PropertiesBasedPropertyValueSecurity

/*
 * Copyright 2012-2013 smartics, Kronseder & Reiner GmbH
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package de.smartics.properties.api.core.security;

import static de.smartics.properties.api.core.security.SecurityConfigurationLoader.SECURITY_ID;
import static de.smartics.properties.api.core.security.SecurityConfigurationLoader.SECURITY_ALGORITHM;
import static de.smartics.properties.api.core.security.SecurityConfigurationLoader.SECURITY_KEY;
import static de.smartics.properties.api.core.security.SecurityConfigurationLoader.SECURITY_PROVIDER;
import static de.smartics.properties.api.core.security.SecurityConfigurationLoader.SECURITY_TRANSFORMATION;

import java.util.Properties;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;

import de.smartics.properties.api.core.domain.PropertyDescriptor;

/**
 * Base implementation based on Java security, loading configuration values from
 * a properties file stored in
 * {@link SecurityConfigurationLoader#CLASSPATH_LOCATION}.
 */
public class PropertiesBasedPropertyValueSecurity extends
    AbstractPropertyValueSecurity

{
  // ********************************* Fields *********************************

  // --- constants ------------------------------------------------------------

  /**
   * The class version identifier.
   */
  private static final long serialVersionUID = 1L;

  // --- members --------------------------------------------------------------

  /**
   * The security properties to create key and cipher.
   *
   * @serial
   */
  private final Properties properties;

  /**
   * The symmetric key to en- and decrypt property values.
   *
   * @serial
   */
  private final SecretKey key;

  // ****************************** Initializer *******************************

  // ****************************** Constructors ******************************

  /**
   * Default constructor.
   */
  public PropertiesBasedPropertyValueSecurity()
  {
    properties = loadProperties();
    key = createKey(properties);
  }

  // ****************************** Inner Classes *****************************

  // ********************************* Methods ********************************

  // --- init -----------------------------------------------------------------

  private Properties loadProperties()
  {
    try
    {
      final SecurityConfigurationLoader loader =
          new SecurityConfigurationLoader();
      return loader.load();
    }
    catch (final IllegalStateException e)
    {
      throw new SecurityException(new SecurityMessageBean(
          SecurityCode.LOADING_SECURITY_PROPERTIES_FAILED, e,
          properties.getProperty(SECURITY_ID)));
    }
  }

  /**
   * Creates the symmetric key instance.
   *
   * @param descriptor the descriptor of the property whose value is to be
   *          secured.
   * @return the symmetric key instance ready to be used.
   * @throws SecurityException on any problem creating the symmetric key
   *           instance.
   */
  private SecretKey createKey(final Properties properties)
    throws SecurityException
  {
    final String key = properties.getProperty(SECURITY_KEY);
    final String encryptAlgorithm = properties.getProperty(SECURITY_ALGORITHM);

    try
    {
      final byte[] decodedKey = Base64.decodeBase64(key);

      final SecretKeySpec secretKey =
          new SecretKeySpec(decodedKey, encryptAlgorithm);
      return secretKey;
    }
    catch (final Exception e)
    {
      throw new SecurityException(new SecurityMessageBean(
          SecurityCode.INIT_KEY_GENERATION_FAILED, e,
          properties.getProperty(SECURITY_ID)));
    }
  }

  // --- get&set --------------------------------------------------------------

  // --- business -------------------------------------------------------------

  @Override
  public String decrypt(final PropertyDescriptor descriptor,
      final String encryptedValue) throws NullPointerException,
    SecurityException
  {
    final Cipher cipher = createCipher();
    return decrypt(descriptor, encryptedValue, key, cipher);
  }

  @Override
  public String encrypt(final PropertyDescriptor descriptor,
      final String plainValue) throws NullPointerException, SecurityException
  {
    final Cipher cipher = createCipher();
    return encrypt(descriptor, plainValue, key, cipher);
  }

  private Cipher createCipher() throws SecurityException
  {
    final String transformation =
        properties.getProperty(SECURITY_TRANSFORMATION);
    final String provider = properties.getProperty(SECURITY_PROVIDER);

    try
    {
      if (StringUtils.isNotEmpty(provider))
      {
        return Cipher.getInstance(transformation, provider);
      }
      else
      {
        return Cipher.getInstance(transformation);
      }
    }
    catch (final Exception e)
    {
      throw new SecurityException(new SecurityMessageBean(
          SecurityCode.INIT_CIPHER_GENERATION_FAILED, e,
          properties.getProperty(SECURITY_ID)));
    }
  }

  // --- object basics --------------------------------------------------------

}