diff options
Diffstat (limited to 'wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb')
6 files changed, 486 insertions, 0 deletions
diff --git a/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/CipherCreator.java b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/CipherCreator.java new file mode 100644 index 0000000..d964cbc --- /dev/null +++ b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/CipherCreator.java @@ -0,0 +1,95 @@ +/* + * Copyright 2016 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.openo.baseservice.encrypt.cbb; + +import org.openo.baseservice.encrypt.cbb.impl.AesCipherFactory; +import org.openo.baseservice.encrypt.cbb.inf.AbstractCipher; +import org.openo.baseservice.encrypt.cbb.inf.AbstractCipherFactory; + +/** + * Helps create cipher instances from factory.<br/> + * <p> + * Creates the cipher instances using cipher factory. By default it uses AesCipherFactory. + * Can be changed through spring. + * </p> + * + * @author + * @version 08-Jun-2016 + */ +public final class CipherCreator { + + private static CipherCreator instance = new CipherCreator(); + + private AbstractCipherFactory factory = new AesCipherFactory(); + + /** + * Constructor<br/> + * <p> + * private + * </p> + * + * @since + */ + private CipherCreator() { + + } + + /** + * Singleton instance. + * <br/> + * + * @return + * @since + */ + public static CipherCreator instance() { + return instance; + } + + /** + * Creates cipher with default key. + * <br/> + * + * @return cipher instance with default key. + * @since + */ + public AbstractCipher create() { + return factory.createCipherManager(); + } + + /** + * Creates cipher instance with a key. + * <br/> + * + * @param key the key to be used for encryption and decryption. + * @return cipher instance with specified key. + * @since + */ + public AbstractCipher create(final String key) { + return factory.createCipherManager(key); + } + + /** + * Sets the cipher factory instance. + * <br/> + * + * @param factory cipher factory. + * @since + */ + public void setFactory(final AbstractCipherFactory factory) { + this.factory = factory; + } + +} diff --git a/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/impl/AesCipher.java b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/impl/AesCipher.java new file mode 100644 index 0000000..f117269 --- /dev/null +++ b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/impl/AesCipher.java @@ -0,0 +1,132 @@ +/* + * Copyright 2016 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openo.baseservice.encrypt.cbb.impl; + +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; +import javax.xml.bind.DatatypeConverter; + +import org.openo.baseservice.encrypt.cbb.inf.AbstractCipher; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * CipherManager implement<br/> + * <p> + * </p> + * + * @author + * @version 31-May-2016 + */ +public class AesCipher implements AbstractCipher { + + private static final Logger LOG = LoggerFactory.getLogger(AesCipher.class); + + private static final byte[] DEFAULT_IV = {2, 1, 4, 8, 0, 3, 2, 0, 7, 9, 2, 8, 5, 11, 6, 1}; + + private static final IvParameterSpec IV_PARAMETER_SPEC = new IvParameterSpec(DEFAULT_IV); + + protected final SecretKey secretKey; + + /** + * Constructor<br/> + * <p> + * Creates default key. + * </p> + * + * @since + */ + public AesCipher() { + super(); + secretKey = createSecretKey("default"); + } + + /** + * + * Constructor<br/> + * <p> + * </p> + * Creates key. + * @param key + * @since + */ + public AesCipher(final String key) { + super(); + secretKey = createSecretKey(key); + } + + private SecretKey createSecretKey(final String key) { + SecretKey secretKey = null; + try { + final SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); + final KeySpec keySpec = new PBEKeySpec(key.toCharArray(), DEFAULT_IV, 30000, 128); + + secretKey = keyFactory.generateSecret(keySpec); + return new SecretKeySpec(secretKey.getEncoded(), "AES"); + } catch(InvalidKeySpecException e) { + LOG.error("Invalid KeySpec ", e); + } catch(NoSuchAlgorithmException e) { + LOG.error("Algorithm do not support: ", e); + } + return null; + } + + @Override + public String encrypt(final String plain) { + try { + final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + cipher.init(Cipher.ENCRYPT_MODE, secretKey, IV_PARAMETER_SPEC); + final byte[] encryptToBytes = cipher.doFinal(plain.getBytes()); + return DatatypeConverter.printBase64Binary(encryptToBytes); + } catch(final Exception e) { + LOG.error("Encrypt the plain error:", e); + return null; + } + } + + @Override + public String decrypt(final String encrypted) { + + if(encrypted == null || encrypted.length() == 0) { + return null; + } + + if(secretKey == null) { + return null; + } + + try { + final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + cipher.init(Cipher.DECRYPT_MODE, secretKey, IV_PARAMETER_SPEC); + final byte[] tempBytes = DatatypeConverter.parseBase64Binary(encrypted); + final byte[] decrypTobytes = cipher.doFinal(tempBytes); + return new String(decrypTobytes); + } catch(final Exception e) { + LOG.error("decrypt the plain error:", e); + return null; + } + } + +} diff --git a/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/impl/AesCipherFactory.java b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/impl/AesCipherFactory.java new file mode 100644 index 0000000..95e7336 --- /dev/null +++ b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/impl/AesCipherFactory.java @@ -0,0 +1,54 @@ +/* + * Copyright 2016 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.openo.baseservice.encrypt.cbb.impl; + +import org.openo.baseservice.encrypt.cbb.inf.AbstractCipher; +import org.openo.baseservice.encrypt.cbb.inf.AbstractCipherFactory; + +/** + * Factory class to create CipherManager instances.