Merge pull request #98 from assimbly/develop

Release 5.0.0
assimbly · Oct 11, 2024 · 2650bce · 2650bce
2 parents 221a8a8 + 5c13a45
commit 2650bce
Show file tree

Hide file tree

Showing 2 changed files with 97 additions and 10 deletions.
diff --git a/pom.xml b/pom.xml
@@ -62,7 +62,7 @@
 		<commons-text.version>1.12.0</commons-text.version>
 		<db2-jdbc.version>db2jcc4</db2-jdbc.version>
 		<docconverter.version>1.11.0</docconverter.version>
-		<dropwizard-metrics.version>4.2.27</dropwizard-metrics.version>
+		<dropwizard-metrics.version>4.2.28</dropwizard-metrics.version>
 		<elasticsearch-rest-client.version>8.15.2</elasticsearch-rest-client.version>
 		<gson.version>2.11.0</gson.version>
 		<groovy-script.version>4.0.23</groovy-script.version>
@@ -81,20 +81,20 @@
 		<json.version>20240303</json.version>
 		<jsonassert.version>1.5.3</jsonassert.version>
 		<json-path.version>2.9.0</json-path.version>
-		<junit.version>5.11.1</junit.version>
+		<junit.version>5.11.2</junit.version>
 		<jwt.version>0.12.6</jwt.version>
 		<jolokia.version>2.1.1</jolokia.version>
 		<httpclient.version>4.5.14</httpclient.version>
 		<kamelet.version>4.8.0</kamelet.version>
-		<logback-classic.version>1.5.8</logback-classic.version>
+		<logback-classic.version>1.5.9</logback-classic.version>
 		<messaginghub.version>3.1.6</messaginghub.version>
 		<messaginghub.version>3.1.6</messaginghub.version>
 		<mssql-jdbc.version>12.8.1.jre11</mssql-jdbc.version> <!-- use jre21 when it comes out -->
-		<mockito.version>5.13.0</mockito.version>
+		<mockito.version>5.14.1</mockito.version>
 		<mockserver.version>5.15.0</mockserver.version>
 		<mongo.version>3.12.11</mongo.version>
 		<mysql-connector-java.version>9.0.0</mysql-connector-java.version>
-		<netty.version>4.1.113.Final</netty.version>
+		<netty.version>4.1.114.Final</netty.version>
 		<oracle12.version>23.5.0.24.07</oracle12.version>
 		<postgresql.version>42.7.4</postgresql.version>
 		<powermock.version>2.0.9</powermock.version>

diff --git a/utils/src/main/java/org/assimbly/util/EncryptionUtil.java b/utils/src/main/java/org/assimbly/util/EncryptionUtil.java
@@ -3,33 +3,120 @@
 import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
 import org.jasypt.iv.RandomIvGenerator;
 
+import javax.crypto.Cipher;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.SecureRandom;
+import java.util.Base64;
+
 public final class EncryptionUtil {
 
     private final StandardPBEStringEncryptor textEncryptor = new StandardPBEStringEncryptor();
+    private static final int SALT_LENGTH = 16; // Length of the salt in bytes
+    private static final int IV_LENGTH = 16; // Length of the IV in bytes
     public static String key;
     public static String algorithm;
+    public static String password;
 
     public EncryptionUtil(String password, String algorithm) {
+        this.password = password;
         this.textEncryptor.setPassword(password);
         this.textEncryptor.setAlgorithm(algorithm);
         this.textEncryptor.setIvGenerator(new RandomIvGenerator());
-
     }
 
     public StandardPBEStringEncryptor getTextEncryptor() {
         return textEncryptor;
     }
 
     public String encrypt(String plainText) {
-        //if value already encrypted do not encrypt and return
+        // If the value is already encrypted, do not encrypt again and return
         if (plainText.startsWith("ENC(") && plainText.endsWith(")")) {
             return plainText;
         }
-        return "ENC(" + this.textEncryptor.encrypt(plainText) + ")";
+
+        // Generate random salt
+        byte[] salt = new byte[SALT_LENGTH];
+        new SecureRandom().nextBytes(salt);
+
+        // Generate random IV
+        byte[] iv = new byte[IV_LENGTH];
+        new SecureRandom().nextBytes(iv);
+
+        // Generate key from password and salt
+        SecretKeySpec secretKey = new SecretKeySpec(generateKey(password, salt), "AES");
+
+        // Encrypt the plain text
+        byte[] encryptedBytes = encryptWithIv(secretKey, iv, plainText);
+
+        // Encode the salt, IV, and encrypted text
+        Base64.Encoder encoder = Base64.getEncoder();
+        String encodedSalt = encoder.encodeToString(salt);
+        String encodedIv = encoder.encodeToString(iv);
+        String encodedEncryptedText = encoder.encodeToString(encryptedBytes);
+
+        // Concatenate and return
+        return String.format("ENC(%s|%s|%s)", encodedSalt, encodedIv, encodedEncryptedText);
+    }
+
+    public String decrypt(String encryptedText) {
+        // Validate and extract components
+        if (!encryptedText.startsWith("ENC(") || !encryptedText.endsWith(")")) {
+            throw new IllegalArgumentException("Invalid encrypted text format.");
+        }
+
+        String contents = encryptedText.substring(4, encryptedText.length() - 1);
+        String[] parts = contents.split("\\|");
+        if (parts.length != 3) {
+            throw new IllegalArgumentException("Invalid encrypted text format.");
+        }
+
+        Base64.Decoder decoder = Base64.getDecoder();
+        byte[] salt = decoder.decode(parts[0]);
+        byte[] iv = decoder.decode(parts[1]);
+        byte[] encryptedBytes = decoder.decode(parts[2]);
+
+        // Generate key from password and salt
+        SecretKeySpec secretKey = new SecretKeySpec(generateKey(password, salt), "AES");
+
+        // Decrypt the encrypted text
+        return decryptWithIv(secretKey, iv, encryptedBytes);
+    }
+
+
+    private byte[] generateKey(String password, byte[] salt) {
+        try {
+            PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 10000, 256); // 10000 iterations, 256 bits
+            SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+            return factory.generateSecret(spec).getEncoded();
+        } catch (Exception e) {
+            throw new RuntimeException("Key generation failed.", e);
+        }
+    }
+
+    private byte[] encryptWithIv(SecretKeySpec secretKey, byte[] iv, String plainText) {
+        try {
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            IvParameterSpec ivParams = new IvParameterSpec(iv);
+            cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivParams);
+            return cipher.doFinal(plainText.getBytes("UTF-8")); // Use UTF-8 encoding
+        } catch (Exception e) {
+            throw new RuntimeException("Encryption failed.", e);
+        }
     }
 
-    public String decrypt(String encryptedText){
-        return this.textEncryptor.decrypt(encryptedText);
+    private String decryptWithIv(SecretKeySpec secretKey, byte[] iv, byte[] encryptedBytes) {
+        try {
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            IvParameterSpec ivParams = new IvParameterSpec(iv);
+            cipher.init(Cipher.DECRYPT_MODE, secretKey, ivParams);
+            byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
+            return new String(decryptedBytes, "UTF-8"); // Use UTF-8 encoding
+        } catch (Exception e) {
+            throw new RuntimeException("Decryption failed.", e);
+        }
     }
 
 }