Cipher in multihreaded environments
Hi,
I have short question because I didn't find an anwser yet.
Is the Cipher I use to encrypt/decrypt multithreading-safe?
I ask this because I want to use it in a web-environment.
I have something like this:
publicclass Whatever{
// Are these to fields Thread safe?
privatestatic Cipher cipherEncrypt;
privatestatic Cipher cipherDecrypt;
privatestatic Key key =new SecretKeySpec("donttell".getBytes(),"DES");
privatestaticboolean initialised =false;
privatevoid initialise(){
if (!initialised){
synchronized (ImmonetCookie.class){
if (!initialised){
try{
cipherEncrypt = Cipher.getInstance("DES");// This one is very expensive, so we try to avoid it for every user
cipherEncrypt.init(Cipher.ENCRYPT_MODE, key);
cipherDecrypt = Cipher.getInstance("DES");
cipherDecrypt.init(Cipher.DECRYPT_MODE, key);
}
catch (Exception ex){
logger.error("..", ex);
}
initialised =true;
}
}
}
}
protected String encryptValue(String value){
ByteArrayOutputStream output =new ByteArrayOutputStream();
// Here we use the cipher ..
CipherOutputStream cos =new CipherOutputStream(output, cipherEncrypt);
try{
cos.write(value.getBytes());
cos.close();
}
catch (IOException e){
logger.error("..", e);
returnnull;
}
returnnew String(Base64.encodeBase64(output.toByteArray()));
}
protected String decryptValue(String value){
ByteArrayInputStream input =new ByteArrayInputStream(Base64.decodeBase64(value.getBytes()));
// .. and here we use the cipher
CipherInputStream cis =new CipherInputStream(input, cipherDecrypt);
BufferedReader reader =new BufferedReader(new InputStreamReader(cis));
try{
StringBuffer buffer =new StringBuffer();
String next = reader.readLine();
while (next !=null){
buffer.append(next);
next = reader.readLine();
}
reader.close();
return buffer.toString();
}
catch (IOException e){
logger.error("..", e);
}
returnnull;
}
}
