You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@streampark.apache.org by GitBox <gi...@apache.org> on 2023/01/07 16:32:52 UTC
[GitHub] [incubator-streampark] wolfboys opened a new pull request, #2240: [Improve] maven pom cleanup for apache-release
wolfboys opened a new pull request, #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240
[Improve] maven pom cleanup for apache-release
## What changes were proposed in this pull request
Issue Number: close #xxx <!-- REMOVE this line if no issue to close -->
<!--(For example: This pull request proposed to add checkstyle plugin).-->
## Brief change log
<!--*(for example:)*
- *Add maven-checkstyle-plugin to root pom.xml*
-->
## Verifying this change
<!--*(Please pick either of the following options)*-->
This change is a trivial rework / code cleanup without any test coverage.
*(or)*
This change is already covered by existing tests, such as *(please describe tests)*.
*(or)*
This change added tests and can be verified as follows:
<!--*(example:)*
- *Added integration tests for end-to-end.*
- *Added *Test to verify the change.*
- *Manually verified the change by testing locally.* -->
## Does this pull request potentially affect one of the following parts
- Dependencies (does it add or upgrade a dependency): no
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] 1996fanrui commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
1996fanrui commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064112986
##########
pom.xml:
##########
@@ -144,6 +146,7 @@
<MaxPermGen>512m</MaxPermGen>
<CodeCacheSize>512m</CodeCacheSize>
<MaxMetaspace>512m</MaxMetaspace>
+ <maven.deploy.skip>false</maven.deploy.skip>
Review Comment:
```suggestion
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] 1996fanrui commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
1996fanrui commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064081601
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -18,85 +18,73 @@
package org.apache.streampark.console.base.util;
import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
+ private static final String CIPHER_KEY = "AES";
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
+ private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = "ApacheStreamPark";
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
+ public static String base64Encode(byte[] bytes) {
+ return Base64.getEncoder().encodeToString(bytes);
}
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
+ public static byte[] base64Decode(String base64Code) {
+ return Base64.getDecoder().decode(base64Code);
}
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
+ public static String encrypt(String content, String key) throws Exception {
+ String encryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
+ cipher.init(
+ Cipher.ENCRYPT_MODE,
+ new SecretKeySpec(encryptKey.getBytes(StandardCharsets.UTF_8), CIPHER_KEY));
+ byte[] bytes = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+ return base64Encode(bytes);
}
- String encrypt(String strIn) throws Exception {
- return byteArr2HexStr(encrypt(strIn.getBytes()));
+ public static String decrypt(String content) throws Exception {
+ return decrypt(content, DEFAULT_KEY);
}
- private byte[] decrypt(byte[] arrB) throws Exception {
- return decryptCipher.doFinal(arrB);
+ public static String decrypt(String content, String key) throws Exception {
+ String decryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
Review Comment:
Hi @wolfboys , thanks for your contribution.
I see these changes check failure, and they shouldn't be included in this PR, could you just refactor maven related pom and CI in this PR?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] 1996fanrui commented on pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
1996fanrui commented on PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#issuecomment-1374803216
Thanks for the update, could you rebase the master and check whether the CI will be green?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] wolfboys commented on pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
wolfboys commented on PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#issuecomment-1374684796
@1996fanrui PTAL, thanks. I tested it, release to apache maven repository is ok , and it is ok to develop and debug in the idea environment.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] github-code-scanning[bot] commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
github-code-scanning[bot] commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064071423
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -17,86 +17,49 @@
package org.apache.streampark.console.base.util;
+import org.apache.commons.codec.digest.DigestUtils;
+
import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
-
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
-
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = DigestUtils.md5Hex("ApacheStreamPark");
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
- }
+ private static final int offset = 16;
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
- }
+ private static final String ALGORITHM = "AES";
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
- }
-
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
- }
+ private static final String CIPHER_KEY = "AES/CBC/PKCS5Padding";
- String encrypt(String strIn) throws Exception {
- return byteArr2HexStr(encrypt(strIn.getBytes()));
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] decrypt(byte[] arrB) throws Exception {
- return decryptCipher.doFinal(arrB);
+ public static String decrypt(String content) throws Exception {
+ return decrypt(content, DEFAULT_KEY);
}
- String decrypt(String strIn) {
- try {
- return new String(decrypt(hexStr2ByteArr(strIn)));
- } catch (Exception e) {
- return "";
- }
+ public static String encrypt(String content, String key) throws Exception {
+ SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), ALGORITHM);
+ IvParameterSpec ivSpec = new IvParameterSpec(key.getBytes(), 0, offset);
+ Cipher cipher = Cipher.getInstance(CIPHER_KEY);
Review Comment:
## Use of a broken or risky cryptographic algorithm
Cryptographic algorithm [AES/CBC/PKCS5Padding](1) is weak and should not be used.
