CipherProvider.java example

Explorer
gocd-master
/*
 * Copyright 2016 ThoughtWorks, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 */

package com.thoughtworks.go.security;

import com.thoughtworks.go.util.SystemEnvironment;
import org.apache.commons.io.FileUtils;
import org.apache.log4j.Logger;
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.generators.DESKeyGenerator;
import org.bouncycastle.crypto.params.DESParameters;
import org.bouncycastle.util.encoders.Hex;

import java.io.File;
import java.io.IOException;
import java.io.Serializable;
import java.security.SecureRandom;
import java.util.UUID;

public class CipherProvider implements Serializable {
    private static final Logger LOGGER = Logger.getLogger(CipherProvider.class);

    private SystemEnvironment environment;
    private static volatile byte[] cachedKey;

    private final byte[] key;

    public CipherProvider(SystemEnvironment environment) {
        this.environment = environment;
        primeKeyCache();
        key = cachedKey;
    }

    public byte[] getKey() {
        return key;
    }

    private void primeKeyCache() {
        if (cachedKey == null) {
            File cipherFile = environment.getCipherFile();
            synchronized (cipherFile.getAbsolutePath().intern()) {
                if (cachedKey == null) {
                    try {
                        if (cipherFile.exists()) {
                            cachedKey = FileUtils.readFileToByteArray(cipherFile);
                            return;
                        }
                        byte[] newKey = generateKey();
                        FileUtils.writeByteArrayToFile(cipherFile, newKey);
                        LOGGER.info("Cipher not found. Creating a new cipher file");
                        cachedKey = newKey;
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                }
            }
        }
    }

    private byte[] generateKey() {
        SecureRandom random = new SecureRandom();
        random.setSeed(UUID.randomUUID().toString().getBytes());
        KeyGenerationParameters generationParameters = new KeyGenerationParameters(random, DESParameters.DES_KEY_LENGTH * 8);
        DESKeyGenerator generator = new DESKeyGenerator();
        generator.init(generationParameters);
        return Hex.encode(generator.generateKey());
    }

    public void resetCipher() {
        cachedKey = null;
        FileUtils.deleteQuietly(environment.getCipherFile());
        primeKeyCache();
    }
}