diff --git a/docs-core/pom.xml b/docs-core/pom.xml
index 3b6e8fc6..5777ab3f 100644
--- a/docs-core/pom.xml
+++ b/docs-core/pom.xml
@@ -122,6 +122,11 @@
pdfbox
+
+ org.bouncycastle
+ bcprov-jdk15on
+
+
jna
diff --git a/docs-core/src/main/java/com/sismics/docs/core/util/FileUtil.java b/docs-core/src/main/java/com/sismics/docs/core/util/FileUtil.java
index 3fc2e60d..9d19bb4c 100644
--- a/docs-core/src/main/java/com/sismics/docs/core/util/FileUtil.java
+++ b/docs-core/src/main/java/com/sismics/docs/core/util/FileUtil.java
@@ -3,11 +3,18 @@ package com.sismics.docs.core.util;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.InputStream;
+import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.List;
+import javax.crypto.Cipher;
+import javax.crypto.CipherInputStream;
+import javax.crypto.CipherOutputStream;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
import javax.imageio.ImageIO;
import net.sourceforge.tess4j.Tesseract;
@@ -21,6 +28,7 @@ import org.imgscalr.Scalr.Mode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.google.common.io.ByteStreams;
import com.sismics.docs.core.model.jpa.Document;
import com.sismics.docs.core.model.jpa.File;
import com.sismics.util.ImageUtil;
@@ -128,6 +136,8 @@ public class FileUtil {
* @throws IOException
*/
public static void save(InputStream is, File file) throws IOException {
+ // TODO Encrypt file and variations
+
Path path = Paths.get(DirectoryUtil.getStorageDirectory().getPath(), file.getId());
Files.copy(is, path);
@@ -197,4 +207,41 @@ public class FileUtil {
thumbnailFile.delete();
}
}
+
+// Security.insertProviderAt(new BouncyCastleProvider(), 1);
+// String key = "pwd";
+//
+// FileInputStream fis = new FileInputStream("plain.jpg");
+// FileOutputStream fos = new FileOutputStream("encrypted.jpg");
+// encrypt(key, fis, fos);
+//
+// FileInputStream fis2 = new FileInputStream("encrypted.jpg");
+// FileOutputStream fos2 = new FileOutputStream("decrypted.jpg");
+// decrypt(key, fis2, fos2);
+
+ public static void encrypt(String key, InputStream is, OutputStream os) throws Throwable {
+ encryptOrDecrypt(key, Cipher.ENCRYPT_MODE, is, os);
+ }
+
+ public static void decrypt(String key, InputStream is, OutputStream os) throws Throwable {
+ encryptOrDecrypt(key, Cipher.DECRYPT_MODE, is, os);
+ }
+
+ public static void encryptOrDecrypt(String key, int mode, InputStream is, OutputStream os) throws Throwable {
+
+ PBEKeySpec keySpec = new PBEKeySpec(key.toCharArray(), "salt".getBytes(), 2000, 256);
+ SecretKeyFactory skf = SecretKeyFactory.getInstance("PBEWITHSHA256AND256BITAES-CBC-BC");
+ SecretKey desKey = skf.generateSecret(keySpec);
+ Cipher cipher = Cipher.getInstance("AES/CTR/NOPADDING");
+
+ if (mode == Cipher.ENCRYPT_MODE) {
+ cipher.init(Cipher.ENCRYPT_MODE, desKey);
+ CipherInputStream cis = new CipherInputStream(is, cipher);
+ ByteStreams.copy(cis, os);
+ } else if (mode == Cipher.DECRYPT_MODE) {
+ cipher.init(Cipher.DECRYPT_MODE, desKey);
+ CipherOutputStream cos = new CipherOutputStream(os, cipher);
+ ByteStreams.copy(is, cos);
+ }
+ }
}
diff --git a/docs-parent/TODO b/docs-parent/TODO
index e69de29b..ba6a21f9 100644
--- a/docs-parent/TODO
+++ b/docs-parent/TODO
@@ -0,0 +1 @@
+- Encrypt files stored on FS (server)
\ No newline at end of file
diff --git a/docs-parent/pom.xml b/docs-parent/pom.xml
index d8e29a15..0c651bd9 100644
--- a/docs-parent/pom.xml
+++ b/docs-parent/pom.xml
@@ -63,6 +63,7 @@
1.0.1
1.7
1.8.2
+ 1.49
@@ -443,6 +444,12 @@
${org.apache.pdfbox.pdfbox.version}
+
+ org.bouncycastle
+ bcprov-jdk15on
+ ${org.bouncycastle.bcprov-jdk15on.version}
+
+
jna
diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java
index 7d1258e9..6f14e925 100644
--- a/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java
+++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java
@@ -304,6 +304,7 @@ public class FileResource extends BaseResource {
// Get the stored file
+ // TODO Decrypt file
java.io.File storedfile;
String mimeType;
if (size != null) {