de.hybris.platform.util.encryption

Class EncryptionUtil

java.lang.Object

de.hybris.platform.util.encryption.EncryptionUtil

public class EncryptionUtil
extends java.lang.Object

Helper class for maintenance_reciper.jsp, maintenance_keygenerator.jsp (admin > maintenance > encryption key management) and de.hybris.platform.util.encryption.ValueEncryptor

Rewrites the encrypted attribute with the configured default encyrption key (symmetric.key.file.default)

see project.properties

# attribute encryption

# keyfile location: ${platformhome}/ext/core/resources/

...

symmetric.key.file.1=weak-symmetric.key.one

symmetric.key.file.2=weak-symmetric.key.two

symmetric.key.file.default=2

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	DEFAULT_ENCRYPTION_KEY_FILE_ID
static java.lang.String	DEFAULT_ENCRYPTION_KEY_FILE_NAME
static java.lang.String	DEFAULT_KEYFILE_NAME
static java.lang.String	FILE_SEPARATOR
static char[]	PASSWORD
static java.lang.String	providerClass
static java.lang.String	SUBFOLDER

Constructor Summary

Constructors

Constructor and Description
EncryptionUtil()

Method Summary

Modifier and Type	Method and Description
static java.lang.String	asHex(byte[] buf) Turns array of bytes into string
static boolean	createKey(java.lang.String filename, int keysize, java.lang.String cipherName, java.lang.String cipherAlgorithm, char[] password)
static boolean	generateAESKey(java.lang.String keyfile, int keysize)
java.util.Map<ComposedType,java.util.List<AttributeDescriptor>>	getAllTypesWhichHasEncyrptedAttributes()
protected static ConfigIntf	getConfig()
java.util.Map<java.lang.String,java.lang.String>	getConfiguredEncryptionKey()
java.lang.String	getOldKeyFile()
static javax.crypto.spec.PBEParameterSpec	getOldPBEParameterSpec()
static byte[]	getOldSalt()
java.util.Map<java.lang.String,java.lang.Integer>	getUsedKeys(java.lang.String type, java.lang.String qualifier) Returns used keys
java.util.Map<java.lang.String,java.lang.Integer>	getUsedKeys(java.lang.String type, java.lang.String qualifier, JspContext jspc) Deprecated. since 1811
static boolean	isNewStyleKey(java.lang.String keyfile)
static javax.crypto.SecretKey	laodDefaultKey(java.lang.String cipherName, java.lang.String cipherAlgorithm, char[] password)
static javax.crypto.SecretKey	loadKey(java.io.InputStream fis, java.lang.String cipherName, java.lang.String cipherAlgorithm, char[] password)
static javax.crypto.SecretKey	loadKey(java.lang.String keyID)
static javax.crypto.SecretKey	loadKey(java.lang.String keyID, java.lang.String cipherName, java.lang.String cipherAlgorithm, char[] password)
void	migrate(java.lang.String type, java.lang.String attribute)
void	migrate(java.lang.String type, java.lang.String qualifier, JspContext jspc) Performance (MacBook Pro/MySQL 5): Time: 1742901 m/s for '200100' steps-- 8 ms/step

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SUBFOLDER

public static final java.lang.String SUBFOLDER

See Also:

Constant Field Values

providerClass

public static final java.lang.String providerClass

See Also:

Constant Field Values

FILE_SEPARATOR

public static final java.lang.String FILE_SEPARATOR

DEFAULT_KEYFILE_NAME

public static final java.lang.String DEFAULT_KEYFILE_NAME

See Also:

Constant Field Values

PASSWORD

public static char[] PASSWORD

DEFAULT_ENCRYPTION_KEY_FILE_ID

public static final java.lang.String DEFAULT_ENCRYPTION_KEY_FILE_ID

DEFAULT_ENCRYPTION_KEY_FILE_NAME

public static final java.lang.String DEFAULT_ENCRYPTION_KEY_FILE_NAME

Constructor Detail

EncryptionUtil

public EncryptionUtil()

Method Detail

getConfig

protected static ConfigIntf getConfig()

