1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
package org.mule.security; |
8 | |
|
9 | |
import org.mule.api.lifecycle.InitialisationException; |
10 | |
import org.mule.api.security.CryptoFailureException; |
11 | |
import org.mule.config.i18n.CoreMessages; |
12 | |
import org.mule.util.Base64; |
13 | |
|
14 | |
import java.io.ByteArrayInputStream; |
15 | |
import java.io.IOException; |
16 | |
import java.io.InputStream; |
17 | |
import java.security.GeneralSecurityException; |
18 | |
import java.security.spec.AlgorithmParameterSpec; |
19 | |
import java.security.spec.KeySpec; |
20 | |
|
21 | |
import javax.crypto.Cipher; |
22 | |
import javax.crypto.SecretKey; |
23 | |
|
24 | |
import org.apache.commons.io.IOUtils; |
25 | |
import org.apache.commons.logging.Log; |
26 | |
import org.apache.commons.logging.LogFactory; |
27 | |
|
28 | |
|
29 | |
|
30 | |
|
31 | |
|
32 | 0 | public abstract class AbstractJCEEncryptionStrategy extends AbstractNamedEncryptionStrategy |
33 | |
{ |
34 | |
|
35 | |
|
36 | |
|
37 | 0 | protected transient Log logger = LogFactory.getLog(getClass()); |
38 | |
|
39 | |
protected KeySpec keySpec; |
40 | |
protected SecretKey secretKey; |
41 | |
protected Cipher encryptCipher; |
42 | |
protected Cipher decryptCipher; |
43 | |
|
44 | 0 | protected String algorithm = null; |
45 | |
|
46 | 0 | protected boolean base64Encoding = true; |
47 | |
|
48 | |
public void initialise() throws InitialisationException |
49 | |
{ |
50 | 0 | if (algorithm == null) |
51 | |
{ |
52 | 0 | throw new InitialisationException(CoreMessages.objectIsNull("Algorithm"), this); |
53 | |
} |
54 | |
else |
55 | |
{ |
56 | 0 | logger.debug("Using encryption algorithm: " + algorithm); |
57 | |
} |
58 | |
|
59 | 0 | keySpec = createKeySpec(); |
60 | |
|
61 | |
try |
62 | |
{ |
63 | 0 | secretKey = getSecretKey(); |
64 | |
|
65 | 0 | encryptCipher = Cipher.getInstance(getAlgorithm()); |
66 | 0 | decryptCipher = Cipher.getInstance(getAlgorithm()); |
67 | |
|
68 | 0 | AlgorithmParameterSpec paramSpec = createAlgorithmParameterSpec(); |
69 | 0 | if (paramSpec != null) |
70 | |
{ |
71 | 0 | encryptCipher.init(Cipher.ENCRYPT_MODE, secretKey, paramSpec); |
72 | 0 | decryptCipher.init(Cipher.DECRYPT_MODE, secretKey, paramSpec); |
73 | |
} |
74 | |
else |
75 | |
{ |
76 | 0 | encryptCipher.init(Cipher.ENCRYPT_MODE, secretKey); |
77 | 0 | decryptCipher.init(Cipher.DECRYPT_MODE, secretKey); |
78 | |
} |
79 | |
|
80 | |
} |
81 | 0 | catch (Exception e) |
82 | |
{ |
83 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("encryption ciphers"), |
84 | |
e, this); |
85 | 0 | } |
86 | 0 | } |
87 | |
|
88 | |
protected abstract SecretKey getSecretKey() throws GeneralSecurityException; |
89 | |
|
90 | |
public InputStream encrypt(InputStream data, Object info) throws CryptoFailureException { |
91 | |
try |
92 | |
{ |
93 | 0 | return new ByteArrayInputStream(this.encrypt(IOUtils.toByteArray(data), info)); |
94 | |
} |
95 | 0 | catch (IOException e) |
96 | |
{ |
97 | 0 | throw new CryptoFailureException(this, e); |
98 | |
} |
99 | |
} |
100 | |
|
101 | |
public InputStream decrypt(InputStream data, Object info) throws CryptoFailureException { |
102 | |
try |
103 | |
{ |
104 | 0 | return new ByteArrayInputStream(this.decrypt(IOUtils.toByteArray(data), info)); |
105 | |
} |
106 | 0 | catch (IOException e) |
107 | |
{ |
108 | 0 | throw new CryptoFailureException(this, e); |
109 | |
} |
110 | |
} |
111 | |
|
112 | |
public byte[] encrypt(byte[] data, Object info) throws CryptoFailureException |
113 | |
{ |
114 | |
try |
115 | |
{ |
116 | 0 | byte[] buf = encryptCipher.doFinal(data); |
117 | 0 | if (base64Encoding) |
118 | |
{ |
119 | 0 | return Base64.encodeBytes(buf).getBytes(); |
120 | |
} |
121 | |
else |
122 | |
{ |
123 | 0 | return buf; |
124 | |
} |
125 | |
} |
126 | 0 | catch (Exception e) |
127 | |
{ |
128 | 0 | throw new CryptoFailureException(this, e); |
129 | |
} |
130 | |
} |
131 | |
|
132 | |
public byte[] decrypt(byte[] data, Object info) throws CryptoFailureException |
133 | |
{ |
134 | |
try |
135 | |
{ |
136 | 0 | byte[] dec = data; |
137 | 0 | if (base64Encoding) |
138 | |
{ |
139 | 0 | dec = Base64.decode(new String(data)); |
140 | |
} |
141 | 0 | return decryptCipher.doFinal(dec); |
142 | |
} |
143 | 0 | catch (Exception e) |
144 | |
{ |
145 | 0 | throw new CryptoFailureException(this, e); |
146 | |
} |
147 | |
} |
148 | |
|
149 | |
public String getAlgorithm() |
150 | |
{ |
151 | 0 | return algorithm; |
152 | |
} |
153 | |
|
154 | |
public void setAlgorithm(String algorithm) |
155 | |
{ |
156 | 0 | this.algorithm = algorithm; |
157 | 0 | } |
158 | |
|
159 | |
public String toString() |
160 | |
{ |
161 | 0 | StringBuffer buf = new StringBuffer(); |
162 | 0 | buf.append("Algorithm=").append(algorithm); |
163 | 0 | return buf.toString(); |
164 | |
} |
165 | |
|
166 | |
public boolean isBase64Encoding() |
167 | |
{ |
168 | 0 | return base64Encoding; |
169 | |
} |
170 | |
|
171 | |
public void setBase64Encoding(boolean base64Encoding) |
172 | |
{ |
173 | 0 | this.base64Encoding = base64Encoding; |
174 | 0 | } |
175 | |
|
176 | |
protected abstract KeySpec createKeySpec(); |
177 | |
|
178 | |
protected abstract AlgorithmParameterSpec createAlgorithmParameterSpec(); |
179 | |
|
180 | |
} |