plexus-cipher 3.0.0 (#45)

Cipher is a small simple (nearly trivial) component that is able to encrypt/decrypt strings using provided "master password". Package is renamed to `org.codehaus.plexus.components.cipher`.

This commit moves it to version 3.0.0 denoting a major (and backward incompatible jump.

Author: cstamas

pom.xml

@@ -9,7 +9,7 @@
   </parent>
 
   <artifactId>plexus-cipher</artifactId>
-  <version>2.1.1-SNAPSHOT</version>
+  <version>3.0.0-SNAPSHOT</version>
 
   <name>Plexus Cipher: encryption/decryption Component</name>
 
@@ -39,6 +39,7 @@
       <groupId>javax.inject</groupId>
       <artifactId>javax.inject</artifactId>
       <version>1</version>
+      <scope>provided</scope>
     </dependency>
     <dependency>
       <groupId>org.eclipse.sisu</groupId>
@@ -60,7 +61,7 @@
         <artifactId>maven-surefire-plugin</artifactId>
         <executions>
           <execution>
-            <id>utf8</id>
+            <id>default-test</id>
             <goals>
               <goal>test</goal>
             </goals>

src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java renamed to src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java

@@ -10,16 +10,12 @@
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under.
  */
-package org.sonatype.plexus.components.cipher;
+package org.codehaus.plexus.components.cipher;
 
 /**
  * @author Oleg Gusakov
  */
 public interface PlexusCipher {
-    char ENCRYPTED_STRING_DECORATION_START = '{';
-
-    char ENCRYPTED_STRING_DECORATION_STOP = '}';
-
     /**
      * encrypt given string with the given passPhrase and encode it into base64
      *

src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java renamed to src/main/java/org/codehaus/plexus/components/cipher/PlexusCipherException.java

@@ -10,19 +10,13 @@
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under.
  */
-package org.sonatype.plexus.components.cipher;
-
-public class PlexusCipherException extends Exception {
-    public PlexusCipherException() {}
+package org.codehaus.plexus.components.cipher;
 
+public class PlexusCipherException extends RuntimeException {
     public PlexusCipherException(String message) {
         super(message);
     }
 
-    public PlexusCipherException(Throwable cause) {
-        super(cause);
-    }
-
     public PlexusCipherException(String message, Throwable cause) {
         super(message, cause);
     }

src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java renamed to src/main/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipher.java

@@ -10,7 +10,7 @@
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under.
  */
-package org.sonatype.plexus.components.cipher;
+package org.codehaus.plexus.components.cipher.internal;
 
 import javax.inject.Named;
 import javax.inject.Singleton;
@@ -22,18 +22,20 @@
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import org.eclipse.sisu.Typed;
+import org.codehaus.plexus.components.cipher.PlexusCipher;
+import org.codehaus.plexus.components.cipher.PlexusCipherException;
 
 /**
  * Default implementation of {@link PlexusCipher}. This class is thread safe.
  *
  * @author Oleg Gusakov
  */
 @Singleton
-@Named("default")
-@Typed(PlexusCipher.class)
+@Named
 public class DefaultPlexusCipher implements PlexusCipher {
     private static final Pattern ENCRYPTED_STRING_PATTERN = Pattern.compile(".*?[^\\\\]?\\{(.*?[^\\\\])\\}.*");
+    private static final String ENCRYPTED_STRING_DECORATION_START = "{";
+    private static final String ENCRYPTED_STRING_DECORATION_STOP = "}";
 
     private final PBECipher _cipher;
 
@@ -45,7 +47,7 @@ public DefaultPlexusCipher() {
     // ---------------------------------------------------------------
     @Override
     public String encrypt(final String str, final String passPhrase) throws PlexusCipherException {
-        if (str == null || str.length() < 1) {
+        if (str == null || str.isEmpty()) {
             return str;
         }
 
@@ -61,7 +63,7 @@ public String encryptAndDecorate(final String str, final String passPhrase) thro
     // ---------------------------------------------------------------
     @Override
     public String decrypt(final String str, final String passPhrase) throws PlexusCipherException {
-        if (str == null || str.length() < 1) {
+        if (str == null || str.isEmpty()) {
             return str;
         }
 
@@ -71,7 +73,7 @@ public String decrypt(final String str, final String passPhrase) throws PlexusCi
     // ---------------------------------------------------------------
     @Override
     public String decryptDecorated(final String str, final String passPhrase) throws PlexusCipherException {
-        if (str == null || str.length() < 1) {
+        if (str == null || str.isEmpty()) {
             return str;
         }
 
@@ -85,7 +87,7 @@ public String decryptDecorated(final String str, final String passPhrase) throws
     // ----------------------------------------------------------------------------
     @Override
     public boolean isEncryptedString(final String str) {
-        if (str == null || str.length() < 1) {
+        if (str == null || str.isEmpty()) {
             return false;
         }
 
@@ -98,11 +100,10 @@ public boolean isEncryptedString(final String str) {
     @Override
     public String unDecorate(final String str) throws PlexusCipherException {
         Matcher matcher = ENCRYPTED_STRING_PATTERN.matcher(str);
-
         if (matcher.matches() || matcher.find()) {
             return matcher.group(1);
         } else {
-            throw new PlexusCipherException("default.plexus.cipher.badEncryptedPassword");
+            throw new PlexusCipherException("Malformed decorated string");
         }
     }
 

src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java renamed to src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java

