You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by sv...@apache.org on 2021/02/10 17:19:12 UTC
[wicket] branch WICKET-6864-crypt-enhancement updated: WICKET-6864
updated crypt configuration
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch WICKET-6864-crypt-enhancement
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/WICKET-6864-crypt-enhancement by this push:
new 57a9ab1 WICKET-6864 updated crypt configuration
57a9ab1 is described below
commit 57a9ab14388dba0da5ccb9af34d9662baf0b6557
Author: Sven Meier <sv...@apache.org>
AuthorDate: Wed Feb 10 18:13:34 2021 +0100
WICKET-6864 updated crypt configuration
applied review changes
---
.../strategy/DefaultAuthenticationStrategy.java | 12 ++++++------
.../core/util/crypt/KeyInSessionSunJceCryptFactory.java | 4 ++--
.../java/org/apache/wicket/util/crypt/SunJceCrypt.java | 15 +++++++++------
3 files changed, 17 insertions(+), 14 deletions(-)
diff --git a/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java b/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
index 6567bdd..105db6a 100644
--- a/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
+++ b/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
@@ -16,7 +16,6 @@
*/
package org.apache.wicket.authentication.strategy;
-import java.util.Random;
import java.util.UUID;
import org.apache.wicket.authentication.IAuthenticationStrategy;
@@ -34,7 +33,7 @@ import org.slf4j.LoggerFactory;
* password, encrypt it and put it into one Cookie.
* <p>
* Note: To support automatic authentication across application restarts you have to use
- * the constructor {@link DefaultAuthenticationStrategy#DefaultAuthenticationStrategy(String, String, byte[])}.
+ * the constructor {@link DefaultAuthenticationStrategy#DefaultAuthenticationStrategy(String, ICrypt)}.
*
* @author Juergen Donnerstag
*/
@@ -48,7 +47,7 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
/**
* @deprecated no longer used TODO remove in Wicket 10
*/
- @Deprecated
+ @Deprecated(forRemoval = true)
protected final String encryptionKey = null;
/** The separator used to concatenate the username and password */
@@ -68,7 +67,7 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
*
* @deprecated supply a crypt instead TODO remove in Wicket 10
*/
- @Deprecated
+ @Deprecated(forRemoval = true)
public DefaultAuthenticationStrategy(final String cookieKey)
{
this(cookieKey, defaultEncryptionKey());
@@ -82,7 +81,7 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
/**
* @deprecated supply a crypt instead TODO remove in Wicket 10
*/
- @Deprecated
+ @Deprecated(forRemoval = true)
public DefaultAuthenticationStrategy(final String cookieKey, final String encryptionKey)
{
this(cookieKey, defaultCrypt(encryptionKey));
@@ -98,7 +97,8 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
}
/**
- * Constructor
+ * This is the recommended constructor to be used, which allows automatic authentication across
+ * application restarts.
*
* @param cookieKey
* The name of the cookie
diff --git a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
index 381b83f..ef25aa7 100644
--- a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
+++ b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java
@@ -19,7 +19,6 @@ package org.apache.wicket.core.util.crypt;
import java.io.Serializable;
import java.security.Provider;
import java.security.Security;
-import java.util.Random;
import java.util.UUID;
import org.apache.wicket.MetaDataKey;
@@ -114,8 +113,9 @@ public class KeyInSessionSunJceCryptFactory implements ICryptFactory
/**
* @return the {@link org.apache.wicket.util.crypt.ICrypt} to use
*
- * @deprecated this method is no longer called
+ * @deprecated this method is no longer called TODO remove in Wicket 10
*/
+ @Deprecated(forRemoval = true)
protected ICrypt createCrypt()
{
return null;
diff --git a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
index 32bd77d..652e024 100644
--- a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
+++ b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java
@@ -69,8 +69,9 @@ public class SunJceCrypt extends AbstractCrypt
/**
* Constructor
*
- * @deprecated
+ * @deprecated TODO remove in Wicket 10
*/
+ @Deprecated(forRemoval = true)
public SunJceCrypt()
{
this(DEFAULT_CRYPT_METHOD);
@@ -92,8 +93,9 @@ public class SunJceCrypt extends AbstractCrypt
/**
* Constructor
*
- * @deprecated
+ * @deprecated TODO remove in Wicket 10
*/
+ @Deprecated(forRemoval = true)
public SunJceCrypt(String cryptMethod)
{
this(cryptMethod, SALT, DEFAULT_ITERATION_COUNT);
@@ -115,7 +117,7 @@ public class SunJceCrypt extends AbstractCrypt
{
this.cryptMethod = Args.notNull(cryptMethod, "Crypt method");
this.salt = Args.notNull(salt, "salt");
- this.iterationCount = iterationCount;
+ this.iterationCount = Args.withinRange(1, Integer.MAX_VALUE, iterationCount, "iterationCount");
}
/**
@@ -195,13 +197,14 @@ public class SunJceCrypt extends AbstractCrypt
}
/**
- * Create a random salt.
+ * Create a random salt to be used for this crypt.
*
- * @return salt
+ * @return salt, always 8 bytes long
*/
public static byte[] randomSalt()
{
- // only 8 bytes long supported
+ // must be 8 bytes - for anything else PBES1Core throws
+ // InvalidAlgorithmParameterException: Salt must be 8 bytes long
byte[] salt = new byte[8];
new Random().nextBytes(salt);
return salt;