You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by zh...@apache.org on 2017/06/27 05:01:00 UTC
[45/46] geode git commit: GEODE-1958: Rolling back changes to decrypt
method
GEODE-1958: Rolling back changes to decrypt method
* this closes #600
Project: http://git-wip-us.apache.org/repos/asf/geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/137ced6b
Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/137ced6b
Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/137ced6b
Branch: refs/heads/feature/GEM-1483
Commit: 137ced6bea482209efe5db7d87b58edefd9b7222
Parents: e1c6c3a
Author: YehEmily <em...@gmail.com>
Authored: Mon Jun 26 08:55:13 2017 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Mon Jun 26 17:23:32 2017 -0700
----------------------------------------------------------------------
.../geode/internal/util/PasswordUtil.java | 49 ++++++--------------
1 file changed, 15 insertions(+), 34 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/geode/blob/137ced6b/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java b/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java
index 5cc3bcd..ac0b845 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java
@@ -18,24 +18,8 @@ import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
/**
- * Generates an encrypted password, used by the gemfire encrypt-password command. Makes use of
- * Blowfish algorithm to encrypt/decrypt password string
- *
- * <p>
- * This shows a sample command invocation and output (assuming password is the actual password for
- * the datasource): <br>
- * <br>
- * bash-2.05$ $GEMFIRE/bin/gemfire encrypt-password password<br>
- * Using system directory "/home/users/jpearson/gemfire/defaultSystem".<br>
- * Encrypted to 83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a <br>
- * <br>
- * Copy the output from the gemfire command to the cache.xml file as the value of the password
- * attribute of the jndi-binding tag embedded in encrypted(), just like a method parameter.<br>
- * Enter it as encrypted, in this format:
- * password="encrypted(83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a)"<br>
- * To use a non-encrypted password, put the actual password as the value of the password attribute
- * of the jndi-binding tag, like this: password="password" <br>
- *
+ * Makes use of Blowfish algorithm to decrypt a pre-encrypted password string. As of June 2017, no
+ * longer supports encrypting a password. However, decrypting still works.
*/
public class PasswordUtil {
@@ -44,28 +28,25 @@ public class PasswordUtil {
/**
* Decrypts an encrypted password string.
*
- * @param password String to be decrypted
+ * @param password String to be decrypted (format: `encrypted(password_to_decrypt)`)
* @return String decrypted String
*/
@Deprecated
public static String decrypt(String password) {
- String toDecrypt;
if (password.startsWith("encrypted(") && password.endsWith(")")) {
- toDecrypt = password.substring(10, password.length() - 1);
- } else {
- toDecrypt = password;
+ byte[] decrypted;
+ try {
+ String toDecrypt = password.substring(10, password.length() - 1);
+ SecretKeySpec key = new SecretKeySpec(init, "Blowfish");
+ Cipher cipher = Cipher.getInstance("Blowfish");
+ cipher.init(Cipher.DECRYPT_MODE, key);
+ decrypted = cipher.doFinal(hexStringToByteArray(toDecrypt));
+ return new String(decrypted);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
}
- byte[] decrypted;
- try {
- SecretKeySpec key = new SecretKeySpec(init, "Blowfish");
- Cipher cipher = Cipher.getInstance("Blowfish");
- cipher.init(Cipher.DECRYPT_MODE, key);
- decrypted = cipher.doFinal(hexStringToByteArray(toDecrypt));
- return new String(decrypted);
- } catch (Exception e) {
- e.printStackTrace();
- }
- return toDecrypt;
+ return password;
}
private static byte[] hexStringToByteArray(String s) {