[Show more details](https://github.com/apache/incubator-streampark/security/code-scanning/9)
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -17,86 +17,49 @@
package org.apache.streampark.console.base.util;
+import org.apache.commons.codec.digest.DigestUtils;
+
import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
-
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
-
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = DigestUtils.md5Hex("ApacheStreamPark");
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
- }
+ private static final int offset = 16;
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
- }
+ private static final String ALGORITHM = "AES";
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
- }
-
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
- }
+ private static final String CIPHER_KEY = "AES/CBC/PKCS5Padding";
- String encrypt(String strIn) throws Exception {
- return byteArr2HexStr(encrypt(strIn.getBytes()));
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] decrypt(byte[] arrB) throws Exception {
- return decryptCipher.doFinal(arrB);
+ public static String decrypt(String content) throws Exception {
+ return decrypt(content, DEFAULT_KEY);
}
- String decrypt(String strIn) {
- try {
- return new String(decrypt(hexStr2ByteArr(strIn)));
- } catch (Exception e) {
- return "";
- }
+ public static String encrypt(String content, String key) throws Exception {
+ SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), ALGORITHM);
+ IvParameterSpec ivSpec = new IvParameterSpec(key.getBytes(), 0, offset);
+ Cipher cipher = Cipher.getInstance(CIPHER_KEY);
+ byte[] byteContent = content.getBytes(StandardCharsets.UTF_8);
+ cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
+ byte[] result = cipher.doFinal(byteContent);
+ return Base64.getEncoder().encodeToString(result);
}
- private Key getKey(byte[] arrBTmp) {
- byte[] arrB = new byte[8];
- for (int i = 0; i < arrBTmp.length && i < arrB.length; i++) {
- arrB[i] = arrBTmp[i];
- }
- return new javax.crypto.spec.SecretKeySpec(arrB, "DES");
+ public static String decrypt(String content, String key) throws Exception {
+ SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), ALGORITHM);
+ IvParameterSpec ivSpec = new IvParameterSpec(key.getBytes(), 0, offset);
+ Cipher cipher = Cipher.getInstance(CIPHER_KEY);
Review Comment:
## Use of a broken or risky cryptographic algorithm
Cryptographic algorithm [AES/CBC/PKCS5Padding](1) is weak and should not be used.
[Show more details](https://github.com/apache/incubator-streampark/security/code-scanning/10)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] wolfboys commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
wolfboys commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064082818
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -18,85 +18,73 @@
package org.apache.streampark.console.base.util;
import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
+ private static final String CIPHER_KEY = "AES";
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
+ private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = "ApacheStreamPark";
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
+ public static String base64Encode(byte[] bytes) {
+ return Base64.getEncoder().encodeToString(bytes);
}
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
+ public static byte[] base64Decode(String base64Code) {
+ return Base64.getDecoder().decode(base64Code);
}
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
+ public static String encrypt(String content, String key) throws Exception {
+ String encryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
+ cipher.init(
+ Cipher.ENCRYPT_MODE,
+ new SecretKeySpec(encryptKey.getBytes(StandardCharsets.UTF_8), CIPHER_KEY));
+ byte[] bytes = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+ return base64Encode(bytes);
}
- String encrypt(String strIn) throws Exception {
- return byteArr2HexStr(encrypt(strIn.getBytes()));
+ public static String decrypt(String content) throws Exception {
+ return decrypt(content, DEFAULT_KEY);
}
- private byte[] decrypt(byte[] arrB) throws Exception {
- return decryptCipher.doFinal(arrB);
+ public static String decrypt(String content, String key) throws Exception {
+ String decryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
Review Comment:
> Hi @wolfboys , thanks for your contribution.
>
> I see these changes check failure, and they shouldn't be included in this PR, could you just refactor maven related pom and CI in this PR?
