Java tutorial
/* * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * Contributors: * jcarsique */ package org.nuxeo.common.codec; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.nio.ByteBuffer; import java.nio.CharBuffer; import java.nio.charset.Charset; import java.security.GeneralSecurityException; import java.security.InvalidKeyException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.Security; import java.security.KeyStore.PasswordProtection; import java.util.Arrays; import java.util.HashMap; import java.util.Map; import java.util.regex.Matcher; import java.util.regex.Pattern; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * Supported algorithms (name, keysize): * <ul> * <li>AES/ECB/PKCS5Padding (128)</li> * <li>DES/ECB/PKCS5Padding (64)</li> * <ul/> * * @since 7.4 */ public class Crypto { protected static final Pattern CRYPTO_PATTERN = Pattern.compile("\\{\\$(?<algo>.*)\\$(?<value>.+)\\}"); private static final Log log = LogFactory.getLog(Crypto.class); public static final String AES = "AES"; public static final String AES_ECB_PKCS5PADDING = "AES/ECB/PKCS5Padding"; public static final String DES = "DES"; public static final String DES_ECB_PKCS5PADDING = "DES/ECB/PKCS5Padding"; public static final String[] IMPLEMENTED_ALGOS = { AES, DES, AES_ECB_PKCS5PADDING, DES_ECB_PKCS5PADDING }; public static final String DEFAULT_ALGO = AES_ECB_PKCS5PADDING; private static final String SHA1 = "SHA-1"; private final byte[] secretKey; private final Map<String, SecretKey> secretKeys = new HashMap<>(); private boolean initialized = true; private final byte[] digest; /** * @param secretKey */ public Crypto(byte[] secretKey) { this.secretKey = secretKey; digest = getSHA1DigestOrEmpty(secretKey); if (digest.length == 0) { clear(); } } /** * Initialize cryptography with a map of {@link SecretKey}. * * @param secretKeys Map of {@code SecretKey} per algorithm */ public Crypto(Map<String, SecretKey> secretKeys) { this(secretKeys, Crypto.class.getName().toCharArray()); } /** * Initialize cryptography with a map of {@link SecretKey}. * * @param digest Digest for later use by {@link #verifyKey(byte[])} * @param secretKeys Map of {@code SecretKey} per algorithm */ public Crypto(Map<String, SecretKey> secretKeys, char[] digest) { secretKey = new byte[0]; this.digest = getSHA1DigestOrEmpty(getBytes(digest)); this.secretKeys.putAll(secretKeys); if (this.digest.length == 0) { clear(); } } /** * Initialize cryptography with a keystore. * * @param keystorePath Path to the keystore. * @param keystorePass Keystore password. It is also used to generate the digest for {@link #verifyKey(byte[])} * @param keyAlias Key alias prefix. It is suffixed with the algorithm. * @param keyPass Key password * @throws IOException * @throws GeneralSecurityException */ public Crypto(String keystorePath, char[] keystorePass, String keyAlias, char[] keyPass) throws GeneralSecurityException, IOException { this(Crypto.getKeysFromKeyStore(keystorePath, keystorePass, keyAlias, keyPass), keystorePass); } private final static class NO_OP extends Crypto { private NO_OP() { super(new byte[0]); } @Override public String encrypt(String algorithm, byte[] bytesToEncrypt) throws GeneralSecurityException { return null; } @Override public byte[] decrypt(String strToDecrypt) { return strToDecrypt.getBytes(); } @Override public void clear() { // NO OP } }; public static final Crypto NO_OP = new NO_OP(); protected SecretKey getSecretKey(String algorithm, byte[] key) throws NoSuchAlgorithmException { if (!initialized) { throw new RuntimeException("The Crypto object has been cleared."); } if (AES_ECB_PKCS5PADDING.equals(algorithm)) { algorithm = AES; // AES_ECB_PKCS5PADDING is the default for AES } else if (DES_ECB_PKCS5PADDING.equals(algorithm)) { algorithm = DES; // DES_ECB_PKCS5PADDING is the default for DES } if (!secretKeys.containsKey(algorithm)) { if (secretKey.length == 0) { throw new NoSuchAlgorithmException("Unsupported algorithm: " + algorithm); } if (AES.equals(algorithm)) { // default for AES key = Arrays.copyOf(getSHA1Digest(key), 16); // use a 128 bits secret key secretKeys.put(AES, new SecretKeySpec(key, AES)); } else if (DES.equals(algorithm)) { // default for DES key = Arrays.copyOf(getSHA1Digest(key), 