Java tutorial
/* * #%L * Wisdom-Framework * %% * Copyright (C) 2013 - 2014 Wisdom Framework * %% * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * #L% */ package org.wisdom.crypto; import com.google.common.base.Charsets; import com.google.common.base.Preconditions; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Hex; import org.apache.felix.ipojo.annotations.Component; import org.apache.felix.ipojo.annotations.Instantiate; import org.apache.felix.ipojo.annotations.Provides; import org.apache.felix.ipojo.annotations.Requires; import org.wisdom.api.configuration.ApplicationConfiguration; import org.wisdom.api.crypto.Crypto; import org.wisdom.api.crypto.Hash; import javax.crypto.*; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; import java.nio.charset.Charset; import java.security.*; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; /** * An implementation of the crypto service. * <p> * This implementation can be configured from the `conf/application.conf` file: * <ul> * <li><code>crypto.default-hash</code>: the default Hash algorithm among SHA1, SHA-256, SHA-512 and MD5 (default).</li> * <li><code>crypto-aes.key-size</code>: the key size used in AES with CBC methods. 128 is used by default. Be aware * the 256+ keys require runtime adaption because of legal limitations (see unlimited crypto package JCE)</li> * <li><code>crypto.aes.iterations</code>: the number of iterations used to generate the key (20 by default)</li> * </ul> */ @Component @Provides @Instantiate(name = "crypto") public class CryptoServiceSingleton implements Crypto { public static final String AES_ECB_ALGORITHM = "AES"; private static final Charset UTF_8 = Charsets.UTF_8; public static final String HMAC_SHA_1 = "HmacSHA1"; public static final String PBKDF_2_WITH_HMAC_SHA_1 = "PBKDF2WithHmacSHA1"; private final String transformation; private final int keySize; private final int iterationCount; private final Hash defaultHash; private final String secret; private final SecureRandom random = new SecureRandom(); @SuppressWarnings("UnusedDeclaration") public CryptoServiceSingleton(@Requires ApplicationConfiguration configuration) { this(configuration.getOrDie(ApplicationConfiguration.APPLICATION_SECRET), Hash.valueOf(configuration.getWithDefault("crypto.default-hash", "MD5")), configuration.getIntegerWithDefault("crypto.aes.key-size", 128), configuration.getWithDefault("crypto.aes.transformation", AES_CBC_ALGORITHM), configuration.getIntegerWithDefault("crypto.aes.iterations", 20)); } public CryptoServiceSingleton(String secret, Hash defaultHash, Integer keySize, String transformation, Integer iterationCount) { this.secret = secret; this.defaultHash = defaultHash; this.keySize = keySize; this.iterationCount = iterationCount; this.transformation = transformation; } /** * Generate the AES key from the salt and the private key. * * @param salt the salt (hexadecimal) * @param privateKey the private key * @return the generated key. */ private SecretKey generateAESKey(String privateKey, String salt) { try { byte[] raw = decodeHex(salt); KeySpec spec = new PBEKeySpec(privateKey.toCharArray(), raw, iterationCount, keySize); SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_2_WITH_HMAC_SHA_1); return new SecretKeySpec(factory.generateSecret(spec).getEncoded(), AES_ECB_ALGORITHM); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw new IllegalStateException(e); } } /** * Encrypt a String with the AES encryption advanced using 'AES/CBC/PKCS5Padding'. Unlike the regular * encode/decode AES method using ECB (Electronic Codebook), it uses Cipher-block chaining (CBC). The salt must be * valid hexadecimal String. This method uses parts of the application secret as private key and initialization * vector. * * @param value The message to encrypt * @param salt The salt (hexadecimal String) * @return encrypted String encoded using Base64 */ @Override public String encryptAESWithCBC(String value, String salt) { return encryptAESWithCBC(value, getSecretPrefix(), salt, getDefaultIV()); } /** * Encrypt a String with the AES encryption advanced using 'AES/CBC/PKCS5Padding'. Unlike the regular * encode/decode AES method using ECB (Electronic Codebook), it uses Cipher-block chaining (CBC). The private key * must have a length of 16 bytes, the salt and initialization vector must be valid hex Strings. * * @param value The message to encrypt * @param privateKey The private key * @param salt The salt (hexadecimal String) * @param iv The initialization vector (hexadecimal String) * @return encrypted String encoded using Base64 */ @Override public String encryptAESWithCBC(String value, String privateKey, String salt, String iv) { SecretKey genKey = generateAESKey(privateKey, salt); byte[] encrypted = doFinal(Cipher.ENCRYPT_MODE, genKey, iv, value.getBytes(UTF_8)); return encodeBase64(encrypted); } /** * Decrypt a String with the AES encryption advanced using 'AES/CBC/PKCS5Padding'. Unlike the regular * encode/decode AES method using ECB (Electronic Codebook), it uses Cipher-block chaining (CBC). The salt and * initialization vector must be valid hex Strings. This method use parts of the application secret as private * key and the default initialization vector. * * @param value An encrypted String encoded using Base64. * @param salt The salt (hexadecimal String) * @return The decrypted String */ @Override public String decryptAESWithCBC(String value, String salt) { return decryptAESWithCBC(value, getSecretPrefix(), salt, getDefaultIV()); } /** * Decrypt a String with the AES encryption advanced using 'AES/CBC/PKCS5Padding'. Unlike the regular * encode/decode AES method using ECB (Electronic Codebook), it uses Cipher-block chaining (CBC). The private key * must have a length of 16 bytes, the salt and initialization vector must be valid hexadecimal Strings. * * @param value An encrypted String encoded using Base64. * @param privateKey The private key * @param salt The salt (hexadecimal String) * @param iv The initialization vector (hexadecimal String) * @return The decrypted String */ @Override public String decryptAESWithCBC(String value, String privateKey, String salt, String iv) { SecretKey key = generateAESKey(privateKey, salt); byte[] decrypted = doFinal(Cipher.DECRYPT_MODE, key, iv, decodeBase64(value)); return new String(decrypted, UTF_8); } /** * Utility method encrypting/decrypting the given message. * The sense of the operation is specified using the `encryptMode` parameter. * * @param encryptMode encrypt or decrypt mode ({@link javax.crypto.Cipher#DECRYPT_MODE} or * {@link javax.crypto.Cipher#ENCRYPT_MODE}). * @param generatedKey the generated key * @param vector the initialization vector * @param message the plain/cipher text to encrypt/decrypt * @return the encrypted or decrypted message */ private byte[] doFinal(int encryptMode, SecretKey generatedKey, String vector, byte[] message) { try { byte[] raw = decodeHex(vector); Cipher cipher = Cipher.getInstance(transformation); cipher.init(encryptMode, generatedKey, new IvParameterSpec(raw)); return cipher.doFinal(message); } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException e) { throw new IllegalStateException(e); } } /** * Sign a message using the application secret key (HMAC-SHA1). */ @Override public String sign(String message) { return sign(message, secret.getBytes(Charsets.UTF_8)); } /** * Sign a message with a key. * * @param message The message to sign * @param key The key to use * @return The signed message (in hexadecimal) */ @Override public String sign(String message, byte[] key) { Preconditions.checkNotNull(message); Preconditions.checkNotNull(key); try { // Get an hmac_sha1 key from the raw key bytes SecretKeySpec signingKey = new SecretKeySpec(key, HMAC_SHA_1); // Get an hmac_sha1 Mac instance and initialize with the signing key Mac mac = Mac.getInstance(HMAC_SHA_1); mac.init(signingKey); // Compute the hmac on input data bytes byte[] rawHmac = mac.doFinal(message.getBytes(Charsets.UTF_8)); // Convert raw bytes to Hex return hexToString(rawHmac); } catch (Exception e) { throw new IllegalArgumentException(e); } } /** * Create a hash using the default hashing algorithm. * * @param input The password * @return The password hash */ @Override public String hash(String input) { return hash(input, defaultHash); } /** * Create a hash using specific hashing algorithm. * * @param input The password * @param hashType The hashing algorithm * @return The