>
> It is better to only do PR-related things in PR.
thanks for your review. rollbacked.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] wolfboys commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
wolfboys commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064119275
##########
pom.xml:
##########
@@ -144,6 +146,7 @@
<MaxPermGen>512m</MaxPermGen>
<CodeCacheSize>512m</CodeCacheSize>
<MaxMetaspace>512m</MaxMetaspace>
+ <maven.deploy.skip>false</maven.deploy.skip>
Review Comment:
resolved
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] github-code-scanning[bot] commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
github-code-scanning[bot] commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064081110
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -18,85 +18,73 @@
package org.apache.streampark.console.base.util;
import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
+ private static final String CIPHER_KEY = "AES";
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
+ private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = "ApacheStreamPark";
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
+ public static String base64Encode(byte[] bytes) {
+ return Base64.getEncoder().encodeToString(bytes);
}
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
+ public static byte[] base64Decode(String base64Code) {
+ return Base64.getDecoder().decode(base64Code);
}
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
+ public static String encrypt(String content, String key) throws Exception {
+ String encryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
+ cipher.init(
+ Cipher.ENCRYPT_MODE,
+ new SecretKeySpec(encryptKey.getBytes(StandardCharsets.UTF_8), CIPHER_KEY));
+ byte[] bytes = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+ return base64Encode(bytes);
}
- String encrypt(String strIn) throws Exception {
- return byteArr2HexStr(encrypt(strIn.getBytes()));
+ public static String decrypt(String content) throws Exception {
+ return decrypt(content, DEFAULT_KEY);
}
- private byte[] decrypt(byte[] arrB) throws Exception {
- return decryptCipher.doFinal(arrB);
+ public static String decrypt(String content, String key) throws Exception {
+ String decryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
Review Comment:
## Use of a broken or risky cryptographic algorithm
Cryptographic algorithm [AES/ECB/PKCS5Padding](1) is weak and should not be used.
[Show more details](https://github.com/apache/incubator-streampark/security/code-scanning/12)
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -18,85 +18,73 @@
package org.apache.streampark.console.base.util;
import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
+ private static final String CIPHER_KEY = "AES";
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
+ private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = "ApacheStreamPark";
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
+ public static String base64Encode(byte[] bytes) {
+ return Base64.getEncoder().encodeToString(bytes);
}
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
+ public static byte[] base64Decode(String base64Code) {
+ return Base64.getDecoder().decode(base64Code);
}
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
+ public static String encrypt(String content, String key) throws Exception {
+ String encryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
Review Comment:
## Use of a broken or risky cryptographic algorithm
Cryptographic algorithm [AES/ECB/PKCS5Padding](1) is weak and should not be used.
[Show more details](https://github.com/apache/incubator-streampark/security/code-scanning/11)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] wolfboys commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
wolfboys commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064082317
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -18,85 +18,73 @@
package org.apache.streampark.console.base.util;
import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
+ private static final String CIPHER_KEY = "AES";
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
+ private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = "ApacheStreamPark";
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
+ public static String base64Encode(byte[] bytes) {
+ return Base64.getEncoder().encodeToString(bytes);
}
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
+ public static byte[] base64Decode(String base64Code) {
+ return Base64.getDecoder().decode(base64Code);
}
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
+ public static String encrypt(String content, String key) throws Exception {
+ String encryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
+ cipher.init(
+ Cipher.ENCRYPT_MODE,
+ new SecretKeySpec(encryptKey.getBytes(StandardCharsets.UTF_8), CIPHER_KEY));
+ byte[] bytes = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+ return base64Encode(bytes);
}
- String encrypt(String strIn) throws Exception {
- return byteArr2HexStr(encrypt(strIn.getBytes()));
+ public static String decrypt(String content) throws Exception {
+ return decrypt(content, DEFAULT_KEY);
}
- private byte[] decrypt(byte[] arrB) throws Exception {
- return decryptCipher.doFinal(arrB);
+ public static String decrypt(String content, String key) throws Exception {
+ String decryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
Review Comment:
> Hi @wolfboys , thanks for your contribution.
>
> I see these changes check failure, and they shouldn't be included in this PR, could you just refactor maven related pom and CI in this PR?
