X-Git-Url: http://git.nikiroo.be/?p=fanfix.git;a=blobdiff_plain;f=src%2Fbe%2Fnikiroo%2Futils%2FCryptUtils.java;fp=src%2Fbe%2Fnikiroo%2Futils%2FCryptUtils.java;h=0000000000000000000000000000000000000000;hp=638f82f298a27b6d87db29ae5324f904ccff08eb;hb=46add0670fdee4bd936a13fe2448c5e20a7ffd0a;hpb=1b5197ed4ceec2025a9a40c417b37c646b756138 diff --git a/src/be/nikiroo/utils/CryptUtils.java b/src/be/nikiroo/utils/CryptUtils.java deleted file mode 100644 index 638f82f..0000000 --- a/src/be/nikiroo/utils/CryptUtils.java +++ /dev/null @@ -1,441 +0,0 @@ -package be.nikiroo.utils; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.UnsupportedEncodingException; -import java.security.InvalidKeyException; - -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.CipherInputStream; -import javax.crypto.CipherOutputStream; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; -import javax.net.ssl.SSLException; - -import be.nikiroo.utils.streams.Base64InputStream; -import be.nikiroo.utils.streams.Base64OutputStream; - -/** - * Small utility class to do AES encryption/decryption. - *

- * It is multi-thread compatible, but beware: - *

- *

- * Do not assume it is secure; it just here to offer a more-or-less protected - * exchange of data because anonymous and self-signed certificates backed SSL is - * against Google wishes, and I need Android support. - * - * @author niki - */ -public class CryptUtils { - static private final String AES_NAME = "AES/CFB128/NoPadding"; - - private Cipher ecipher; - private Cipher dcipher; - private byte[] bytes32; - - /** - * Small and lazy-easy way to initialize a 128 bits key with - * {@link CryptUtils}. - *

- * Some part of the key will be used to generate a 128 bits key and - * initialize the {@link CryptUtils}; even NULL will generate something. - *

- * This is most probably not secure. Do not use if you actually care - * about security. - * - * @param key - * the {@link String} to use as a base for the key, can be NULL - */ - public CryptUtils(String key) { - try { - init(key2key(key)); - } catch (InvalidKeyException e) { - // We made sure that the key is correct, so nothing here - e.printStackTrace(); - } - } - - /** - * Create a new instance of {@link CryptUtils} with the given 128 bits key. - *

