aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java132
1 files changed, 36 insertions, 96 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
index acc2a7273..8660f7c09 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
@@ -22,110 +22,50 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.util;
-import iaik.security.cipher.PBEKey;
-import iaik.security.spec.PBEKeyAndParameterSpec;
-
-import java.security.SecureRandom;
-import java.security.spec.KeySpec;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.data.EncryptedData;
import at.gv.egovernment.moa.logging.Logger;
-public class SessionEncrytionUtil {
-
- private static final String CIPHER_MODE = "AES/CBC/PKCS5Padding";
- private static final String KEYNAME = "AES";
-
- static private SecretKey secret = null;
+public class SessionEncrytionUtil extends AbstractEncrytionUtil {
- static {
- try {
- String key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey();
-
- if (key != null) {
-
- PBEKeySpec keySpec = new PBEKeySpec(key.toCharArray());
- SecretKeyFactory factory = SecretKeyFactory.getInstance("PKCS#5", "IAIK");
- PBEKey pbeKey = (PBEKey)factory.generateSecret(keySpec);
-
-
- SecureRandom random = new SecureRandom();
- KeyGenerator pbkdf2 = KeyGenerator.getInstance("PBKDF2", "IAIK");
-
- PBEKeyAndParameterSpec parameterSpec =
- new PBEKeyAndParameterSpec(pbeKey.getEncoded(),
- "TestSALT".getBytes(),
- 2000,
- 16);
-
- pbkdf2.init(parameterSpec, random);
- SecretKey derivedKey = pbkdf2.generateKey();
-
- SecretKeySpec spec = new SecretKeySpec(derivedKey.getEncoded(), KEYNAME);
- SecretKeyFactory kf = SecretKeyFactory.getInstance(KEYNAME, "IAIK");
- secret = kf.generateSecret(spec);
-
- } else {
- Logger.warn("MOASession encryption is deaktivated.");
- }
-
- } catch (Exception e) {
- Logger.warn("MOASession encryption can not be inizialized.", e);
- }
-
- }
+ private static SessionEncrytionUtil instance = null;
+ private static String key = null;
- public static EncryptedData encrypt(byte[] data) throws BuildException {
- Cipher cipher;
-
- if (secret != null) {
+ public static SessionEncrytionUtil getInstance() {
+ if (instance == null) {
try {
- cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
- cipher.init(Cipher.ENCRYPT_MODE, secret);
-
- Logger.debug("Encrypt MOASession");
-
- byte[] encdata = cipher.doFinal(data);
- byte[] iv = cipher.getIV();
-
- return new EncryptedData(encdata, iv);
-
+ key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey();
+ instance = new SessionEncrytionUtil();
+
} catch (Exception e) {
- Logger.warn("MOASession is not encrypted",e);
- throw new BuildException("MOASession is not encrypted", new Object[]{}, e);
- }
- } else
- return new EncryptedData(data, null);
+ Logger.warn("MOASession encryption can not be inizialized.", e);
+
+ }
+ }
+ return instance;
+ }
+
+ /**
+ * @throws DatabaseEncryptionException
+ */
+ private SessionEncrytionUtil() throws DatabaseEncryptionException {
+ super();
}
- public static byte[] decrypt(EncryptedData data) throws BuildException {
- Cipher cipher;
-
- if (secret != null) {
- try {
- IvParameterSpec iv = new IvParameterSpec(data.getIv());
-
- cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
- cipher.init(Cipher.DECRYPT_MODE, secret, iv);
-
- Logger.debug("Decrypt MOASession");
- return cipher.doFinal(data.getEncData());
-
- } catch (Exception e) {
- Logger.warn("MOASession is not decrypted",e);
- throw new BuildException("MOASession is not decrypted", new Object[]{}, e);
- }
- } else
- return data.getEncData();
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt()
+ */
+ @Override
+ protected String getSalt() {
+ return "Session-Salt";
}
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey()
+ */
+ @Override
+ protected String getKey() {
+ return key;
+ }
+
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 17:44:35 +0000