Package be.business.connector.core.utils
Class EncryptionUtils
- java.lang.Object
-
- be.business.connector.core.utils.EncryptionUtils
-
public class EncryptionUtils extends Object
The Class EncryptionUtils.
-
-
Field Summary
Fields Modifier and Type Field Description static StringAUTHENTICATION_ALIASThe Constant AUTHENTICATION_ALIAS.static StringPROP_KEYSTORE_FILEThe Constant PROP_KEYSTORE_FILE.static StringPROP_KEYSTORE_P12_FOLDERThe Constant PROP_KEYSTORE_P12_FOLDER.static StringPROP_KEYSTORE_PASSWORDThe Constant PROP_KEYSTORE_PASSWORD.
-
Constructor Summary
Constructors Constructor Description EncryptionUtils(PropertyHandler propertyHandler)Instantiates a new encryption utils.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description voidclearKeystore()Clear keystore.voidclearMandateKeystore()Clear keystore.voidclearOldKeystore()Clear keystore.SecretKeygenerateSecretKey()Generate secret key.X509CertificategetCertificate()Gets the certificate.X509CertificategetFallbackCertificate()Gets the fallback certificate.PrivateKeygetFallbackPrivateKey()Gets the fallback private key.PublicKeygetFallbackPublicKey()Gets the fallback public key.static EncryptionUtilsgetInstance()Gets the single instance of EncryptionUtils.KeyStoregetKeyStore()Gets the client key store.X509CertificategetMandateCertificate()KeyStoregetMandateOrganisationKeyStore()PrivateKeygetMandatePrivateKey()Gets the private key for authentication.PublicKeygetMandatePublicKey()Gets the public key for authentication.X509CertificategetOldCertificate()KeyStoregetOldKeyStore()PrivateKeygetOldPrivateKey()PublicKeygetOldPublicKey()StringgetOldSystemKeystoreDirectory()StringgetOldSystemKeystorePassword()StringgetOldSystemKeystorePath()StringgetOldSystemKeystoreRiziv()PrivateKeygetPrivateKey()Gets the private key for authentication.PublicKeygetPublicKey()Gets the public key for authentication.StringgetSystemKeystorePassword()StringgetSystemKeystorePath()static StringgetThumbPrint(X509Certificate cert)KeyStoregetTSAKeyStore()Gets the client key store.List<String>getTsaStoreAliases()static Stringhexify(byte[] bytes)be.fgov.ehealth.etee.crypto.encrypt.DataSealerinitOldSealing()be.fgov.ehealth.etee.crypto.decrypt.DataUnsealerinitOldUnSealing()be.fgov.ehealth.etee.crypto.encrypt.DataSealerinitSealing()Inits the sealing.be.fgov.ehealth.etee.crypto.decrypt.DataUnsealerinitUnsealing()Inits the unsealing.KeyStoreloadCaKeystore()KeyStoreloadKeyStore(InputStream stream, char[] pwd)StringqueueDecrypt(byte[] data, PublicKey publicKey)queueEncrypt / queueDecryt works only for marshaled object.byte[]queueEncrypt(byte[] data, PublicKey publicKey)queueEncrypt / queueDecryt works only for marshaled object.voidsetOldSystemKeystoreDirectory(String oldSystemKeystoreDirectory)voidsetOldSystemKeystorePassword(String oldSystemKeystorePassword)voidsetOldSystemKeystorePath(String oldSystemKeystorePath)voidsetOldSystemKeystoreRiziv(String oldSystemKeystoreRiziv)voidsetSystemKeystoreDirectory(String systemKeystoreDirectory)voidsetSystemKeystorePassword(String systemKeystorePassword)voidsetSystemKeystorePath(String systemKeystorePath)voidsetSystemKeystoreRiziv(String systemKeystoreRiziv)voidunlockPersonalKey(String niss, String pwd)Unlock personal key.byte[]unsealingData(be.fgov.ehealth.etee.crypto.status.CryptoResult<be.fgov.ehealth.etee.crypto.decrypt.UnsealedData> rslt)Unsealing data.static byte[]unsealWithSymmKey(Key symmKey, byte[] objectToUnseal)Unseal with symm key.voidverifyDecryption(be.fgov.ehealth.etee.crypto.encrypt.EncryptionToken myETK)Verify decryption.
