Encryptor.java

/*
 Swisscom Safe Connect
 Copyright (C) 2014 Swisscom

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
package com.swisscom.safeconnect.security;

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import android.util.Base64;
import android.util.Log;

import com.swisscom.safeconnect.BuildConfig;
import com.swisscom.safeconnect.utils.Config;

public class Encryptor {
	private Cipher enc, dec;
	
	/**
	 * inits the cipher
	 * @param keyData key
	 */
	public Encryptor(byte[] keyData, String salt) {
		this(keyData, salt.getBytes());
	}
	
	public Encryptor(byte[] keyData, byte[] salt) {
		try {
			if (salt == null || salt.length < 16) {
				throw new InvalidAlgorithmParameterException("salt must be at least 16 characters");
			}
			
			SecretKeySpec key = new SecretKeySpec(keyData, "AES/CBC/PKCS5Padding");
			
			IvParameterSpec ivParameterSpec = new IvParameterSpec(salt, 0, 16);
			
			enc = Cipher.getInstance("AES/CBC/PKCS5Padding");
			enc.init(Cipher.ENCRYPT_MODE, key, ivParameterSpec);
			
			dec = Cipher.getInstance("AES/CBC/PKCS5Padding");
			dec.init(Cipher.DECRYPT_MODE, key, ivParameterSpec);
		} catch (NoSuchAlgorithmException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		} catch (NoSuchPaddingException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		} catch (InvalidKeyException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		} catch (InvalidAlgorithmParameterException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		}
	}
	
	public String encrypt(String str) {
		if (enc == null) return str;
		
		try {
			byte[] encoded = enc.doFinal(str.getBytes());
			return Base64.encodeToString(encoded, Base64.DEFAULT);
		} catch (IllegalBlockSizeException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		} catch (BadPaddingException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		}
		
		return str;
	}
	
	public String decrypt(String str) {
		if (dec == null) return str;
		if (str == null || str.isEmpty()) return "";
		
		try {
			byte[] decoded64 = Base64.decode(str, Base64.DEFAULT);
			if (decoded64.length == 0) return "";
			
			byte[] raw = dec.doFinal(decoded64);
			return raw == null? "" : new String(raw);
		} catch (IllegalBlockSizeException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		} catch (BadPaddingException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		} catch (IllegalArgumentException e) {
			if (BuildConfig.DEBUG) Log.e(Config.TAG, "cipher", e);
		}
		
		return str;
	}
}