/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.wicket.util.crypt;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.util.Base64;
import java.util.UUID;
import javax.crypto.Cipher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Abstract base class for JCE based ICrypt implementations.
*
* @author Juergen Donnerstag
*/
public abstract class AbstractCrypt implements ICrypt
{
/** Encoding used to convert java String from and to byte[] */
private static final String CHARACTER_ENCODING = "UTF-8";
/** Log. */
private static final Logger log = LoggerFactory.getLogger(AbstractCrypt.class);
/** Key used to de-/encrypt the data */
private String encryptionKey;
/**
* Constructor
*/
public AbstractCrypt()
{
this.encryptionKey = UUID.randomUUID().toString();
}
/**
* Decrypts a string into a string.
*
* @param text
* text to decrypt
* @return the decrypted text
*/
@Override
public final String decryptUrlSafe(final String text)
{
try
{
byte[] decoded = java.util.Base64.getUrlDecoder().decode(text);
return new String(decryptByteArray(decoded), CHARACTER_ENCODING);
}
catch (Exception ex)
{
log.debug("Error decoding text: " + text, ex);
return null;
}
}
/**
* Encrypt a string into a string using URL safe Base64 encoding.
*
* @param plainText
* text to encrypt
* @return encrypted string
*/
@Override
public final String encryptUrlSafe(final String plainText)
{
try
{
byte[] encrypted = encryptStringToByteArray(plainText);
Base64.Encoder encoder = Base64.getUrlEncoder().withoutPadding();
byte[] encoded = encoder.encode(encrypted);
return new String(encoded, CHARACTER_ENCODING);
}
catch (GeneralSecurityException e)
{
log.error("Unable to encrypt text '" + plainText + "'", e);
return null;
}
catch (UnsupportedEncodingException e)
{
log.error("Unable to encrypt text '" + plainText + "'", e);
return null;
}
}
/**
* Get encryption private key
*
* @return encryption private key
*/
public String getKey()
{
return encryptionKey;
}
/**
* Set encryption private key
*
* @param key
* private key to make de-/encryption unique
*/
@Override
public void setKey(final String key)
{
encryptionKey = key;
}
/**
* Crypts the given byte array
*
* @param input
* byte array to be crypted
* @param mode
* crypt mode
* @return the input crypted. Null in case of an error
* @throws GeneralSecurityException
*/
protected abstract byte[] crypt(final byte[] input, final int mode)
throws GeneralSecurityException;
/**
* Decrypts an encrypted, but Base64 decoded byte array into a byte array.
*
* @param encrypted
* byte array to decrypt
* @return the decrypted text
*/
private byte[] decryptByteArray(final byte[] encrypted)
{
try
{
return crypt(encrypted, Cipher.DECRYPT_MODE);
}
catch (GeneralSecurityException e)
{
throw new RuntimeException(
"Unable to decrypt the text '" + new String(encrypted) + "'", e);
}
}
/**
* Encrypts the given text into a byte array.
*
* @param plainText
* text to encrypt
* @return the string encrypted
* @throws GeneralSecurityException
*/
private byte[] encryptStringToByteArray(final String plainText)
throws GeneralSecurityException
{
try
{
return crypt(plainText.getBytes(CHARACTER_ENCODING), Cipher.ENCRYPT_MODE);
}
catch (UnsupportedEncodingException ex)
{
throw new RuntimeException(ex.getMessage());
}
}
}