001    /*
002     * SonarQube, open source software quality management tool.
003     * Copyright (C) 2008-2014 SonarSource
004     * mailto:contact AT sonarsource DOT com
005     *
006     * SonarQube is free software; you can redistribute it and/or
007     * modify it under the terms of the GNU Lesser General Public
008     * License as published by the Free Software Foundation; either
009     * version 3 of the License, or (at your option) any later version.
010     *
011     * SonarQube is distributed in the hope that it will be useful,
012     * but WITHOUT ANY WARRANTY; without even the implied warranty of
013     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014     * Lesser General Public License for more details.
015     *
016     * You should have received a copy of the GNU Lesser General Public License
017     * along with this program; if not, write to the Free Software Foundation,
018     * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
019     */
020    package org.sonar.api.config;
021    
022    import com.google.common.collect.ImmutableMap;
023    
024    import javax.annotation.Nullable;
025    
026    import java.util.Locale;
027    import java.util.Map;
028    import java.util.regex.Matcher;
029    import java.util.regex.Pattern;
030    
031    /**
032     * @since 3.0
033     */
034    public final class Encryption {
035    
036      private static final String BASE64_ALGORITHM = "b64";
037    
038      private static final String AES_ALGORITHM = "aes";
039      private final AesCipher aesCipher;
040    
041      private final Map<String, Cipher> ciphers;
042      private static final Pattern ENCRYPTED_PATTERN = Pattern.compile("\\{(.*?)\\}(.*)");
043    
044      public Encryption(@Nullable String pathToSecretKey) {
045        aesCipher = new AesCipher(pathToSecretKey);
046        ciphers = ImmutableMap.of(
047            BASE64_ALGORITHM, new Base64Cipher(),
048            AES_ALGORITHM, aesCipher);
049      }
050    
051      public void setPathToSecretKey(@Nullable String pathToSecretKey) {
052        aesCipher.setPathToSecretKey(pathToSecretKey);
053      }
054    
055      /**
056       * Checks the availability of the secret key, that is required to encrypt and decrypt.
057       */
058      public boolean hasSecretKey() {
059        return aesCipher.hasSecretKey();
060      }
061    
062      public boolean isEncrypted(String value) {
063        return value.indexOf('{') == 0 && value.indexOf('}') > 1;
064      }
065    
066      public String encrypt(String clearText) {
067        return encrypt(AES_ALGORITHM, clearText);
068      }
069    
070      public String scramble(String clearText) {
071        return encrypt(BASE64_ALGORITHM, clearText);
072      }
073    
074      public String generateRandomSecretKey() {
075        return aesCipher.generateRandomSecretKey();
076      }
077    
078      public String decrypt(String encryptedText) {
079        Matcher matcher = ENCRYPTED_PATTERN.matcher(encryptedText);
080        if (matcher.matches()) {
081          Cipher cipher = ciphers.get(matcher.group(1).toLowerCase(Locale.ENGLISH));
082          if (cipher != null) {
083            return cipher.decrypt(matcher.group(2));
084          }
085        }
086        return encryptedText;
087      }
088    
089      private String encrypt(String algorithm, String clearText) {
090        Cipher cipher = ciphers.get(algorithm);
091        if (cipher == null) {
092          throw new IllegalArgumentException("Unknown cipher algorithm: " + algorithm);
093        }
094        return String.format("{%s}%s", algorithm, cipher.encrypt(clearText));
095      }
096    }