- * The key must be exactly 128 bits long. - * - * @param bytes32 - * the 128 bits (32 bytes) of the key - * - * @throws InvalidKeyException - * if the key is not an array of 128 bits - */ - public CryptUtils(byte[] bytes32) throws InvalidKeyException { - init(bytes32); - } - - /** - * Wrap the given {@link InputStream} so it is transparently encrypted by - * the current {@link CryptUtils}. - * - * @param in - * the {@link InputStream} to wrap - * @return the auto-encode {@link InputStream} - */ - public InputStream encrypt(InputStream in) { - Cipher ecipher = newCipher(Cipher.ENCRYPT_MODE); - return new CipherInputStream(in, ecipher); - } - - /** - * Wrap the given {@link InputStream} so it is transparently encrypted by - * the current {@link CryptUtils} and encoded in base64. - * - * @param in - * the {@link InputStream} to wrap - * - * @return the auto-encode {@link InputStream} - * - * @throws IOException - * in case of I/O error - */ - public InputStream encrypt64(InputStream in) throws IOException { - return new Base64InputStream(encrypt(in), true); - } - - /** - * Wrap the given {@link OutputStream} so it is transparently encrypted by - * the current {@link CryptUtils}. - * - * @param out - * the {@link OutputStream} to wrap - * - * @return the auto-encode {@link OutputStream} - */ - public OutputStream encrypt(OutputStream out) { - Cipher ecipher = newCipher(Cipher.ENCRYPT_MODE); - return new CipherOutputStream(out, ecipher); - } - - /** - * Wrap the given {@link OutputStream} so it is transparently encrypted by - * the current {@link CryptUtils} and encoded in base64. - * - * @param out - * the {@link OutputStream} to wrap - * - * @return the auto-encode {@link OutputStream} - * - * @throws IOException - * in case of I/O error - */ - public OutputStream encrypt64(OutputStream out) throws IOException { - return encrypt(new Base64OutputStream(out, true)); - } - - /** - * Wrap the given {@link OutputStream} so it is transparently decoded by the - * current {@link CryptUtils}. - * - * @param in - * the {@link InputStream} to wrap - * - * @return the auto-decode {@link InputStream} - */ - public InputStream decrypt(InputStream in) { - Cipher dcipher = newCipher(Cipher.DECRYPT_MODE); - return new CipherInputStream(in, dcipher); - } - - /** - * Wrap the given {@link OutputStream} so it is transparently decoded by the - * current {@link CryptUtils} and decoded from base64. - * - * @param in - * the {@link InputStream} to wrap - * - * @return the auto-decode {@link InputStream} - * - * @throws IOException - * in case of I/O error - */ - public InputStream decrypt64(InputStream in) throws IOException { - return decrypt(new Base64InputStream(in, false)); - } - - /** - * Wrap the given {@link OutputStream} so it is transparently decoded by the - * current {@link CryptUtils}. - * - * @param out - * the {@link OutputStream} to wrap - * @return the auto-decode {@link OutputStream} - */ - public OutputStream decrypt(OutputStream out) { - Cipher dcipher = newCipher(Cipher.DECRYPT_MODE); - return new CipherOutputStream(out, dcipher); - } - - /** - * Wrap the given {@link OutputStream} so it is transparently decoded by the - * current {@link CryptUtils} and decoded from base64. - * - * @param out - * the {@link OutputStream} to wrap - * - * @return the auto-decode {@link OutputStream} - * - * @throws IOException - * in case of I/O error - */ - public OutputStream decrypt64(OutputStream out) throws IOException { - return new Base64OutputStream(decrypt(out), false); - } - - /** - * This method required an array of 128 bits. - * - * @param bytes32 - * the array, which must be of 128 bits (32 bytes) - * - * @throws InvalidKeyException - * if the key is not an array of 128 bits (32 bytes) - */ - private void init(byte[] bytes32) throws InvalidKeyException { - if (bytes32 == null || bytes32.length != 32) { - throw new InvalidKeyException( - "The size of the key must be of 128 bits (32 bytes), it is: " - + (bytes32 == null ? "null" : "" + bytes32.length) - + " bytes"); - } - - this.bytes32 = bytes32; - this.ecipher = newCipher(Cipher.ENCRYPT_MODE); - this.dcipher = newCipher(Cipher.DECRYPT_MODE); - } - - /** - * Create a new {@link Cipher}of the given mode (see - * {@link Cipher#ENCRYPT_MODE} and {@link Cipher#ENCRYPT_MODE}). - * - * @param mode - * the mode ({@link Cipher#ENCRYPT_MODE} or - * {@link Cipher#ENCRYPT_MODE}) - * - * @return the new {@link Cipher} - */ - private Cipher newCipher(int mode) { - try { - // bytes32 = 32 bytes, 32 > 16 - byte[] iv = new byte[16]; - for (int i = 0; i < iv.length; i++) { - iv[i] = bytes32[i]; - } - IvParameterSpec ivspec = new IvParameterSpec(iv); - Cipher cipher = Cipher.getInstance(AES_NAME); - cipher.init(mode, new SecretKeySpec(bytes32, "AES"), ivspec); - return cipher; - } catch (Exception e) { - e.printStackTrace(); - throw new RuntimeException( - "Cannot initialize encryption sub-system", e); - } - } - - /** - * Encrypt