package org.openslx.encryption; import java.security.InvalidKeyException; import java.security.InvalidParameterException; import java.security.Key; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.util.Arrays; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import org.apache.log4j.Logger; public class AsymEncryptionHandler { private static final Logger LOG = Logger.getLogger( AsymEncryptionHandler.class ); private final Key key; /** * Create a handler. */ public AsymEncryptionHandler( Key key ) { this.key = key; } /** * Encrypt given plain text message with the key this class was * instantiated with. * * @param cleartext a clear text message * @return The encrypted message */ public byte[] encryptMessage( byte[] cleartext ) { try { Cipher cipher = Cipher.getInstance( "RSA" ); cipher.init( Cipher.ENCRYPT_MODE, key ); return cipher.doFinal( cleartext ); } catch ( NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException e ) { LOG.warn( "Cannot encrypt message", e ); } return null; } /** * Verify an encrypted message, where we know the plain text. * * @param encryptedMessage * @param expectedCleartext * @return true if the message matches the expected plain text after decrypting */ public boolean verifyMessage( byte[] encryptedMessage, byte[] expectedCleartext ) { try { Cipher cipher = Cipher.getInstance( "RSA" ); cipher.init( Cipher.DECRYPT_MODE, key ); byte[] result = cipher.doFinal( encryptedMessage ); return Arrays.equals( expectedCleartext, result ); } catch ( NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException e ) { LOG.warn( "Cannot verify message", e ); } return false; } /** * Generate a fresh RSA key pair. * * @param bits length of key * @return key pair, or null on error */ public static KeyPair generateKeyPair( int bits ) { try { KeyPairGenerator kpg = KeyPairGenerator.getInstance( "RSA" ); kpg.initialize( bits ); return kpg.genKeyPair(); } catch ( NoSuchAlgorithmException | InvalidParameterException e ) { LOG.warn( "Cannot generate RSA Keypair", e ); return null; } } }