-
-
-
Field Detail
-
AUTHENTICATION_ALIAS
public static final String AUTHENTICATION_ALIAS
The Constant AUTHENTICATION_ALIAS.- See Also:
- Constant Field Values
-
PROP_KEYSTORE_FILE
public static final String PROP_KEYSTORE_FILE
The Constant PROP_KEYSTORE_FILE.- See Also:
- Constant Field Values
-
PROP_KEYSTORE_PASSWORD
public static final String PROP_KEYSTORE_PASSWORD
The Constant PROP_KEYSTORE_PASSWORD.- See Also:
- Constant Field Values
-
PROP_KEYSTORE_P12_FOLDER
public static final String PROP_KEYSTORE_P12_FOLDER
The Constant PROP_KEYSTORE_P12_FOLDER.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
EncryptionUtils
public EncryptionUtils(PropertyHandler propertyHandler)
Instantiates a new encryption utils.- Parameters:
propertyHandler- the property handler
-
-
Method Detail
-
getInstance
public static EncryptionUtils getInstance()
Gets the single instance of EncryptionUtils.- Returns:
- single instance of EncryptionUtils
-
generateSecretKey
public SecretKey generateSecretKey() throws IntegrationModuleException
Generate secret key.- Returns:
- the key
- Throws:
IntegrationModuleException- the integration module exception
-
unsealWithSymmKey
public static byte[] unsealWithSymmKey(Key symmKey, byte[] objectToUnseal)
Unseal with symm key.- Parameters:
symmKey- the symm keyobjectToUnseal- the object to unseal- Returns:
- the byte[]
-
getKeyStore
public KeyStore getKeyStore() throws IntegrationModuleException
Gets the client key store.- Returns:
- the client key store
- Throws:
IntegrationModuleException- the exception
-
getTSAKeyStore
public KeyStore getTSAKeyStore() throws IntegrationModuleException
Gets the client key store.- Returns:
- the client key store
- Throws:
IntegrationModuleException- the exception
-
getSystemKeystorePath
public String getSystemKeystorePath() throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
getOldKeyStore
public KeyStore getOldKeyStore() throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
getOldSystemKeystorePath
public String getOldSystemKeystorePath()
-
getMandateOrganisationKeyStore
public KeyStore getMandateOrganisationKeyStore()
-
clearKeystore
public void clearKeystore()
Clear keystore.
-
clearOldKeystore
public void clearOldKeystore()
Clear keystore.
-
clearMandateKeystore
public void clearMandateKeystore()
Clear keystore.
-
getThumbPrint
public static String getThumbPrint(X509Certificate cert) throws NoSuchAlgorithmException, CertificateEncodingException
-
hexify
public static String hexify(byte[] bytes)
-
initSealing
public be.fgov.ehealth.etee.crypto.encrypt.DataSealer initSealing() throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, IOException, IntegrationModuleExceptionInits the sealing.- Returns:
- the data sealer
- Throws:
KeyStoreException- the key store exceptionUnrecoverableKeyException- the unrecoverable key exceptionNoSuchAlgorithmException- the no such algorithm exceptionCertificateException- the certificate exceptionIOException- Signals that an I/O exception has occurred.IntegrationModuleException- the exceptionIntegrationModuleException- the exception
-
initOldSealing
public be.fgov.ehealth.etee.crypto.encrypt.DataSealer initOldSealing() throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IntegrationModuleException
-
initUnsealing
public be.fgov.ehealth.etee.crypto.decrypt.DataUnsealer initUnsealing() throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, IntegrationModuleExceptionInits the unsealing.- Returns:
- the data unsealer
- Throws:
CertificateException- the certificate exceptionIOException- Signals that an I/O exception has occurred.KeyStoreException- the key store exceptionNoSuchAlgorithmException- the no such algorithm exceptionUnrecoverableKeyException- the unrecoverable key exceptionIntegrationModuleException- the exceptionIntegrationModuleException- the exception
-
initOldUnSealing
public be.fgov.ehealth.etee.crypto.decrypt.DataUnsealer initOldUnSealing() throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, IntegrationModuleException
-
unlockPersonalKey
public void unlockPersonalKey(String niss, String pwd) throws IntegrationModuleException
Unlock personal key.- Parameters:
niss- the nisspwd- the pwd- Throws:
IntegrationModuleException- the integration module exception
-
unsealingData
public byte[] unsealingData(be.fgov.ehealth.etee.crypto.status.CryptoResult<be.fgov.ehealth.etee.crypto.decrypt.UnsealedData> rslt) throws IOExceptionUnsealing data.- Parameters:
rslt- the rslt- Returns:
- the byte[]
- Throws:
IOException- Signals that an I/O exception has occurred.
