diff options
Diffstat (limited to 'upstream/odl-aaa-moon/aaa/aaa-authn-mdsal-store/aaa-authn-mdsal-store-impl/src/main/java/org/opendaylight/aaa/authn/mdsal/store/DataEncrypter.java')
| -rw-r--r-- | upstream/odl-aaa-moon/aaa/aaa-authn-mdsal-store/aaa-authn-mdsal-store-impl/src/main/java/org/opendaylight/aaa/authn/mdsal/store/DataEncrypter.java | 101 |
1 files changed, 0 insertions, 101 deletions
diff --git a/upstream/odl-aaa-moon/aaa/aaa-authn-mdsal-store/aaa-authn-mdsal-store-impl/src/main/java/org/opendaylight/aaa/authn/mdsal/store/DataEncrypter.java b/upstream/odl-aaa-moon/aaa/aaa-authn-mdsal-store/aaa-authn-mdsal-store-impl/src/main/java/org/opendaylight/aaa/authn/mdsal/store/DataEncrypter.java deleted file mode 100644 index ca0a74be..00000000 --- a/upstream/odl-aaa-moon/aaa/aaa-authn-mdsal-store/aaa-authn-mdsal-store-impl/src/main/java/org/opendaylight/aaa/authn/mdsal/store/DataEncrypter.java +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (c) 2015 Cisco Systems, Inc. and others. All rights reserved. - * - * This program and the accompanying materials are made available under the - * terms of the Eclipse Public License v1.0 which accompanies this distribution, - * and is available at http://www.eclipse.org/legal/epl-v10.html - */ - -package org.opendaylight.aaa.authn.mdsal.store; - -import java.security.spec.KeySpec; -import javax.crypto.Cipher; -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; -import javax.xml.bind.DatatypeConverter; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * @author - Sharon Aicler (saichler@cisco.com) - **/ -public class DataEncrypter { - - final protected SecretKey k; - private static final Logger LOG = LoggerFactory.getLogger(DataEncrypter.class); - private static final byte[] iv = { 0, 5, 0, 0, 7, 81, 0, 3, 0, 0, 0, 0, 0, 43, 0, 1 }; - private static final IvParameterSpec ivspec = new IvParameterSpec(iv); - public static final String ENCRYPTED_TAG = "Encrypted:"; - - public DataEncrypter(final String ckey) { - SecretKey tmp = null; - if (ckey != null && !ckey.isEmpty()) { - - try { - SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); - KeySpec spec = new PBEKeySpec(ckey.toCharArray(), iv, 32768, 128); - tmp = keyFactory.generateSecret(spec); - } catch (Exception e) { - LOG.error("Couldn't initialize key factory", e); - } - if (tmp != null) { - k = new SecretKeySpec(tmp.getEncoded(), "AES"); - } else { - throw new RuntimeException("Couldn't initalize encryption key"); - } - } else { - k = null; - LOG.warn("Void crypto key passed! AuthN Store Encryption disabled"); - } - - } - - protected String encrypt(String token) { - - if (k == null) { - return token; - } - - String cryptostring = null; - try { - Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); - c.init(Cipher.ENCRYPT_MODE, k, ivspec); - byte[] cryptobytes = c.doFinal(token.getBytes()); - cryptostring = DatatypeConverter.printBase64Binary(cryptobytes); - return ENCRYPTED_TAG + cryptostring; - } catch (Exception e) { - LOG.error("Couldn't encrypt token", e); - return null; - } - } - - protected String decrypt(String eToken) { - if (k == null) { - return eToken; - } - - if (eToken == null || eToken.length() == 0) { - return null; - } - - if (!eToken.startsWith(ENCRYPTED_TAG)) { - return eToken; - } - - try { - Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); - c.init(Cipher.DECRYPT_MODE, k, ivspec); - - byte[] cryptobytes = DatatypeConverter.parseBase64Binary(eToken.substring(ENCRYPTED_TAG.length())); - byte[] clearbytes = c.doFinal(cryptobytes); - return DatatypeConverter.printBase64Binary(clearbytes); - - } catch (Exception e) { - LOG.error("Couldn't decrypt token", e); - return null; - } - } -} |