fix wrong key usage during encoding in DefaultCipherHandler, see issue #887

2026-02-04 13:49:13 +01:00 · 2016-11-29 20:11:03 +01:00
parent 526d79b96d
commit a546246fc1
2 changed files with 64 additions and 1 deletions
--- a/scm-core/src/main/java/sonia/scm/security/DefaultCipherHandler.java
+++ b/scm-core/src/main/java/sonia/scm/security/DefaultCipherHandler.java
@@ -251,7 +251,7 @@ public class DefaultCipherHandler implements CipherHandler
      random.nextBytes(salt);

      IvParameterSpec iv = new IvParameterSpec(salt);
-      SecretKey secretKey = buildSecretKey(key);
+      SecretKey secretKey = buildSecretKey(plainKey);
      javax.crypto.Cipher cipher = javax.crypto.Cipher.getInstance(CIPHER_TYPE);

      cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, secretKey, iv);