password hash */ @Override public String hash(String input, Hash hashType) { Preconditions.checkNotNull(input); Preconditions.checkNotNull(hashType); try { MessageDigest m = MessageDigest.getInstance(hashType.toString()); byte[] out = m.digest(input.getBytes(Charsets.UTF_8)); return encodeBase64(out); } catch (NoSuchAlgorithmException e) { throw new IllegalArgumentException(e); } } /** * Encrypt a String with the AES standard encryption (using the ECB mode) using the default secret (the * application secret). * * @param value The String to encrypt * @return An hexadecimal encrypted string */ @Override public String encryptAES(String value) { return encryptAES(value, getSecretPrefix()); } /** * Encrypt a String with the AES standard encryption (using the ECB mode). Private key must have a length of 16 bytes. * * @param value The String to encrypt * @param privateKey The key used to encrypt * @return An hexadecimal encrypted string */ @Override public String encryptAES(String value, String privateKey) { try { byte[] raw = privateKey.getBytes(UTF_8); SecretKeySpec skeySpec = new SecretKeySpec(raw, AES_ECB_ALGORITHM); Cipher cipher = Cipher.getInstance(AES_ECB_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); return hexToString(cipher.doFinal(value.getBytes(Charsets.UTF_8))); } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) { throw new IllegalStateException(e); } } /** * Decrypt a String with the standard AES encryption (using the ECB mode) using the default secret (the * application secret). * * @param value An hexadecimal encrypted string * @return The decrypted String */ @Override public String decryptAES(String value) { return decryptAES(value, getSecretPrefix()); } /** * Decrypt a String with the standard AES encryption (using the ECB mode). Private key must have a length of 16 * bytes. * * @param value An hexadecimal encrypted string * @param privateKey The key used to encrypt * @return The decrypted String */ @Override public String decryptAES(String value, String privateKey) { try { byte[] raw = privateKey.getBytes(UTF_8); SecretKeySpec skeySpec = new SecretKeySpec(raw, AES_ECB_ALGORITHM); Cipher cipher = Cipher.getInstance(AES_ECB_ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, skeySpec); return new String(cipher.doFinal(decodeHex(value)), Charsets.UTF_8); } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) { throw new IllegalStateException(e); } } /** * Gets the 16 first characters of the application secret. * * @return the secret prefix. */ private String getSecretPrefix() { return secret.substring(0, 16); } /** * Gets a segment of the application secret of 16 characters and encoded them in hexadecimal. The segment * contains from the 16th to the 32th characters from the application secret (16 characters). The extracted * segment is encoded in hexadecimal * * @return the default initialization vector. */ private String getDefaultIV() { return String.valueOf(hex(secret.substring(16, 32).getBytes(Charsets.UTF_8))); } /** * Sign a token. This produces a new token, that has this token signed with a nonce. * <p> * This primarily exists to defeat the BREACH vulnerability, as it allows the token to effectively be random per * request, without actually changing the value. * * @param token The token to sign * @return The signed token */ @Override public String signToken(String token) { long nonce = System.currentTimeMillis(); String joined = nonce + "-" + token; return sign(joined) + "-" + joined; } /** * Extract a signed token that was signed by {@link #signToken(String)}. * * @param token The signed token to extract. * @return The verified raw token, or null if the token isn't valid. */ @Override public String extractSignedToken(String token) { String[] chunks = token.split("-", 3); if (chunks.length != 3) { // Invalid format return null; } String signature = chunks[0]; String nonce = chunks[1]; String raw = chunks[2]; if (constantTimeEquals(signature, sign(nonce + "-" + raw))) { return raw; } else { return null; } } /** * Constant time equals method. * <p> * Given a length that both Strings are equal to, this method will always run in constant time. * This prevents timing attacks. */ public boolean constantTimeEquals(String