X-Git-Url: http://git.nikiroo.be/?p=fanfix.git;a=blobdiff_plain;f=src%2Fbe%2Fnikiroo%2Futils%2FCryptUtils.java;h=638f82f298a27b6d87db29ae5324f904ccff08eb;hp=74b85c2148a1da38ce8124d1f5c8d4f3d8fdb729;hb=HEAD;hpb=12784931c8ae440fec10dfd6ea97e7b16ba64988 diff --git a/src/be/nikiroo/utils/CryptUtils.java b/src/be/nikiroo/utils/CryptUtils.java index 74b85c2..638f82f 100644 --- a/src/be/nikiroo/utils/CryptUtils.java +++ b/src/be/nikiroo/utils/CryptUtils.java @@ -4,40 +4,41 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.UnsupportedEncodingException; -import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.CipherInputStream; import javax.crypto.CipherOutputStream; import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import javax.net.ssl.SSLException; +import be.nikiroo.utils.streams.Base64InputStream; +import be.nikiroo.utils.streams.Base64OutputStream; + /** * Small utility class to do AES encryption/decryption. *

- * For the moment, it is multi-thread compatible, but beware: + * It is multi-thread compatible, but beware: *

*

- * Do not assume it is actually secure until you checked the code... + * Do not assume it is secure; it just here to offer a more-or-less protected + * exchange of data because anonymous and self-signed certificates backed SSL is + * against Google wishes, and I need Android support. * * @author niki */ public class CryptUtils { - static private final String AES_NAME = "AES/CFB8/NoPadding"; + static private final String AES_NAME = "AES/CFB128/NoPadding"; private Cipher ecipher; private Cipher dcipher; - private SecretKey key; + private byte[] bytes32; /** * Small and lazy-easy way to initialize a 128 bits key with @@ -62,15 +63,15 @@ public class CryptUtils { } /** - * Create a new instance of {@link CryptUtils} with the given 128 bytes key. + * Create a new instance of {@link CryptUtils} with the given 128 bits key. *

