diff --git a/pom.xml b/pom.xml index ea54b1f..422f73f 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.codehaus.plexus plexus - 10 + 14 plexus-cipher @@ -16,8 +16,8 @@ scm:git:https://github.com/codehaus-plexus/plexus-cipher.git scm:git:https://github.com/codehaus-plexus/plexus-cipher.git - http://github.com/codehaus-plexus/plexus-cipher HEAD + http://github.com/codehaus-plexus/plexus-cipher jira @@ -99,20 +99,20 @@ utf8 - test test + test -Dfile.encoding=utf8 iso8859-1 - test test + test -Dfile.encoding=iso8859-1 diff --git a/src/main/java/org/sonatype/plexus/components/cipher/Base64.java b/src/main/java/org/sonatype/plexus/components/cipher/Base64.java index f6d10bf..46f0f00 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/Base64.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/Base64.java @@ -34,7 +34,7 @@ /** *

Provides Base64 encoding and decoding as defined by RFC 2045.

- * + * *

This class implements section 6.8. Base64 Content-Transfer-Encoding * from RFC 2045 Multipurpose Internet Mail Extensions (MIME) Part One: * Format of Internet Message Bodies by Freed and Borenstein.

@@ -43,8 +43,7 @@ * @see RFC 2045 * @since 1.0-dev */ -public class Base64 -{ +public class Base64 { /** * Chunk size per RFC 2045 section 6.8. @@ -204,7 +203,6 @@ public static byte[] encodeBase64Chunked(byte[] binaryData) { return encodeBase64(binaryData, true); } - /** * Decodes an Object using the base64 algorithm. This method * is provided in order to satisfy the requirements of the @@ -253,7 +251,7 @@ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { int nbrChunks = 0; if (fewerThan24bits != 0) { - //data not divisible by 24 bit + // data not divisible by 24 bit encodedDataLength = (numberTriplets + 1) * 4; } else { // 16 or 8 bit @@ -265,8 +263,7 @@ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { // allow for extra length to account for the separator(s) if (isChunked) { - nbrChunks = - (CHUNK_SEPARATOR.length == 0 ? 0 : (int) Math.ceil((float) encodedDataLength / CHUNK_SIZE)); + nbrChunks = (CHUNK_SEPARATOR.length == 0 ? 0 : (int) Math.ceil((float) encodedDataLength / CHUNK_SIZE)); encodedDataLength += nbrChunks * CHUNK_SEPARATOR.length; } @@ -279,33 +276,28 @@ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { int nextSeparatorIndex = CHUNK_SIZE; int chunksSoFar = 0; - //log.debug("number of triplets = " + numberTriplets); + // log.debug("number of triplets = " + numberTriplets); for (i = 0; i < numberTriplets; i++) { dataIndex = i * 3; b1 = binaryData[dataIndex]; b2 = binaryData[dataIndex + 1]; b3 = binaryData[dataIndex + 2]; - //log.debug("b1= " + b1 +", b2= " + b2 + ", b3= " + b3); + // log.debug("b1= " + b1 +", b2= " + b2 + ", b3= " + b3); l = (byte) (b2 & 0x0f); k = (byte) (b1 & 0x03); - byte val1 = - ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); - byte val2 = - ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0); - byte val3 = - ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc); + byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); + byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0); + byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc); encodedData[encodedIndex] = lookUpBase64Alphabet[val1]; - //log.debug( "val2 = " + val2 ); - //log.debug( "k4 = " + (k<<4) ); - //log.debug( "vak = " + (val2 | (k<<4)) ); - encodedData[encodedIndex + 1] = - lookUpBase64Alphabet[val2 | (k << 4)]; - encodedData[encodedIndex + 2] = - lookUpBase64Alphabet[(l << 2) | val3]; + // log.debug( "val2 = " + val2 ); + // log.debug( "k4 = " + (k<<4) ); + // log.debug( "vak = " + (val2 | (k<<4)) ); + encodedData[encodedIndex + 1] = lookUpBase64Alphabet[val2 | (k << 4)]; + encodedData[encodedIndex + 2] = lookUpBase64Alphabet[(l << 2) | val3]; encodedData[encodedIndex + 3] = lookUpBase64Alphabet[b3 & 0x3f]; encodedIndex += 4; @@ -314,15 +306,9 @@ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { if (isChunked) { // this assumes that CHUNK_SIZE % 4 == 0 if (encodedIndex == nextSeparatorIndex) { - System.arraycopy(CHUNK_SEPARATOR, - 0, - encodedData, - encodedIndex, - CHUNK_SEPARATOR.length); + System.arraycopy(CHUNK_SEPARATOR, 