1/*2 * Copyright 2001-2013 The Apache Software Foundation.3 * 4 * Licensed under the Apache License, Version 2.0 (the "License");5 * you may not use this file except in compliance with the License.6 * You may obtain a copy of the License at7 * 8 * http://www.apache.org/licenses/LICENSE-2.09 * 10 * Unless required by applicable law or agreed to in writing, software11 * distributed under the License is distributed on an "AS IS" BASIS,12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.13 * See the License for the specific language governing permissions and14 * limitations under the License.15 *16 */17package org.apache.juddi.webconsole;
1819import javax.crypto.*;
20import javax.crypto.spec.*;
21import org.apache.commons.codec.binary.Base64;
2223import org.apache.commons.logging.Log;
24import org.apache.commons.logging.LogFactory;
2526/**27 * <summary> This program uses a AES key, retrieves its raw bytes, and then28 * reinstantiates a AES key from the key bytes.</summary> The reinstantiated key29 * is used to initialize a AES cipher for encryption and decryption. source :30 * http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html31 *32 * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a>33 */34publicclassAES {
3536publicstaticfinal String logname = "org.apache.juddi.gui";
37publicstaticfinal Log log = LogFactory.getLog(logname);
3839/**40 * generates an AES based off of the selected key size41 *42 * @param keysize43 * @return may return null if the key is not of a supported size by the44 * current jdk45 */46publicstatic String GEN(int keysize) {
47 KeyGenerator kgen;
48try {
49 kgen = KeyGenerator.getInstance("AES");
50 kgen.init(keysize);
51 SecretKey skey = kgen.generateKey();
52 byte[] raw = skey.getEncoded();
53return Base64.encodeBase64String(raw);
54 } catch (Exception ex) {
55 log.fatal("error generating key", ex);
56 }
57returnnull;
58 }
5960/**61 * Generate a new AES 256 bit encryption key. Once generated, this key62 * can be used to replace the default key.63 *64 * @return a new key65 */66publicstatic String GEN() {
67return GEN(256);
68 }
6970static String EN(String cleartext, String key) throws Exception {
71 byte[] raw =//skey.getEncoded();72 Base64.decodeBase64(key); //73 SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
74// Instantiate the cipher75 Cipher cipher = Cipher.getInstance("AES");
76 cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
77 byte[] encrypted = cipher.doFinal(cleartext.getBytes());
78return Base64.encodeBase64String(encrypted);
79 }
8081static String DE(String ciphertext, String key) throws Exception {
82 byte[] raw =//skey.getEncoded();83 Base64.decodeBase64(key); //84 SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
85 Cipher cipher = Cipher.getInstance("AES");
86 cipher.init(Cipher.DECRYPT_MODE, skeySpec);
87 byte[] original = cipher.doFinal(Base64.decodeBase64(ciphertext));
88returnnew String(original);
89 }
9091/**92 * return true is the supplied key is a valid aes key93 *94 * @param key95 * @return true if the key is valid96 */97publicstaticboolean ValidateKey(String key) {
98try {
99 String src = "abcdefghijklmopqrstuvwxyz123567890!@#$%^&*()_+{}|:\">?<,";
100 String x = EN(src, key);
101 String y = DE(x, key);
102//if the sample text is encryptable and decryptable, and it was actually encrypted103if (y.equals(src) && !x.equals(y)) {
104returntrue;
105 }
106return false;
107 } catch (Exception ex) {
108 log.info("Key validation failed! "+ ex.getMessage());
109 log.debug("Key validation failed! "+ ex.getMessage(), ex);
110return false;
111 }
112 }
113114/**115 * encrypts a password using AES Requires the Unlimited Strength Crypto116 * Extensions117 *118 * @param clear119 * @param key120 * @return encrypted base64 text121 */122publicstatic String Encrypt(String clear, String key) throws Exception {
123if ((clear == null || clear.length() == 0)) {
124return"";
125 }
126if (key == null || key.length() == 0) {
127 log.fatal("The generated encryption key was null or emtpy!");
128 }
129try {
130return AES.EN(clear, key);
131 } catch (Exception ex) {
132 log.fatal("Cannot encrypt sensitive information! Check to make sure the unlimited strength JCE is installed " + ex.getMessage(), ex);
133thrownew Exception("Internal Configuration Error, See Log for details. ");
134 }
135// return "";136 }
137138/**139 * Decrypts a password or other sensitive data If the parameter is null140 * or empty, an empty string is returned. If the parameter is not141 * encrypted or was encrypted using a different key or it fails to142 * decrypt, the original text is returned.143 *144 * @param cipher encrypted text145 * @param key146 * @return encrypted text147 */148publicstatic String Decrypt(String cipher, String key) {
149if ((cipher == null || cipher.length() == 0)) {
150return"";
151 }
152if (key == null || key.length() == 0) {
153 log.fatal("The generated encryption key was null or emtpy!");
154 }
155try {
156return AES.DE(cipher, key);
157 } catch (Exception ex) {
158 log.fatal("trouble decrypting data, check to make sure the unlimited strength JCE is installed. If this error occured during deployment, I'll automatically try a smaller key size. " + ex.getMessage(), ex);
159 }
160return cipher;
161162 }
163 }