You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cayenne.apache.org by aa...@apache.org on 2014/04/04 14:04:55 UTC
svn commit: r1584634 - in /cayenne/main/trunk/cayenne-crypto/src:
main/java/org/apache/cayenne/crypto/transformer/bytes/
main/java/org/apache/cayenne/crypto/transformer/value/
test/java/org/apache/cayenne/crypto/
test/java/org/apache/cayenne/crypto/tra...
Author: aadamchik
Date: Fri Apr 4 12:04:55 2014
New Revision: 1584634
URL: http://svn.apache.org/r1584634
Log:
CAY-1916 cayenne-crypto module that enables data encryption for certain model attributes
* builder cleanup
* fixing tests
Removed:
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/Runtime_Rot13_Test.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/Rot13TransformerFactory.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/Rot13TransformerFactoryTest.java
Modified:
cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesEncryptor.java
cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptor.java
cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyName.java
cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptor.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/Runtime_AES128_Test.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptorTest.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyNameTest.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptorTest.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/CryptoUnitUtils.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformer.java
cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformerTest.java
Modified: cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesEncryptor.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesEncryptor.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesEncryptor.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesEncryptor.java Fri Apr 4 12:04:55 2014
@@ -24,14 +24,15 @@ package org.apache.cayenne.crypto.transf
public interface BytesEncryptor {
/**
- * Returns the size of the transformed data in bytes. This information
- * allows the caller to pre-size the output array.
- */
- int getOutputSize(int inputLength);
-
- /**
* Transform input bytes using default encryption key.
+ *
+ * @param input
+ * a buffer with unencrypted bytes.
+ * @param outputOffset
+ * how much empty space to leave in the beginning of the returned
+ * output array. This would allow the caller to prepend extra
+ * data to the encrypted array.
*/
- void encrypt(byte[] input, byte[] output, int outputOffset);
+ byte[] encrypt(byte[] input, int outputOffset);
}
Modified: cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptor.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptor.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptor.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptor.java Fri Apr 4 12:04:55 2014
@@ -65,32 +65,31 @@ class CbcEncryptor implements BytesEncry
}
@Override
- public int getOutputSize(int inputLength) {
- // add one block for IV storage
- return blockSize + cipher.getOutputSize(inputLength);
- }
+ public byte[] encrypt(byte[] input, int outputOffset) {
- @Override
- public void encrypt(byte[] input, byte[] output, int outputOffset) {
try {
- doEncrypt(input, output, outputOffset);
+ return doEncrypt(input, outputOffset);
} catch (Exception e) {
throw new CayenneCryptoException("Error on encryption", e);
}
}
- private void doEncrypt(byte[] plain, byte[] encrypted, int outputOffset) throws InvalidKeyException,
+ private byte[] doEncrypt(byte[] plain, int outputOffset) throws InvalidKeyException,
InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
+ cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
+ byte[] encrypted = new byte[outputOffset + blockSize + cipher.getOutputSize(plain.length)];
+
// copy IV in the first block
System.arraycopy(iv, 0, encrypted, outputOffset, blockSize);
- cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
int encBytes = cipher.doFinal(plain, 0, plain.length, encrypted, outputOffset + blockSize);
// store the last block of ciphertext to use as an IV for the next round
// of encryption...
System.arraycopy(encrypted, outputOffset + encBytes, iv, 0, blockSize);
+
+ return encrypted;
}
}
Modified: cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyName.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyName.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyName.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyName.java Fri Apr 4 12:04:55 2014
@@ -38,15 +38,12 @@ class EncryptorWithKeyName implements By
}
@Override
- public int getOutputSize(int inputLength) {
- // add one block for key name storage
- return blockSize + delegate.getOutputSize(inputLength);
- }
+ public byte[] encrypt(byte[] input, int outputOffset) {
+ byte[] output = delegate.encrypt(input, outputOffset + blockSize);
- @Override
- public void encrypt(byte[] input, byte[] output, int outputOffset) {
System.arraycopy(keyName, 0, output, outputOffset, blockSize);
- delegate.encrypt(input, output, outputOffset + blockSize);
+
+ return output;
}
}
Modified: cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptor.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptor.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptor.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptor.java Fri Apr 4 12:04:55 2014
@@ -44,11 +44,13 @@ class DefaultEncryptor implements ValueE
@Override
public Object encrypt(BytesEncryptor encryptor, Object value) {
- byte[] bytes = preConverter.toBytes(value);
- byte[] transformed = new byte[encryptor.getOutputSize(bytes.length)];
-
- encryptor.encrypt(bytes, transformed, 0);
+ // TODO: should we encrypt nulls as well to hide NULL from attackers?
