You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by jm...@apache.org on 2016/08/14 01:04:52 UTC

[1/2] incubator-guacamole-client git commit: GUACAMOLE-74: Migrate to URL-safe share keys.

Repository: incubator-guacamole-client
Updated Branches:
  refs/heads/master d68ccab97 -> 1c53ab101


GUACAMOLE-74: Migrate to URL-safe share keys.

Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/commit/e21a3a60
Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/tree/e21a3a60
Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/diff/e21a3a60

Branch: refs/heads/master
Commit: e21a3a60b972c26df4dbbbe5c976e91e8e9b12b6
Parents: 8e283ef
Author: Michael Jumper <mj...@apache.org>
Authored: Fri Aug 12 12:21:13 2016 -0700
Committer: Michael Jumper <mj...@apache.org>
Committed: Fri Aug 12 12:34:59 2016 -0700

----------------------------------------------------------------------
 .../sharing/SecureRandomShareKeyGenerator.java  | 36 ++++++++++++++++----
 1 file changed, 29 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/e21a3a60/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SecureRandomShareKeyGenerator.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SecureRandomShareKeyGenerator.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SecureRandomShareKeyGenerator.java
index 7cc1823..87f7fc2 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SecureRandomShareKeyGenerator.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SecureRandomShareKeyGenerator.java
@@ -20,7 +20,6 @@
 package org.apache.guacamole.auth.jdbc.sharing;
 
 import java.security.SecureRandom;
-import javax.xml.bind.DatatypeConverter;
 
 /**
  * An implementation of the ShareKeyGenerator which uses SecureRandom to
@@ -28,18 +27,41 @@ import javax.xml.bind.DatatypeConverter;
  * 
  * @author Michael Jumper
  */
-public class SecureRandomShareKeyGenerator implements ShareKeyGenerator {
+public class SecureRandomShareKeyGenerator extends SecureRandom
+        implements ShareKeyGenerator {
 
     /**
-     * Instance of SecureRandom for generating sharing keys.
+     * The length of each generated share key, in base64-digits.
      */
-    private final SecureRandom secureRandom = new SecureRandom();
+    private static final int KEY_LENGTH = 44;
+
+    /**
+     * The character representations of each possible base64 digit. This class
+     * uses the URL-safe variant of base64 (also known as "base64url"), which
+     * uses '-' and '_' instead of '+' and '/' for digits 62 and 63
+     * respectively. See RFC 4648, Section 5: "Base 64 Encoding with URL and
+     * Filename Safe Alphabet" (https://tools.ietf.org/html/rfc4648#section-5).
+     */
+    private static final char[] URL_SAFE_BASE64_DIGITS = {
+        'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+        'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+        'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+        'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+        '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_'
+    };
 
     @Override
     public String getShareKey() {
-        byte[] bytes = new byte[33];
-        secureRandom.nextBytes(bytes);
-        return DatatypeConverter.printBase64Binary(bytes);
+
+        // Produce storage space for required share key length
+        char[] key = new char[KEY_LENGTH];
+
+        // Fill key with random digits
+        for (int i = 0; i < KEY_LENGTH; i++)
+            key[i] = URL_SAFE_BASE64_DIGITS[next(6)];
+
+        return new String(key);
+
     }
 
 }

[2/2] incubator-guacamole-client git commit: GUACAMLE-74: Merge url safety fix for share keys.

Posted by jm...@apache.org.

GUACAMLE-74: Merge url safety fix for share keys.


Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/commit/1c53ab10
Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/tree/1c53ab10
Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/diff/1c53ab10

Branch: refs/heads/master
Commit: 1c53ab10112061e1d288b438c521faa60b6a7133
Parents: d68ccab e21a3a6
Author: James Muehlner <ja...@guac-dev.org>
Authored: Sat Aug 13 18:04:15 2016 -0700
Committer: James Muehlner <ja...@guac-dev.org>
Committed: Sat Aug 13 18:04:15 2016 -0700

----------------------------------------------------------------------
 .../sharing/SecureRandomShareKeyGenerator.java  | 36 ++++++++++++++++----
 1 file changed, 29 insertions(+), 7 deletions(-)
----------------------------------------------------------------------