cadi/core/src/main/java/org/onap/ccsdk/apps/cadi/AES.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131

/**
 * ============LICENSE_START====================================================
 * org.onap.ccsdk
 * ===========================================================================
 * Copyright (c) 2023 AT&T Intellectual Property. All rights reserved.
 * ===========================================================================
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * ============LICENSE_END====================================================
 *
 */

package org.onap.ccsdk.apps.cadi;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.onap.ccsdk.apps.cadi.Symm.Encryption;
import org.onap.ccsdk.apps.cadi.util.Chmod;


/**
 * AES Class wraps Cipher AES, 128
 * NOTE: While not explicitly stated in JavaDocs, Ciphers AND SecretKeySpecs are NOT ThreadSafe
 * Ciphers take time to create, therefore, we have pooled them.
 *
 * @author Jonathan
 *
 */
public class AES implements Encryption {
    public static final String AES = AES.class.getSimpleName();
    public static final int AES_KEY_SIZE = 128; // 256 isn't supported on all JDKs.

    private SecretKeySpec aeskeySpec;

    public static SecretKey newKey() throws NoSuchAlgorithmException {
        KeyGenerator kgen = KeyGenerator.getInstance(AES);
        kgen.init(AES_KEY_SIZE);
        return kgen.generateKey();
    }

    public AES(byte[] aeskey, int offset, int len){
        aeskeySpec = new SecretKeySpec(aeskey,offset,len,AES);
    }

    public byte[] encrypt(byte[] in) throws CadiException {
        try {
            Cipher c = Cipher.getInstance(AES);
            c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
            return c.doFinal(in);
        } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new CadiException(e);
        }
    }

    public byte[] decrypt(byte[] in) throws CadiException {
        try {
            Cipher c = Cipher.getInstance(AES);
            c.init(Cipher.DECRYPT_MODE,aeskeySpec);
            return c.doFinal(in);
        } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new CadiException(e);
        }
    }

    public void save(File keyfile) throws IOException {
        FileOutputStream fis = new FileOutputStream(keyfile);
        try {
            fis.write(aeskeySpec.getEncoded());
        } finally {
            fis.close();
        }
        Chmod.to400.chmod(keyfile);
    }

    public CipherOutputStream outputStream(OutputStream os, boolean encrypt) {
        try {
            Cipher c = Cipher.getInstance(AES);
            if (encrypt) {
                c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
            } else {
                c.init(Cipher.DECRYPT_MODE,aeskeySpec);
            }
            return new CipherOutputStream(os,c);
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            // Cannot add Exception to this API.  throw Runtime
            System.err.println("Error creating Aes CipherOutputStream");
            return null;  // should never get here.
        }
    }

    public CipherInputStream inputStream(InputStream is, boolean encrypt) {
        try {
            Cipher c = Cipher.getInstance(AES);
            if (encrypt) {
                c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
            } else {
                c.init(Cipher.DECRYPT_MODE,aeskeySpec);
            }
            return new CipherInputStream(is,c);
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            // Cannot add Exception to this API.  throw Runtime
            System.err.println("Error creating Aes CipherInputStream");
            return null;  // should never get here.
        }
    }
}