| /* |
| * Copyright 2001-2013 The Apache Software Foundation. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| * |
| */ |
| package org.apache.juddi.webconsole; |
| |
| import javax.crypto.*; |
| import javax.crypto.spec.*; |
| import org.apache.commons.codec.binary.Base64; |
| |
| import org.apache.commons.logging.Log; |
| import org.apache.commons.logging.LogFactory; |
| |
| /** |
| * <summary> This program uses a AES key, retrieves its raw bytes, and then |
| * reinstantiates a AES key from the key bytes.</summary> The reinstantiated key |
| * is used to initialize a AES cipher for encryption and decryption. source : |
| * http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html |
| * |
| * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a> |
| */ |
| public class AES { |
| |
| public static final String logname = "org.apache.juddi.gui"; |
| public static final Log log = LogFactory.getLog(logname); |
| |
| /** |
| * generates an AES based off of the selected key size |
| * |
| * @param keysize |
| * @return may return null if the key is not of a supported size by the |
| * current jdk |
| */ |
| public static String GEN(int keysize) { |
| KeyGenerator kgen; |
| try { |
| kgen = KeyGenerator.getInstance("AES"); |
| kgen.init(keysize); |
| SecretKey skey = kgen.generateKey(); |
| byte[] raw = skey.getEncoded(); |
| return Base64.encodeBase64String(raw); |
| } catch (Exception ex) { |
| log.fatal("error generating key", ex); |
| } |
| return null; |
| } |
| |
| /** |
| * Generate a new AES 256 bit encryption key. Once generated, this key |
| * can be used to replace the default key. |
| * |
| * @return a new key |
| */ |
| public static String GEN() { |
| return GEN(256); |
| } |
| |
| static String EN(String cleartext, String key) throws Exception { |
| byte[] raw =//skey.getEncoded(); |
| Base64.decodeBase64(key); // |
| SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); |
| // Instantiate the cipher |
| Cipher cipher = Cipher.getInstance("AES"); |
| cipher.init(Cipher.ENCRYPT_MODE, skeySpec); |
| byte[] encrypted = cipher.doFinal(cleartext.getBytes()); |
| return Base64.encodeBase64String(encrypted); |
| } |
| |
| static String DE(String ciphertext, String key) throws Exception { |
| byte[] raw =//skey.getEncoded(); |
| Base64.decodeBase64(key); // |
| SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); |
| Cipher cipher = Cipher.getInstance("AES"); |
| cipher.init(Cipher.DECRYPT_MODE, skeySpec); |
| byte[] original = cipher.doFinal(Base64.decodeBase64(ciphertext)); |
| return new String(original); |
| } |
| |
| /** |
| * return true is the supplied key is a valid aes key |
| * |
| * @param key |
| * @return true if the key is valid |
| */ |
| public static boolean ValidateKey(String key) { |
| try { |
| String src = "abcdefghijklmopqrstuvwxyz123567890!@#$%^&*()_+{}|:\">?<,"; |
| String x = EN(src, key); |
| String y = DE(x, key); |
| //if the sample text is encryptable and decryptable, and it was actually encrypted |
| if (y.equals(src) && !x.equals(y)) { |
| return true; |
| } |
| return false; |
| } catch (Exception ex) { |
| log.info("Key validation failed! "+ ex.getMessage()); |
| log.debug("Key validation failed! "+ ex.getMessage(), ex); |
| return false; |
| } |
| } |
| |
| /** |
| * encrypts a password using AES Requires the Unlimited Strength Crypto |
| * Extensions |
| * |
| * @param clear |
| * @param key |
| * @return encrypted base64 text |
| */ |
| public static String Encrypt(String clear, String key) throws Exception { |
| if ((clear == null || clear.length() == 0)) { |
| return ""; |
| } |
| if (key == null || key.length() == 0) { |
| log.fatal("The generated encryption key was null or emtpy!"); |
| } |
| try { |
| return AES.EN(clear, key); |
| } catch (Exception ex) { |
| log.fatal("Cannot encrypt sensitive information! Check to make sure the unlimited strength JCE is installed " + ex.getMessage(), ex); |
| throw new Exception("Internal Configuration Error, See Log for details. "); |
| } |
| // return ""; |
| } |
| |
| /** |
| * Decrypts a password or other sensitive data If the parameter is null |
| * or empty, an empty string is returned. If the parameter is not |
| * encrypted or was encrypted using a different key or it fails to |
| * decrypt, the original text is returned. |
| * |
| * @param cipher encrypted text |
| * @param key |
| * @return encrypted text |
| */ |
| public static String Decrypt(String cipher, String key) { |
| if ((cipher == null || cipher.length() == 0)) { |
| return ""; |
| } |
| if (key == null || key.length() == 0) { |
| log.fatal("The generated encryption key was null or emtpy!"); |
| } |
| try { |
| return AES.DE(cipher, key); |
| } catch (Exception ex) { |
| log.fatal("trouble decrypting data, check to make sure the unlimited strength JCE is installed. If this error occured during deployment, I'll automatically try a smaller key size. " + ex.getMessage(), ex); |
| } |
| return cipher; |
| |
| } |
| } |