0, encodedData, encodedIndex, CHUNK_SEPARATOR.length); chunksSoFar++; - nextSeparatorIndex = - (CHUNK_SIZE * (chunksSoFar + 1)) + - (chunksSoFar * CHUNK_SEPARATOR.length); + nextSeparatorIndex = (CHUNK_SIZE * (chunksSoFar + 1)) + (chunksSoFar * CHUNK_SEPARATOR.length); encodedIndex += CHUNK_SEPARATOR.length; } } @@ -334,10 +320,9 @@ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { if (fewerThan24bits == EIGHTBIT) { b1 = binaryData[dataIndex]; k = (byte) (b1 & 0x03); - //log.debug("b1=" + b1); - //log.debug("b1<<2 = " + (b1>>2) ); - byte val1 = - ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); + // log.debug("b1=" + b1); + // log.debug("b1<<2 = " + (b1>>2) ); + byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); encodedData[encodedIndex] = lookUpBase64Alphabet[val1]; encodedData[encodedIndex + 1] = lookUpBase64Alphabet[k << 4]; encodedData[encodedIndex + 2] = PAD; @@ -349,14 +334,11 @@ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { l = (byte) (b2 & 0x0f); k = (byte) (b1 & 0x03); - byte val1 = - ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); - byte val2 = - ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0); + byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); + byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0); encodedData[encodedIndex] = lookUpBase64Alphabet[val1]; - encodedData[encodedIndex + 1] = - lookUpBase64Alphabet[val2 | (k << 4)]; + encodedData[encodedIndex + 1] = lookUpBase64Alphabet[val2 | (k << 4)]; encodedData[encodedIndex + 2] = lookUpBase64Alphabet[l << 2]; encodedData[encodedIndex + 3] = PAD; } @@ -364,11 +346,12 @@ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { if (isChunked) { // we also add a separator to the end of the final chunk. if (chunksSoFar < nbrChunks) { - System.arraycopy(CHUNK_SEPARATOR, - 0, - encodedData, - encodedDataLength - CHUNK_SEPARATOR.length, - CHUNK_SEPARATOR.length); + System.arraycopy( + CHUNK_SEPARATOR, + 0, + encodedData, + encodedDataLength - CHUNK_SEPARATOR.length, + CHUNK_SEPARATOR.length); } } @@ -418,25 +401,23 @@ public static byte[] decodeBase64(byte[] base64Data) { b2 = base64Alphabet[base64Data[dataIndex + 1]]; if (marker0 != PAD && marker1 != PAD) { - //No PAD e.g 3cQl + // No PAD e.g 3cQl b3 = base64Alphabet[marker0]; b4 = base64Alphabet[marker1]; decodedData[encodedIndex] = (byte) (b1 << 2 | b2 >> 4); - decodedData[encodedIndex + 1] = - (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf)); + decodedData[encodedIndex + 1] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf)); decodedData[encodedIndex + 2] = (byte) (b3 << 6 | b4); } else if (marker0 == PAD) { - //Two PAD e.g. 3c[Pad][Pad] + // Two PAD e.g. 3c[Pad][Pad] decodedData[encodedIndex] = (byte) (b1 << 2 | b2 >> 4); } else // if ( marker1 == PAD ) (always true at this point) { - //One PAD e.g. 3cQ[Pad] + // One PAD e.g. 3cQ[Pad] b3 = base64Alphabet[marker0]; decodedData[encodedIndex] = (byte) (b1 << 2 | b2 >> 4); - decodedData[encodedIndex + 1] = - (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf)); + decodedData[encodedIndex + 1] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf)); } encodedIndex += 3; } @@ -530,5 +511,4 @@ public Object encode(Object pObject) throws IllegalArgumentException { public byte[] encode(byte[] pArray) { return encodeBase64(pArray, false); } - } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java b/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java index 4393604..df7d145 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java @@ -12,6 +12,9 @@ */ package org.sonatype.plexus.components.cipher; +import javax.inject.Named; +import javax.inject.Singleton; + import java.security.Provider; import java.security.Security; import java.util.HashSet; @@ -19,9 +22,6 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; -import javax.inject.Named; -import javax.inject.Singleton; - import org.eclipse.sisu.Typed; /** @@ -30,109 +30,86 @@ * @author Oleg Gusakov */ @Singleton -@Named( "default" ) -@Typed( PlexusCipher.class ) -public class DefaultPlexusCipher - implements PlexusCipher -{ - private static final Pattern ENCRYPTED_STRING_PATTERN = Pattern.compile( ".*?[^\\\\]?\\{(.*?[^\\\\])\\}.