View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.security;
8   
9   import org.mule.api.lifecycle.InitialisationException;
10  import org.mule.config.i18n.CoreMessages;
11  
12  import java.security.GeneralSecurityException;
13  import java.security.spec.AlgorithmParameterSpec;
14  import java.security.spec.KeySpec;
15  
16  import javax.crypto.SecretKey;
17  import javax.crypto.SecretKeyFactory;
18  import javax.crypto.spec.PBEKeySpec;
19  import javax.crypto.spec.PBEParameterSpec;
20  
21  /**
22   * Provides password-based encryption using JCE. Users must specify a password and
23   * optionally a salt and iteration count as well. The default algorithm is
24   * PBEWithMD5AndDES, but users can specify any valid algorithm supported by JCE.
25   */
26  public class PasswordBasedEncryptionStrategy extends AbstractJCEEncryptionStrategy
27  {
28  
29      public static final String DEFAULT_ALGORITHM = "PBEWithMD5AndDES";
30      public static final int DEFAULT_ITERATION_COUNT = 20;
31  
32      private byte[] salt = null;
33  
34      private int iterationCount = DEFAULT_ITERATION_COUNT;
35  
36      private char[] password;
37  
38      public PasswordBasedEncryptionStrategy()
39      {
40          algorithm = DEFAULT_ALGORITHM;
41      }
42  
43      public void initialise() throws InitialisationException
44      {
45          if (salt == null)
46          {
47              salt = new byte[]{(byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8,
48                  (byte) 0xee, (byte) 0x99};
49              logger.debug("Salt is not set. Using default salt");
50          }
51  
52          if (password == null)
53          {
54              throw new InitialisationException(CoreMessages.objectIsNull("Password"), this);
55          }
56          super.initialise();
57      }
58  
59      protected KeySpec createKeySpec()
60      {
61          return new PBEKeySpec(password);
62      }
63  
64      protected AlgorithmParameterSpec createAlgorithmParameterSpec()
65      {
66          return new PBEParameterSpec(salt, iterationCount);
67      }
68  
69      public byte[] getSalt()
70      {
71          return salt;
72      }
73  
74      public void setSalt(byte[] salt)
75      {
76          this.salt = salt;
77      }
78  
79      public int getIterationCount()
80      {
81          return iterationCount;
82      }
83  
84      public void setIterationCount(int iterationCount)
85      {
86          this.iterationCount = iterationCount;
87      }
88  
89      public void setPassword(String password)
90      {
91          this.password = password.toCharArray();
92      }
93  
94      protected SecretKey getSecretKey() throws GeneralSecurityException
95      {
96          SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(getAlgorithm());
97          return keyFactory.generateSecret(keySpec);
98      }
99  }