init(Cipher.ENCRYPT_MODE, secret); + + Logger.debug("Encrypt MOASession"); + return cipher.doFinal(data); + + } catch (Exception e) { + Logger.warn("MOASession is not encrypted",e); + throw new BuildException("MOASession is not encrypted", new Object[]{}, e); + } + } else + return data; + } + + public static byte[] decrypt(byte[] data) throws BuildException { + Cipher cipher; + + if (secret != null) { + try { + cipher = Cipher.getInstance("AES/ECB/"+"ISO10126Padding"); + cipher.init(Cipher.DECRYPT_MODE, secret); + + Logger.debug("Decrypt MOASession"); + return cipher.doFinal(data); + + } catch (Exception e) { + Logger.warn("MOASession is not decrypted",e); + throw new BuildException("MOASession is not decrypted", new Object[]{}, e); + } + } else + return data; + } +} |