001: /*
002: * $Id: AbstractJCEEncryptionStrategy.java 10808 2008-02-14 20:36:57Z acooke $
003: * --------------------------------------------------------------------------------------
004: * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
005: *
006: * The software in this package is published under the terms of the CPAL v1.0
007: * license, a copy of which has been included with this distribution in the
008: * LICENSE.txt file.
009: */
010:
011: package org.mule.security;
012:
013: import org.mule.api.lifecycle.InitialisationException;
014: import org.mule.api.lifecycle.LifecycleTransitionResult;
015: import org.mule.api.security.CryptoFailureException;
016: import org.mule.config.i18n.CoreMessages;
017: import org.mule.util.Base64;
018:
019: import java.security.GeneralSecurityException;
020: import java.security.spec.AlgorithmParameterSpec;
021: import java.security.spec.KeySpec;
022:
023: import javax.crypto.Cipher;
024: import javax.crypto.SecretKey;
025:
026: import org.apache.commons.logging.Log;
027: import org.apache.commons.logging.LogFactory;
028:
029: /**
030: * A JCE based encryption strategy. It also provides base64 encoding of
031: * encrypted/decrypted data by setting the base64encoding attribute.
032: */
033: public abstract class AbstractJCEEncryptionStrategy extends
034: AbstractNamedEncryptionStrategy {
035: /**
036: * logger used by this class
037: */
038: protected transient Log logger = LogFactory.getLog(getClass());
039:
040: protected KeySpec keySpec;
041: protected SecretKey secretKey;
042: protected Cipher encryptCipher;
043: protected Cipher decryptCipher;
044:
045: protected String algorithm = null;
046:
047: protected boolean base64Encoding = true;
048:
049: public LifecycleTransitionResult initialise()
050: throws InitialisationException {
051: if (algorithm == null) {
052: throw new InitialisationException(CoreMessages
053: .objectIsNull("Algorithm"), this );
054: } else {
055: logger.debug("Using encryption algorithm: " + algorithm);
056: }
057:
058: keySpec = createKeySpec();
059:
060: try {
061: secretKey = getSecretKey();
062: // Create Ciphers
063: encryptCipher = Cipher.getInstance(getAlgorithm());
064: decryptCipher = Cipher.getInstance(getAlgorithm());
065:
066: AlgorithmParameterSpec paramSpec = createAlgorithmParameterSpec();
067: if (paramSpec != null) {
068: encryptCipher.init(Cipher.ENCRYPT_MODE, secretKey,
069: paramSpec);
070: decryptCipher.init(Cipher.DECRYPT_MODE, secretKey,
071: paramSpec);
072: } else {
073: encryptCipher.init(Cipher.ENCRYPT_MODE, secretKey);
074: decryptCipher.init(Cipher.DECRYPT_MODE, secretKey);
075: }
076:
077: } catch (Exception e) {
078: throw new InitialisationException(CoreMessages
079: .failedToCreate("encryption ciphers"), e, this );
080: }
081: return LifecycleTransitionResult.OK;
082: }
083:
084: protected abstract SecretKey getSecretKey()
085: throws GeneralSecurityException;
086:
087: public byte[] encrypt(byte[] data, Object info)
088: throws CryptoFailureException {
089: try {
090: byte[] buf = encryptCipher.doFinal(data);
091: if (base64Encoding) {
092: return Base64.encodeBytes(buf).getBytes();
093: } else {
094: return buf;
095: }
096: } catch (Exception e) {
097: throw new CryptoFailureException(this , e);
098: }
099: }
100:
101: public byte[] decrypt(byte[] data, Object info)
102: throws CryptoFailureException {
103: try {
104: byte[] dec = data;
105: if (base64Encoding) {
106: dec = Base64.decode(new String(data));
107: }
108: return decryptCipher.doFinal(dec);
109: } catch (Exception e) {
110: throw new CryptoFailureException(this , e);
111: }
112: }
113:
114: public String getAlgorithm() {
115: return algorithm;
116: }
117:
118: public void setAlgorithm(String algorithm) {
119: this .algorithm = algorithm;
120: }
121:
122: public String toString() {
123: StringBuffer buf = new StringBuffer();
124: buf.append("Algorithm=").append(algorithm);
125: return buf.toString();
126: }
127:
128: public boolean isBase64Encoding() {
129: return base64Encoding;
130: }
131:
132: public void setBase64Encoding(boolean base64Encoding) {
133: this .base64Encoding = base64Encoding;
134: }
135:
136: protected abstract KeySpec createKeySpec();
137:
138: protected abstract AlgorithmParameterSpec createAlgorithmParameterSpec();
139:
140: }
|