Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.commons.vfs2.util;
018
019import java.nio.charset.StandardCharsets;
020
021import javax.crypto.Cipher;
022import javax.crypto.spec.SecretKeySpec;
023
024/**
025 * Allows passwords to be encrypted and decrypted.
026 * <p>
027 * Warning: This uses AES128 with a fixed encryption key. This is only an obfuscation no cryptographic secure
028 * protection.
029 * </p>
030 *
031 * @since 2.0
032 */
033public class DefaultCryptor implements Cryptor {
034    private static final char[] HEX_CHARS = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
035
036    private static final byte[] KEY_BYTES = {0x41, 0x70, 0x61, 0x63, 0x68, 0x65, 0x43, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x73, 0x56, 0x46, 0x53};
037
038    private static final int INDEX_NOT_FOUND = -1;
039
040    private static final int BITS_IN_HALF_BYTE = 4;
041
042    private static final char MASK = 0x0f;
043
044    /**
045     * Constructs a new instance.
046     */
047    public DefaultCryptor() {
048        // empty
049    }
050
051    /** Decodes Hex-Bytes. */
052    private byte[] decode(final String str) {
053        final char[] chars = str.toCharArray();
054        final int length = chars.length / 2;
055        final byte[] decoded = new byte[length];
056        if (length * 2 != chars.length) {
057            throw new IllegalArgumentException("The given string must have even number of hex chars.");
058        }
059        int index = 0;
060        for (int i = 0; i < length; i++) {
061            final int id1 = indexOf(HEX_CHARS, chars[index++]);
062            if (id1 == INDEX_NOT_FOUND) {
063                throw new IllegalArgumentException("Character " + chars[index - 1] + " at position " + (index - 1) + " is not a valid hexadecimal character");
064            }
065            final int id2 = indexOf(HEX_CHARS, chars[index++]);
066            if (id2 == INDEX_NOT_FOUND) {
067                throw new IllegalArgumentException("Character " + chars[index - 1] + " at position " + (index - 1) + " is not a valid hexadecimal character");
068            }
069            decoded[i] = (byte) (id1 << BITS_IN_HALF_BYTE | id2);
070        }
071        return decoded;
072    }
073
074    /**
075     * Decrypts the password.
076     *
077     * @param encryptedKey the encrypted password.
078     * @return The plain text password.
079     * @throws Exception If an error occurs.
080     */
081    @Override
082    public String decrypt(final String encryptedKey) throws Exception {
083        final SecretKeySpec key = new SecretKeySpec(KEY_BYTES, "AES");
084        final Cipher cipher = Cipher.getInstance("AES");
085        cipher.init(Cipher.DECRYPT_MODE, key);
086        final byte[] decoded = decode(encryptedKey);
087        final byte[] plainText = new byte[cipher.getOutputSize(decoded.length)];
088        int ptLength = cipher.update(decoded, 0, decoded.length, plainText, 0);
089        ptLength += cipher.doFinal(plainText, ptLength);
090        return new String(plainText, StandardCharsets.UTF_8).substring(0, ptLength);
091    }
092
093    /** Hex-encode bytes. */
094    private String encode(final byte[] bytes) {
095        final StringBuilder builder = new StringBuilder();
096
097        for (final byte b : bytes) {
098            builder.append(HEX_CHARS[b >> BITS_IN_HALF_BYTE & MASK]);
099            builder.append(HEX_CHARS[b & MASK]);
100        }
101        return builder.toString();
102    }
103
104    /**
105     * Encrypt the plain text password.
106     * <p>
107     * Warning: This uses AES128 with a fixed encryption key. This is only an obfuscation no cryptographic secure
108     * protection.
109     *
110     * @param plainKey The password.
111     * @return The encrypted password String.
112     * @throws Exception If an error occurs.
113     */
114    @Override
115    public String encrypt(final String plainKey) throws Exception {
116        final byte[] input = plainKey.getBytes(StandardCharsets.UTF_8);
117        final SecretKeySpec key = new SecretKeySpec(KEY_BYTES, "AES");
118
119        final Cipher cipher = Cipher.getInstance("AES");
120
121        // encryption pass
122        cipher.init(Cipher.ENCRYPT_MODE, key);
123
124        final byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
125        int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
126        ctLength += cipher.doFinal(cipherText, ctLength);
127        return encode(cipherText);
128    }
129
130    private int indexOf(final char[] array, final char valueToFind) {
131        if (array == null) {
132            return INDEX_NOT_FOUND;
133        }
134        for (int i = 0; i < array.length; i++) {
135            if (valueToFind == array[i]) {
136                return i;
137            }
138        }
139        return INDEX_NOT_FOUND;
140    }
141}