Java tutorial
/* * This file is part of AceQL. * AceQL: Remote JDBC access over HTTP. * Copyright (C) 2015, KawanSoft SAS * (http://www.kawansoft.com). All rights reserved. * * AceQL is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * AceQL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA * 02110-1301 USA * * Any modifications to this file must keep this entire header * intact. */ package org.kawanfw.sql.util.crypto; import java.util.Iterator; import java.util.Map; import java.util.Set; import javax.crypto.Cipher; import org.apache.commons.lang3.StringUtils; import org.kawanfw.commons.util.HtmlConverter; import org.kawanfw.commons.util.convert.Pbe; import org.kawanfw.sql.json.StatementHolder; /** * Class to encrypt/obsfucate a Statement Holder * * @author Nicolas de Pomereu */ public class StatementHolderCrypto { /** The statement holder to crypt/decrypt */ private StatementHolder statementHolder = null; /** The encryption password */ private char[] password = null; /** * Constructor * * @param statementHolder * the statement holder to crypt/decrypt * @param password * The encryption password */ public StatementHolderCrypto(StatementHolder statementHolder, char[] password) { this.statementHolder = statementHolder; this.password = password; } /** * Encrypt the StatementHolder * * @param encryptParameters * if true, encrypt the String parameters * @return the encrypted the StatementHolder * @throws Exception */ public StatementHolder encrypt(boolean encryptParameters) throws Exception { statementHolder.setParamatersEncrypted(encryptParameters); cipher(Cipher.ENCRYPT_MODE); return statementHolder; } /** * Decrypt the StatementHolder * * @return the decrypted StatementHolder * @throws Exception */ public StatementHolder decrypt() throws Exception { cipher(Cipher.DECRYPT_MODE); return statementHolder; } /** * Encrypt the StatementHolder * * @param mode * @throws Exception */ private void cipher(int mode) throws Exception { if (mode != Cipher.ENCRYPT_MODE && mode != Cipher.DECRYPT_MODE) { throw new IllegalArgumentException("Invalid Cipher Mode: " + mode); } String sqlOrder = this.statementHolder.getSqlOrder(); // do nothing on empty sql order if (sqlOrder == null || sqlOrder.isEmpty()) { return; } Pbe pbe = new Pbe(); if (mode == Cipher.ENCRYPT_MODE) { // Need to re-Html Convert sqlOrder sqlOrder = HtmlConverter.toHtml(sqlOrder); sqlOrder = pbe.encryptToHexa(sqlOrder, password); this.statementHolder.setSqlOrder(Pbe.KAWANFW_ENCRYPTED + sqlOrder); } else { if (sqlOrder.startsWith(Pbe.KAWANFW_ENCRYPTED)) { sqlOrder = StringUtils.substringAfter(sqlOrder, Pbe.KAWANFW_ENCRYPTED); sqlOrder = pbe.decryptFromHexa(sqlOrder, password); this.statementHolder.setSqlOrder(sqlOrder); } else { return; // do nothing if it was not encrypted at start } } if (statementHolder.isParamatersEncrypted()) { Map<Integer, String> parmValues = this.statementHolder.getParameterStringValues(); Set<Integer> keys = parmValues.keySet(); for (Iterator<Integer> iterator = keys.iterator(); iterator.hasNext();) { Integer key = iterator.next(); String value = parmValues.get(key); if (value != null) { if (mode == Cipher.ENCRYPT_MODE) { value = pbe.encryptToHexa(value, password); } else { value = pbe.decryptFromHexa(value, password); } // This will automatically refresh the inside value parmValues.put(key, value); } } } } }