Returns:

the ConfigIntf (object) of the MasterTenant

getOldKeyFile

public java.lang.String getOldKeyFile()

getConfiguredEncryptionKey

public java.util.Map<java.lang.String,java.lang.String> getConfiguredEncryptionKey()

migrate

public void migrate(java.lang.String type,
                    java.lang.String attribute)

migrate

public void migrate(java.lang.String type,
                    java.lang.String qualifier,
                    JspContext jspc)

Performance (MacBook Pro/MySQL 5): Time: 1742901 m/s for '200100' steps-- 8 ms/step

Parameters:

type - code of the ComposedTtype

qualifier - name of the encrypted attribute

jspc - jspContext

getUsedKeys

public java.util.Map<java.lang.String,java.lang.Integer> getUsedKeys(java.lang.String type,
                                                                     java.lang.String qualifier)

Returns used keys

Parameters:

type - type to get keys for

qualifier - attribute name in given type

Returns:

keys

getUsedKeys

@Deprecated
public java.util.Map<java.lang.String,java.lang.Integer> getUsedKeys(java.lang.String type,
                                                                                 java.lang.String qualifier,
                                                                                 JspContext jspc)

Deprecated. since 1811

Returns used keys

Parameters:

type - type to get keys for

qualifier - attribute name in given type

jspc - jspContext

Returns:

getAllTypesWhichHasEncyrptedAttributes

public java.util.Map<ComposedType,java.util.List<AttributeDescriptor>> getAllTypesWhichHasEncyrptedAttributes()

generateAESKey

public static boolean generateAESKey(java.lang.String keyfile,
                                     int keysize)
                              throws java.security.GeneralSecurityException,
                                     java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

createKey

public static boolean createKey(java.lang.String filename,
                                int keysize,
                                java.lang.String cipherName,
                                java.lang.String cipherAlgorithm,
                                char[] password)
                         throws java.security.GeneralSecurityException,
                                java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

loadKey

public static javax.crypto.SecretKey loadKey(java.lang.String keyID)
                                      throws java.security.GeneralSecurityException,
                                             java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

laodDefaultKey

public static javax.crypto.SecretKey laodDefaultKey(java.lang.String cipherName,
                                                    java.lang.String cipherAlgorithm,
                                                    char[] password)
                                             throws java.security.InvalidKeyException,
                                                    java.security.NoSuchAlgorithmException,
                                                    java.security.spec.InvalidKeySpecException,
                                                    javax.crypto.NoSuchPaddingException,
                                                    javax.crypto.IllegalBlockSizeException,
                                                    javax.crypto.BadPaddingException,
                                                    java.security.InvalidAlgorithmParameterException,
                                                    java.io.IOException

Throws:

java.security.InvalidKeyException

java.security.NoSuchAlgorithmException

java.security.spec.InvalidKeySpecException

javax.crypto.NoSuchPaddingException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.security.InvalidAlgorithmParameterException

java.io.IOException

loadKey

public static javax.crypto.SecretKey loadKey(java.lang.String keyID,
                                             java.lang.String cipherName,
                                             java.lang.String cipherAlgorithm,
                                             char[] password)

loadKey

public static javax.crypto.SecretKey loadKey(java.io.InputStream fis,
                                             java.lang.String cipherName,
                                             java.lang.String cipherAlgorithm,
                                             char[] password)
                                      throws java.io.IOException,
                                             java.security.NoSuchAlgorithmException,
                                             java.security.InvalidKeyException,
                                             java.security.spec.InvalidKeySpecException,
                                             javax.crypto.NoSuchPaddingException,
                                             javax.crypto.IllegalBlockSizeException,
                                             javax.crypto.BadPaddingException,
                                             java.security.InvalidAlgorithmParameterException

Throws:

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.InvalidKeyException

java.security.spec.InvalidKeySpecException

javax.crypto.NoSuchPaddingException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.security.InvalidAlgorithmParameterException

getOldSalt

public static final byte[] getOldSalt()

getOldPBEParameterSpec

public static final javax.crypto.spec.PBEParameterSpec getOldPBEParameterSpec()

isNewStyleKey

public static boolean isNewStyleKey(java.lang.String keyfile)

asHex

public static java.lang.String asHex(byte[] buf)

Turns array of bytes into string

Parameters:

buf - Array of bytes to convert to hex string

Returns:

Generated hex string