Package com.cedarsoftware.util

Class EncryptionUtilities

java.lang.Object
com.cedarsoftware.util.EncryptionUtilities
public class EncryptionUtilities extends Object
Utility class providing cryptographic operations including hashing, encryption, and decryption.

This class offers:

  • Hash Functions:
    • MD5 (fast implementation)
    • SHA-1 (fast implementation)
    • SHA-256
    • SHA-512
  • Encryption/Decryption:
    • AES-128 encryption
    • CBC mode with PKCS5 padding
    • IV generation from key
  • Optimized File Operations:
    • Zero-copy I/O using DirectByteBuffer
    • Efficient large file handling
    • Custom filesystem support

Hash Function Usage:


 // File hashing
 String md5 = EncryptionUtilities.fastMD5(new File("example.txt"));
 String sha1 = EncryptionUtilities.fastSHA1(new File("example.txt"));

 // Byte array hashing
 String hash = EncryptionUtilities.calculateMD5Hash(bytes);

Encryption Usage:


 // String encryption/decryption
 String encrypted = EncryptionUtilities.encrypt("password", "sensitive data");
 String decrypted = EncryptionUtilities.decrypt("password", encrypted);

 // Byte array encryption/decryption
 String encryptedHex = EncryptionUtilities.encryptBytes("password", originalBytes);
 byte[] decryptedBytes = EncryptionUtilities.decryptBytes("password", encryptedHex);

Security Notes:

  • MD5 and SHA-1 are provided for legacy compatibility but are cryptographically broken
  • Use SHA-256 or SHA-512 for secure hashing
  • AES implementation uses CBC mode with PKCS5 padding
  • IV is deterministically generated from the key using MD5

Performance Features:

  • Optimized buffer sizes for modern storage systems
  • Direct ByteBuffer usage for zero-copy I/O
  • Efficient memory management
  • Thread-safe implementation
Author:
John DeRegnaucourt ([email protected])
Copyright (c) Cedar Software LLC

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

License

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

  • Method Details

    • fastMD5

      public static String fastMD5(File file)
      Calculates an MD5 hash of a file using optimized I/O operations.

      This implementation uses:

      • DirectByteBuffer for zero-copy I/O
      • FileChannel for optimal file access
      • Fallback for non-standard filesystems
      Parameters:
      file - the file to hash
      Returns:
      hexadecimal string of the MD5 hash, or null if the file cannot be read

    • fastSHA1

      public static String fastSHA1(File file)
      Calculates a SHA-256 hash of a file using optimized I/O operations.

      This implementation uses:

      • DirectByteBuffer for zero-copy I/O
      • FileChannel for optimal file access
      • Fallback for non-standard filesystems
      Parameters:
      file - the file to hash
      Returns:
      hexadecimal string of the SHA-256 hash, or null if the file cannot be read

    • fastSHA256

      public static String fastSHA256(File file)
      Calculates a SHA-256 hash of a file using optimized I/O operations.

      This implementation uses:

      • DirectByteBuffer for zero-copy I/O
      • FileChannel for optimal file access
      • Fallback for non-standard filesystems
      Parameters:
      file - the file to hash
      Returns:
      hexadecimal string of the SHA-256 hash, or null if the file cannot be read

    • fastSHA512

      public static String fastSHA512(File file)
      Calculates a SHA-512 hash of a file using optimized I/O operations.

      This implementation uses:

      • DirectByteBuffer for zero-copy I/O
      • FileChannel for optimal file access
      • Fallback for non-standard filesystems
      Parameters:
      file - the file to hash
      Returns:
      hexadecimal string of the SHA-512 hash, or null if the file cannot be read

    • calculateFileHash

      public static String calculateFileHash(FileChannel channel, MessageDigest digest) throws IOException
      Calculates a hash of a file using the provided MessageDigest and FileChannel.

      This implementation uses:

      • 64KB buffer size optimized for modern storage systems
      • DirectByteBuffer for zero-copy I/O
      • Efficient buffer management
      Parameters:
      channel - FileChannel to read from
      digest - MessageDigest to use for hashing
      Returns:
      hexadecimal string of the hash value
      Throws:
      IOException - if an I/O error occurs

    • calculateMD5Hash

      public static String calculateMD5Hash(byte[] bytes)
      Calculates an MD5 hash of a byte array.
      Parameters:
      bytes - the data to hash
      Returns:
      hexadecimal string of the MD5 hash, or null if input is null

    • getDigest

      public static MessageDigest getDigest(String digest)
      Creates a MessageDigest instance for the specified algorithm.
      Parameters:
      digest - the name of the digest algorithm
      Returns:
      MessageDigest instance for the specified algorithm
      Throws:
      IllegalArgumentException - if the algorithm is not available

    • getMD5Digest

      public static MessageDigest getMD5Digest()
      Creates an MD5 MessageDigest instance.
      Returns:
      MessageDigest configured for MD5
      Throws:
      IllegalArgumentException - if MD5 algorithm is not available