*" ); +@Named("default") +@Typed(PlexusCipher.class) +public class DefaultPlexusCipher implements PlexusCipher { + private static final Pattern ENCRYPTED_STRING_PATTERN = Pattern.compile(".*?[^\\\\]?\\{(.*?[^\\\\])\\}.*"); private final PBECipher _cipher; // --------------------------------------------------------------- - public DefaultPlexusCipher() - { + public DefaultPlexusCipher() { _cipher = new PBECipher(); } // --------------------------------------------------------------- @Override - public String encrypt( final String str, final String passPhrase ) - throws PlexusCipherException - { - if ( str == null || str.length() < 1 ) - { + public String encrypt(final String str, final String passPhrase) throws PlexusCipherException { + if (str == null || str.length() < 1) { return str; } - return _cipher.encrypt64( str, passPhrase ); + return _cipher.encrypt64(str, passPhrase); } // --------------------------------------------------------------- @Override - public String encryptAndDecorate( final String str, final String passPhrase ) - throws PlexusCipherException - { - return decorate( encrypt( str, passPhrase ) ); + public String encryptAndDecorate(final String str, final String passPhrase) throws PlexusCipherException { + return decorate(encrypt(str, passPhrase)); } // --------------------------------------------------------------- @Override - public String decrypt( final String str, final String passPhrase ) - throws PlexusCipherException - { - if ( str == null || str.length() < 1 ) - { + public String decrypt(final String str, final String passPhrase) throws PlexusCipherException { + if (str == null || str.length() < 1) { return str; } - return _cipher.decrypt64( str, passPhrase ); + return _cipher.decrypt64(str, passPhrase); } // --------------------------------------------------------------- @Override - public String decryptDecorated( final String str, final String passPhrase ) - throws PlexusCipherException - { - if ( str == null || str.length() < 1 ) - { + public String decryptDecorated(final String str, final String passPhrase) throws PlexusCipherException { + if (str == null || str.length() < 1) { return str; } - if ( isEncryptedString( str ) ) - { - return decrypt( unDecorate( str ), passPhrase ); + if (isEncryptedString(str)) { + return decrypt(unDecorate(str), passPhrase); } - return decrypt( str, passPhrase ); + return decrypt(str, passPhrase); } // ---------------------------------------------------------------------------- @Override - public boolean isEncryptedString( final String str ) - { - if ( str == null || str.length() < 1 ) - { + public boolean isEncryptedString(final String str) { + if (str == null || str.length() < 1) { return false; } - Matcher matcher = ENCRYPTED_STRING_PATTERN.matcher( str ); + Matcher matcher = ENCRYPTED_STRING_PATTERN.matcher(str); return matcher.matches() || matcher.find(); } // ---------------------------------------------------------------------------- @Override - public String unDecorate( final String str ) - throws PlexusCipherException - { - Matcher matcher = ENCRYPTED_STRING_PATTERN.matcher( str ); - - if ( matcher.matches() || matcher.find() ) - { - return matcher.group( 1 ); - } - else - { - throw new PlexusCipherException( "default.plexus.cipher.badEncryptedPassword" ); + public String unDecorate(final String str) throws PlexusCipherException { + Matcher matcher = ENCRYPTED_STRING_PATTERN.matcher(str); + + if (matcher.matches() || matcher.find()) { + return matcher.group(1); + } else { + throw new PlexusCipherException("default.plexus.cipher.badEncryptedPassword"); } } // ---------------------------------------------------------------------------- @Override - public String decorate( final String str ) - { - return ENCRYPTED_STRING_DECORATION_START + ( str == null ? "" : str ) + ENCRYPTED_STRING_DECORATION_STOP; + public String decorate(final String str) { + return ENCRYPTED_STRING_DECORATION_START + (str == null ? "" : str) + ENCRYPTED_STRING_DECORATION_STOP; } // --------------------------------------------------------------- @@ -140,8 +117,7 @@ public String decorate( final String str ) /** * Exploratory part. This method returns all available