You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@wicket.apache.org by mg...@apache.org on 2016/05/26 16:52:24 UTC

[1/5] wicket git commit: WICKET-6154 move provider registration to factory, so the check for the cipher's availability is done once only

Repository: wicket
Updated Branches:
  refs/heads/wicket-6.x c5450392c -> 0c4b417ff


WICKET-6154 move provider registration to factory, so the check for the cipher's availability is done once only


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/051e294a
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/051e294a
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/051e294a

Branch: refs/heads/wicket-6.x
Commit: 051e294ab6159ec4054bbd1a5d305253093d1661
Parents: 0a14462
Author: Sven Meier <sv...@apache.org>
Authored: Mon May 2 23:12:05 2016 +0200
Committer: Sven Meier <sv...@apache.org>
Committed: Mon May 2 23:12:05 2016 +0200

----------------------------------------------------------------------
 .../crypt/KeyInSessionSunJceCryptFactory.java   | 27 +++++++++++++++++---
 .../apache/wicket/util/crypt/SunJceCrypt.java   | 18 -------------
 2 files changed, 23 insertions(+), 22 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/051e294a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
index 5b3bae6..ceedcfc 100644
--- a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
+++ b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
@@ -16,6 +16,8 @@
  */
 package org.apache.wicket.core.util.crypt;
 
+import java.security.Provider;
+import java.security.Security;
 import java.util.UUID;
 
 import org.apache.wicket.MetaDataKey;
@@ -26,11 +28,11 @@ import org.apache.wicket.util.crypt.SunJceCrypt;
 import org.apache.wicket.util.lang.Args;
 
 /**
- * Crypt factory that produces {@link SunJceCrypt} instances based on http session-specific
- * encryption key. This allows each user to have their own encryption key, hardening against CSRF
+ * Crypt factory that produces {@link SunJceCrypt} instances based on session-specific
+ * encryption key. This allows each user to have his own encryption key, hardening against CSRF
  * attacks.
- *
- * Note that the use of this crypt factory will result in an immediate creation of a http session
+ * <br>
+ * Note that the use of this crypt factory will result in an immediate creation of a session.
  *
  * @author igor.vaynberg
  */
@@ -61,6 +63,23 @@ public class KeyInSessionSunJceCryptFactory implements ICryptFactory
 	public KeyInSessionSunJceCryptFactory(String cryptMethod)
 	{
 		this.cryptMethod = Args.notNull(cryptMethod, "Crypt method");
+
+
+		if (Security.getProviders("Cipher." + cryptMethod).length > 0)
+		{
+			return; // we are good to go!
+		}
+		try
+		{
+			// Initialize and add a security provider required for encryption
+			final Class<?> clazz = Class.forName("com.sun.crypto.provider.SunJCE");
+
+			Security.addProvider((Provider)clazz.newInstance());
+		}
+		catch (Exception ex)
+		{
+			throw new RuntimeException("Unable to load SunJCE service provider", ex);
+		}
 	}
 
 	@Override

http://git-wip-us.apache.org/repos/asf/wicket/blob/051e294a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
----------------------------------------------------------------------
diff --git a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
index 934f586..778cfb0 100644
--- a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
+++ b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
@@ -18,8 +18,6 @@ package org.apache.wicket.util.crypt;
 
 import java.security.GeneralSecurityException;
 import java.security.NoSuchAlgorithmException;
-import java.security.Provider;
-import java.security.Security;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.KeySpec;
@@ -77,22 +75,6 @@ public class SunJceCrypt extends AbstractCrypt
 	public SunJceCrypt(String cryptMethod)
 	{
 		this.cryptMethod = Args.notNull(cryptMethod, "Crypt method");
-
-		if (Security.getProviders("Cipher." + cryptMethod).length > 0)
-		{
-			return; // we are good to go!
-		}
-		try
-		{
-			// Initialize and add a security provider required for encryption
-			final Class<?> clazz = Class.forName("com.sun.crypto.provider.SunJCE");
-
-			Security.addProvider((Provider)clazz.newInstance());
-		}
-		catch (Exception ex)
-		{
-			throw new RuntimeException("Unable to load SunJCE service provider", ex);
-		}
 	}
 
 	/**

[4/5] wicket git commit: WICKET-6154 Performance bottleneck when using KeyInSessionSunJceCryptFactory

Posted by mg...@apache.org.

WICKET-6154 Performance bottleneck when using KeyInSessionSunJceCryptFactory

Fix typo in javadoc


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/21bd7a42
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/21bd7a42
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/21bd7a42

Branch: refs/heads/wicket-6.x
Commit: 21bd7a42192a0e454ecac4b63799c462a4c6b376
Parents: b1f21a3
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Sun May 22 10:51:25 2016 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Sun May 22 10:51:25 2016 +0200

----------------------------------------------------------------------
 .../test/java/org/apache/wicket/util/crypt/SunJceCryptTest.java  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/21bd7a42/wicket-util/src/test/java/org/apache/wicket/util/crypt/SunJceCryptTest.java
----------------------------------------------------------------------
diff --git a/wicket-util/src/test/java/org/apache/wicket/util/crypt/SunJceCryptTest.java b/wicket-util/src/test/java/org/apache/wicket/util/crypt/SunJceCryptTest.java
index 1d366bd..2bb813d 100644
--- a/wicket-util/src/test/java/org/apache/wicket/util/crypt/SunJceCryptTest.java
+++ b/wicket-util/src/test/java/org/apache/wicket/util/crypt/SunJceCryptTest.java
@@ -62,10 +62,10 @@ public class SunJceCryptTest extends Assert
 	}
 
