diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java new file mode 100644 index 000000000..4ae4e5c44 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java @@ -0,0 +1,82 @@ +package at.gv.egovernment.moa.id.util; + +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; + +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.logging.Logger; + +public class SessionEncrytionUtil { + + static SecretKey secret = null; + + static { + try { + String key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey(); + + if (key != null) { + SecretKeyFactory factory; + + factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); + KeySpec spec = new PBEKeySpec(key.toCharArray(), "TestSALT".getBytes(), 1024, 128); + SecretKey tmp = factory.generateSecret(spec); + secret = new SecretKeySpec(tmp.getEncoded(), "AES"); + + } else { + Logger.warn("MOASession encryption is deaktivated."); + } + + } catch (Exception e) { + Logger.warn("MOASession encryption can not be inizialized.", e); + } + + } + + public static byte[] encrypt(byte[] data) throws BuildException { + Cipher cipher; + + if (secret != null) { + try { + cipher = Cipher.getInstance("AES/ECB/"+"ISO10126Padding"); + cipher.init(Cipher.ENCRYPT_MODE, secret); + + Logger.debug("Encrypt MOASession"); + return cipher.doFinal(data); + + } catch (Exception e) { + Logger.warn("MOASession is not encrypted",e); + throw new BuildException("MOASession is not encrypted", new Object[]{}, e); + } + } else + return data; + } + + public static byte[] decrypt(byte[] data) throws BuildException { + Cipher cipher; + + if (secret != null) { + try { + cipher = Cipher.getInstance("AES/ECB/"+"ISO10126Padding"); + cipher.init(Cipher.DECRYPT_MODE, secret); + + Logger.debug("Decrypt MOASession"); + return cipher.doFinal(data); + + } catch (Exception e) { + Logger.warn("MOASession is not decrypted",e); + throw new BuildException("MOASession is not decrypted", new Object[]{}, e); + } + } else + return data; + } +} |