com.almende.util.EncryptionUtil.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.almende.util.EncryptionUtil.java

Introduction

Here is the source code for com.almende.util.EncryptionUtil.java

Source

/*
 * Copyright: Almende B.V. (2014), Rotterdam, The Netherlands
 * License: The Apache Software License, Version 2.0
 */
package com.almende.util;

import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;

import org.apache.commons.codec.binary.Base64;

/**
 * Utility to encrypt text/passwords
 * 
 * WARNING: NOT SAFE TO USE IN A PRODUCTION ENVIRONMENT!
 * Why? Well, currently the master password is put in the code...
 * 
 * Sources:
 * http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html#
 * PBEEx
 * http://stackoverflow.com/questions/1132567/encrypt-password-in-configuration-
 * files-java
 */
public final class EncryptionUtil {

    /**
     * Instantiates a new encryption util.
     */
    private EncryptionUtil() {
    };

    /**
     * master password:
     * FIXME: do not store the master password in the code
     */
    private static final char[] P = ("This is our secret master p......d, "
            + "which should definetely NOT be stored in the code!").toCharArray();

    private static final String ENC = "PBEWithMD5AndDES";

    /** salt */
    private static final byte[] S = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e, (byte) 0xc8,
            (byte) 0xee, (byte) 0x99 };

    /** Iteration count */
    private static final int C = 20;

    /**
     * Encrypt a string.
     * 
     * @param text
     *            the text
     * @return encryptedText
     * @throws InvalidKeyException
     *             the invalid key exception
     * @throws InvalidAlgorithmParameterException
     *             the invalid algorithm parameter exception
     * @throws NoSuchAlgorithmException
     *             the no such algorithm exception
     * @throws InvalidKeySpecException
     *             the invalid key spec exception
     * @throws NoSuchPaddingException
     *             the no such padding exception
     * @throws IllegalBlockSizeException
     *             the illegal block size exception
     * @throws BadPaddingException
     *             the bad padding exception
     * @throws UnsupportedEncodingException
     *             the unsupported encoding exception
     */
    public static String encrypt(final String text) throws InvalidKeyException, InvalidAlgorithmParameterException,
            NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, IllegalBlockSizeException,
            BadPaddingException, UnsupportedEncodingException {
        final PBEParameterSpec pbeParamSpec = new PBEParameterSpec(S, C);
        final PBEKeySpec pbeKeySpec = new PBEKeySpec(P);
        final SecretKeyFactory keyFac = SecretKeyFactory.getInstance(ENC);
        final SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);

        final Cipher pbeCipher = Cipher.getInstance(ENC);
        pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);

        final byte[] encryptedText = pbeCipher.doFinal(text.getBytes("UTF-8"));
        return Base64.encodeBase64String(encryptedText);
    }

    /**
     * Decrypt an encrypted string.
     * 
     * @param encryptedText
     *            the encrypted text
     * @return text
     * @throws InvalidKeyException
     *             the invalid key exception
     * @throws InvalidAlgorithmParameterException
     *             the invalid algorithm parameter exception
     * @throws NoSuchAlgorithmException
     *             the no such algorithm exception
     * @throws InvalidKeySpecException
     *             the invalid key spec exception
     * @throws NoSuchPaddingException
     *             the no such padding exception
     * @throws IllegalBlockSizeException
     *             the illegal block size exception
     * @throws BadPaddingException
     *             the bad padding exception
     * @throws UnsupportedEncodingException
     *             the unsupported encoding exception
     */
    public static String decrypt(final String encryptedText) throws InvalidKeyException,
            InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeySpecException,
            NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
        final PBEParameterSpec pbeParamSpec = new PBEParameterSpec(S, C);
        final PBEKeySpec pbeKeySpec = new PBEKeySpec(P);
        final SecretKeyFactory keyFac = SecretKeyFactory.getInstance(ENC);
        final SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);

        final Cipher pbeCipher = Cipher.getInstance(ENC);
        pbeCipher.init(Cipher.DECRYPT_MODE, pbeKey, pbeParamSpec);

        final byte[] text = pbeCipher.doFinal(Base64.decodeBase64(encryptedText));
        return new String(text, "UTF-8").intern();
    }
}