Java tutorial
/* * This file is part of AceQL. * AceQL: Remote JDBC access over HTTP. * Copyright (C) 2015, KawanSoft SAS * (http://www.kawansoft.com). All rights reserved. * * AceQL is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * AceQL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA * 02110-1301 USA * * Any modifications to this file must keep this entire header * intact. */ package org.kawanfw.sql.util.crypto; import java.sql.SQLException; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; import javax.crypto.Cipher; import org.apache.commons.lang3.StringUtils; import org.kawanfw.commons.util.HtmlConverter; import org.kawanfw.commons.util.convert.Pbe; import org.kawanfw.sql.json.no_obfuscation.CallableStatementHolder; /** * @author Alexandre Becquereau */ public class CallableStatementHolderCrypto { /** The callable statement holder to crypt/decrypt */ private CallableStatementHolder callableStatementHolder = null; /** The encryption password */ private char[] password = null; /** * Constructor * * @param callableStatementHolder * the callable statement holder to crypt/decrypt * @param password * The encryption password */ public CallableStatementHolderCrypto(CallableStatementHolder callableStatementHolder, char[] password) { this.callableStatementHolder = callableStatementHolder; this.password = password; } /** * Encrypt the CallableStatementHolder * * @param encryptParameters * if true, encrypt the String parameters * @return the encrypted the CallableStatementHolder * @throws Exception */ public CallableStatementHolder encrypt(boolean encryptParameters) throws Exception { callableStatementHolder.setParamatersEncrypted(encryptParameters); cipher(Cipher.ENCRYPT_MODE); return callableStatementHolder; } /** * Decrypt the CallableStatementHolder * * @return the decrypted CallableStatementHolder * @throws Exception */ public CallableStatementHolder decrypt() throws Exception { cipher(Cipher.DECRYPT_MODE); return callableStatementHolder; } /** * Encrypt the CallableStatementHolder * * @param mode * @throws Exception */ private void cipher(int mode) throws Exception { if (mode != Cipher.ENCRYPT_MODE && mode != Cipher.DECRYPT_MODE) { throw new IllegalArgumentException("Invalid Cipher Mode: " + mode); } String sqlOrder = this.callableStatementHolder.getSqlOrder(); // do nothing on empty sql order if (sqlOrder == null || sqlOrder.isEmpty()) { return; } Pbe pbe = new Pbe(); if (mode == Cipher.ENCRYPT_MODE) { // Need to re-Html Convert sqlOrder sqlOrder = HtmlConverter.toHtml(sqlOrder); sqlOrder = pbe.encryptToHexa(sqlOrder, password); this.callableStatementHolder.setSqlOrder(Pbe.KAWANFW_ENCRYPTED + sqlOrder); } else { if (sqlOrder.startsWith(Pbe.KAWANFW_ENCRYPTED)) { sqlOrder = StringUtils.substringAfter(sqlOrder, Pbe.KAWANFW_ENCRYPTED); sqlOrder = pbe.decryptFromHexa(sqlOrder, password); this.callableStatementHolder.setSqlOrder(sqlOrder); } else { return; // do nothing if it was not encrypted at start } } if (callableStatementHolder.isParamatersEncrypted()) { Map<Integer, String> parmValues = this.callableStatementHolder.getParameterStringValues(); Set<Integer> keys = parmValues.keySet(); for (Iterator<Integer> iterator = keys.iterator(); iterator.hasNext();) { Integer key = iterator.next(); String value = parmValues.get(key); if (value != null) { if (mode == Cipher.ENCRYPT_MODE) { value = pbe.encryptToHexa(value, password); } else { value = pbe.decryptFromHexa(value, password); } // This will automatically refresh the inside value parmValues.put(key, value); } } } } /** * Decrypt a StatementHolder List * * @param statementHolderList * the StatementHolder List to decrypt * @param password * the decryption password * @throws SQLException */ public static void decrypt(List<CallableStatementHolder> statementHolderList, char[] password) throws SQLException { try { for (int i = 0; i < statementHolderList.size(); i++) { CallableStatementHolder statementHolder = statementHolderList.get(i); CallableStatementHolderCrypto statementHolderCrypto = new CallableStatementHolderCrypto( statementHolder, password); statementHolder = statementHolderCrypto.decrypt(); } } catch (Exception e) { throw new SQLException(e); } } }