/** * Creates the symmetric key instance. * * @param descriptor the descriptor of the property whose value is to be * secured. * @return the symmetric key instance ready to be used. * @throws SecurityException on any problem creating the symmetric key * instance. */ protected SecretKey createKey(final PropertyDescriptor descriptor) throws SecurityException { final String key = System.getProperty(SECURITY_KEY); final String encryptAlgorithm = System.getProperty(SECURITY_ALGORITHM); try { final byte[] decodedKey = Base64.decodeBase64(key); final SecretKeySpec secretKey = new SecretKeySpec(decodedKey, encryptAlgorithm); return secretKey; } catch (final Exception e) { throw new SecurityException(new PropertyDescriptorMessageBean( SecurityCode.KEY_GENERATION_FAILED, e, descriptor)); } }
/** * Creates the cipher instance. * * @param descriptor the descriptor of the property whose value is to be * secured. * @return the cipher instance ready to be used. * @throws SecurityException on any problem creating the cipher instance. */ protected Cipher createCipher(final PropertyDescriptor descriptor) throws SecurityException { final String transformation = System.getProperty(SECURITY_TRANSFORMATION); final String provider = System.getProperty(SECURITY_PROVIDER); try { if (StringUtils.isNotEmpty(provider)) { return Cipher.getInstance(transformation, provider); } else { return Cipher.getInstance(transformation); } } catch (final Exception e) { throw new SecurityException(new PropertyDescriptorMessageBean( SecurityCode.CIPHER_GENERATION_FAILED, e, descriptor)); } }
/** * Decrypts the given property value. * * @param descriptor the descriptor of the property. * @param encryptedValue the encrypted value of the property to be decrypted. * @param key the key used for decryption. * @param cipher the cipher instance for decryption. * @return the decrypted value. * @throws NullPointerException may be thrown if {@code descriptor} is * <code>null</code>. * @throws SecurityException if the value cannot be decrypted. */ protected String decrypt(final PropertyDescriptor descriptor, final String encryptedValue, final SecretKey key, final Cipher cipher) throws NullPointerException, SecurityException { try { cipher.init(Cipher.DECRYPT_MODE, key); final byte[] decodedBytes = decodePropertyValue(encryptedValue); final byte[] decryptedBytes = cipher.doFinal(decodedBytes); final String plainValue = new String(decryptedBytes, "UTF-8"); return plainValue; } catch (final Exception e) { throw new SecurityException(new PropertyDescriptorMessageBean( SecurityCode.DECRYPTION_FAILED, e, descriptor)); } }
/** * Encrypts the given property value. * * @param descriptor the descriptor of the property. * @param plainValue the plain value of the property to be encrypted. * @param key the key used for encryption. * @param cipher the cipher instance for encryption. * @return the encrypted value. * @throws NullPointerException may be thrown if {@code descriptor} is * <code>null</code>. * @throws SecurityException if the value cannot be encrypted. */ protected String encrypt(final PropertyDescriptor descriptor, final String plainValue, final SecretKey key, final Cipher cipher) throws NullPointerException, SecurityException { try { cipher.init(Cipher.ENCRYPT_MODE, key); final byte[] bytes = plainValue.getBytes("UTF-8"); final byte[] encryptedBytes = cipher.doFinal(bytes); final String encryptedValue = encodePropertyValue(encryptedBytes); return encryptedValue; } catch (final Exception e) { throw new SecurityException(new PropertyDescriptorMessageBean( SecurityCode.ENCRYPTION_FAILED, e, descriptor)); } }