core/src/main/java/com/att/cadi/AES.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

/*******************************************************************************
 * ============LICENSE_START====================================================
 * * org.onap.aai
 * * ===========================================================================
 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
 * * Copyright © 2017 Amdocs
 * * ===========================================================================
 * * Licensed under the Apache License, Version 2.0 (the "License");
 * * you may not use this file except in compliance with the License.
 * * You may obtain a copy of the License at
 * * 
 *  *      http://www.apache.org/licenses/LICENSE-2.0
 * * 
 *  * Unless required by applicable law or agreed to in writing, software
 * * distributed under the License is distributed on an "AS IS" BASIS,
 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * * See the License for the specific language governing permissions and
 * * limitations under the License.
 * * ============LICENSE_END====================================================
 * *
 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
 * *
 ******************************************************************************/
package com.att.cadi;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import com.att.cadi.util.Chmod;

public class AES {
	public static final String AES = AES.class.getSimpleName();
	public static final int AES_KEY_SIZE = 128; // 256 isn't supported on all JDKs.
	
	private Cipher aesCipher;
	private SecretKeySpec aeskeySpec;

	public AES() throws IOException, NoSuchAlgorithmException, NoSuchPaddingException {
		aesCipher = Cipher.getInstance(AES);
	    aeskeySpec = new SecretKeySpec(newKey().getEncoded(), AES);
	}
	
	public static SecretKey newKey() throws NoSuchAlgorithmException {
		KeyGenerator kgen = KeyGenerator.getInstance(AES);
	    kgen.init(AES_KEY_SIZE);
	    return kgen.generateKey();
	}

	public AES(File keyfile) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException {
		aesCipher = Cipher.getInstance(AES);
		byte[] aesKey = new byte[AES_KEY_SIZE/8];
		FileInputStream fis = new FileInputStream(keyfile);
		try {
			fis.read(aesKey);
		} finally {
			fis.close();
		}
		aeskeySpec = new SecretKeySpec(aesKey,AES);
	}

	public AES(byte[] aeskey, int offset, int len) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException {
		aesCipher = Cipher.getInstance(AES);
		aeskeySpec = new SecretKeySpec(aeskey,offset,len,AES);
	}
	
	public byte[] encrypt(byte[] in) throws InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
		aesCipher.init(Cipher.ENCRYPT_MODE,aeskeySpec);
		return aesCipher.doFinal(in);
	}
	
	public byte[] decrypt(byte[] in) throws InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
		aesCipher.init(Cipher.DECRYPT_MODE,aeskeySpec); 
		return aesCipher.doFinal(in);
	}
	
	public void save(File keyfile) throws IOException {
		FileOutputStream fis = new FileOutputStream(keyfile);
		try {
			fis.write(aeskeySpec.getEncoded());
		} finally {
			fis.close();
		}
		Chmod.to400.chmod(keyfile);
	}

	public CipherOutputStream outputStream(OutputStream os, boolean encrypt) {
		try {
			if(encrypt) {
				aesCipher.init(Cipher.ENCRYPT_MODE,aeskeySpec);
			} else {
				aesCipher.init(Cipher.DECRYPT_MODE,aeskeySpec);
			}
		} catch (InvalidKeyException e) {
			// KeySpec created earlier... no chance being wrong.
		} 
		return new CipherOutputStream(os,aesCipher);
	}
	
	public CipherInputStream inputStream(InputStream is, boolean encrypt) {
		try {
			if(encrypt) {
				aesCipher.init(Cipher.ENCRYPT_MODE,aeskeySpec);
			} else {
				aesCipher.init(Cipher.DECRYPT_MODE,aeskeySpec);
			}
		} catch (InvalidKeyException e) {
			// KeySpec created earlier... no chance being wrong.
		} 
		
		return new CipherInputStream(is,aesCipher);
	}
}