8); // use a 64 bits secret key secretKeys.put(DES, new SecretKeySpec(key, DES)); } else { throw new NoSuchAlgorithmException("Unsupported algorithm: " + algorithm); } } return secretKeys.get(algorithm); } public byte[] getSHA1Digest(final byte[] key) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance(SHA1); return sha.digest(key); } public byte[] getSHA1DigestOrEmpty(final byte[] bytes) { byte[] aDigest = new byte[0]; try { aDigest = getSHA1Digest(bytes); } catch (NoSuchAlgorithmException e) { log.error(e); } return aDigest; } /** * @param bytesToEncrypt * @throws GeneralSecurityException */ public String encrypt(byte[] bytesToEncrypt) throws GeneralSecurityException { return encrypt(null, bytesToEncrypt); } /** * @param algorithm cipher transformation of the form "algorithm/mode/padding" or "algorithm". See the Cipher * section in the <a * href=http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#Cipher>Java * Cryptography Architecture Standard Algorithm Name Documentation</a>. * @param bytesToEncrypt * @throws NoSuchPaddingException if {@code algorithm} contains a padding scheme that is not available. * @throws NoSuchAlgorithmException if {@code algorithm} is in an invalid or not supported format. * @throws GeneralSecurityException */ public String encrypt(String algorithm, byte[] bytesToEncrypt) throws GeneralSecurityException { final String encryptedAlgo; if (StringUtils.isBlank(algorithm)) { algorithm = DEFAULT_ALGO; encryptedAlgo = ""; } else { encryptedAlgo = Base64.encodeBase64String(algorithm.getBytes()); } Cipher cipher = Cipher.getInstance(algorithm); cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(algorithm, secretKey)); final String encryptedString = Base64.encodeBase64String(cipher.doFinal(bytesToEncrypt)); return String.format("{$%s$%s}", encryptedAlgo, encryptedString); } /** * The method returns either the decrypted {@code strToDecrypt}, either the {@code strToDecrypt} itself if it is not * recognized as a crypted string or if the decryption fails. The return value is a byte array for security purpose, * it is your responsibility to convert it then to a String or not (use of {@code char[]} is recommended). * * @param strToDecrypt * @return the decrypted {@code strToDecrypt} as an array of bytes, never {@code null} * @see #getChars(byte[]) */ public byte[] decrypt(String strToDecrypt) { Matcher matcher = CRYPTO_PATTERN.matcher(strToDecrypt); if (!matcher.matches()) { return strToDecrypt.getBytes(); } Cipher decipher; try { String algorithm = new String(Base64.decodeBase64(matcher.group("algo"))); if (StringUtils.isBlank(algorithm)) { algorithm = DEFAULT_ALGO; } decipher = Cipher.getInstance(algorithm); decipher.init(Cipher.DECRYPT_MODE, getSecretKey(algorithm, secretKey)); final byte[] decryptedString = decipher.doFinal(Base64.decodeBase64(matcher.group("value"))); return decryptedString; } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { log.trace("Available algorithms: " + Security.getAlgorithms("Cipher")); log.trace("Available security providers: " + Arrays.asList(Security.getProviders())); log.debug(e, e); } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException e) { log.debug(e, e); } return strToDecrypt.getBytes(); } /** * Clear sensible values. That makes the current object unusable. */ public void clear() { Arrays.fill(secretKey, (byte) 0); Arrays.fill(digest, (byte) 0); secretKeys.clear(); initialized = false; } @Override protected void finalize() throws Throwable { clear(); super.finalize(); } /** * Test the given {@code candidateDigest} against the configured digest. In case of failure, the secret data is * destroyed and the object is made unusable.<br> * Use that method to check if some code is allowed to request that Crypto object. * * @param candidateDigest * @return true if {@code candidateDigest} matches the one used on creation. * @see #clear() * @see #verifyKey(char[]) */ public boolean verifyKey(byte[] candidateDigest) { boolean success = Arrays.equals(getSHA1DigestOrEmpty(candidateDigest), digest); if (!success) { clear(); } return success; } /** * Test the given {@code candidateDigest} against the configured digest. In case of failure, the secret data is * destroyed and the object is made unusable.