<br/> + * <p> + * </p> + * + * @author + * @version 03-Jun-2016 + */ +public class AesCipherFactory implements AbstractCipherFactory { + + /** + * Creates new CipherManager instance.<br/> + * + * @return new cipher manager instance. + * @since + */ + @Override + public AbstractCipher createCipherManager() { + return new AesCipher(); + } + + /** + * Creates new CipherManager instance.<br/> + * + * @param key new cipher manager instance. + * @return + * @since + */ + @Override + public AbstractCipher createCipherManager(final String key) { + return new AesCipher(key); + } + +} diff --git a/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/inf/AbstractCipher.java b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/inf/AbstractCipher.java new file mode 100644 index 0000000..608dd82 --- /dev/null +++ b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/inf/AbstractCipher.java @@ -0,0 +1,50 @@ +/* + * Copyright 2016 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.openo.baseservice.encrypt.cbb.inf; + +/** + * Cipher Manager, provides the encrypt/decrypt interface + * <br/> + * <p> + * It provides bi-directional encryption api. + * </p> + * + * @author + * @version 31-May-2016 + */ +public interface AbstractCipher { + + /** + * Encrypt a string. + * <br/> + * + * @param plain string to be encrypted. + * @return encrypted string. + * @since + */ + String encrypt(String plain); + + /** + * Decrypt a string. + * <br/> + * + * @param encrypted String is encrypted by AES 128 + * @return plain after decrypt + * @since + */ + String decrypt(String encrypted); + +} diff --git a/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/inf/AbstractCipherFactory.java b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/inf/AbstractCipherFactory.java new file mode 100644 index 0000000..e820250 --- /dev/null +++ b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/inf/AbstractCipherFactory.java @@ -0,0 +1,45 @@ +/* + * Copyright 2016 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.openo.baseservice.encrypt.cbb.inf; + +/** + * Factory class to create CipherManager instances.<br/> + * <p> + * </p> + * + * @author + * @version 03-Jun-2016 + */ +public interface AbstractCipherFactory { + + /** + * Creates new CipherManager instance.<br/> + * + * @return new cipher manager instance. + * @since + */ + AbstractCipher createCipherManager(); + + /** + * Creates new CipherManager instance.<br/> + * + * @param key new cipher manager instance. + * @return + * @since + */ + AbstractCipher createCipherManager(final String key); + +} diff --git a/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/sha/Sha256.java b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/sha/Sha256.java new file mode 100644 index 0000000..bbead3e --- /dev/null +++ b/wso2/common-util/src/main/java/org/openo/baseservice/encrypt/cbb/sha/Sha256.java @@ -0,0 +1,110 @@ +/* + * Copyright 2016 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.openo.baseservice.encrypt.cbb.sha; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.nio.charset.StandardCharsets; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +import javax.crypto.Mac; +import javax.crypto.spec.SecretKeySpec; +import javax.xml.bind.DatatypeConverter; + +/** + * Utility to generate SHA256 digest and HMAC.<br/> + * <p> + * </p> + * + * @author + * @version 03-Jun-2016 + */ +public final class Sha256 { + + private static final Logger LOGGER = LoggerFactory.getLogger(Sha256.class); + + private Sha256() { + + } + + /** + * Generates SHA256 digest.<br/> + * + * @param data: The data to be digested. + * @return Hex encoded digested data. + * @since + */ + public static String digest(final String data) { + final byte[] dataBytes = data.getBytes(StandardCharsets.UTF_8); + MessageDigest md = null; + try { + md = MessageDigest.getInstance("SHA-256"); + } catch(final NoSuchAlgorithmException e) { + LOGGER.error("No SHA-256 support ", e); + return ""; + } + final byte[] digest = md.digest(dataBytes); + return DatatypeConverter.printHexBinary(digest); + } + + /** + * Generates hmac signature using data and key.<br/> + * + * @param data: The data to be signed. + * @param key: The signing key. + * @return Hex encoded HMAC signature. + * @throws InvalidKeyException if the key is invalid. + * @since + */ + public static String mac(final String data, final Key key) throws InvalidKeyException { + final byte[] dataBytes = data.getBytes(StandardCharsets.UTF_8); + Mac mac = null; + try { + mac = Mac.getInstance("HmacSHA256"); + mac.init(key); + } catch(final NoSuchAlgorithmException e) { + LOGGER.error("SHA mac not supported", e); + return ""; + } + final byte[] digest = mac.doFinal(dataBytes); + return DatatypeConverter.printHexBinary(digest); + + } + + /** + * Generates hmac with data and secret. + * <br/> + * + * @param data: The data to be signed. + * @param secret: The signing key. + * @return Hex encoded HMAC signature. + * @since + */ + public static String mac(final String data, final byte[] secret) { + final Key key = new SecretKeySpec(secret, "HmacSHA256"); + try { + return mac(data, key); + } catch(final InvalidKeyException e) { + LOGGER.error("Invalid key: ", e); + return ""; + } + } + +} |