services types */ - public static String[] getServiceTypes() - { + public static String[] getServiceTypes() { Set result = new HashSet<>(); // All all providers @@ -167,8 +143,7 @@ public static String[] getServiceTypes() /** * This method returns the available implementations for a service type */ - public static String[] getCryptoImpls( final String serviceType ) - { + public static String[] getCryptoImpls(final String serviceType) { Set result = new HashSet<>(); // All all providers @@ -182,8 +157,7 @@ public static String[] getCryptoImpls( final String serviceType ) if (key.startsWith(serviceType + ".")) { result.add(key.substring(serviceType.length() + 1)); - } - else if (key.startsWith("Alg.Alias." + serviceType + ".")) { + } else if (key.startsWith("Alg.Alias." + serviceType + ".")) { // This is an alias result.add(key.substring(serviceType.length() + 11)); } @@ -193,13 +167,11 @@ else if (key.startsWith("Alg.Alias." + serviceType + ".")) { } // --------------------------------------------------------------- - public static void main( final String[] args ) - { + public static void main(final String[] args) { // Security.addProvider( new BouncyCastleProvider() ); String[] serviceTypes = getServiceTypes(); - if ( serviceTypes != null ) - { + if (serviceTypes != null) { for (String serviceType : serviceTypes) { String[] serviceProviders = getCryptoImpls(serviceType); if (serviceProviders != null) { @@ -207,8 +179,7 @@ public static void main( final String[] args ) for (String provider : serviceProviders) { System.out.println(" " + provider); } - } - else { + } else { System.out.println(serviceType + ": does not have any providers in this environment"); } } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java index 2876c62..17a620c 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java @@ -19,6 +19,13 @@ Licensed to the Apache Software Foundation (ASF) under one package org.sonatype.plexus.components.cipher; +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; + import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.MessageDigest; @@ -27,28 +34,20 @@ Licensed to the Apache Software Foundation (ASF) under one import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; -import javax.crypto.Cipher; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; - /** * This class is thread-safe. * * @author Oleg Gusakov */ -public class PBECipher -{ +public class PBECipher { protected static final String STRING_ENCODING = "UTF8"; - + protected static final int SPICE_SIZE = 16; - + protected static final int SALT_SIZE = 8; protected static final int CHUNK_SIZE = 16; - + protected static final byte WIPER = 0; protected static final String DIGEST_ALG = "SHA-256"; @@ -61,108 +60,97 @@ public class PBECipher private static final SecureRandom _secureRandom = new SecureRandom(); - //--------------------------------------------------------------- - private byte[] getSalt( final int sz ) - { - byte[] res = new byte[ sz ]; + // --------------------------------------------------------------- + private byte[] getSalt(final int sz) { + byte[] res = new byte[sz]; - _secureRandom.nextBytes( res ); + _secureRandom.nextBytes(res); return res; } - //------------------------------------------------------------------------------- - public String encrypt64( final String clearText, final String password ) - throws PlexusCipherException - { - try - { - byte[] clearBytes = clearText.getBytes( STRING_ENCODING ); - - byte[] salt = getSalt( SALT_SIZE ); - - Cipher cipher = createCipher( password.toCharArray(), salt, Cipher.ENCRYPT_MODE ); - - byte [] encryptedBytes = cipher.doFinal( clearBytes ); - + // ------------------------------------------------------------------------------- + public String encrypt64(final String clearText, final String password) throws PlexusCipherException { + try { + byte[] clearBytes = clearText.getBytes(STRING_ENCODING); + + byte[] salt = getSalt(SALT_SIZE); + + Cipher cipher = createCipher(password.toCharArray(), salt, Cipher.ENCRYPT_MODE); + + byte[] encryptedBytes = cipher.doFinal(clearBytes); + int len = encryptedBytes.length; - - byte padLen = (byte) ( CHUNK_SIZE - (SALT_SIZE + len + 1) % CHUNK_SIZE ); - + + byte padLen = (byte) (CHUNK_SIZE - (SALT_SIZE + len + 1) % CHUNK_SIZE); + int totalLen = SALT_SIZE + len + padLen + 1; - - byte [] allEncryptedBytes = getSalt( totalLen ); - - System.arraycopy( salt, 0, allEncryptedBytes, 0, SALT_SIZE ); - - allEncryptedBytes[ SALT_SIZE ] = padLen; - - System.arraycopy( encryptedBytes, 0, allEncryptedBytes, SALT_SIZE + 1, len ); - - byte [] encryptedTextBytes = Base64.encodeBase64( allEncryptedBytes ); - - return new String( encryptedTextBytes, STRING_ENCODING ); - } - catch( Exception e) - { + + byte[] allEncryptedBytes = getSalt(totalLen); + + System.arraycopy(salt, 0, allEncryptedBytes, 0, SALT_SIZE); + + allEncryptedBytes[SALT_SIZE] = padLen; + + System.arraycopy(encryptedBytes, 0, allEncryptedBytes, SALT_SIZE + 1, len); + + byte[] encryptedTextBytes = Base64.encodeBase64(allEncryptedBytes); + + return new String(encryptedTextBytes, STRING_ENCODING); + } catch (Exception e) { throw new PlexusCipherException(e); } } // ------------------------------------------------------------------------------- - public String decrypt64( final String encryptedText, final String password ) - throws PlexusCipherException - { - try - { - byte[] allEncryptedBytes = Base64.decodeBase64( encryptedText.getBytes() ); - + public String decrypt64(final String encryptedText, final String password) throws PlexusCipherException { + try { + byte[] allEncryptedBytes = Base64.decodeBase64(encryptedText.getBytes()); + int totalLen = allEncryptedBytes.length; - - byte [] salt = new byte[ SALT_SIZE ]; - - System.arraycopy( allEncryptedBytes, 0, salt, 0, SALT_SIZE ); - - byte padLen = allEncryptedBytes[ SALT_SIZE ]; - - byte [] encryptedBytes = new byte[ totalLen - SALT_SIZE - 1 - padLen ]; - - System.arraycopy( allEncryptedBytes, SALT_SIZE + 1, encryptedBytes, 0, encryptedBytes.length ); - - Cipher cipher = createCipher( password.toCharArray(), salt, Cipher.DECRYPT_MODE ); - - byte [] clearBytes = cipher.doFinal( encryptedBytes ); - - return new String( clearBytes, STRING_ENCODING ); - } - catch( Exception e) - { + + byte[] salt = new byte[SALT_SIZE]; + + System.arraycopy(allEncryptedBytes, 0, salt, 0, SALT_SIZE); + + byte padLen = allEncryptedBytes[SALT_SIZE]; + + byte[] encryptedBytes = new byte[totalLen - SALT_SIZE - 1 - padLen]; + + System.arraycopy(allEncryptedBytes, SALT_SIZE + 1, encryptedBytes, 0, encryptedBytes.length); + + Cipher cipher = createCipher(password.toCharArray(), salt, Cipher.DECRYPT_MODE); + + byte[] clearBytes = cipher.doFinal(encryptedBytes); + + return new String(clearBytes, STRING_ENCODING); + } catch (Exception e) { throw new PlexusCipherException(e); } } - //------------------------------------------------------------------------------- - private Cipher createCipher( final char[] pwd, byte [] salt, final int mode ) - throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, InvalidKeySpecException - { - MessageDigest _digester = MessageDigest.getInstance( DIGEST_ALG ); + // ------------------------------------------------------------------------------- + private Cipher createCipher(final char[] pwd, byte[] salt, final int mode) + throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, + InvalidAlgorithmParameterException, InvalidKeySpecException { + MessageDigest _digester = MessageDigest.getInstance(DIGEST_ALG); - byte[] keyAndIv = new byte[ SPICE_SIZE * 2 ]; + byte[] keyAndIv = new byte[SPICE_SIZE * 2]; KeySpec spec = new PBEKeySpec(pwd, salt, 310000, SPICE_SIZE * 16); SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); keyAndIv = factory.generateSecret(spec).getEncoded(); - - byte[] key = new byte[ SPICE_SIZE ]; - - byte[] iv = new byte[ SPICE_SIZE ]; - + + byte[] key = new byte[SPICE_SIZE]; + + byte[] iv = new byte[SPICE_SIZE]; + System.arraycopy(keyAndIv, 0, key, 0, key.length); - + System.arraycopy(keyAndIv, key.length, iv, 0, iv.length); - Cipher cipher = Cipher.getInstance( CIPHER_ALG ); + Cipher cipher = Cipher.getInstance(CIPHER_ALG); + + cipher.init(mode, new SecretKeySpec(key, KEY_ALG), new IvParameterSpec(iv)); - cipher.init( mode, new SecretKeySpec( key, KEY_ALG ), new IvParameterSpec( iv ) ); - return