 	/**
-	 * Checks whether Oracle Unlimited Strenght Jurisdiction Policy is installed
+	 * Checks whether Oracle Unlimited Strength Jurisdiction Policy is installed
 	 * Based on http://stackoverflow.com/a/8607735
 	 *
-	 * @return {@code true} if Unlimited Strenght Jurisdiction Policy is installed
+	 * @return {@code true} if Unlimited Strength Jurisdiction Policy is installed
 	 * @throws NoSuchAlgorithmException
 	 */
 	static boolean isUnlimitedStrengthJurisdictionPolicyInstalled() throws NoSuchAlgorithmException

[2/5] wicket git commit: WICKET-6154 Performance bottleneck when using KeyInSessionSunJceCryptFactory

Posted by mg...@apache.org.

WICKET-6154 Performance bottleneck when using KeyInSessionSunJceCryptFactory

Reduce the complexity of the method by removing a conditional branch that is not really needed.

Note: Security#getProviders() javadoc states that it may return null but the implementation (and the years in usage) show that it actually returns empty array


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/a338eb9d
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/a338eb9d
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/a338eb9d

Branch: refs/heads/wicket-6.x
Commit: a338eb9df15f3609d3fab78fc2d51cf1afacbb10
Parents: 051e294
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Sun May 22 10:44:49 2016 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Sun May 22 10:44:49 2016 +0200

----------------------------------------------------------------------
 .../crypt/KeyInSessionSunJceCryptFactory.java   | 25 ++++++++++----------
 1 file changed, 12 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/a338eb9d/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
index ceedcfc..ce3037e 100644
--- a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
+++ b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
@@ -64,21 +64,20 @@ public class KeyInSessionSunJceCryptFactory implements ICryptFactory
 	{
 		this.cryptMethod = Args.notNull(cryptMethod, "Crypt method");
 
-
-		if (Security.getProviders("Cipher." + cryptMethod).length > 0)
-		{
-			return; // we are good to go!
-		}
-		try
+		if (Security.getProviders("Cipher." + cryptMethod).length == 0)
 		{
-			// Initialize and add a security provider required for encryption
-			final Class<?> clazz = Class.forName("com.sun.crypto.provider.SunJCE");
+			try
+			{
+				// Initialize and add a security provider required for encryption
+				final Class<?> clazz = Class.forName("com.sun.crypto.provider.SunJCE");
 
-			Security.addProvider((Provider)clazz.newInstance());
-		}
-		catch (Exception ex)
-		{
-			throw new RuntimeException("Unable to load SunJCE service provider", ex);
+				final Provider provider = (Provider) clazz.newInstance();
+				Security.addProvider(provider);
+			}
+			catch (Exception ex)
+			{
+				throw new RuntimeException("Unable to load SunJCE service provider", ex);
+			}
 		}
 	}

[5/5] wicket git commit: Merge branch 'WICKET-6154-jce-crypt-performance' into wicket-6.x

Posted by mg...@apache.org.

Merge branch 'WICKET-6154-jce-crypt-performance' into wicket-6.x


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/0c4b417f
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/0c4b417f
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/0c4b417f

Branch: refs/heads/wicket-6.x
Commit: 0c4b417ffce6ebab4977a3d1bf777b5305acfe68
Parents: c545039 21bd7a4
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Thu May 26 18:46:14 2016 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Thu May 26 18:46:14 2016 +0200

----------------------------------------------------------------------
 .../crypt/KeyInSessionSunJceCryptFactory.java   | 26 +++++++++++++++++---
 .../apache/wicket/util/crypt/SunJceCrypt.java   | 22 +++--------------
 .../wicket/util/crypt/SunJceCryptTest.java      |  4 +--
 3 files changed, 27 insertions(+), 25 deletions(-)
----------------------------------------------------------------------

[3/5] wicket git commit: WICKET-6154 Performance bottleneck when using KeyInSessionSunJceCryptFactory

Posted by mg...@apache.org.

WICKET-6154 Performance bottleneck when using KeyInSessionSunJceCryptFactory

Extract PARAMETER_SPEC constant - a PBEParameterSpec that is used by default.


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/b1f21a39
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/b1f21a39
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/b1f21a39

Branch: refs/heads/wicket-6.x
Commit: b1f21a399bb0b3f66fff15dd5c502786591ca640
Parents: a338eb9
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Sun May 22 10:46:59 2016 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Sun May 22 10:46:59 2016 +0200

----------------------------------------------------------------------
 .../src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java  | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/b1f21a39/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
----------------------------------------------------------------------
diff --git a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
index 778cfb0..b702851 100644
--- a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
+++ b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
@@ -53,6 +53,8 @@ public class SunJceCrypt extends AbstractCrypt
 	public final static byte[] SALT = { (byte)0x15, (byte)0x8c, (byte)0xa3, (byte)0x4a,
 			(byte)0x66, (byte)0x51, (byte)0x2a, (byte)0xbc };
 
+	private static final PBEParameterSpec PARAMETER_SPEC = new PBEParameterSpec(SALT, COUNT);
+
 	/** The name of encryption method (cipher) */
 	private final String cryptMethod;
 
@@ -141,7 +143,7 @@ public class SunJceCrypt extends AbstractCrypt
 	 */
 	protected AlgorithmParameterSpec createParameterSpec()
 	{
-		return new PBEParameterSpec(SALT, COUNT);
+		return PARAMETER_SPEC;
 	}
 
 	/**