-
loadCaKeystore
public KeyStore loadCaKeystore() throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
loadKeyStore
public KeyStore loadKeyStore(InputStream stream, char[] pwd) throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
getCertificate
public X509Certificate getCertificate() throws IntegrationModuleException
Gets the certificate.- Returns:
- the certificate
- Throws:
IntegrationModuleException- the exception
-
getOldCertificate
public X509Certificate getOldCertificate() throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
getPrivateKey
public PrivateKey getPrivateKey() throws IntegrationModuleException
Gets the private key for authentication.- Returns:
- the private key
- Throws:
IntegrationModuleException- the exception
-
getOldPrivateKey
public PrivateKey getOldPrivateKey() throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
getPublicKey
public PublicKey getPublicKey() throws IntegrationModuleException
Gets the public key for authentication.- Returns:
- the public key
- Throws:
IntegrationModuleException- the exception
-
getOldPublicKey
public PublicKey getOldPublicKey() throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
getMandatePrivateKey
public PrivateKey getMandatePrivateKey()
Gets the private key for authentication.- Returns:
- the private key
-
getMandatePublicKey
public PublicKey getMandatePublicKey()
Gets the public key for authentication.- Returns:
- the public key
-
getFallbackPrivateKey
public PrivateKey getFallbackPrivateKey() throws IntegrationModuleException
Gets the fallback private key.- Returns:
- the fallback private key
- Throws:
IntegrationModuleException- the exception
-
getFallbackPublicKey
public PublicKey getFallbackPublicKey() throws IntegrationModuleException
Gets the fallback public key.- Returns:
- the fallback public key
- Throws:
IntegrationModuleException- the exception
-
getFallbackCertificate
public X509Certificate getFallbackCertificate() throws IntegrationModuleException
Gets the fallback certificate.- Returns:
- the fallback certificate
- Throws:
IntegrationModuleException- the exception
-
getMandateCertificate
public X509Certificate getMandateCertificate()
-
verifyDecryption
public void verifyDecryption(be.fgov.ehealth.etee.crypto.encrypt.EncryptionToken myETK) throws IntegrationModuleExceptionVerify decryption.- Parameters:
myETK- the my etk- Throws:
IntegrationModuleException- the integration module exception
-
setSystemKeystorePassword
public void setSystemKeystorePassword(String systemKeystorePassword)
- Parameters:
systemKeystorePassword- the systemKeystorePassword to set
-
getSystemKeystorePassword
public String getSystemKeystorePassword() throws IntegrationModuleException
- Throws:
IntegrationModuleException
-
setSystemKeystorePath
public void setSystemKeystorePath(String systemKeystorePath)
- Parameters:
systemKeystorePath- the systemKeystorePath to set
-
setSystemKeystoreDirectory
public void setSystemKeystoreDirectory(String systemKeystoreDirectory)
- Parameters:
systemKeystoreDirectory- the systemKeystoreDirectory to set
-
setSystemKeystoreRiziv
public void setSystemKeystoreRiziv(String systemKeystoreRiziv)
- Parameters:
systemKeystoreRiziv- the systemKeystoreRiziv to set
-
setOldSystemKeystorePath
public void setOldSystemKeystorePath(String oldSystemKeystorePath)
- Parameters:
oldSystemKeystorePath- the oldSystemKeystorePath to set
-
setOldSystemKeystorePassword
public void setOldSystemKeystorePassword(String oldSystemKeystorePassword)
- Parameters:
oldSystemKeystorePassword- the oldSystemKeystorePassword to set
-
getOldSystemKeystorePassword
public String getOldSystemKeystorePassword()
-
setOldSystemKeystoreDirectory
public void setOldSystemKeystoreDirectory(String oldSystemKeystoreDirectory)
- Parameters:
oldSystemKeystoreDirectory- the oldSystemKeystoreDirectory to set
-
getOldSystemKeystoreDirectory
public String getOldSystemKeystoreDirectory()
- Returns:
- the oldSystemKeystoreDirectory
-
setOldSystemKeystoreRiziv
public void setOldSystemKeystoreRiziv(String oldSystemKeystoreRiziv)
- Parameters:
oldSystemKeystoreRiziv- the oldSystemKeystoreRiziv to set
-
getOldSystemKeystoreRiziv
public String getOldSystemKeystoreRiziv()
- Returns:
- the oldSystemKeystoreRiziv
-
queueEncrypt
public byte[] queueEncrypt(byte[] data, PublicKey publicKey) throws IntegrationModuleExceptionqueueEncrypt / queueDecryt works only for marshaled object.- Parameters:
data- datapublicKey- publicKey- Returns:
- bytes
- Throws:
IntegrationModuleException- the exception
-
queueDecrypt
public String queueDecrypt(byte[] data, PublicKey publicKey) throws IntegrationModuleException
queueEncrypt / queueDecryt works only for marshaled object.- Parameters:
data- datapublicKey- publicKey- Returns:
- the decrypted data
- Throws:
IntegrationModuleException- the exception
-
-