OESE-12 Providing a keystore implementation to store password from application variables / application configuration

2014-05-29 09:48:22 +02:00 · 2014-05-29 09:48:22 +02:00 · 5c704c20e0
parent 1c08535a52
commit 5c704c20e0
2 changed files with 125 additions and 1 deletions
--- a/openesb-standalone-container/src/main/java/net/openesb/standalone/framework/PlatformContext.java
+++ b/openesb-standalone-container/src/main/java/net/openesb/standalone/framework/PlatformContext.java
@ -34,6 +34,9 @@ public class PlatformContext implements com.sun.jbi.platform.PlatformContext {
    @Inject private InitialContext namingContext;
    @Inject private Node node;
    
+    private final KeyStoreUtil keyStoreUtil =
+            new net.openesb.standalone.security.utils.KeyStoreUtil();
+    
    private String mInstallRoot = System.getProperty(
            Constants.OPENESB_HOME_PROP);

@ -298,7 +301,7 @@ public class PlatformContext implements com.sun.jbi.platform.PlatformContext {
     */
    @Override
    public KeyStoreUtil getKeyStoreUtil() {
-        return null;
+        return keyStoreUtil;
    }

    /**
--- a/openesb-standalone-container/src/main/java/net/openesb/standalone/security/utils/KeyStoreUtil.java
+++ b/openesb-standalone-container/src/main/java/net/openesb/standalone/security/utils/KeyStoreUtil.java
@ -0,0 +1,121 @@
+package net.openesb.standalone.security.utils;
+
+import java.security.KeyStoreException;
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import sun.misc.BASE64Decoder;
+import sun.misc.BASE64Encoder;
+
+/**
+ *
+ * @author David BRASSELY (brasseld at gmail.com)
+ * @author OpenESB Community
+ */
+public class KeyStoreUtil implements com.sun.jbi.security.KeyStoreUtil {
+
+    private final BASE64Encoder mBase64Encoder;
+    private final BASE64Decoder mBase64Decoder;
+    
+    private final static String encryptionKey = "A12EF89A23C6A5B7";
+    private final static String IV = "A12EF89A23C6A5B7";
+    
+    public KeyStoreUtil() {
+        mBase64Encoder = new BASE64Encoder();
+        mBase64Decoder = new BASE64Decoder();
+    }
+    
+    /**
+     * Encrypts a message using a default key. 
+     *
+     * @param        clearText the byte array that will be encrypted
+     * @return       the encrypted byte array
+     * @exception    KeyStoreException if any error occurs retrieving the
+     * key to be used
+     */
+    @Override
+    public byte[] encrypt(byte[] clearText) throws KeyStoreException {
+        try {
+            SecretKeySpec key = new SecretKeySpec(encryptionKey.getBytes("UTF-8"), "AES");
+            
+            // Create the cipher
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            
+            // Initialize the cipher for encryption
+            cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(IV.getBytes("UTF-8")));
+            
+            // Encrypt the cleartext
+            byte[] cipherText = cipher.doFinal(clearText);
+            
+            return cipherText;
+        } catch (Exception ex) {
+            throw new KeyStoreException(ex);
+        }
+    }
+
+    /**
+     * Decrypts a message using a default key
+     *
+     * @param        cipherText the byte array with the encrypted data
+     * @return       the unencrypted byte array
+     * @exception    KeyStoreException if any error occurs retrieving the
+     * key to be used
+     */
+    @Override
+    public byte[] decrypt(byte[] cipherText) throws KeyStoreException {
+        try {
+            SecretKeySpec key = new SecretKeySpec(encryptionKey.getBytes("UTF-8"), "AES");
+            
+            // Create the cipher 
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        
+            // Initialize the cipher for decryption
+            cipher.init(Cipher.DECRYPT_MODE, key,new IvParameterSpec(IV.getBytes("UTF-8")));
+        
+            // Decrypt the ciphertext
+            byte[] cleartext = cipher.doFinal(cipherText);
+
+            return cleartext;
+        } catch (Exception ex) {
+            throw new KeyStoreException(ex);
+        }
+    }
+
+    /**
+     * Encrypts a message using a default key.  The result
+     * is a Base64-encoded string.
+     *
+     * @param        clearText a String representing the message to be encrypted
+     * @return       a Base64-encoded string representing the encrypted message
+     * @exception    KeyStoreException if any error occurs retrieving the
+     * key to be used
+     */
+    @Override
+    public String encrypt(String clearText) throws KeyStoreException {
+        try {
+            byte[] cipherText = encrypt(clearText.getBytes());
+            return mBase64Encoder.encode(cipherText);
+        } catch (Exception ex) {
+            throw new KeyStoreException(ex);
+        }
+    }
+
+    /**
+     * Decrypts a message using the key identified by keyName.  The second
+     * argument must be a Base-64 encoded string
+     *
+     * @param        base64EncodedCipherText a Base-64 Encoded string
+     * @return       the decrypted message as a String
+     * @exception    KeyStoreException if any error occurs retrieving the
+     * key to be used
+     */
+    @Override
+    public String decrypt(String base64EncodedCipherText) throws KeyStoreException {
+        try {
+            byte[] clearText = decrypt(mBase64Decoder.decodeBuffer(base64EncodedCipherText));
+            return new String(clearText);
+        } catch (Exception ex) {
+            throw new KeyStoreException(ex);
+        }
+    }
+}