| 1 | /** |
| 2 | * Licensed to jclouds, Inc. (jclouds) under one or more |
| 3 | * contributor license agreements. See the NOTICE file |
| 4 | * distributed with this work for additional information |
| 5 | * regarding copyright ownership. jclouds licenses this file |
| 6 | * to you under the Apache License, Version 2.0 (the |
| 7 | * "License"); you may not use this file except in compliance |
| 8 | * with the License. You may obtain a copy of the License at |
| 9 | * |
| 10 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | * |
| 12 | * Unless required by applicable law or agreed to in writing, |
| 13 | * software distributed under the License is distributed on an |
| 14 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| 15 | * KIND, either express or implied. See the License for the |
| 16 | * specific language governing permissions and limitations |
| 17 | * under the License. |
| 18 | */ |
| 19 | package org.jclouds.encryption.internal; |
| 20 | |
| 21 | import java.security.InvalidKeyException; |
| 22 | import java.security.KeyFactory; |
| 23 | import java.security.KeyPairGenerator; |
| 24 | import java.security.MessageDigest; |
| 25 | import java.security.NoSuchAlgorithmException; |
| 26 | import java.security.Provider; |
| 27 | import java.security.cert.CertificateException; |
| 28 | import java.security.cert.CertificateFactory; |
| 29 | |
| 30 | import org.jclouds.javax.annotation.Nullable; |
| 31 | import javax.crypto.Mac; |
| 32 | import javax.crypto.spec.SecretKeySpec; |
| 33 | import javax.inject.Inject; |
| 34 | import javax.inject.Singleton; |
| 35 | |
| 36 | import org.jclouds.crypto.Crypto; |
| 37 | |
| 38 | /** |
| 39 | * |
| 40 | * @author Adrian Cole |
| 41 | */ |
| 42 | @Singleton |
| 43 | public class JCECrypto implements Crypto { |
| 44 | |
| 45 | private final KeyPairGenerator rsaKeyPairGenerator; |
| 46 | private final KeyFactory rsaKeyFactory; |
| 47 | private final CertificateFactory certFactory; |
| 48 | private final Provider provider; |
| 49 | |
| 50 | @Inject |
| 51 | public JCECrypto() throws NoSuchAlgorithmException, CertificateException { |
| 52 | this(null); |
| 53 | } |
| 54 | |
| 55 | public JCECrypto(@Nullable Provider provider) throws NoSuchAlgorithmException, CertificateException { |
| 56 | this.rsaKeyPairGenerator = provider == null ? KeyPairGenerator.getInstance("RSA") : KeyPairGenerator.getInstance( |
| 57 | "RSA", provider); |
| 58 | this.rsaKeyFactory = provider == null ? KeyFactory.getInstance("RSA") : KeyFactory.getInstance("RSA", provider); |
| 59 | this.certFactory = provider == null ? CertificateFactory.getInstance("X.509") : CertificateFactory.getInstance( |
| 60 | "X.509", provider); |
| 61 | this.provider = provider; |
| 62 | } |
| 63 | |
| 64 | @Override |
| 65 | public Mac hmac(String algorithm, byte[] key) throws NoSuchAlgorithmException, InvalidKeyException { |
| 66 | Mac mac = provider == null ? Mac.getInstance(algorithm) : Mac.getInstance(algorithm, provider); |
| 67 | SecretKeySpec signingKey = new SecretKeySpec(key, algorithm); |
| 68 | mac.init(signingKey); |
| 69 | return mac; |
| 70 | |
| 71 | } |
| 72 | |
| 73 | @Override |
| 74 | public MessageDigest digest(String algorithm) throws NoSuchAlgorithmException { |
| 75 | return provider == null ? MessageDigest.getInstance(algorithm) : MessageDigest.getInstance(algorithm, provider); |
| 76 | } |
| 77 | |
| 78 | public final static String MD5 = "MD5"; |
| 79 | public final static String SHA1 = "SHA1"; |
| 80 | public final static String SHA256 = "SHA-256"; |
| 81 | public final static String SHA512 = "SHA-512"; |
| 82 | |
| 83 | @Override |
| 84 | public MessageDigest md5() { |
| 85 | try { |
| 86 | return digest(MD5); |
| 87 | } catch (NoSuchAlgorithmException e) { |
| 88 | throw new IllegalStateException("MD5 must be supported", e); |
| 89 | } |
| 90 | } |
| 91 | |
| 92 | @Override |
| 93 | public MessageDigest sha1() { |
| 94 | try { |
| 95 | return digest(SHA1); |
| 96 | } catch (NoSuchAlgorithmException e) { |
| 97 | throw new IllegalStateException("MD5 must be supported", e); |
| 98 | } |
| 99 | } |
| 100 | |
| 101 | @Override |
| 102 | public MessageDigest sha256() { |
| 103 | try { |
| 104 | return digest(SHA256); |
| 105 | } catch (NoSuchAlgorithmException e) { |
| 106 | throw new IllegalStateException(SHA256 + " must be supported", e); |
| 107 | } |
| 108 | } |
| 109 | |
| 110 | @Override |
| 111 | public MessageDigest sha512() { |
| 112 | try { |
| 113 | return digest(SHA512); |
| 114 | } catch (NoSuchAlgorithmException e) { |
| 115 | throw new IllegalStateException(SHA512 + " must be supported", e); |
| 116 | } |
| 117 | } |
| 118 | |
| 119 | public final static String HmacSHA256 = "HmacSHA256"; |
| 120 | public final static String HmacSHA1 = "HmacSHA1"; |
| 121 | |
| 122 | @Override |
| 123 | public Mac hmacSHA1(byte[] key) throws InvalidKeyException { |
| 124 | try { |
| 125 | return hmac(HmacSHA1, key); |
| 126 | } catch (NoSuchAlgorithmException e) { |
| 127 | throw new IllegalStateException("HmacSHA1 must be supported", e); |
| 128 | } |
| 129 | } |
| 130 | |
| 131 | @Override |
| 132 | public Mac hmacSHA256(byte[] key) throws InvalidKeyException { |
| 133 | try { |
| 134 | return hmac(HmacSHA256, key); |
| 135 | } catch (NoSuchAlgorithmException e) { |
| 136 | throw new IllegalStateException("HmacSHA256 must be supported", e); |
| 137 | } |
| 138 | } |
| 139 | |
| 140 | @Override |
| 141 | public CertificateFactory certFactory() { |
| 142 | return certFactory; |
| 143 | } |
| 144 | |
| 145 | @Override |
| 146 | public KeyFactory rsaKeyFactory() { |
| 147 | return rsaKeyFactory; |
| 148 | } |
| 149 | |
| 150 | @Override |
| 151 | public KeyPairGenerator rsaKeyPairGenerator() { |
| 152 | return rsaKeyPairGenerator; |
| 153 | } |
| 154 | } |