aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java82
1 files changed, 82 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
new file mode 100644
index 000000000..4ae4e5c44
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
@@ -0,0 +1,82 @@
+package at.gv.egovernment.moa.id.util;
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class SessionEncrytionUtil {
+
+ static SecretKey secret = null;
+
+ static {
+ try {
+ String key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey();
+
+ if (key != null) {
+ SecretKeyFactory factory;
+
+ factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+ KeySpec spec = new PBEKeySpec(key.toCharArray(), "TestSALT".getBytes(), 1024, 128);
+ SecretKey tmp = factory.generateSecret(spec);
+ secret = new SecretKeySpec(tmp.getEncoded(), "AES");
+
+ } else {
+ Logger.warn("MOASession encryption is deaktivated.");
+ }
+
+ } catch (Exception e) {
+ Logger.warn("MOASession encryption can not be inizialized.", e);
+ }
+
+ }
+
+ public static byte[] encrypt(byte[] data) throws BuildException {
+ Cipher cipher;
+
+ if (secret != null) {
+ try {
+ cipher = Cipher.getInstance("AES/ECB/"+"ISO10126Padding");
+ cipher.init(Cipher.ENCRYPT_MODE, secret);
+
+ Logger.debug("Encrypt MOASession");
+ return cipher.doFinal(data);
+
+ } catch (Exception e) {
+ Logger.warn("MOASession is not encrypted",e);
+ throw new BuildException("MOASession is not encrypted", new Object[]{}, e);
+ }
+ } else
+ return data;
+ }
+
+ public static byte[] decrypt(byte[] data) throws BuildException {
+ Cipher cipher;
+
+ if (secret != null) {
+ try {
+ cipher = Cipher.getInstance("AES/ECB/"+"ISO10126Padding");
+ cipher.init(Cipher.DECRYPT_MODE, secret);
+
+ Logger.debug("Decrypt MOASession");
+ return cipher.doFinal(data);
+
+ } catch (Exception e) {
+ Logger.warn("MOASession is not decrypted",e);
+ throw new BuildException("MOASession is not decrypted", new Object[]{}, e);
+ }
+ } else
+ return data;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 13:47:04 +0000