- * The key must be exactly 128 bytes long. + * The key must be exactly 128 bits long. * * @param bytes32 * the 128 bits (32 bytes) of the key * * @throws InvalidKeyException - * if the key is not an array of 128 bytes + * if the key is not an array of 128 bits */ public CryptUtils(byte[] bytes32) throws InvalidKeyException { init(bytes32); @@ -95,19 +96,14 @@ public class CryptUtils { * * @param in * the {@link InputStream} to wrap - * @param zip - * TRUE to also uncompress the data from a GZIP format; take care - * about this flag, as it could easily cause errors in the - * returned content or an {@link IOException} * * @return the auto-encode {@link InputStream} * * @throws IOException * in case of I/O error */ - public InputStream encrypt64(InputStream in, boolean zip) - throws IOException { - return StringUtils.base64(encrypt(in), zip, false); + public InputStream encrypt64(InputStream in) throws IOException { + return new Base64InputStream(encrypt(in), true); } /** @@ -130,19 +126,14 @@ public class CryptUtils { * * @param out * the {@link OutputStream} to wrap - * @param zip - * TRUE to also uncompress the data from a GZIP format; take care - * about this flag, as it could easily cause errors in the - * returned content or an {@link IOException} * * @return the auto-encode {@link OutputStream} * * @throws IOException * in case of I/O error */ - public OutputStream encrypt64(OutputStream out, boolean zip) - throws IOException { - return encrypt(StringUtils.base64(out, zip, false)); + public OutputStream encrypt64(OutputStream out) throws IOException { + return encrypt(new Base64OutputStream(out, true)); } /** @@ -165,19 +156,14 @@ public class CryptUtils { * * @param in * the {@link InputStream} to wrap - * @param zip - * TRUE to also uncompress the data from a GZIP format; take care - * about this flag, as it could easily cause errors in the - * returned content or an {@link IOException} * * @return the auto-decode {@link InputStream} * * @throws IOException * in case of I/O error */ - public InputStream decrypt64(InputStream in, boolean zip) - throws IOException { - return decrypt(StringUtils.unbase64(in, zip)); + public InputStream decrypt64(InputStream in) throws IOException { + return decrypt(new Base64InputStream(in, false)); } /** @@ -199,23 +185,18 @@ public class CryptUtils { * * @param out * the {@link OutputStream} to wrap - * @param zip - * TRUE to also uncompress the data from a GZIP format; take care - * about this flag, as it could easily cause errors in the - * returned content or an {@link IOException} * * @return the auto-decode {@link OutputStream} * * @throws IOException * in case of I/O error */ - public OutputStream decrypt64(OutputStream out, boolean zip) - throws IOException { - return StringUtils.unbase64(decrypt(out), zip); + public OutputStream decrypt64(OutputStream out) throws IOException { + return new Base64OutputStream(decrypt(out), false); } /** - * This method required an array of 128 bytes. + * This method required an array of 128 bits. * * @param bytes32 * the array, which must be of 128 bits (32 bytes) @@ -231,9 +212,9 @@ public class CryptUtils { + " bytes"); } - key = new SecretKeySpec(bytes32, "AES"); - ecipher = newCipher(Cipher.ENCRYPT_MODE); - dcipher = newCipher(Cipher.DECRYPT_MODE); + this.bytes32 = bytes32; + this.ecipher = newCipher(Cipher.ENCRYPT_MODE); + this.dcipher = newCipher(Cipher.DECRYPT_MODE); } /** @@ -248,29 +229,20 @@ public class CryptUtils { */ private Cipher newCipher(int mode) { try { - byte[] iv = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; + // bytes32 = 32 bytes, 32 > 16 + byte[] iv = new byte[16]; + for (int i = 0; i < iv.length; i++) { + iv[i] = bytes32[i]; + } IvParameterSpec ivspec = new IvParameterSpec(iv); Cipher cipher = Cipher.getInstance(AES_NAME); - cipher.init(mode, key, ivspec); + cipher.init(mode, new SecretKeySpec(bytes32, "AES"), ivspec); return cipher; - } catch (NoSuchAlgorithmException e) { - // Every implementation of the Java platform is required to support - // this standard Cipher transformation with 128 bits keys - e.printStackTrace(); - } catch (NoSuchPaddingException e) { - // Every implementation of the Java platform is required to support - // this standard Cipher transformation with 128 bits keys - e.printStackTrace(); - } catch (InvalidKeyException e) { - // Every implementation of the Java platform is required to support - // this standard Cipher transformation with 128 bits keys - e.printStackTrace(); - } catch (InvalidAlgorithmParameterException e) { - // Woops? + } catch (Exception e) { e.printStackTrace(); + throw new RuntimeException( + "Cannot initialize encryption sub-system", e); } - - return null; } /** @@ -310,13 +282,7 @@ public class CryptUtils { * it was) */ public byte[] encrypt(String data) throws SSLException { - try { - return encrypt(data.getBytes("UTF8")); - } catch (UnsupportedEncodingException e) { - // UTF-8 is required in all confirm JVMs - e.printStackTrace(); - return null; - } + return encrypt(StringUtils.getBytes(data)); } /** @@ -335,14 +301,8 @@ public class CryptUtils { * in case of I/O error (i.e., the data is not what you assumed * it was) */ - public String encrypt64(String data, boolean zip) throws SSLException { - try { - return encrypt64(data.getBytes("UTF8"), zip); - } catch (UnsupportedEncodingException e) { - // UTF-8 is required in all confirm JVMs - e.printStackTrace(); - return null; - } + public String encrypt64(String data) throws SSLException { + return encrypt64(StringUtils.getBytes(data)); } /** @@ -350,10 +310,6 @@ public class CryptUtils { * * @param data * the data to encrypt - * @param zip - * TRUE to also compress the data in GZIP format; remember that - * compressed and not-compressed content are different; you need - * to know which is which when decoding * * @return the encrypted data, encoded in Base64 * @@ -361,9 +317,9 @@ public class CryptUtils { * in case of I/O error (i.e., the data is not what you assumed * it was) */ - public String encrypt64(byte[] data, boolean zip) throws SSLException { + public String encrypt64(byte[] data) throws SSLException { try { - return StringUtils.base64(encrypt(data), zip); + return StringUtils.base64(encrypt(data)); } catch (IOException e) { // not exactly true, but we consider here that this error is a crypt // error, not a normal I/O error @@ -410,7 +366,7 @@ public class CryptUtils { try { return new String(decrypt(data), "UTF-8"); } catch (UnsupportedEncodingException e) { - // UTF-8 is required in all confirm JVMs + // UTF-8 is required in all conform JVMs e.printStackTrace(); return null; } @@ -431,9 +387,9 @@ public class CryptUtils { * @throws SSLException * in case of I/O error */ - public byte[] decrypt64(String data, boolean zip) throws SSLException { + public byte[] decrypt64(String data) throws SSLException { try { - return decrypt(StringUtils.unbase64(data, zip)); + return decrypt(StringUtils.unbase64(data)); } catch (IOException e) { // not exactly true, but we consider here that this error is a crypt // error, not a normal I/O error @@ -457,11 +413,11 @@ public class CryptUtils { * @throws SSLException * in case of I/O error */ - public String decrypt64s(String data, boolean zip) throws SSLException { + public String decrypt64s(String data) throws SSLException { try { - return new String(decrypt(StringUtils.unbase64(data, zip)), "UTF-8"); + return new String(decrypt(StringUtils.unbase64(data)), "UTF-8"); } catch (UnsupportedEncodingException e) { - // UTF-8 is required in all confirm JVMs + // UTF-8 is required in all conform JVMs e.printStackTrace(); return null; } catch (IOException e) {