+ if (value == null) {
+ return null;
+ }
+ byte[] bytes = preConverter.toBytes(value);
+ byte[] transformed = encryptor.encrypt(bytes, 0);
return postConverter.fromBytes(transformed);
}
Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/Runtime_AES128_Test.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/Runtime_AES128_Test.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/Runtime_AES128_Test.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/Runtime_AES128_Test.java Fri Apr 4 12:04:55 2014
@@ -20,6 +20,7 @@ package org.apache.cayenne.crypto;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
import java.net.URL;
import java.sql.SQLException;
@@ -29,13 +30,11 @@ import java.util.Map;
import org.apache.cayenne.ObjectContext;
import org.apache.cayenne.configuration.server.ServerRuntime;
-import org.apache.cayenne.crypto.db.Table1;
import org.apache.cayenne.crypto.db.Table2;
import org.apache.cayenne.crypto.key.JceksKeySourceTest;
import org.apache.cayenne.crypto.unit.CryptoUnitUtils;
import org.apache.cayenne.di.Module;
import org.apache.cayenne.query.SelectQuery;
-import org.apache.cayenne.query.SortOrder;
import org.apache.cayenne.test.jdbc.DBHelper;
import org.apache.cayenne.test.jdbc.TableHelper;
import org.junit.Before;
@@ -51,7 +50,7 @@ public class Runtime_AES128_Test {
public void setUp() throws Exception {
URL keyStoreUrl = JceksKeySourceTest.class.getResource(JceksKeySourceTest.KS1_JCEKS);
- Module crypto = new CryptoModuleBuilder().keyStore(keyStoreUrl, JceksKeySourceTest.TEST_KEY_PASS, "k1").build();
+ Module crypto = new CryptoModuleBuilder().keyStore(keyStoreUrl, JceksKeySourceTest.TEST_KEY_PASS, "k3").build();
this.runtime = new ServerRuntime("cayenne-crypto.xml", crypto);
@@ -88,20 +87,25 @@ public class Runtime_AES128_Test {
Table2 t2 = context.newObject(Table2.class);
t2.setPlainBytes("b".getBytes());
- t2.setPlainBytes("crypto_2".getBytes());
+ t2.setCryptoBytes("crypto_2".getBytes());
+
+ Table2 t3 = context.newObject(Table2.class);
+ t3.setPlainBytes("c".getBytes());
+ t3.setCryptoBytes(null);
context.commitChanges();
List<Object[]> data = table2.selectAll();
- assertEquals(2, data.size());
+ assertEquals(3, data.size());
Map<String, byte[]> cipherByPlain = new HashMap<String, byte[]>();
for (Object[] r : data) {
cipherByPlain.put(new String((byte[]) r[1]), (byte[]) r[2]);
}
- assertEquals("crypto_1", CryptoUnitUtils.decrypt_AES_CBC(cipherByPlain.get("a"), runtime));
- assertEquals("crypto_2", CryptoUnitUtils.decrypt_AES_CBC(cipherByPlain.get("b"), runtime));
+ assertArrayEquals("crypto_1".getBytes(), CryptoUnitUtils.decrypt_AES_CBC(cipherByPlain.get("a"), runtime));
+ assertArrayEquals("crypto_2".getBytes(), CryptoUnitUtils.decrypt_AES_CBC(cipherByPlain.get("b"), runtime));
+ assertNull(cipherByPlain.get("c"));
}
@Test
@@ -115,23 +119,23 @@ public class Runtime_AES128_Test {
Table2 t2 = context.newObject(Table2.class);
t2.setPlainBytes("b".getBytes());
- t2.setPlainBytes("crypto_2".getBytes());
+ t2.setCryptoBytes("crypto_2".getBytes());
Table2 t3 = context.newObject(Table2.class);
t3.setPlainBytes("c".getBytes());
- t3.setPlainBytes("crypto_3".getBytes());
+ t3.setCryptoBytes(null);
context.commitChanges();
SelectQuery<Table2> select = SelectQuery.query(Table2.class);
- select.addOrdering("db:" + Table1.ID_PK_COLUMN, SortOrder.ASCENDING);
+ select.addOrdering(Table2.PLAIN_BYTES.asc());
List<Table2> result = runtime.newContext().select(select);
assertEquals(3, result.size());
- assertEquals("crypto_1".getBytes(), result.get(0).getCryptoBytes());