a, String b) { if (a.length() != b.length()) { return false; } else { int equal = 0; for (int i = 0; i < a.length(); i++) { equal = equal | a.charAt(i) ^ b.charAt(i); } return equal == 0; } } /** * Encode binary data to base64. * * @param value The binary data * @return The base64 encoded String */ @Override public String encodeBase64(byte[] value) { return new String(Base64.encodeBase64(value), Charsets.UTF_8); } /** * Decode a base64 value. * * @param value The base64 encoded String * @return decoded binary data */ @Override public byte[] decodeBase64(String value) { return Base64.decodeBase64(value.getBytes(UTF_8)); } /** * Build an hexadecimal MD5 hash for a String. * * @param value The String to hash * @return An hexadecimal Hash */ @Override public String hexMD5(String value) { return String.valueOf(Hex.encodeHex(md5(value))); } /** * Build an hexadecimal SHA1 hash for a String. * * @param value The String to hash * @return An hexadecimal Hash */ @Override public String hexSHA1(String value) { return String.valueOf(Hex.encodeHex(sha1(value))); } /** * Generates a cryptographically secure token. * * @return the token */ @Override public String generateToken() { byte[] bytes = new byte[12]; random.nextBytes(bytes); return hexToString(bytes); } /** * Generates a signed token. * * @return the token */ @Override public String generateSignedToken() { return signToken(generateToken()); } /** * Compares two signed tokens. * * @param tokenA the first token * @param tokenB the second token * @return {@code true} if the tokens are equals, {@code false} otherwise */ @Override public boolean compareSignedTokens(String tokenA, String tokenB) { String a = extractSignedToken(tokenA); String b = extractSignedToken(tokenB); return a != null && b != null && constantTimeEquals(a, b); } /** * Computes the MD5 hash of the given String. * * @param toHash the string to hash * @return the MD5 hash */ @Override public byte[] md5(String toHash) { try { MessageDigest messageDigest = MessageDigest.getInstance(Hash.MD5.toString()); messageDigest.reset(); messageDigest.update(toHash.getBytes(UTF_8)); return messageDigest.digest(); } catch (NoSuchAlgorithmException e) { // Should not happen as every JVM must support D5, SHA-1 and SHA-256. throw new RuntimeException(e); } } /** * Computes the SHA1 hash of the given String. * * @param toHash the string to hash * @return the SHA1 hash */ @Override public byte[] sha1(String toHash) { try { MessageDigest messageDigest = MessageDigest.getInstance(Hash.SHA1.toString()); messageDigest.reset(); messageDigest.update(toHash.getBytes(UTF_8)); return messageDigest.digest(); } catch (NoSuchAlgorithmException e) { // Should not happen as every JVM must support D5, SHA-1 and SHA-256. throw new RuntimeException(e); } } /** * Converts an array of bytes into an array of characters representing the hexadecimal values of each byte in order. * <p> * This method is just there to avoid consumers using commons-codec directly. * * @param bytes the bytes * @return the hexadecimal characters. */ @Override public char[] hex(byte[] bytes) { return Hex.encodeHex(bytes); } /** * Converts an array of bytes into a String representing the hexadecimal values of each byte in order. * <p> * This method is just there to avoid consumers using commons-codec directly. * * @param bytes the bytes * @return the hexadecimal String */ @Override public String hexToString(byte[] bytes) { return Hex.encodeHexString(bytes); } /** * Converts an array of characters representing hexadecimal values into an array of bytes of those same values. The * returned array will be half the length of the passed array, as it takes two characters to represent any given * byte. An exception is thrown if the passed char array has an odd number of elements. * * @param value An array of characters containing hexadecimal digits * @return A byte array containing binary data decoded from the supplied char array. * @throws java.lang.IllegalArgumentException Thrown if an odd number or illegal of characters is supplied */ @Override public byte[] decodeHex(String value) { try { return Hex.decodeHex(value.toCharArray()); } catch (DecoderException e) { throw new IllegalArgumentException(e); } } }