/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. *******************************************************************************/ package at.gv.egovernment.moa.id.util; import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.SecureRandom; import java.security.spec.InvalidKeySpecException; import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.GCMParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import iaik.security.cipher.PBEKey; import iaik.security.spec.PBEKeyAndParameterSpec; public abstract class AbstractEncrytionUtil { //protected static final String CIPHER_MODE = "AES/CBC/PKCS5Padding"; protected static final String CIPHER_MODE = "AES/GCM/NoPadding"; public static final int GCM_NONCE_LENGTH = 12; // in bytes public static final int GCM_TAG_LENGTH = 16; // in bytes protected static final String KEYNAME = "AES"; private SecretKey secret = null; public AbstractEncrytionUtil() throws DatabaseEncryptionException { initialize(getKey(), getSalt()); } protected abstract String getSalt(); protected abstract String getKey(); protected void initialize(String key, String salt) throws DatabaseEncryptionException { try { if (MiscUtil.isNotEmpty(key)) { if (MiscUtil.isEmpty(salt)) salt = "TestSalt"; PBEKeySpec keySpec = new PBEKeySpec(key.toCharArray()); SecretKeyFactory factory = SecretKeyFactory.getInstance("PKCS#5", "IAIK"); PBEKey pbeKey = (PBEKey)factory.generateSecret(keySpec); SecureRandom random = new SecureRandom(); KeyGenerator pbkdf2 = KeyGenerator.getInstance("PBKDF2", "IAIK"); PBEKeyAndParameterSpec parameterSpec = new PBEKeyAndParameterSpec(pbeKey.getEncoded(), salt.getBytes(), 2000, 16); pbkdf2.init(parameterSpec, random); SecretKey derivedKey = pbkdf2.generateKey(); SecretKeySpec spec = new SecretKeySpec(derivedKey.getEncoded(), KEYNAME); SecretKeyFactory kf = SecretKeyFactory.getInstance(KEYNAME, "IAIK"); secret = kf.generateSecret(spec); } else { Logger.error("Database encryption can not initialized. No key found!"); } } catch (NoSuchAlgorithmException e) { Logger.error("Database encryption can not initialized", e); throw new DatabaseEncryptionException("Database encryption can not initialized", null, e); } catch (NoSuchProviderException e) { Logger.error("Database encryption can not initialized", e); throw new DatabaseEncryptionException("Database encryption can not initialized", null, e); } catch (InvalidKeySpecException e) { Logger.error("Database encryption can not initialized", e); throw new DatabaseEncryptionException("Database encryption can not initialized", null, e); } catch (InvalidAlgorithmParameterException e) { Logger.error("Database encryption can not initialized", e); throw new DatabaseEncryptionException("Database encryption can not initialized", null, e); } } public EncryptedData encrypt(byte[] data) throws BuildException { if (secret != null) { try { final byte[] nonce = Random.nextBytes(GCM_NONCE_LENGTH); final GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce); final Cipher cipher = Cipher.getInstance(CIPHER_MODE); cipher.init(Cipher.ENCRYPT_MODE, secret, spec); final byte[] encdata = cipher.doFinal(data); final byte[] iv = cipher.getIV(); Logger.trace("Encrypt MOASession"); return new EncryptedData(encdata, iv); } catch (Exception e) { Logger.warn("MOASession is not encrypted",e); throw new BuildException("MOASession is not encrypted", new Object[]{}, e); } } else return new EncryptedData(data, null); } public byte[] decrypt(EncryptedData data) throws BuildException { if (secret != null) { try { final Cipher cipher = Cipher.getInstance(CIPHER_MODE); final GCMParameterSpec iv = new GCMParameterSpec(GCM_TAG_LENGTH * 8, data.getIv()); cipher.init(Cipher.DECRYPT_MODE, secret, iv); Logger.trace("Decrypt MOASession"); return cipher.doFinal(data.getEncData()); } catch (Exception e) { Logger.warn("MOASession is not decrypted",e); throw new BuildException("MOASession is not decrypted", new Object[]{}, e); } } else return data.getEncData(); } }