cipher; } } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java index 105dae4..5038f34 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java @@ -15,81 +15,75 @@ /** * @author Oleg Gusakov */ -public interface PlexusCipher -{ +public interface PlexusCipher { char ENCRYPTED_STRING_DECORATION_START = '{'; char ENCRYPTED_STRING_DECORATION_STOP = '}'; /** * encrypt given string with the given passPhrase and encode it into base64 - * + * * @param str * @param passPhrase * @return encrypted str * @throws PlexusCipherException */ - String encrypt( String str, String passPhrase ) - throws PlexusCipherException; + String encrypt(String str, String passPhrase) throws PlexusCipherException; /** * encrypt given string with the given passPhrase, encode it into base64 and return result, wrapped into { } * decorations - * + * * @param str * @param passPhrase * @return encrypted and decorated str * @throws PlexusCipherException */ - String encryptAndDecorate( String str, String passPhrase ) - throws PlexusCipherException; + String encryptAndDecorate(String str, String passPhrase) throws PlexusCipherException; /** * decrypt given base64 encrypted string - * + * * @param str * @param passPhrase * @return decrypted str * @throws PlexusCipherException */ - String decrypt( String str, String passPhrase ) - throws PlexusCipherException; + String decrypt(String str, String passPhrase) throws PlexusCipherException; /** * decrypt given base64 encoded encrypted string. If string is decorated, decrypt base64 encoded string inside * decorations - * + * * @param str * @param passPhrase * @return decrypted decorated str * @throws PlexusCipherException */ - String decryptDecorated( String str, String passPhrase ) - throws PlexusCipherException; + String decryptDecorated(String str, String passPhrase) throws PlexusCipherException; /** * check if given string is decorated - * + * * @param str * @return true if string is encrypted */ - boolean isEncryptedString( String str ); + boolean isEncryptedString(String str); /** * return string inside decorations - * + * * @param str * @return undecorated str * @throws PlexusCipherException */ - String unDecorate( String str ) - throws PlexusCipherException; + String unDecorate(String str) throws PlexusCipherException; /** * decorated given string with { and } - * + * * @param str * @return decorated str */ - String decorate( String str ); + String decorate(String str); } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java index 836fd37..10f8f85 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java @@ -12,25 +12,18 @@ */ package org.sonatype.plexus.components.cipher; -public class PlexusCipherException - extends Exception -{ - public PlexusCipherException() - { - } +public class PlexusCipherException extends Exception { + public PlexusCipherException() {} - public PlexusCipherException( String message ) - { - super( message ); + public PlexusCipherException(String message) { + super(message); } - public PlexusCipherException( Throwable cause ) - { - super( cause ); + public PlexusCipherException(Throwable cause) { + super(cause); } - public PlexusCipherException( String message, Throwable cause ) - { - super( message, cause ); + public PlexusCipherException(String message, Throwable cause) { + super(message, cause); } } diff --git a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java index 57708ed..929551a 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java @@ -22,11 +22,10 @@ /** * Test the Plexus Cipher container - * + * * @author Oleg Gusakov */ -public class DefaultPlexusCipherTest -{ +public class DefaultPlexusCipherTest { private final String passPhrase = "testtest"; String str = "my testing phrase"; @@ -37,76 +36,66 @@ public class DefaultPlexusCipherTest // ------------------------------------------------------------- @Before - public void prepare() - throws Exception - { + public void prepare() throws Exception { pc = new DefaultPlexusCipher(); } @Test - public void testIsEncryptedString() - { + public void testIsEncryptedString() { String noBraces = "This is a test"; String normalBraces = "Comment {This is a test} other comment with a: }"; String