001/*
002 * SonarQube
003 * Copyright (C) 2009-2017 SonarSource SA
004 * mailto:info AT sonarsource DOT com
005 *
006 * This program is free software; you can redistribute it and/or
007 * modify it under the terms of the GNU Lesser General Public
008 * License as published by the Free Software Foundation; either
009 * version 3 of the License, or (at your option) any later version.
010 *
011 * This program is distributed in the hope that it will be useful,
012 * but WITHOUT ANY WARRANTY; without even the implied warranty of
013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014 * Lesser General Public License for more details.
015 *
016 * You should have received a copy of the GNU Lesser General Public License
017 * along with this program; if not, write to the Free Software Foundation,
018 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
019 */
020package org.sonar.api.config;
021
022import com.google.common.collect.ImmutableMap;
023
024import javax.annotation.Nullable;
025
026import java.util.Locale;
027import java.util.Map;
028import java.util.regex.Matcher;
029import java.util.regex.Pattern;
030
031/**
032 * @since 3.0
033 */
034public final class Encryption {
035
036  private static final String BASE64_ALGORITHM = "b64";
037
038  private static final String AES_ALGORITHM = "aes";
039  private final AesCipher aesCipher;
040
041  private final Map<String, Cipher> ciphers;
042  private static final Pattern ENCRYPTED_PATTERN = Pattern.compile("\\{(.*?)\\}(.*)");
043
044  public Encryption(@Nullable String pathToSecretKey) {
045    aesCipher = new AesCipher(pathToSecretKey);
046    ciphers = ImmutableMap.of(
047      BASE64_ALGORITHM, new Base64Cipher(),
048      AES_ALGORITHM, aesCipher);
049  }
050
051  public void setPathToSecretKey(@Nullable String pathToSecretKey) {
052    aesCipher.setPathToSecretKey(pathToSecretKey);
053  }
054
055  /**
056   * Checks the availability of the secret key, that is required to encrypt and decrypt.
057   */
058  public boolean hasSecretKey() {
059    return aesCipher.hasSecretKey();
060  }
061
062  public boolean isEncrypted(String value) {
063    return value.indexOf('{') == 0 && value.indexOf('}') > 1;
064  }
065
066  public String encrypt(String clearText) {
067    return encrypt(AES_ALGORITHM, clearText);
068  }
069
070  public String scramble(String clearText) {
071    return encrypt(BASE64_ALGORITHM, clearText);
072  }
073
074  public String generateRandomSecretKey() {
075    return aesCipher.generateRandomSecretKey();
076  }
077
078  public String decrypt(String encryptedText) {
079    Matcher matcher = ENCRYPTED_PATTERN.matcher(encryptedText);
080    if (matcher.matches()) {
081      Cipher cipher = ciphers.get(matcher.group(1).toLowerCase(Locale.ENGLISH));
082      if (cipher != null) {
083        return cipher.decrypt(matcher.group(2));
084      }
085    }
086    return encryptedText;
087  }
088
089  private String encrypt(String algorithm, String clearText) {
090    Cipher cipher = ciphers.get(algorithm);
091    if (cipher == null) {
092      throw new IllegalArgumentException("Unknown cipher algorithm: " + algorithm);
093    }
094    return String.format("{%s}%s", algorithm, cipher.encrypt(clearText));
095  }
096}