You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tika.apache.org by ta...@apache.org on 2022/04/20 19:13:20 UTC
[tika] branch main updated: TIKA-3724
This is an automated email from the ASF dual-hosted git repository.
tallison pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tika.git
The following commit(s) were added to refs/heads/main by this push:
new 9f204bfad TIKA-3724
9f204bfad is described below
commit 9f204bfad98d2b65ecae95c1169fc4c60e451b20
Author: tallison <ta...@apache.org>
AuthorDate: Wed Apr 20 15:13:00 2022 -0400
TIKA-3724
---
CHANGES.txt | 2 ++
.../src/main/java/org/apache/tika/client/HttpClientFactory.java | 6 ++++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/CHANGES.txt b/CHANGES.txt
index 08a37b892..ea0f01375 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -46,6 +46,8 @@ Release 2.4.0 - ???
* Various dependency upgrades, including POI, dl4j, gson, jackson,
twelvemonkeys, log4j2 and others (TIKA-3675 and many PRs from dependabot).
+ * Switch cipher from ECB to GCM in HttpClientFactory (TIKA-3724).
+
Release 2.3.0 - 02/02/2022
* Upgrade to Apache POI 5.2.0. This is the first upgrade to POI
diff --git a/tika-pipes/tika-httpclient-commons/src/main/java/org/apache/tika/client/HttpClientFactory.java b/tika-pipes/tika-httpclient-commons/src/main/java/org/apache/tika/client/HttpClientFactory.java
index 1ce02efeb..56fce6353 100644
--- a/tika-pipes/tika-httpclient-commons/src/main/java/org/apache/tika/client/HttpClientFactory.java
+++ b/tika-pipes/tika-httpclient-commons/src/main/java/org/apache/tika/client/HttpClientFactory.java
@@ -88,6 +88,8 @@ import org.apache.tika.utils.StringUtils;
public class HttpClientFactory {
public static final String AES_ENV_VAR = "AES_KEY";
+
+ private static final String CIPHER_TYPE = "AES/GCM/PKCS5Padding";
private static final Logger LOG = LoggerFactory.getLogger(HttpClientFactory.class);
private AES aes = null;
@@ -446,7 +448,7 @@ public class HttpClientFactory {
public String encrypt(String strToEncrypt) throws TikaConfigException {
try {
- Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+ Cipher cipher = Cipher.getInstance(CIPHER_TYPE);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return Base64.getEncoder().encodeToString(
cipher.doFinal(strToEncrypt.getBytes(StandardCharsets.UTF_8)));
@@ -458,7 +460,7 @@ public class HttpClientFactory {
public String decrypt(String strToDecrypt) throws TikaConfigException {
try {
- Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
+ Cipher cipher = Cipher.getInstance(CIPHER_TYPE);
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)),
StandardCharsets.UTF_8);