View Javadoc
1   /*
2    * Copyright 2001-2013 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   */
17  package org.apache.juddi.webconsole;
18  
19  import javax.crypto.*;
20  import javax.crypto.spec.*;
21  import org.apache.commons.codec.binary.Base64;
22  
23  import org.apache.commons.logging.Log;
24  import org.apache.commons.logging.LogFactory;
25  
26  /**
27   * <summary> This program uses a AES key, retrieves its raw bytes, and then
28   * reinstantiates a AES key from the key bytes.</summary> The reinstantiated key
29   * is used to initialize a AES cipher for encryption and decryption. source :
30   * http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html
31   *
32   * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a>
33   */
34  public class AES {
35  
36          public static final String logname = "org.apache.juddi.gui";
37          public static final Log log = LogFactory.getLog(logname);
38  
39          /**
40           * generates an AES based off of the selected key size
41           *
42           * @param keysize
43           * @return may return null if the key is not of a supported size by the
44           * current jdk
45           */
46          public static String GEN(int keysize) {
47                  KeyGenerator kgen;
48                  try {
49                          kgen = KeyGenerator.getInstance("AES");
50                          kgen.init(keysize);
51                          SecretKey skey = kgen.generateKey();
52                          byte[] raw = skey.getEncoded();
53                          return Base64.encodeBase64String(raw);
54                  } catch (Exception ex) {
55                          log.fatal("error generating key", ex);
56                  }
57                  return null;
58          }
59  
60          /**
61           * Generate a new AES 256 bit encryption key. Once generated, this key
62           * can be used to replace the default key.
63           *
64           * @return a new key
65           */
66          public static String GEN() {
67                  return GEN(256);
68          }
69  
70          static String EN(String cleartext, String key) throws Exception {
71                  byte[] raw =//skey.getEncoded();
72                          Base64.decodeBase64(key); //
73                  SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
74                  // Instantiate the cipher
75                  Cipher cipher = Cipher.getInstance("AES");
76                  cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
77                  byte[] encrypted = cipher.doFinal(cleartext.getBytes());
78                  return Base64.encodeBase64String(encrypted);
79          }
80  
81          static String DE(String ciphertext, String key) throws Exception {
82                  byte[] raw =//skey.getEncoded();
83                          Base64.decodeBase64(key); //
84                  SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
85                  Cipher cipher = Cipher.getInstance("AES");
86                  cipher.init(Cipher.DECRYPT_MODE, skeySpec);
87                  byte[] original = cipher.doFinal(Base64.decodeBase64(ciphertext));
88                  return new String(original);
89          }
90  
91          /**
92           * return true is the supplied key is a valid aes key
93           *
94           * @param key
95           * @return true if the key is valid
96           */
97          public static boolean ValidateKey(String key) {
98                  try {
99                          String src = "abcdefghijklmopqrstuvwxyz123567890!@#$%^&*()_+{}|:\">?<,";
100                         String x = EN(src, key);
101                         String y = DE(x, key);
102                         //if the sample text is encryptable and decryptable, and it was actually encrypted
103                         if (y.equals(src) && !x.equals(y)) {
104                                 return true;
105                         }
106                         return false;
107                 } catch (Exception ex) {
108                         log.info("Key validation failed! "+ ex.getMessage());
109                         log.debug("Key validation failed! "+ ex.getMessage(), ex);
110                         return false;
111                 }
112         }
113 
114         /**
115          * encrypts a password using AES Requires the Unlimited Strength Crypto
116          * Extensions
117          *
118          * @param clear
119          * @param key
120          * @return encrypted base64 text
121          */
122         public static String Encrypt(String clear, String key) throws Exception {
123                 if ((clear == null || clear.length() == 0)) {
124                         return "";
125                 }
126                 if (key == null || key.length() == 0) {
127                         log.fatal("The generated encryption key was null or emtpy!");
128                 }
129                 try {
130                         return AES.EN(clear, key);
131                 } catch (Exception ex) {
132                         log.fatal("Cannot encrypt sensitive information! Check to make sure the unlimited strength JCE is installed " + ex.getMessage(), ex);
133                         throw new Exception("Internal Configuration Error, See Log for details. ");
134                 }
135                 // return "";
136         }
137 
138         /**
139          * Decrypts a password or other sensitive data If the parameter is null
140          * or empty, an empty string is returned. If the parameter is not
141          * encrypted or was encrypted using a different key or it fails to
142          * decrypt, the original text is returned.
143          *
144          * @param cipher encrypted text
145          * @param key
146          * @return encrypted text
147          */
148         public static String Decrypt(String cipher, String key) {
149                 if ((cipher == null || cipher.length() == 0)) {
150                         return "";
151                 }
152                 if (key == null || key.length() == 0) {
153                         log.fatal("The generated encryption key was null or emtpy!");
154                 }
155                 try {
156                         return AES.DE(cipher, key);
157                 } catch (Exception ex) {
158                         log.fatal("trouble decrypting data, check to make sure the unlimited strength JCE is installed. If this error occured during deployment, I'll automatically try a smaller key size. " + ex.getMessage(), ex);
159                 }
160                 return cipher;
161 
162         }
163 }