1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.impl.security; |
12 | |
|
13 | |
import org.mule.config.i18n.CoreMessages; |
14 | |
import org.mule.umo.UMOEncryptionStrategy; |
15 | |
import org.mule.umo.lifecycle.InitialisationException; |
16 | |
import org.mule.umo.security.CryptoFailureException; |
17 | |
import org.mule.util.Base64; |
18 | |
|
19 | |
import java.security.GeneralSecurityException; |
20 | |
import java.security.spec.AlgorithmParameterSpec; |
21 | |
import java.security.spec.KeySpec; |
22 | |
|
23 | |
import javax.crypto.Cipher; |
24 | |
import javax.crypto.SecretKey; |
25 | |
|
26 | |
import org.apache.commons.logging.Log; |
27 | |
import org.apache.commons.logging.LogFactory; |
28 | |
|
29 | |
|
30 | |
|
31 | |
|
32 | |
|
33 | 18 | public abstract class AbstractJCEEncryptionStrategy implements UMOEncryptionStrategy |
34 | |
{ |
35 | |
|
36 | |
|
37 | |
|
38 | 18 | protected transient Log logger = LogFactory.getLog(getClass()); |
39 | |
|
40 | |
protected KeySpec keySpec; |
41 | |
protected SecretKey secretKey; |
42 | |
protected Cipher encryptCipher; |
43 | |
protected Cipher decryptCipher; |
44 | |
|
45 | 18 | protected String algorithm = null; |
46 | |
|
47 | 18 | protected boolean base64Encoding = true; |
48 | |
|
49 | |
public void initialise() throws InitialisationException |
50 | |
{ |
51 | 18 | if (algorithm == null) |
52 | |
{ |
53 | 0 | throw new InitialisationException(CoreMessages.objectIsNull("Algorithm"), this); |
54 | |
} |
55 | |
else |
56 | |
{ |
57 | 18 | logger.debug("Using encryption algorithm: " + algorithm); |
58 | |
} |
59 | |
|
60 | 18 | keySpec = createKeySpec(); |
61 | |
|
62 | |
try |
63 | |
{ |
64 | 18 | secretKey = getSecretKey(); |
65 | |
|
66 | 18 | encryptCipher = Cipher.getInstance(getAlgorithm()); |
67 | 18 | decryptCipher = Cipher.getInstance(getAlgorithm()); |
68 | |
|
69 | 18 | AlgorithmParameterSpec paramSpec = createAlgorithmParameterSpec(); |
70 | 18 | if (paramSpec != null) |
71 | |
{ |
72 | 14 | encryptCipher.init(Cipher.ENCRYPT_MODE, secretKey, paramSpec); |
73 | 14 | decryptCipher.init(Cipher.DECRYPT_MODE, secretKey, paramSpec); |
74 | |
} |
75 | |
else |
76 | |
{ |
77 | 4 | encryptCipher.init(Cipher.ENCRYPT_MODE, secretKey); |
78 | 4 | decryptCipher.init(Cipher.DECRYPT_MODE, secretKey); |
79 | |
} |
80 | |
|
81 | |
} |
82 | 0 | catch (Exception e) |
83 | |
{ |
84 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("encryption ciphers"), |
85 | |
e, this); |
86 | 18 | } |
87 | 18 | } |
88 | |
|
89 | |
protected abstract SecretKey getSecretKey() throws GeneralSecurityException; |
90 | |
|
91 | |
public byte[] encrypt(byte[] data, Object info) throws CryptoFailureException |
92 | |
{ |
93 | |
try |
94 | |
{ |
95 | 18 | byte[] buf = encryptCipher.doFinal(data); |
96 | 18 | if (base64Encoding) |
97 | |
{ |
98 | 18 | return Base64.encodeBytes(buf).getBytes(); |
99 | |
} |
100 | |
else |
101 | |
{ |
102 | 0 | return buf; |
103 | |
} |
104 | |
} |
105 | 0 | catch (Exception e) |
106 | |
{ |
107 | 0 | throw new CryptoFailureException(this, e); |
108 | |
} |
109 | |
} |
110 | |
|
111 | |
public byte[] decrypt(byte[] data, Object info) throws CryptoFailureException |
112 | |
{ |
113 | |
try |
114 | |
{ |
115 | 12 | byte[] dec = data; |
116 | 12 | if (base64Encoding) |
117 | |
{ |
118 | 12 | dec = Base64.decode(new String(data)); |
119 | |
} |
120 | 12 | return decryptCipher.doFinal(dec); |
121 | |
} |
122 | 0 | catch (Exception e) |
123 | |
{ |
124 | 0 | throw new CryptoFailureException(this, e); |
125 | |
} |
126 | |
} |
127 | |
|
128 | |
public String getAlgorithm() |
129 | |
{ |
130 | 50 | return algorithm; |
131 | |
} |
132 | |
|
133 | |
public void setAlgorithm(String algorithm) |
134 | |
{ |
135 | 4 | this.algorithm = algorithm; |
136 | 4 | } |
137 | |
|
138 | |
public String toString() |
139 | |
{ |
140 | 0 | StringBuffer buf = new StringBuffer(); |
141 | 0 | buf.append("Algorithm=").append(algorithm); |
142 | 0 | return buf.toString(); |
143 | |
} |
144 | |
|
145 | |
public boolean isBase64Encoding() |
146 | |
{ |
147 | 0 | return base64Encoding; |
148 | |
} |
149 | |
|
150 | |
public void setBase64Encoding(boolean base64Encoding) |
151 | |
{ |
152 | 0 | this.base64Encoding = base64Encoding; |
153 | 0 | } |
154 | |
|
155 | |
protected abstract KeySpec createKeySpec(); |
156 | |
|
157 | |
protected abstract AlgorithmParameterSpec createAlgorithmParameterSpec(); |
158 | |
|
159 | |
} |