AbstractCipherLayer.java
package org.jastacry.layer;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.jastacry.JastacryException;
/**
* Abstract base class for encryption.
*
* <p>SPDX-License-Identifier: MIT
*
* @author Kai Kretschmann
*/
abstract class AbstractCipherLayer extends AbstractBasicLayer
{
/**
* Block size.
*/
private static final int ONEBLOCKSIZE = 256;
/**
* How many bits in a byte.
*/
protected static final int BITSPERBYTE = 8;
/**
* PBEKeySpec.
*/
protected PBEKeySpec pbeKeySpec;
/**
* SecretKeyFactory.
*/
protected SecretKeyFactory keyFac;
/**
* SecretKey.
*/
protected SecretKey pbeKey;
/**
* SecretKeySpec.
*/
protected SecretKeySpec pbeSecretKeySpec;
/**
* ALG for the data.
*/
private String strAlg;
/**
* Algorithm for the key.
*/
protected String strKeyAlg;
/**
* char array of password.
*/
protected char[] chPasswd;
/**
* Iterations count as defined by child class.
*/
protected int iterCount;
/**
* Key size as defined by child class.
*/
protected int currentKeysize;
/**
* IV length.
*/
private int currentIvLen;
/**
* IV bytes.
*/
private byte[] ivBytes;
/**
* Salt length.
*/
private int currentSaltLen;
/**
* salt.
*/
protected byte[] salt;
/**
* Constructor of abstract class.
*
* @param cClass class name of calling class
* @param layerName name of real layer
*/
AbstractCipherLayer(final Class<?> cClass, final String layerName)
{
super(cClass, layerName);
}
/**
* Abstract base method for getting algorithm name back.
*
* @return String
*/
protected abstract String getMyAlg();
/**
* Abstract base method for getting key algorithm name back.
*
* @return String
*/
protected abstract String getMyKeyAlg();
/**
* Abstract base method for getting salt len back.
*
* @return int length
*/
protected abstract int getMySaltLen();
/**
* Abstract base method for getting IV length back.
*
* @return int length
*/
protected abstract int getMyIvLen();
/**
* Abstract base method for getting a counter back.
*
* @return int
*/
protected abstract int getMyCount();
/**
* Abstract base method for getting key size back.
*
* @return int length
*/
protected abstract int getMyKeysize();
/**
* Generate random salt.
*/
private final void getSalt()
{
salt = new byte[currentSaltLen];
new SecureRandom().nextBytes(salt);
}
/**
* Set base values via own getters, which are defined in child classes.
*/
protected final void init()
{
this.strAlg = getMyAlg();
this.strKeyAlg = getMyKeyAlg();
this.currentSaltLen = getMySaltLen();
this.currentIvLen = getMyIvLen();
this.iterCount = getMyCount();
this.currentKeysize = getMyKeysize();
}
/**
* Generate Keys from plain password.
*
* @throws JastacryException on error
*/
protected abstract void setupPbe() throws JastacryException;
/**
* Write IV data if any.
* @param outputStream stream to write to
* @param pbeCipher the cipher object
* @throws IOException in case of error
*/
private void writeIv(final OutputStream outputStream, final Cipher pbeCipher) throws IOException
{
if (0 == currentIvLen)
{
logger.trace("No IV to write");
}
else
{
ivBytes = pbeCipher.getIV();
if (null == ivBytes)
{
logger.error("IV empty");
}
else
{
outputStream.write(ivBytes, 0, currentIvLen);
logger.trace("did write {} IV bytes to stream", currentIvLen);
} // if
} // if
}
/**
* Read IV data if any.
* @param inputStream stream to read from
* @throws IOException in case of error
*/
private void readIv(final InputStream inputStream) throws IOException
{
int iReadBytes;
if (0 == currentIvLen)
{
logger.trace("No IV to read");
}
else
{
ivBytes = new byte[currentIvLen];
iReadBytes = readAllBytes(inputStream, ivBytes, currentIvLen);
if (currentIvLen != iReadBytes)
{
logger.error("read {} bytes of IV, expecting {}.", iReadBytes, currentIvLen);
}
else
{
logger.trace("did read {} IV bytes from stream", iReadBytes);
}
} // if
}
/**
* Write salt to stream.
