001/* 002 * SonarQube 003 * Copyright (C) 2009-2017 SonarSource SA 004 * mailto:info AT sonarsource DOT com 005 * 006 * This program is free software; you can redistribute it and/or 007 * modify it under the terms of the GNU Lesser General Public 008 * License as published by the Free Software Foundation; either 009 * version 3 of the License, or (at your option) any later version. 010 * 011 * This program is distributed in the hope that it will be useful, 012 * but WITHOUT ANY WARRANTY; without even the implied warranty of 013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 014 * Lesser General Public License for more details. 015 * 016 * You should have received a copy of the GNU Lesser General Public License 017 * along with this program; if not, write to the Free Software Foundation, 018 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 019 */ 020package org.sonar.api.config; 021 022import java.util.HashMap; 023import java.util.Locale; 024import java.util.Map; 025import java.util.regex.Matcher; 026import java.util.regex.Pattern; 027import javax.annotation.Nullable; 028 029/** 030 * @since 3.0 031 */ 032public final class Encryption { 033 034 private static final String BASE64_ALGORITHM = "b64"; 035 036 private static final String AES_ALGORITHM = "aes"; 037 private final AesCipher aesCipher; 038 039 private final Map<String, Cipher> ciphers; 040 private static final Pattern ENCRYPTED_PATTERN = Pattern.compile("\\{(.*?)\\}(.*)"); 041 042 public Encryption(@Nullable String pathToSecretKey) { 043 aesCipher = new AesCipher(pathToSecretKey); 044 ciphers = new HashMap<>(); 045 ciphers.put(BASE64_ALGORITHM, new Base64Cipher()); 046 ciphers.put(AES_ALGORITHM, aesCipher); 047 } 048 049 public void setPathToSecretKey(@Nullable String pathToSecretKey) { 050 aesCipher.setPathToSecretKey(pathToSecretKey); 051 } 052 053 /** 054 * Checks the availability of the secret key, that is required to encrypt and decrypt. 055 */ 056 public boolean hasSecretKey() { 057 return aesCipher.hasSecretKey(); 058 } 059 060 public boolean isEncrypted(String value) { 061 return value.indexOf('{') == 0 && value.indexOf('}') > 1; 062 } 063 064 public String encrypt(String clearText) { 065 return encrypt(AES_ALGORITHM, clearText); 066 } 067 068 public String scramble(String clearText) { 069 return encrypt(BASE64_ALGORITHM, clearText); 070 } 071 072 public String generateRandomSecretKey() { 073 return aesCipher.generateRandomSecretKey(); 074 } 075 076 public String decrypt(String encryptedText) { 077 Matcher matcher = ENCRYPTED_PATTERN.matcher(encryptedText); 078 if (matcher.matches()) { 079 Cipher cipher = ciphers.get(matcher.group(1).toLowerCase(Locale.ENGLISH)); 080 if (cipher != null) { 081 return cipher.decrypt(matcher.group(2)); 082 } 083 } 084 return encryptedText; 085 } 086 087 private String encrypt(String algorithm, String clearText) { 088 Cipher cipher = ciphers.get(algorithm); 089 if (cipher == null) { 090 throw new IllegalArgumentException("Unknown cipher algorithm: " + algorithm); 091 } 092 return String.format("{%s}%s", algorithm, cipher.encrypt(clearText)); 093 } 094}