    • calculateSHA1Hash

      public static String calculateSHA1Hash(byte[] bytes)
      Calculates a SHA-1 hash of a byte array.
      Parameters:
      bytes - the data to hash
      Returns:
      hexadecimal string of the SHA-1 hash, or null if input is null

    • getSHA1Digest

      public static MessageDigest getSHA1Digest()
      Creates a SHA-1 MessageDigest instance.
      Returns:
      MessageDigest configured for SHA-1
      Throws:
      IllegalArgumentException - if SHA-1 algorithm is not available

    • calculateSHA256Hash

      public static String calculateSHA256Hash(byte[] bytes)
      Calculates a SHA-256 hash of a byte array.
      Parameters:
      bytes - the data to hash
      Returns:
      hexadecimal string of the SHA-256 hash, or null if input is null

    • getSHA256Digest

      public static MessageDigest getSHA256Digest()
      Creates a SHA-256 MessageDigest instance.
      Returns:
      MessageDigest configured for SHA-256
      Throws:
      IllegalArgumentException - if SHA-256 algorithm is not available

    • calculateSHA512Hash

      public static String calculateSHA512Hash(byte[] bytes)
      Calculates a SHA-512 hash of a byte array.
      Parameters:
      bytes - the data to hash
      Returns:
      hexadecimal string of the SHA-512 hash, or null if input is null

    • getSHA512Digest

      public static MessageDigest getSHA512Digest()
      Creates a SHA-512 MessageDigest instance.
      Returns:
      MessageDigest configured for SHA-512
      Throws:
      IllegalArgumentException - if SHA-512 algorithm is not available

    • createCipherBytes

      public static byte[] createCipherBytes(String key, int bitsNeeded)
      Creates a byte array suitable for use as an AES key from a string password.

      The key is derived using MD5 and truncated to the specified bit length.

      Parameters:
      key - the password to derive the key from
      bitsNeeded - the required key length in bits (typically 128, 192, or 256)
      Returns:
      byte array containing the derived key

    • createAesEncryptionCipher

      public static Cipher createAesEncryptionCipher(String key) throws Exception
      Creates an AES cipher in encryption mode.
      Parameters:
      key - the encryption key
      Returns:
      Cipher configured for AES encryption
      Throws:
      Exception - if cipher creation fails

    • createAesDecryptionCipher

      public static Cipher createAesDecryptionCipher(String key) throws Exception
      Creates an AES cipher in decryption mode.
      Parameters:
      key - the decryption key
      Returns:
      Cipher configured for AES decryption
      Throws:
      Exception - if cipher creation fails

    • createAesCipher

      public static Cipher createAesCipher(String key, int mode) throws Exception
      Creates an AES cipher with the specified mode.

      Uses CBC mode with PKCS5 padding and IV derived from the key.

      Parameters:
      key - the encryption/decryption key
      mode - Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE
      Returns:
      configured Cipher instance
      Throws:
      Exception - if cipher creation fails

    • createAesCipher

      public static Cipher createAesCipher(Key key, int mode) throws Exception
      Creates an AES cipher with the specified key and mode.

      Uses CBC mode with PKCS5 padding and IV derived from the key.

      Parameters:
      key - SecretKeySpec for encryption/decryption
      mode - Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE
      Returns:
      configured Cipher instance
      Throws:
      Exception - if cipher creation fails

    • encrypt

      public static String encrypt(String key, String content)
      Encrypts a string using AES-128.
      Parameters:
      key - encryption key
      content - string to encrypt
      Returns:
      hexadecimal string of encrypted data
      Throws:
      IllegalStateException - if encryption fails

    • encryptBytes

      public static String encryptBytes(String key, byte[] content)
      Encrypts a byte array using AES-128.
      Parameters:
      key - encryption key
      content - bytes to encrypt
      Returns:
      hexadecimal string of encrypted data
      Throws:
      IllegalStateException - if encryption fails

    • decrypt

      public static String decrypt(String key, String hexStr)
      Decrypts a hexadecimal string of encrypted data to its original string form.
      Parameters:
      key - decryption key
      hexStr - hexadecimal string of encrypted data
      Returns:
      decrypted string
      Throws:
      IllegalStateException - if decryption fails

    • decryptBytes

      public static byte[] decryptBytes(String key, String hexStr)
      Decrypts a hexadecimal string of encrypted data to its original byte array form.
      Parameters:
      key - decryption key
      hexStr - hexadecimal string of encrypted data
      Returns:
      decrypted byte array
      Throws:
      IllegalStateException - if decryption fails

    • calculateHash

      public static String calculateHash(MessageDigest d, byte[] bytes)
      Calculates a hash of a byte array using the specified MessageDigest.
      Parameters:
      d - MessageDigest to use
      bytes - data to hash
      Returns:
      hexadecimal string of the hash value, or null if input is null