<br> * Use that method to check if some code is allowed to request that Crypto object. * * @param candidateDigest * @return true if {@code candidateDigest} matches the one used on creation. * @see #clear() * @see #verifyKey(byte[]) */ public boolean verifyKey(char[] candidateDigest) { return verifyKey(getBytes(candidateDigest)); } /** * Utility method to get {@code byte[]} from {@code char[]} since it is recommended to store passwords in * {@code char[]} rather than in {@code String}.<br> * The default charset of this Java virtual machine is used. There can be conversion issue with unmappable * characters: they will be replaced with the charset's default replacement string. * * @param chars char array to convert * @return the byte array converted from {@code chars} using the default charset. */ public static byte[] getBytes(char[] chars) { CharBuffer charBuffer = CharBuffer.wrap(chars); ByteBuffer byteBuffer = Charset.defaultCharset().encode(charBuffer); return Arrays.copyOfRange(byteBuffer.array(), 0, byteBuffer.limit()); } /** * Utility method to get {@code char[]} from {@code bytes[]} since it is recommended to store passwords in * {@code char[]} rather than in {@code String}.<br> * The default charset of this Java virtual machine is used. There can be conversion issue with unmappable * characters: they will be replaced with the charset's default replacement string. * * @param bytes byte array to convert * @return the char array converted from {@code bytes} using the default charset. */ public static char[] getChars(byte[] bytes) { ByteBuffer byteBuffer = ByteBuffer.wrap(bytes); CharBuffer charBuffer = Charset.defaultCharset().decode(byteBuffer); return Arrays.copyOfRange(charBuffer.array(), 0, charBuffer.limit()); } /** * @param value * @return true if the given {@code value} is encrypted */ public static boolean isEncrypted(String value) { return value != null && CRYPTO_PATTERN.matcher(value).matches(); } /** * Extract secret keys from a keystore looking for {@code keyAlias + algorithm} * * @param keystorePath Path to the keystore * @param keystorePass Keystore password * @param keyAlias Key alias prefix. It is suffixed with the algorithm. * @param keyPass Key password * @throws GeneralSecurityException * @throws IOException * @see #IMPLEMENTED_ALGOS */ public static Map<String, SecretKey> getKeysFromKeyStore(String keystorePath, char[] keystorePass, String keyAlias, char[] keyPass) throws GeneralSecurityException, IOException { KeyStore keystore = KeyStore.getInstance("JCEKS"); try (InputStream keystoreStream = new FileInputStream(keystorePath)) { keystore.load(keystoreStream, keystorePass); } Map<String, SecretKey> secretKeys = new HashMap<>(); for (String algo : IMPLEMENTED_ALGOS) { if (keystore.containsAlias(keyAlias + algo)) { SecretKey key = (SecretKey) keystore.getKey(keyAlias + algo, keyPass); secretKeys.put(algo, key); } } if (secretKeys.isEmpty()) { throw new KeyStoreException(String.format("No alias \"%s<algo>\" found in %s", keyAlias, keystorePath)); } return secretKeys; } /** * Store a key in a keystore.<br> * The keystore is created if it doesn't exist. * * @param keystorePath Path to the keystore * @param keystorePass Keystore password * @param keyAlias Key alias prefix. It must be suffixed with the algorithm ({@link SecretKey#getAlgorithm()} is * fine). * @param keyPass Key password * @param key * @throws GeneralSecurityException * @throws IOException * @see #IMPLEMENTED_ALGOS */ public static void setKeyInKeyStore(String keystorePath, char[] keystorePass, String keyAlias, char[] keyPass, SecretKey key) throws GeneralSecurityException, IOException { KeyStore keystore = KeyStore.getInstance("JCEKS"); if (!new File(keystorePath).exists()) { log.info("Creating a new JCEKS keystore at " + keystorePath); keystore.load(null); } else { try (InputStream keystoreStream = new FileInputStream(keystorePath)) { keystore.load(keystoreStream, keystorePass); } } KeyStore.SecretKeyEntry keyStoreEntry = new KeyStore.SecretKeyEntry(key); PasswordProtection keyPassword = new PasswordProtection(keyPass); keystore.setEntry(keyAlias, keyStoreEntry, keyPassword); try (OutputStream keystoreStream = new FileOutputStream(keystorePath)) { keystore.store(keystoreStream, keystorePass); } } }