the data. - * - * @param data - * the data to encrypt - * - * @return the encrypted data - * - * @throws SSLException - * in case of I/O error (i.e., the data is not what you assumed - * it was) - */ - public byte[] encrypt(byte[] data) throws SSLException { - synchronized (ecipher) { - try { - return ecipher.doFinal(data); - } catch (IllegalBlockSizeException e) { - throw new SSLException(e); - } catch (BadPaddingException e) { - throw new SSLException(e); - } - } - } - - /** - * Encrypt the data. - * - * @param data - * the data to encrypt - * - * @return the encrypted data - * - * @throws SSLException - * in case of I/O error (i.e., the data is not what you assumed - * it was) - */ - public byte[] encrypt(String data) throws SSLException { - return encrypt(StringUtils.getBytes(data)); - } - - /** - * Encrypt the data, then encode it into Base64. - * - * @param data - * the data to encrypt - * @param zip - * TRUE to also compress the data in GZIP format; remember that - * compressed and not-compressed content are different; you need - * to know which is which when decoding - * - * @return the encrypted data, encoded in Base64 - * - * @throws SSLException - * in case of I/O error (i.e., the data is not what you assumed - * it was) - */ - public String encrypt64(String data) throws SSLException { - return encrypt64(StringUtils.getBytes(data)); - } - - /** - * Encrypt the data, then encode it into Base64. - * - * @param data - * the data to encrypt - * - * @return the encrypted data, encoded in Base64 - * - * @throws SSLException - * in case of I/O error (i.e., the data is not what you assumed - * it was) - */ - public String encrypt64(byte[] data) throws SSLException { - try { - return StringUtils.base64(encrypt(data)); - } catch (IOException e) { - // not exactly true, but we consider here that this error is a crypt - // error, not a normal I/O error - throw new SSLException(e); - } - } - - /** - * Decode the data which is assumed to be encrypted with the same utilities. - * - * @param data - * the encrypted data to decode - * - * @return the original, decoded data - * - * @throws SSLException - * in case of I/O error - */ - public byte[] decrypt(byte[] data) throws SSLException { - synchronized (dcipher) { - try { - return dcipher.doFinal(data); - } catch (IllegalBlockSizeException e) { - throw new SSLException(e); - } catch (BadPaddingException e) { - throw new SSLException(e); - } - } - } - - /** - * Decode the data which is assumed to be encrypted with the same utilities - * and to be a {@link String}. - * - * @param data - * the encrypted data to decode - * - * @return the original, decoded data,as a {@link String} - * - * @throws SSLException - * in case of I/O error - */ - public String decrypts(byte[] data) throws SSLException { - try { - return new String(decrypt(data), "UTF-8"); - } catch (UnsupportedEncodingException e) { - // UTF-8 is required in all conform JVMs - e.printStackTrace(); - return null; - } - } - - /** - * Decode the data which is assumed to be encrypted with the same utilities - * and is a Base64 encoded value. - * - * @param data - * the encrypted data to decode in Base64 format - * @param zip - * TRUE to also uncompress the data from a GZIP format - * automatically; if set to FALSE, zipped data can be returned - * - * @return the original, decoded data - * - * @throws SSLException - * in case of I/O error - */ - public byte[] decrypt64(String data) throws SSLException { - try { - return decrypt(StringUtils.unbase64(data)); - } catch (IOException e) { - // not exactly true, but we consider here that this error is a crypt - // error, not a normal I/O error - throw new SSLException(e); - } - } - - /** - * Decode the data which is assumed to be encrypted with the same utilities - * and is a Base64 encoded value, then convert it into a String (this method - * assumes the data was indeed a UTF-8 encoded {@link String}). - * - * @param data - * the encrypted data to decode in Base64 format - * @param zip - * TRUE to also uncompress the data from a GZIP format - * automatically; if set to FALSE, zipped data can be returned - * - * @return the original, decoded data - * - * @throws SSLException - * in case of I/O error - */ - public String decrypt64s(String data) throws SSLException { - try { - return new String(decrypt(StringUtils.unbase64(data)), "UTF-8"); - } catch (UnsupportedEncodingException e) { - // UTF-8 is required in all conform JVMs - e.printStackTrace(); - return null; - } catch (IOException e) { - // not exactly true, but we consider here that this error is a crypt - // error, not a normal I/O error - throw new SSLException(e); - } - } - - /** - * This is probably NOT secure! - * - * @param input - * some {@link String} input - * - * @return a 128 bits key computed from the given input - */ - static private byte[] key2key(String input) { - return StringUtils.getMd5Hash("" + input).getBytes(); - } -}