Summary Table
Categories |
Total Count |
PII |
0 |
URL |
0 |
DNS |
0 |
EKL |
0 |
IP |
0 |
PORT |
0 |
VsID |
0 |
CF |
0 |
AI |
0 |
VPD |
0 |
PL |
0 |
Other |
0 |
File Content
package gov.va.med.ars.security;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.log4j.Logger;
import java.util.Base64;
/**
*
* This class provides AES level encryption. It was developed with the intention
* assist in the prevention of sensitive data from being passed plain text
*
* @author Ian Meinert
* @version 1.0 February 23, 2018
*
*/
public class AesEncryption {
/**
* The logger for the class
*/
private static final Logger LOGGER = Logger
.getLogger(AesEncryption.class.getName());
/**
* Encrypts a given String
*
* @param raw
* The raw string to encrypt
* @return an encrypted String
* @throws InvalidKeyException
* @throws InvalidAlgorithmParameterException
* @throws UnsupportedEncodingException
* @throws Exception
*/
public static String encrypt(String raw)
throws InvalidKeyException, InvalidAlgorithmParameterException,
UnsupportedEncodingException, Exception {
LOGGER.debug("raw: " + raw);
Cipher cipher = getCipher(Cipher.ENCRYPT_MODE);
byte[] encryptedVal = cipher.doFinal(raw.getBytes("UTF-8"));
LOGGER.debug("encryptedVal: " + new String(encryptedVal));
byte[] encodedBytes = Base64.getEncoder().encode(encryptedVal);
LOGGER.debug("encodedBytes: " + new String(encodedBytes));
return new String(encodedBytes);
}
/**
* Decrypts a given String
*
* @param encrypted
* The encrypted string to decrypt
* @return
* @throws InvalidKeyException
* @throws InvalidAlgorithmParameterException
* @throws UnsupportedEncodingException
* @throws Exception
*/
public static String decrypt(String encrypted)
throws InvalidKeyException, InvalidAlgorithmParameterException,
UnsupportedEncodingException, Exception {
LOGGER.debug("encrypted: " + new String(encrypted));
Cipher cipher = getCipher(Cipher.DECRYPT_MODE);
byte[] decodedValue = Base64.getDecoder().decode(encrypted);
LOGGER.debug("decodedValue: " + new String(decodedValue));
byte[] decValue = cipher.doFinal(decodedValue);
LOGGER.debug("decValue: " + new String(decValue));
return new String(decValue);
}
/**
* Initializes the cipher for either encryption or decryption
*
* @param mode
* The mode of the encryption
* @return
* @throws InvalidKeyException
* @throws InvalidAlgorithmParameterException
* @throws UnsupportedEncodingException
* @throws Exception
*/
private static Cipher getCipher(int mode)
throws InvalidKeyException, InvalidAlgorithmParameterException,
UnsupportedEncodingException, Exception {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(mode, generateKey(),
new IvParameterSpec(EncryptionConstants.IV.getBytes("UTF-8")));
return cipher;
}
/**
* Generates a key using EncryptionConstants
*
* @return The cipher Key
* @throws NoSuchAlgorithmException
* @throws UnsupportedEncodingException
* @throws InvalidKeySpecException
*/
private static Key generateKey() throws NoSuchAlgorithmException,
UnsupportedEncodingException, InvalidKeySpecException {
SecretKeyFactory factory = SecretKeyFactory
.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(
EncryptionConstants.ENCR_STR.toCharArray(),
EncryptionConstants.SALT.getBytes("UTF-8"),
EncryptionConstants.ITERATION_COUNT,
EncryptionConstants.KEY_LENGTH);
SecretKey tmp = factory.generateSecret(spec);
byte[] encoded = tmp.getEncoded();
return new SecretKeySpec(encoded, "AES");
}
}