Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-01-19 05:52:11 +01:00
Code Issues Packages Projects Releases Activity

#979 use a java 7 compatible cipher spec

Browse Source
This commit is contained in:
Sebastian Sdorra
2018-04-30 09:27:00 +02:00
parent 3ee0bcedac
commit cbecb3731b
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
scm-clients/scm-cli-client/src/main/java/sonia/scm/cli/config/AesCipherStreamHandler.java
View File

@@ -37,7 +37,7 @@ import com.google.common.base.Charsets;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.IOException;
import java.io.InputStream;
@@ -53,7 +53,9 @@ import java.security.SecureRandom;
*/
public class AesCipherStreamHandler implements CipherStreamHandler {
private static final String ALGORITHM = "AES/GCM/NoPadding";
private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5PADDING";
private static final String SECRET_KEY_ALGORITHM = "AES";
private static final int IV_LENGTH = 16;
private final SecureRandom random = new SecureRandom();
@@ -77,11 +79,15 @@ public class AesCipherStreamHandler implements CipherStreamHandler {
}
private Cipher createCipherForDecryption(InputStream inputStream) throws IOException {
byte[] iv =new byte[12];
byte[] iv = createEmptyIvArray();
inputStream.read(iv);
return createCipher(Cipher.DECRYPT_MODE, iv);
}
private byte[] createEmptyIvArray() {
return new byte[IV_LENGTH];
}
private Cipher createCipherForEncryption() {
byte[] iv = generateIV();
return createCipher(Cipher.ENCRYPT_MODE, iv);
@@ -90,16 +96,16 @@ public class AesCipherStreamHandler implements CipherStreamHandler {
private byte[] generateIV() {
// use 12 byte as described at nist
// https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
byte[] iv = new byte[12];
byte[] iv = createEmptyIvArray();
random.nextBytes(iv);
return iv;
}
private Cipher createCipher(int mode, byte[] iv) {
try {
Cipher cipher = Cipher.getInstance(ALGORITHM);
GCMParameterSpec parameterSpec = new GCMParameterSpec(128, iv);
cipher.init(mode, new SecretKeySpec(secretKey, "AES"), parameterSpec);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
cipher.init(mode, new SecretKeySpec(secretKey, SECRET_KEY_ALGORITHM), ivParameterSpec);
return cipher;
} catch (Exception ex) {
throw new ScmConfigException("failed to create cipher", ex);