>
> It is better to only do PR-related things in PR.
hi @1996fanrui :
This is a historical issue, which has been detected in the current PR. If it is not resolved, it will not pass the check.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] 1996fanrui commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
1996fanrui commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064085006
##########
pom.xml:
##########
@@ -961,6 +964,9 @@
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<version>${maven-deploy-plugin.version}</version>
+ <configuration>
+ <skip>${maven.deploy.skip}</skip>
Review Comment:
It's false, why need this change?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] wolfboys merged pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
wolfboys merged PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] wolfboys commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
wolfboys commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064087635
##########
pom.xml:
##########
@@ -961,6 +964,9 @@
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<version>${maven-deploy-plugin.version}</version>
+ <configuration>
+ <skip>${maven.deploy.skip}</skip>
Review Comment:
> It's false, why need this change?
resolved
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] 1996fanrui commented on a diff in pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
1996fanrui commented on code in PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#discussion_r1064081601
##########
streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/util/EncryptUtils.java:
##########
@@ -18,85 +18,73 @@
package org.apache.streampark.console.base.util;
import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
public class EncryptUtils {
- private static final String DEFAULT_KEY = "defaultKey";
- private Cipher encryptCipher = null;
- private Cipher decryptCipher = null;
+ private static final String CIPHER_KEY = "AES";
- private static String byteArr2HexStr(byte[] arrB) {
- int iLen = arrB.length;
- StringBuilder sb = new StringBuilder(iLen * 2);
- for (byte anArrB : arrB) {
- int intTmp = anArrB;
- while (intTmp < 0) {
- intTmp = intTmp + 256;
- }
- if (intTmp < 16) {
- sb.append("0");
- }
- sb.append(Integer.toString(intTmp, 16));
- }
- return sb.toString();
- }
+ private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
- private static byte[] hexStr2ByteArr(String strIn) {
- byte[] arrB = strIn.getBytes();
- int iLen = arrB.length;
+ private static final String DEFAULT_KEY = "ApacheStreamPark";
- byte[] arrOut = new byte[iLen / 2];
- for (int i = 0; i < iLen; i = i + 2) {
- String strTmp = new String(arrB, i, 2);
- arrOut[i / 2] = (byte) Integer.parseInt(strTmp, 16);
- }
- return arrOut;
+ public static String base64Encode(byte[] bytes) {
+ return Base64.getEncoder().encodeToString(bytes);
}
- public EncryptUtils() throws Exception {
- this(DEFAULT_KEY);
+ public static byte[] base64Decode(String base64Code) {
+ return Base64.getDecoder().decode(base64Code);
}
- EncryptUtils(String strKey) throws Exception {
- /*
- * Security.addProvider(new com.sun.crypto.provider.SunJCE());
- */
- Key key = getKey(strKey.getBytes());
-
- encryptCipher = Cipher.getInstance("DES");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
-
- decryptCipher = Cipher.getInstance("DES");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
+ public static String encrypt(String content) throws Exception {
+ return encrypt(content, DEFAULT_KEY);
}
- private byte[] encrypt(byte[] arrB) throws Exception {
- return encryptCipher.doFinal(arrB);
+ public static String encrypt(String content, String key) throws Exception {
+ String encryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
+ cipher.init(
+ Cipher.ENCRYPT_MODE,
+ new SecretKeySpec(encryptKey.getBytes(StandardCharsets.UTF_8), CIPHER_KEY));
+ byte[] bytes = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+ return base64Encode(bytes);
}
- String encrypt(String strIn) throws Exception {
- return byteArr2HexStr(encrypt(strIn.getBytes()));
+ public static String decrypt(String content) throws Exception {
+ return decrypt(content, DEFAULT_KEY);
}
- private byte[] decrypt(byte[] arrB) throws Exception {
- return decryptCipher.doFinal(arrB);
+ public static String decrypt(String content, String key) throws Exception {
+ String decryptKey = checkGetKey(key);
+ KeyGenerator keyGenerator = KeyGenerator.getInstance(CIPHER_KEY);
+ keyGenerator.init(128);
+ Cipher cipher = Cipher.getInstance(ALGORITHM);
Review Comment:
Hi @wolfboys , thanks for your contribution.
I see these changes check failure, and they shouldn't be included in this PR, could you just refactor maven related pom and CI in this PR?
It is better to only do PR-related things in PR.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-streampark] wolfboys commented on pull request #2240: [Improve] maven pom cleanup for apache-release
Posted by GitBox <gi...@apache.org>.
wolfboys commented on PR #2240:
URL: https://github.com/apache/incubator-streampark/pull/2240#issuecomment-1374804684
> Thanks for the update, could you rebase the master and check whether the CI will be green?
done.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampark.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org