Package de.hybris.platform.util.encryption

Class EncryptionUtil

  • public class EncryptionUtil
extends java.lang.Object
    Helper class for maintenance_reciper.jsp, maintenance_keygenerator.jsp (admin > maintenance > encryption key management) and de.hybris.platform.util.encryption.ValueEncryptor

    Rewrites the encrypted attribute with the configured default encyrption key (symmetric.key.file.default)

    see project.properties

    # attribute encryption

    # keyfile location: ${platformhome}/ext/core/resources/

    ...

    symmetric.key.file.1=weak-symmetric.key.one

    symmetric.key.file.2=weak-symmetric.key.two

    symmetric.key.file.default=2

    • Constructor Detail

      • EncryptionUtil

        public EncryptionUtil()

    • Method Detail

      • setKeyfiles

        public static void setKeyfiles​(java.util.Map<java.lang.String,​java.lang.String> keyfiles)

      • getDefaultKeyFileName

        public static java.lang.String getDefaultKeyFileName()

      • getDefaultKeyFileId

        public static java.lang.String getDefaultKeyFileId()

      • getConfig

        protected static ConfigIntf getConfig()

      • getOldKeyFile

        public static java.lang.String getOldKeyFile()

      • getSecretKeysFromConfig

        public static java.util.Map<java.lang.String,​javax.crypto.SecretKey> getSecretKeysFromConfig()

      • getConfiguredEncryptionKeys

        public static java.util.Map<java.lang.String,​java.lang.String> getConfiguredEncryptionKeys()

      • isConfiguredMigrationKey

        public static boolean isConfiguredMigrationKey()

      • getConfiguredEncryptionKey

        @Deprecated(since="1905",
            forRemoval=true)
public java.util.Map<java.lang.String,​java.lang.String> getConfiguredEncryptionKey()
        Deprecated, for removal: This API element is subject to removal in a future version.
        since 1905 in favor of getConfiguredEncryptionKeys()

      • migrate

        public void migrate​(java.lang.String type,
                    java.lang.String attribute)

      • migrate

        public static void migrate​(java.lang.String type,
                           java.lang.String qualifier,
                           JspContext jspc)
        Performance (MacBook Pro/MySQL 5): Time: 1742901 m/s for '200100' steps-- 8 ms/step
        Parameters:
        type - code of the ComposedTtype
        qualifier - name of the encrypted attribute
        jspc - jspContext

      • getUsedKeys

        public static java.util.Map<java.lang.String,​java.lang.Integer> getUsedKeys​(java.lang.String type,
                                                                                  java.lang.String qualifier)
        Returns used keys
        Parameters:
        type - type to get keys for
        qualifier - attribute name in given type
        Returns:
        keys

      • getUsedKeys

        @Deprecated(since="1811",
            forRemoval=true)
public java.util.Map<java.lang.String,​java.lang.Integer> getUsedKeys​(java.lang.String type,
                                                                           java.lang.String qualifier,
                                                                           JspContext jspc)
        Deprecated, for removal: This API element is subject to removal in a future version.
        since 1811
        Returns used keys
        Parameters:
        type - type to get keys for
        qualifier - attribute name in given type
        jspc - jspContext
        Returns:

      • getAllTypesWhichHasEncyrptedAttributes

        public static java.util.Map<ComposedType,​java.util.List<AttributeDescriptor>> getAllTypesWhichHasEncyrptedAttributes​(java.util.function.Predicate<ComposedType> typeFilter)

      • getAllTypesWhichHasEncyrptedAttributes

        public static java.util.Map<ComposedType,​java.util.List<AttributeDescriptor>> getAllTypesWhichHasEncyrptedAttributes()

      • generateAESKey

        public static boolean generateAESKey​(java.lang.String keyfile,
                                     int keysize)
                              throws java.security.GeneralSecurityException,
                                     java.io.IOException
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • createKey

        public static boolean createKey​(java.lang.String filename,
                                int keysize,
                                java.lang.String cipherName,
                                java.lang.String cipherAlgorithm,
                                char[] password)
                         throws java.security.GeneralSecurityException,
                                java.io.IOException
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • loadKey

        public static javax.crypto.SecretKey loadKey​(java.lang.String keyID)
                                      throws java.security.GeneralSecurityException,
                                             java.io.IOException
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • loadDefaultKey

        public static javax.crypto.SecretKey loadDefaultKey​(java.lang.String cipherName,
                                                    java.lang.String cipherAlgorithm,
                                                    char[] password)
                                             throws java.security.InvalidKeyException,
                                                    java.security.NoSuchAlgorithmException,
                                                    java.security.spec.InvalidKeySpecException,
                                                    javax.crypto.NoSuchPaddingException,
                                                    javax.crypto.IllegalBlockSizeException,
                                                    javax.crypto.BadPaddingException,
                                                    java.security.InvalidAlgorithmParameterException,
                                                    java.io.IOException
        Throws:
        java.security.InvalidKeyException
        java.security.NoSuchAlgorithmException
        java.security.spec.InvalidKeySpecException
        javax.crypto.NoSuchPaddingException
        javax.crypto.IllegalBlockSizeException
        javax.crypto.BadPaddingException
        java.security.InvalidAlgorithmParameterException
        java.io.IOException

      • loadKey

        public static javax.crypto.SecretKey loadKey​(java.lang.String keyID,
                                             java.lang.String cipherName,
                                             java.lang.String cipherAlgorithm,
                                             char[] password)

      • loadKey

        public static javax.crypto.SecretKey loadKey​(java.io.InputStream fis,
                                             java.lang.String cipherName,
                                             java.lang.String cipherAlgorithm,
                                             char[] password)
                                      throws java.io.IOException,
                                             java.security.NoSuchAlgorithmException,
                                             java.security.InvalidKeyException,
                                             java.security.spec.InvalidKeySpecException,
                                             javax.crypto.NoSuchPaddingException,
                                             javax.crypto.IllegalBlockSizeException,
                                             javax.crypto.BadPaddingException,
                                             java.security.InvalidAlgorithmParameterException
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.spec.InvalidKeySpecException
        javax.crypto.NoSuchPaddingException
        javax.crypto.IllegalBlockSizeException
        javax.crypto.BadPaddingException
        java.security.InvalidAlgorithmParameterException

      • getOldSalt

        public static final byte[] getOldSalt()

      • getOldPBEParameterSpec

        public static final javax.crypto.spec.PBEParameterSpec getOldPBEParameterSpec()

      • isNewStyleKey

        public static boolean isNewStyleKey​(java.lang.String keyfile)

      • asHex

        public static java.lang.String asHex​(byte[] buf)
        Turns array of bytes into string
        Parameters:
        buf - Array of bytes to convert to hex string
        Returns:
        Generated hex string