You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gg...@apache.org on 2022/12/11 03:21:14 UTC
[commons-compress] 02/02: Refactor duplication and magix strings
This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-compress.git
commit 6d89cdfb3d3f5e846fd5d7082e616a5b2ab56d7c
Author: Gary Gregory <ga...@gmail.com>
AuthorDate: Sat Dec 10 22:21:07 2022 -0500
Refactor duplication and magix strings
---
.../compress/archivers/sevenz/AES256Options.java | 40 +++++++++++++---------
.../archivers/sevenz/AES256SHA256Decoder.java | 5 ++-
2 files changed, 26 insertions(+), 19 deletions(-)
diff --git a/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256Options.java b/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256Options.java
index d6bb17a8..ba23a135 100644
--- a/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256Options.java
+++ b/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256Options.java
@@ -33,9 +33,27 @@ import javax.crypto.spec.SecretKeySpec;
*/
class AES256Options {
+ static final String ALGORITHM = "AES";
+
+ static final String TRANSFORMATION = "AES/CBC/NoPadding";
+
+ static SecretKeySpec newSecretKeySpec(final byte[] bytes) {
+ return new SecretKeySpec(bytes, ALGORITHM);
+ }
+ private static byte[] randomBytes(int size) {
+ byte[] bytes = new byte[size];
+ try {
+ SecureRandom.getInstanceStrong().nextBytes(bytes);
+ } catch (NoSuchAlgorithmException e) {
+ throw new IllegalStateException("No strong secure random available to generate strong AES key", e);
+ }
+ return bytes;
+ }
private final byte[] salt;
private final byte[] iv;
+
private final int numCyclesPower;
+
private final Cipher cipher;
/**
@@ -59,10 +77,10 @@ class AES256Options {
// NOTE: for security purposes, password is wrapped in a Cipher as soon as possible to not stay in memory
final byte[] aesKeyBytes = AES256SHA256Decoder.sha256Password(password, numCyclesPower, salt);
- final SecretKey aesKey = new SecretKeySpec(aesKeyBytes, "AES");
+ final SecretKey aesKey = newSecretKeySpec(aesKeyBytes);
try {
- cipher = Cipher.getInstance("AES/CBC/NoPadding");
+ cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, aesKey, new IvParameterSpec(iv));
} catch (final GeneralSecurityException generalSecurityException) {
throw new IllegalStateException(
@@ -72,6 +90,10 @@ class AES256Options {
}
}
+ Cipher getCipher() {
+ return cipher;
+ }
+
byte[] getIv() {
return iv;
}
@@ -83,18 +105,4 @@ class AES256Options {
byte[] getSalt() {
return salt;
}
-
- Cipher getCipher() {
- return cipher;
- }
-
- private static byte[] randomBytes(int size) {
- byte[] bytes = new byte[size];
- try {
- SecureRandom.getInstanceStrong().nextBytes(bytes);
- } catch (NoSuchAlgorithmException e) {
- throw new IllegalStateException("No strong secure random available to generate strong AES key", e);
- }
- return bytes;
- }
}
diff --git a/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256SHA256Decoder.java b/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256SHA256Decoder.java
index 19d43443..4353bf52 100644
--- a/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256SHA256Decoder.java
+++ b/src/main/java/org/apache/commons/compress/archivers/sevenz/AES256SHA256Decoder.java
@@ -34,7 +34,6 @@ import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.compress.PasswordRequiredException;
@@ -87,9 +86,9 @@ class AES256SHA256Decoder extends AbstractCoder {
aesKeyBytes = sha256Password(passwordBytes, numCyclesPower, salt);
}
- final SecretKey aesKey = new SecretKeySpec(aesKeyBytes, "AES");
+ final SecretKey aesKey = AES256Options.newSecretKeySpec(aesKeyBytes);
try {
- final Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+ final Cipher cipher = Cipher.getInstance(AES256Options.TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, aesKey, new IvParameterSpec(iv));
cipherInputStream = new CipherInputStream(in, cipher);
isInitialized = true;