@@ -17,7 +17,7 @@ Licensed to the Apache Software Foundation (ASF) under one
 under the License.
  */
 
-package org.sonatype.plexus.components.cipher;
+package org.codehaus.plexus.components.cipher.internal;
 
 import javax.crypto.Cipher;
 import javax.crypto.NoSuchPaddingException;
@@ -26,6 +26,8 @@ Licensed to the Apache Software Foundation (ASF) under one
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.SecretKeySpec;
 
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
@@ -34,30 +36,21 @@ Licensed to the Apache Software Foundation (ASF) under one
 import java.security.spec.KeySpec;
 import java.util.Base64;
 
+import org.codehaus.plexus.components.cipher.PlexusCipherException;
+
 /**
  * This class is thread-safe.
  *
  * @author Oleg Gusakov
  */
 public class PBECipher {
-    protected static final String STRING_ENCODING = "UTF8";
-
+    protected static final Charset STRING_ENCODING = StandardCharsets.UTF_8;
     protected static final int SPICE_SIZE = 16;
-
     protected static final int SALT_SIZE = 8;
-
     protected static final int CHUNK_SIZE = 16;
-
-    protected static final byte WIPER = 0;
-
-    protected static final String DIGEST_ALG = "SHA-256";
-
     protected static final String KEY_ALG = "AES";
-
     protected static final String CIPHER_ALG = "AES/CBC/PKCS5Padding";
-
     protected static final int PBE_ITERATIONS = 310000;
-
     private static final SecureRandom _secureRandom = new SecureRandom();
 
     // ---------------------------------------------------------------
@@ -95,7 +88,7 @@ public String encrypt64(final String clearText, final String password) throws Pl
 
             return Base64.getEncoder().encodeToString(allEncryptedBytes);
         } catch (Exception e) {
-            throw new PlexusCipherException(e);
+            throw new PlexusCipherException(e.getMessage(), e);
         }
     }
 
@@ -122,7 +115,7 @@ public String decrypt64(final String encryptedText, final String password) throw
 
             return new String(clearBytes, STRING_ENCODING);
         } catch (Exception e) {
-            throw new PlexusCipherException(e);
+            throw new PlexusCipherException(e.getMessage(), e);
         }
     }
     // -------------------------------------------------------------------------------
@@ -131,7 +124,7 @@ private Cipher createCipher(final char[] pwd, byte[] salt, final int mode)
                     InvalidAlgorithmParameterException, InvalidKeySpecException {
 
         KeySpec spec = new PBEKeySpec(pwd, salt, PBE_ITERATIONS, SPICE_SIZE * 16);
-        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
         byte[] keyAndIv = factory.generateSecret(spec).getEncoded();
 
         byte[] key = new byte[SPICE_SIZE];

src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java renamed to src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java

@@ -10,9 +10,12 @@
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under.
  */
-package org.sonatype.plexus.components.cipher;
+package org.codehaus.plexus.components.cipher.internal;
 
+import org.codehaus.plexus.components.cipher.PlexusCipher;
+import org.codehaus.plexus.components.cipher.PlexusCipherException;
 import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
 import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
@@ -31,7 +34,7 @@ class DefaultPlexusCipherTest {
 
     final String str = "my testing phrase";
 
-    final String encStr = "cYrPoOelYU0HGlsn3nERAIyiLVVgnsn/KC5ZqeAPG0beOZCYrFwWwBTp3uyxt/yx";
+    final String encStr = "RRvejxJ+wksH/kWnYfun/GeFoPKh6JHcA2dmxMOIraZiIuLISplmdyvl2Sq04rpP";
     PlexusCipher pc;
 
     @BeforeEach
@@ -88,6 +91,7 @@ void testDefaultAlgorithmExists() throws Exception {
 
     // -------------------------------------------------------------
 
+    @Disabled("This test is not really a test")
     @Test
     void stestFindDefaultAlgorithm() {
         String[] res = DefaultPlexusCipher.getServiceTypes();
@@ -152,18 +156,14 @@ void testDecrypt() {
     @Test
     void testDecorate() {
         String res = pc.decorate("aaa");
-        assertEquals(
-                PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP,
-                res,
-                "Decoration failed");
+        assertEquals("{aaa}", res, "Decoration failed");
     }
 
     // -------------------------------------------------------------
 
     @Test
     void testUnDecorate() throws Exception {
-        String res = pc.unDecorate(
-                PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP);
+        String res = pc.unDecorate("{aaa}");
         assertEquals("aaa", res, "Decoration failed");
     }
 

src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java renamed to src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java

@@ -17,7 +17,7 @@ Licensed to the Apache Software Foundation (ASF) under one
 under the License.
  */
 
-package org.sonatype.plexus.components.cipher;
+package org.codehaus.plexus.components.cipher.internal;
 
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -34,7 +34,7 @@ class PBECipherTest {
 
     final String clearText = "veryOpenText";
 
-    final String encryptedText = "F7eMV2QRQF4H0ODCA1nrTGUWacCXVvPemSjaQjGbO6U=";
+    final String encryptedText = "xnQ1RvJFoJsHoTZKyv76ej3XTGKt99ShUt/kPv4yHjw=";
 
     final String password = "testtest";