DecryptFunction.java

/**
 * Copyright (c) 2013-2016, The SeedStack authors <http://seedstack.org>
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 */
package org.seedstack.seed.core.internal.crypto;

import com.google.common.base.Strings;
import org.seedstack.coffig.Coffig;
import org.seedstack.coffig.spi.ConfigFunction;
import org.seedstack.coffig.spi.ConfigFunctionHolder;
import org.seedstack.coffig.spi.ConfigurationComponent;
import org.seedstack.seed.SeedException;
import org.seedstack.seed.crypto.CryptoConfig;
import org.seedstack.seed.crypto.EncryptionService;

import javax.xml.bind.DatatypeConverter;
import java.security.KeyStore;

public class DecryptFunction implements ConfigFunctionHolder {
    private EncryptionServiceFactory encryptionServiceFactory;
    private CryptoConfig.KeyStoreConfig masterKeyStoreConfig;

    @Override
    public void initialize(Coffig coffig) {
        CryptoConfig cryptoConfig = coffig.get(CryptoConfig.class);
        masterKeyStoreConfig = cryptoConfig.masterKeyStore();
        if (masterKeyStoreConfig != null) {
            try {
                KeyStore keyStore = new KeyStoreLoader().load(CryptoConfig.MASTER_KEY_STORE_NAME, masterKeyStoreConfig);
                encryptionServiceFactory = new EncryptionServiceFactory(cryptoConfig, keyStore);
            } catch (Exception e) {
                encryptionServiceFactory = null;
            }
        } else {
            encryptionServiceFactory = null;
        }
    }

    @Override
    public ConfigurationComponent fork() {
        return new DecryptFunction();
    }

    @ConfigFunction
    String decrypt(String alias, String value) {
        if (encryptionServiceFactory == null) {
            throw SeedException.createNew(CryptoErrorCode.MISSING_MASTER_KEYSTORE);
        }
        CryptoConfig.KeyStoreConfig.AliasConfig aliasConfig = masterKeyStoreConfig.getAliases().get(alias);
        if (aliasConfig == null || Strings.isNullOrEmpty(aliasConfig.getPassword())) {
            throw SeedException.createNew(CryptoErrorCode.MISSING_MASTER_KEY_PASSWORD);
        }
        EncryptionService encryptionService = encryptionServiceFactory.create(alias, aliasConfig.getPassword().toCharArray());
        return new String(encryptionService.decrypt(DatatypeConverter.parseHexBinary(value)));
    }
}