- assertEquals("crypto_2".getBytes(), result.get(1).getCryptoBytes());
- assertEquals("crypto_3".getBytes(), result.get(2).getCryptoBytes());
+ assertArrayEquals("crypto_1".getBytes(), result.get(0).getCryptoBytes());
+ assertArrayEquals("crypto_2".getBytes(), result.get(1).getCryptoBytes());
+ assertArrayEquals(null, result.get(2).getCryptoBytes());
}
}
Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptorTest.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptorTest.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptorTest.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcEncryptorTest.java Fri Apr 4 12:04:55 2014
@@ -55,38 +55,6 @@ public class CbcEncryptorTest {
}
@Test
- public void testGetOutputSize_DES() throws UnsupportedEncodingException, NoSuchAlgorithmException,
- NoSuchPaddingException, InvalidKeyException {
-
- byte[] iv = { 1, 2, 3, 4, 5, 6, 7, 8 };
- byte[] keyBytes = { 1, 2, 3, 4, 5, 6, 7, 8 };
- Key key = new SecretKeySpec(keyBytes, "DES");
-
- Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
- cipher.init(Cipher.ENCRYPT_MODE, key);
- assertEquals(8, cipher.getBlockSize());
-
- CbcEncryptor encryptor = new CbcEncryptor(cipher, key, iv);
- assertEquals(24, encryptor.getOutputSize(11));
- }
-
- @Test
- public void testGetOutputSize_AES() throws UnsupportedEncodingException, NoSuchAlgorithmException,
- NoSuchPaddingException, InvalidKeyException {
-
- byte[] ivBytes = CryptoUnitUtils.hexToBytes("0591849d87c93414f4405d32f4d69220");
- byte[] keyBytes = CryptoUnitUtils.hexToBytes("a4cb499fa31a6a228e16b7e4741d4fa3");
- Key key = new SecretKeySpec(keyBytes, "AES");
-
- Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
- cipher.init(Cipher.ENCRYPT_MODE, key);
- assertEquals(16, cipher.getBlockSize());
-
- CbcEncryptor encryptor = new CbcEncryptor(cipher, key, ivBytes);
- assertEquals(32, encryptor.getOutputSize(11));
- }
-
- @Test
public void testEncrypt_AES() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
@@ -103,10 +71,9 @@ public class CbcEncryptorTest {
// copy ivBytes, as they are reset
CbcEncryptor encryptor = new CbcEncryptor(cipher, key, ivBytes);
- byte[] encrypted = new byte[encryptor.getOutputSize(plain.length)];
-
- encryptor.encrypt(plain, encrypted, 0);
+ byte[] encrypted = encryptor.encrypt(plain, 0);
+ assertEquals(16 * 3, encrypted.length);
assertArrayEquals(ivBytes, Arrays.copyOfRange(encrypted, 0, 16));
Cipher decCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyNameTest.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyNameTest.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyNameTest.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/EncryptorWithKeyNameTest.java Fri Apr 4 12:04:55 2014
@@ -19,65 +19,28 @@
package org.apache.cayenne.crypto.transformer.bytes;
import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertEquals;
-import static org.mockito.Mockito.doAnswer;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
import java.io.UnsupportedEncodingException;
+import org.apache.cayenne.crypto.unit.SwapBytesTransformer;
import org.junit.Test;
-import org.mockito.invocation.InvocationOnMock;
-import org.mockito.stubbing.Answer;
public class EncryptorWithKeyNameTest {
@Test
- public void testGetOutputSize() throws UnsupportedEncodingException {
-
- byte[] keyName = "mykey".getBytes("UTF-8");
- BytesEncryptor delegate = mock(BytesEncryptor.class);
- when(delegate.getOutputSize(8)).thenReturn(8);
-
- // try with non-standard block size..