escapedBraces = "\\{This is a test\\}"; String mixedBraces = "Comment {foo\\{This is a test\\}} other comment with a: }"; - assertFalse( pc.isEncryptedString( noBraces ) ); + assertFalse(pc.isEncryptedString(noBraces)); - assertTrue( pc.isEncryptedString( normalBraces ) ); + assertTrue(pc.isEncryptedString(normalBraces)); - assertFalse( pc.isEncryptedString( escapedBraces ) ); + assertFalse(pc.isEncryptedString(escapedBraces)); - assertTrue( pc.isEncryptedString( mixedBraces ) ); + assertTrue(pc.isEncryptedString(mixedBraces)); } @Test - public void testUnDecorate_BracesPermutations() - throws PlexusCipherException - { + public void testUnDecorate_BracesPermutations() throws PlexusCipherException { String noBraces = "This is a test"; String normalBraces = "Comment {This is a test} other comment with a: }"; String mixedBraces = "Comment {foo\\{This is a test\\}} other comment with a: }"; - assertEquals( noBraces, pc.unDecorate( normalBraces ) ); + assertEquals(noBraces, pc.unDecorate(normalBraces)); - assertEquals( "foo\\{" + noBraces + "\\}", pc.unDecorate( mixedBraces ) ); + assertEquals("foo\\{" + noBraces + "\\}", pc.unDecorate(mixedBraces)); } // ------------------------------------------------------------- @Test - public void testDefaultAlgorithmExists() - throws Exception - { - String[] res = DefaultPlexusCipher.getCryptoImpls( "Cipher" ); - assertNotNull( "No Cipher providers found in the current environment", res ); + public void testDefaultAlgorithmExists() throws Exception { + String[] res = DefaultPlexusCipher.getCryptoImpls("Cipher"); + assertNotNull("No Cipher providers found in the current environment", res); - System.out.println( "\n=== Available ciphers :" ); + System.out.println("\n=== Available ciphers :"); for (String re : res) { System.out.println(re); } - System.out.println( "====================" ); + System.out.println("===================="); for (String provider : res) { - if (PBECipher.KEY_ALG.equalsIgnoreCase(provider)) - return; + if (PBECipher.KEY_ALG.equalsIgnoreCase(provider)) return; } - throw new Exception( "Cannot find default algorithm " + PBECipher.KEY_ALG + " in the current environment." ); + throw new Exception("Cannot find default algorithm " + PBECipher.KEY_ALG + " in the current environment."); } // ------------------------------------------------------------- @Test - public void stestFindDefaultAlgorithm() - throws Exception - { + public void stestFindDefaultAlgorithm() throws Exception { String[] res = DefaultPlexusCipher.getServiceTypes(); - assertNotNull( "No service types found in the current environment", res ); + assertNotNull("No service types found in the current environment", res); - String[] impls = DefaultPlexusCipher.getCryptoImpls( "Cipher" ); - assertNotNull( "No Cipher providers found in the current environment", impls ); + String[] impls = DefaultPlexusCipher.getCryptoImpls("Cipher"); + assertNotNull("No Cipher providers found in the current environment", impls); for (String impl : impls) try { @@ -121,81 +110,69 @@ public void stestFindDefaultAlgorithm() // ------------------------------------------------------------- @Test - public void testEncrypt() - throws Exception - { - String xRes = pc.encrypt( str, passPhrase ); + public void testEncrypt() throws Exception { + String xRes = pc.encrypt(str, passPhrase); - System.out.println( xRes ); + System.out.println(xRes); - String res = pc.decrypt( xRes, passPhrase ); + String res = pc.decrypt(xRes, passPhrase); - assertEquals( "Encryption/Decryption did not produce desired result", str, res ); + assertEquals("Encryption/Decryption did not produce desired result", str, res); } // ------------------------------------------------------------- @Test - public void testEncryptVariableLengths() - throws Exception - { + public void testEncryptVariableLengths() throws Exception { String xRes = null; String res = null; String pass = "g"; - for ( int i = 0; i < 64; i++ ) - { + for (int i = 0; i < 64; i++) { pass = pass + 'a'; - xRes = pc.encrypt( str, pass ); + xRes = pc.encrypt(str, pass); - System.out.println( pass.length() + ": " + xRes ); + System.out.println(pass.length() + ": " + xRes); - res = pc.decrypt( xRes, pass ); + res = pc.decrypt(xRes, pass); - assertEquals( "Encryption/Decryption did not produce desired result", str, res ); + assertEquals("Encryption/Decryption did not produce desired result", str, res); } } // ------------------------------------------------------------- - public void testDecrypt() - throws Exception - { - String res = pc.decrypt( encStr, passPhrase ); - assertEquals( "Decryption did not produce desired result", str, res ); + public void testDecrypt() throws Exception { + String res = pc.decrypt(encStr, passPhrase); + assertEquals("Decryption did not produce desired result", str, res); } // ------------------------------------------------------------- @Test - public void testDecorate() - throws Exception - { - String res = pc.decorate( "aaa" ); - assertEquals( "Decoration failed", PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" - + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP, res ); + public void testDecorate() throws Exception { + String res = pc.decorate("aaa"); + assertEquals( + "Decoration failed", + PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP, + res); } // ------------------------------------------------------------- @Test - public void testUnDecorate() - throws Exception - { - String res = - pc.unDecorate( PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" - + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP ); - assertEquals( "Decoration failed", "aaa", res ); + public void testUnDecorate() throws Exception { + String res = pc.unDecorate( + PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP); + assertEquals("Decoration failed", "aaa", res); } // ------------------------------------------------------------- @Test - public void testEncryptAndDecorate() - throws Exception - { - String res = pc.encryptAndDecorate( "my-password", "12345678" ); + public void testEncryptAndDecorate() throws Exception { + String res = pc.encryptAndDecorate("my-password", "12345678"); - assertEquals( '{', res.charAt( 0 ) ); + assertEquals('{', res.charAt(0)); } } diff --git a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java index 3b14ee6..001a460 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java @@ -29,8 +29,7 @@ Licensed to the Apache Software Foundation (ASF) under one /** * @author Oleg Gusakov */ -public class PBECipherTest -{ +public class PBECipherTest { PBECipher _cipher; String _cleatText = "veryOpenText"; @@ -40,49 +39,41 @@ public class PBECipherTest String _password = "testtest"; @Before - public void prepare() - throws Exception - { + public void prepare() throws Exception { _cipher = new PBECipher(); } @Test - public void testEncrypt() - throws Exception - { - String enc = _cipher.encrypt64( _cleatText, _password ); + public void testEncrypt() throws Exception { + String enc = _cipher.encrypt64(_cleatText, _password); - assertNotNull( enc ); + assertNotNull(enc); - System.out.println( enc ); + System.out.println(enc); - String enc2 = _cipher.encrypt64( _cleatText, _password ); + String enc2 = _cipher.encrypt64(_cleatText, _password); - assertNotNull( enc2 ); + assertNotNull(enc2); - System.out.println( enc2 ); + System.out.println(enc2); - assertFalse( enc.equals( enc2 ) ); + assertFalse(enc.equals(enc2)); } @Test - public void testDecrypt() - throws Exception - { - String clear = _cipher.decrypt64( _encryptedText, _password ); + public void testDecrypt() throws Exception { + String clear = _cipher.decrypt64(_encryptedText, _password); - assertEquals( _cleatText, clear ); + assertEquals(_cleatText, clear); } @Test - public void testEncoding() - throws Exception - { - System.out.println("file.encoding=" + System.getProperty("file.encoding")); - - String pwd = "äüöÜÖÄß\"§$%&/()=?é"; - String encPwd = _cipher.encrypt64(pwd, pwd); - String decPwd = _cipher.decrypt64(encPwd, pwd); - assertEquals(pwd, decPwd); + public void testEncoding() throws Exception { + System.out.println("file.encoding=" + System.getProperty("file.encoding")); + + String pwd = "äüöÜÖÄß\"§$%&/()=?é"; + String encPwd = _cipher.encrypt64(pwd, pwd); + String decPwd = _cipher.decrypt64(encPwd, pwd); + assertEquals(pwd, decPwd); } }