aboutsummaryrefslogtreecommitdiff
path: root/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java
diff options
context:
space:
mode:
Diffstat (limited to 'DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java')
-rw-r--r--DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java182
1 files changed, 182 insertions, 0 deletions
diff --git a/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java b/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java
new file mode 100644
index 000000000..1c55e59e3
--- /dev/null
+++ b/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java
@@ -0,0 +1,182 @@
+package eu.stork.documentservice.utils;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.security.AlgorithmParameters;
+import java.security.PublicKey;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+
+import javax.crypto.*;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.sun.org.apache.xml.internal.security.utils.Base64;
+
+import eu.stork.documentservice.exceptions.EncryptionException;
+
+public class EncryptionHelper {
+
+ private static String key;
+ private static String iv;
+ private static Cipher cipher;
+
+ public EncryptionHelper() throws EncryptionException
+ {
+ this.generateKeys();
+ }
+
+ public EncryptionHelper(String inKey, String inIv) throws EncryptionException
+ {
+ this.initKeys(inKey, inIv);
+ }
+
+ /**
+ * Generate new symmetric keys
+ * @throws EncryptionException
+ */
+ public void generateKeys() throws EncryptionException
+ {
+ try
+ {
+ KeyGenerator keyGen = KeyGenerator.getInstance("AES");
+ keyGen.init(256);
+ SecretKey secretKey = keyGen.generateKey();
+ cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+ cipher.init(Cipher.ENCRYPT_MODE, secretKey);
+ AlgorithmParameters params = cipher.getParameters();
+ key = Base64.encode(secretKey.getEncoded());
+ iv = Base64.encode(params.getParameterSpec(IvParameterSpec.class).getIV());
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ throw new EncryptionException("Unable to generate encryption key.", e);
+ }
+ }
+
+ /**
+ * Initialize keys with specified keys
+ * @param inKey the key to use
+ * @param inIv the IV to use
+ * @throws EncryptionException the exception thrown
+ */
+ public void initKeys(String inKey, String inIv) throws EncryptionException
+ {
+ try
+ {
+ key = inKey;
+ iv = inIv;
+ SecretKeySpec skeySpec = new SecretKeySpec(Base64.decode(inKey), "AES");
+ cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+ cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(Base64.decode(inIv)));
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ throw new EncryptionException("Unable to initialize encryption key.", e);
+ }
+ }
+
+ /**
+ * Encrypt data with key
+ * @param clearData the clear data
+ * @return the encrypted data
+ * @throws EncryptionException the exception thrown
+ */
+ public byte[] encrypt(byte[] clearData) throws EncryptionException
+ {
+ if (clearData != null)
+ {
+ try
+ {
+ return cipher.doFinal(clearData);
+ }
+ catch (Exception ex)
+ {
+ throw new EncryptionException("Could not decrypt data.", ex);
+ }
+ }
+ else
+ throw new EncryptionException("Clear data is null.");
+ }
+
+ /**
+ * Decrypt data with keys
+ * @param encData the encrypted data
+ * @return decrypted data
+ * @throws EncryptionException the exception thrown
+ */
+ public byte[] decrypt(byte[] encData) throws EncryptionException
+ {
+ if (encData != null)
+ {
+ try
+ {
+ return cipher.doFinal(encData);
+ }
+ catch (Exception ex)
+ {
+ throw new EncryptionException("Could not encrypt data.", ex);
+ }
+ }
+ else
+ throw new EncryptionException("Encrypted data is null.");
+ }
+
+ /**
+ * Get the key string
+ * @return the key
+ */
+ public String getKey()
+ {
+ return key;
+ }
+
+ /**
+ * Get the IV string
+ * @return the iv
+ */
+ public String getIv()
+ {
+ return iv;
+ }
+
+ /**
+ * Encrypt string with certificate
+ * @param certString the PEM formated certificate
+ * @param input the string to encrypt
+ * @return encrypted string
+ * @throws EncryptionException the exception thrown
+ */
+ public String encryptWithCert(String certString, String input) throws EncryptionException
+ {
+ if (certString != null && !certString.isEmpty())
+ {
+ if (input != null && !input.isEmpty())
+ {
+ try {
+ certString = certString.replace("-----BEGIN CERTIFICATE-----", "");
+ certString = certString.replace("-----END CERTIFICATE-----", "");
+ InputStream inStream = new ByteArrayInputStream(Base64.decode(certString));
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
+ PublicKey pk = cert.getPublicKey();
+ Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+ rsaCipher.init(Cipher.ENCRYPT_MODE, pk);
+ byte[] encrypted = rsaCipher.doFinal(input.getBytes("UTF-8"));
+ return Base64.encode(encrypted);
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ throw new EncryptionException("Unabled to encrypt string.", e);
+ }
+ }
+ else
+ throw new EncryptionException("Input is null or empty.");
+ }
+ else
+ throw new EncryptionException("Certificate is null or empty.");
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 14:44:22 +0000