- EncryptorWithKeyName encryptor = new EncryptorWithKeyName(delegate, keyName, 5);
- assertEquals(13, encryptor.getOutputSize(8));
- }
-
- @Test
public void testTransform() throws UnsupportedEncodingException {
byte[] keyName = "mykey".getBytes("UTF-8");
- BytesEncryptor delegate = mock(BytesEncryptor.class);
- when(delegate.getOutputSize(8)).thenReturn(8);
+ BytesEncryptor delegate = SwapBytesTransformer.encryptor();
byte[] input = { 1, 2, 3, 4, 5, 6, 7, 8 };
- byte[] output = new byte[16];
-
- doAnswer(new Answer<Object>() {
- @Override
- public Object answer(InvocationOnMock invocation) throws Throwable {
-
- Object[] args = invocation.getArguments();
- byte[] input = (byte[]) args[0];
- byte[] output = (byte[]) args[1];
- int offset = (Integer) args[2];
-
- for (int i = 0; i < input.length; i++) {
- output[i + offset] = 1;
- }
-
- return null;
- }
- }).when(delegate).encrypt(input, output, 6);
// intentionally non-standard block size..
EncryptorWithKeyName encryptor = new EncryptorWithKeyName(delegate, keyName, 5);
- encryptor.encrypt(input, output, 1);
-
- assertArrayEquals(new byte[] { 0, 'm', 'y', 'k', 'e', 'y', 1, 1, 1, 1, 1, 1, 1, 1, 0, 0 }, output);
+ byte[] output = encryptor.encrypt(input, 1);
+ assertArrayEquals(new byte[] { 0, 'm', 'y', 'k', 'e', 'y', 8, 7, 6, 5, 4, 3, 2, 1 }, output);
}
}
Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptorTest.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptorTest.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptorTest.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/value/DefaultEncryptorTest.java Fri Apr 4 12:04:55 2014
@@ -22,6 +22,7 @@ import static org.junit.Assert.assertArr
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
@@ -50,7 +51,7 @@ public class DefaultEncryptorTest {
}
@Test
- public void testTransform_BytesToBytes() throws IllegalBlockSizeException, BadPaddingException {
+ public void testEncrypt_BytesToBytes() throws IllegalBlockSizeException, BadPaddingException {
DefaultEncryptor e = new DefaultEncryptor(BytesToBytesConverter.INSTANCE, BytesToBytesConverter.INSTANCE);
@@ -69,7 +70,14 @@ public class DefaultEncryptorTest {
}
@Test
- public void testTransform_StringToBytes() throws UnsupportedEncodingException, IllegalBlockSizeException,
+ public void testEncrypt_BytesToBytes_null() throws IllegalBlockSizeException, BadPaddingException {
+
+ DefaultEncryptor e = new DefaultEncryptor(BytesToBytesConverter.INSTANCE, BytesToBytesConverter.INSTANCE);
+ assertNull(e.encrypt(encryptor, null));
+ }
+
+ @Test
+ public void testEncrypt_StringToBytes() throws UnsupportedEncodingException, IllegalBlockSizeException,
BadPaddingException {
DefaultEncryptor e = new DefaultEncryptor(Utf8StringConverter.INSTANCE, BytesToBytesConverter.INSTANCE);
@@ -89,7 +97,7 @@ public class DefaultEncryptorTest {
}
@Test
- public void testTransform_StringToString() throws UnsupportedEncodingException, IllegalBlockSizeException,
+ public void testEncrypt_StringToString() throws UnsupportedEncodingException, IllegalBlockSizeException,
BadPaddingException {
DefaultEncryptor e = new DefaultEncryptor(Utf8StringConverter.INSTANCE, Base64StringConverter.INSTANCE);
Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/CryptoUnitUtils.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/CryptoUnitUtils.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/CryptoUnitUtils.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/CryptoUnitUtils.java Fri Apr 4 12:04:55 2014
