Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-12 16:35:45 +01:00
Code Issues Packages Projects Releases Activity

improve DefaultCipherHandler

Browse Source
This commit is contained in:
Sebastian Sdorra
2011-09-03 17:09:57 +02:00
parent d5ad621849
commit 9d52d43061
1 changed files with 21 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
scm-webapp/src/main/java/sonia/scm/security/DefaultCipherHandler.java
View File

@@ -36,8 +36,8 @@ package sonia.scm.security;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Inject;
import com.google.inject.Singleton;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -60,9 +60,10 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
/**
@@ -82,6 +83,12 @@ public class DefaultCipherHandler implements CipherHandler
/** Field description */
public static final String ENCODING = "UTF-8";
/** Field description */
public static final int KEY_LENGTH = 16;
/** Field description */
public static final int SALT_LENGTH = 16;
/** Field description */
private static final String CIPHERKEY_FILENAME = ".cipherkey";
@@ -165,17 +172,18 @@ public class DefaultCipherHandler implements CipherHandler
try
{
byte[] encodedInput = Base64.decode(value);
byte[] salt = new byte[8];
byte[] encoded = new byte[encodedInput.length - 8];
byte[] salt = new byte[SALT_LENGTH];
byte[] encoded = new byte[encodedInput.length - SALT_LENGTH];
System.arraycopy(encodedInput, 0, salt, 0, 8);
System.arraycopy(encodedInput, 8, encoded, 0, encodedInput.length - 8);
System.arraycopy(encodedInput, 0, salt, 0, SALT_LENGTH);
System.arraycopy(encodedInput, SALT_LENGTH, encoded, 0,
encodedInput.length - SALT_LENGTH);
PBEParameterSpec parameterSpec = new PBEParameterSpec(salt, 20);
IvParameterSpec iv = new IvParameterSpec(salt);
SecretKey secretKey = buildSecretKey(plainKey);
javax.crypto.Cipher cipher = javax.crypto.Cipher.getInstance(CIPHER_TYPE);
cipher.init(javax.crypto.Cipher.DECRYPT_MODE, secretKey, parameterSpec);
cipher.init(javax.crypto.Cipher.DECRYPT_MODE, secretKey, iv);
byte[] decoded = cipher.doFinal(encoded);
@@ -220,7 +228,7 @@ public class DefaultCipherHandler implements CipherHandler
try
{
byte[] salt = new byte[8];
byte[] salt = new byte[SALT_LENGTH];
random.nextBytes(salt);
@@ -234,8 +242,9 @@ public class DefaultCipherHandler implements CipherHandler
byte[] encodedInput = cipher.doFinal(inputBytes);
byte[] result = new byte[salt.length + encodedInput.length];
System.arraycopy(salt, 0, result, 0, 8);
System.arraycopy(encodedInput, 0, result, 8, result.length - 8);
System.arraycopy(salt, 0, result, 0, SALT_LENGTH);
System.arraycopy(encodedInput, 0, result, SALT_LENGTH,
result.length - SALT_LENGTH);
res = new String(Base64.encode(result), ENCODING);
}
catch (Exception ex)
@@ -266,6 +275,7 @@ public class DefaultCipherHandler implements CipherHandler
MessageDigest digest = MessageDigest.getInstance(DIGEST_TYPE);
raw = digest.digest(raw);
raw = Arrays.copyOf(raw, KEY_LENGTH);
return new SecretKeySpec(raw, KEY_TYPE);
}