001    /*
002     * SonarQube, open source software quality management tool.
003     * Copyright (C) 2008-2013 SonarSource
004     * mailto:contact AT sonarsource DOT com
005     *
006     * SonarQube is free software; you can redistribute it and/or
007     * modify it under the terms of the GNU Lesser General Public
008     * License as published by the Free Software Foundation; either
009     * version 3 of the License, or (at your option) any later version.
010     *
011     * SonarQube is distributed in the hope that it will be useful,
012     * but WITHOUT ANY WARRANTY; without even the implied warranty of
013     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014     * Lesser General Public License for more details.
015     *
016     * You should have received a copy of the GNU Lesser General Public License
017     * along with this program; if not, write to the Free Software Foundation,
018     * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
019     */
020    package org.sonar.api.config;
021    
022    import com.google.common.collect.ImmutableMap;
023    
024    import java.util.Locale;
025    import java.util.Map;
026    import java.util.regex.Matcher;
027    import java.util.regex.Pattern;
028    
029    /**
030     * @since 3.0
031     */
032    public final class Encryption {
033    
034      private static final String BASE64_ALGORITHM = "b64";
035    
036      private static final String AES_ALGORITHM = "aes";
037      private final AesCipher aesCipher;
038    
039      private final Map<String, Cipher> ciphers;
040      private static final Pattern ENCRYPTED_PATTERN = Pattern.compile("\\{(.*?)\\}(.*)");
041    
042      Encryption(Settings settings) {
043        aesCipher = new AesCipher(settings);
044        ciphers = ImmutableMap.of(
045            BASE64_ALGORITHM, new Base64Cipher(),
046            AES_ALGORITHM, aesCipher
047        );
048      }
049    
050      /**
051       * Checks the availability of the secret key, that is required to encrypt and decrypt.
052       */
053      public boolean hasSecretKey() {
054        return aesCipher.hasSecretKey();
055      }
056    
057      public boolean isEncrypted(String value) {
058        return value.indexOf('{')==0 && value.indexOf('}') > 1;
059      }
060    
061      public String encrypt(String clearText) {
062        return encrypt(AES_ALGORITHM, clearText);
063      }
064    
065      public String scramble(String clearText) {
066        return encrypt(BASE64_ALGORITHM, clearText);
067      }
068    
069      public String generateRandomSecretKey() {
070        return aesCipher.generateRandomSecretKey();
071      }
072    
073      public String decrypt(String encryptedText) {
074        Matcher matcher = ENCRYPTED_PATTERN.matcher(encryptedText);
075        if (matcher.matches()) {
076          Cipher cipher = ciphers.get(matcher.group(1).toLowerCase(Locale.ENGLISH));
077          if (cipher != null) {
078            return cipher.decrypt(matcher.group(2));
079          }
080        }
081        return encryptedText;
082      }
083    
084      private String encrypt(String algorithm, String clearText) {
085        Cipher cipher = ciphers.get(algorithm);
086        if (cipher == null) {
087          throw new IllegalArgumentException("Unknown cipher algorithm: " + algorithm);
088        }
089        return String.format("{%s}%s", algorithm, cipher.encrypt(clearText));
090      }
091    }