@@ -30,8 +30,6 @@ import org.apache.cayenne.crypto.key.Key
public class CryptoUnitUtils {
- private static final int DEFAULT_BLOCK_SIZE = 16;
-
public static byte[] hexToBytes(String hexString) {
byte[] bytes = new BigInteger(hexString, 16).toByteArray();
@@ -45,19 +43,20 @@ public class CryptoUnitUtils {
public static byte[] decrypt_AES_CBC(byte[] source, ServerRuntime runtime) {
- byte[] keyNameBytes = Arrays.copyOfRange(source, 0, DEFAULT_BLOCK_SIZE);
- byte[] ivBytes = Arrays.copyOfRange(source, DEFAULT_BLOCK_SIZE, DEFAULT_BLOCK_SIZE * 2);
- byte[] cipherText = Arrays.copyOfRange(source, DEFAULT_BLOCK_SIZE * 2, source.length - DEFAULT_BLOCK_SIZE * 2);
-
try {
Cipher decCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+ int blockSize = decCipher.getBlockSize();
+ byte[] keyNameBytes = Arrays.copyOfRange(source, 0, blockSize);
+ byte[] ivBytes = Arrays.copyOfRange(source, blockSize, blockSize * 2);
+ byte[] cipherText = Arrays.copyOfRange(source, blockSize * 2, source.length);
+
// 'trim' is to get rid of 0 padding
String keyName = new String(keyNameBytes, "UTF-8").trim();
Key key = runtime.getInjector().getInstance(KeySource.class).getKey(keyName);
- decCipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));
+ decCipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ivBytes));
return decCipher.doFinal(cipherText);
} catch (Exception e) {
Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformer.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformer.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformer.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformer.java Fri Apr 4 12:04:55 2014
@@ -52,10 +52,15 @@ public class SwapBytesTransformer implem
}
@Override
- public void encrypt(byte[] input, byte[] output, int outputOffset) {
+ public byte[] encrypt(byte[] input, int outputOffset) {
+
+ byte[] output = new byte[input.length + outputOffset];
+
System.arraycopy(input, 0, output, outputOffset, input.length);
swap(output, outputOffset, outputOffset + input.length - 1);
+
+ return output;
}
private void swap(byte[] buffer, int start, int end) {
@@ -70,10 +75,4 @@ public class SwapBytesTransformer implem
swap(buffer, ++start, --end);
}
-
- @Override
- public int getOutputSize(int inputLength) {
- return inputLength;
- }
-
}
Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformerTest.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformerTest.java?rev=1584634&r1=1584633&r2=1584634&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformerTest.java (original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/unit/SwapBytesTransformerTest.java Fri Apr 4 12:04:55 2014
@@ -31,23 +31,18 @@ public class SwapBytesTransformerTest {
BytesEncryptor instance = SwapBytesTransformer.encryptor();
byte[] input = { 1, 3, 5 };
- byte[] output = { 8, 11, 13, 0, 0, 0, 5, 6 };
-
- instance.encrypt(input, output, 3);
-
- assertArrayEquals(new byte[] { 8, 11, 13, 5, 3, 1, 5, 6 }, output);
+ byte[] output = instance.encrypt(input, 3);
+ assertArrayEquals(new byte[] { 0, 0, 0, 5, 3, 1 }, output);
}
-
+
@Test
public void testEncrypt_Even() {
BytesEncryptor instance = SwapBytesTransformer.encryptor();
byte[] input = { 1, 3, 5, 8 };
- byte[] output = { 8, 11, 13, 0, 0, 0, 0};
-
- instance.encrypt(input, output, 3);
+ byte[] output = instance.encrypt(input, 3);
- assertArrayEquals(new byte[] { 8, 11, 13, 8, 5, 3, 1}, output);
+ assertArrayEquals(new byte[] { 0, 0, 0, 8, 5, 3, 1 }, output);
}
}