Wednesday, June 2, 2004

Encrypt / decrypt messages using Cryptography Algorithm AES (Advance Encryption Algorithm)

What is AES ?
AES stands for Advance Encryption Algorithm. AES is a standard of private key or symmetric algorithm.

How To Use This Custom AES Encryption & Decryption with Oracle Service Bus 10g or 11g. ?
Extract the String from any Input Message, let say XML Message, you can easily do so by using XPath expression.
Pass this value to Java Callout Action in Oracle Service Bus Message Flow. For AES Encryption and decryption we are going to use Key and Initial Vector. This Key  and Initial vector can be stored in domain path so that it can be made configurable.

Below example shows how to create a Java Class for AES Encryption & Decryption which can be used with Oracle Service Bus 10g/11g to encrypt & decrypt messages. Method you want to call from Oracle Service Bus should be declared as public static. Only Public static methods are available to Oracle Service Bus using Java Callout. After Java Callout you can save the output of the call to any variable inside Service Bus.

Advantage: After transport level security it also necessary that once message is delivered to the destination, that Message's important fields need to be secured while getting processed in Destination. And Encrypting those field could be one of the solution and easy to implement if you have little understanding & knowledge about AES Encryption & Decryption Cryptography.

AES Support In Java Technology:
In java to support AES, Its has been provided as JCE in starting with Java2 SDK Standard edition (J2SE) v 1.4.0. Java Cryptography Extension (JCE) was integrated with  SDK and JRE and since then its not required to install JCE as a separate package.

AES supports combination of keys and block sizes. AES can support 128 , 192 and 256 block sizes.
128 block size - Secure
192 block size - More secure
256 block size - Most Secure


Following examples shows how to use AES Encryption and decryption. This program shows example of AES Cryptography implementation in Java. To implement & run this program you will require to have Jdk 1.4 or higher version.




import java.math.BigInteger;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/* This class provides a sample example on how to use key and initial vector
 * to encrypt and decrypt String values  using AES Cryptography Algorithm
 */
public class AES4 {
    public static void main(String args[]){
            getAESEncryptedString("SampleStringTobeEncrypted","ddafXA1afcf6b1cb","a33dc00670g13ed7");
     }

/* This method takes string value and returns encrypted string back.
 * @param passwordAsString This is string argument which we want to encrypt , values could be some password
 * @param keyAsString This is Key , which we are using for encrypting the string.(Hex representation)
 * @param initialVectorAsString This is initialvector we are using for encrypting the string.
 * @return return value is Encrypted String
 */
     public static String getAESEncryptedString(String passwordAsString,String keyAsString, String initialVectorAsString) {
         try {
             byte[] key = new BigInteger(strToHex(keyAsString), 16).toByteArray();
             byte[] iv = new BigInteger(strToHex(initialVectorAsString), 16).toByteArray();
             //byte[] key = {0x64,0x64,0x31,0x62,0x58,0x41,0x31,0x61,0x66,0x36,0x66,0x36,0x39,0x31,0x63,0x62};
             // byte[] iv =  {0x61,0x32,0x32,0x65,0x63,0x37,0x30,0x36,0x30,0x30,0x67,0x31,0x33,0x65,0x64,0x38};
             System.out.println("key value in bytes : " + key);
             String text = passwordAsString;
             String encrypted = encrypt(text, iv, key);
             System.out.println("Pass  encrypted is " + encrypted);
             String decrypted = decrypt(encrypted, iv, key);
             System.out.println(encrypted + " decrypted is " + decrypted);
             return encrypted;
         } catch (Exception e) {
             e.printStackTrace();
         }
         return null;
     }

/* This method converts String value to its equivalent Hex Representation.
 * @param str This is string to be converted to its equivalent Hex representation.
 * @return return string in Hex Representation
 */
     public static String strToHex(String str) {
         char[] chars = str.toCharArray();
         StringBuffer hexStr = new StringBuffer();

        for (int i = 0; i < chars.length; i++){
                        hexStr.append(Integer.toHexString((int) chars[i]));
        }
         return strBuffer.toString();
     }

/* encrypt method encrypts the string provided using provide key and initial vector.
 * @param text String value to be encrypted
 * @param iv Initial Vector's byte Array value
 * @param key Key's byte Array Value
 * @return String This is encrypted String
 */
     public static String encrypt(String text, byte[] iv, byte[] key)throws Exception {
         Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
         IvParameterSpec ivSpec = new IvParameterSpec(iv);
        cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
         byte[] results = cipher.doFinal(text.getBytes("UTF-8"));
         BASE64Encoder encoder = new BASE64Encoder();
         return encoder.encode(results);
     }

/* decrypt method decrypts the string using provide key and initial vector.
 * @param text String value to be decrypted
 * @param iv Initial Vector's byte Array value
 * @param key Key's byte Array Value
 * @return String This is decrypted String
 */
     public static String decrypt(String text, byte[] iv, byte[] key)throws Exception {
         Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
         SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
         IvParameterSpec ivSpec = new IvParameterSpec(iv);
         cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);

         BASE64Decoder decoder = new BASE64Decoder();
         byte[] results = cipher.doFinal(decoder.decodeBuffer(text));
         return new String(results, "UTF-8");
    }
}