* @param outputStream to write to
* @throws IOException in case of error
*/
private void writeSalt(final OutputStream outputStream) throws IOException
{
outputStream.write(salt, 0, currentSaltLen);
logger.trace("did write {} salt bytes to stream", currentSaltLen);
}
/**
* Read salt from stream.
* @param inputStream to read from
* @throws IOException in case of error
*/
private void readSalt(final InputStream inputStream) throws IOException
{
int iReadBytes;
salt = new byte[currentSaltLen];
iReadBytes = readAllBytes(inputStream, salt, currentSaltLen);
if (currentSaltLen != iReadBytes)
{
logger.error("read {} bytes of salt, expecting {}.", iReadBytes, currentSaltLen);
}
else
{
logger.trace("did read {} salt bytes from stream", iReadBytes);
}
}
/**
* encode Stream function.
*
* @param inputStream incoming data
* @param outputStream outgoing data
* @throws JastacryException thrown on error
*/
@Override
public final void encStream(final InputStream inputStream, final OutputStream outputStream) throws JastacryException
{
Cipher pbeCipher;
try
{
getSalt();
setupPbe();
pbeCipher = Cipher.getInstance(strAlg);
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeSecretKeySpec);
final ByteArrayOutputStream buffer = new ByteArrayOutputStream();
int nRead;
final byte[] data = new byte[ONEBLOCKSIZE];
while ((nRead = inputStream.read(data, 0, data.length)) != -1)
{
buffer.write(data, 0, nRead);
progress(nRead);
}
buffer.flush();
final byte[] bInput = buffer.toByteArray();
// Encrypt the clear text
final byte[] ciphertext = pbeCipher.doFinal(bInput);
writeIv(outputStream, pbeCipher);
writeSalt(outputStream);
outputStream.write(ciphertext);
outputStream.close();
}
catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException
| JastacryException | BadPaddingException | IOException e)
{
logger.catching(e);
throw (JastacryException) new JastacryException("encStream failed").initCause(e);
}
}
/**
* decode Stream function.
*
* @param inputStream incoming data
* @param outputStream outgoing data
* @throws JastacryException thrown on error
*/
@Override
public final void decStream(final InputStream inputStream, final OutputStream outputStream) throws JastacryException
{
// Create PBE Cipher
Cipher pbeCipher;
try
{
readIv(inputStream);
readSalt(inputStream);
// call implementation of child class method.
setupPbe();
pbeCipher = Cipher.getInstance(strAlg);
if (0 == currentIvLen)
{
pbeCipher.init(Cipher.DECRYPT_MODE, pbeSecretKeySpec);
}
else
{
pbeCipher.init(Cipher.DECRYPT_MODE, pbeSecretKeySpec, new IvParameterSpec(ivBytes));
} // if
final ByteArrayOutputStream buffer = new ByteArrayOutputStream();
int nRead = 0;
final byte[] data = new byte[ONEBLOCKSIZE];
while ((nRead = inputStream.read(data, 0, data.length)) != -1)
{
buffer.write(data, 0, nRead);
progress(nRead);
}
buffer.flush();
final byte[] bInput = buffer.toByteArray();
// Encrypt the clear text
final byte[] ciphertext = pbeCipher.doFinal(bInput);
outputStream.write(ciphertext);
outputStream.close();
}
catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException
| BadPaddingException | InvalidAlgorithmParameterException | JastacryException | IOException e)
{
logger.catching(e);
throw (JastacryException) new JastacryException("decStream failed").initCause(e);
}
}
@Override
public final void encodeAndDecode(final InputStream inputStream, final OutputStream outputStream) throws JastacryException
{
throw new UnsupportedOperationException();
}
}