You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by su...@apache.org on 2023/05/11 16:40:18 UTC

[shardingsphere] branch master updated: Fix sonar issue for RC4EncryptAlgorithm (#25590)

This is an automated email from the ASF dual-hosted git repository.

sunnianjun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git


The following commit(s) were added to refs/heads/master by this push:
     new 83bba0a7ed0 Fix sonar issue for RC4EncryptAlgorithm (#25590)
83bba0a7ed0 is described below

commit 83bba0a7ed016f7f153d4561537542d8747e2efc
Author: Liang Zhang <zh...@apache.org>
AuthorDate: Fri May 12 00:40:10 2023 +0800

    Fix sonar issue for RC4EncryptAlgorithm (#25590)
---
 .../algorithm/standard/RC4EncryptAlgorithm.java    | 40 +++++++---------------
 1 file changed, 12 insertions(+), 28 deletions(-)

diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/standard/RC4EncryptAlgorithm.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/standard/RC4EncryptAlgorithm.java
index e03dbe7e9ea..30fc053aa35 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/standard/RC4EncryptAlgorithm.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/standard/RC4EncryptAlgorithm.java
@@ -18,13 +18,12 @@
 package org.apache.shardingsphere.encrypt.algorithm.standard;
 
 import org.apache.commons.codec.binary.Base64;
+import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
 import org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
 import org.apache.shardingsphere.encrypt.exception.algorithm.EncryptAlgorithmInitializationException;
 import org.apache.shardingsphere.infra.util.exception.ShardingSpherePreconditions;
-import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
 
 import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
 import java.util.Properties;
 
 /**
@@ -34,54 +33,39 @@ public final class RC4EncryptAlgorithm implements StandardEncryptAlgorithm<Objec
     
     private static final String RC4_KEY = "rc4-key-value";
     
-    private static final int SBOX_LENGTH = 256;
-    
     private static final int KEY_MIN_LENGTH = 5;
     
-    private volatile byte[] key = new byte[SBOX_LENGTH - 1];
+    private static final int SBOX_LENGTH = 256;
     
-    private volatile int[] sBox = new int[SBOX_LENGTH];
+    private byte[] key;
     
     @Override
     public void init(final Properties props) {
-        reset();
-        setKey(props.getProperty(RC4_KEY, "").getBytes(StandardCharsets.UTF_8));
+        key = getKey(props);
     }
     
-    private void setKey(final byte[] key) {
-        ShardingSpherePreconditions.checkState(KEY_MIN_LENGTH <= key.length && SBOX_LENGTH > key.length,
+    private byte[] getKey(final Properties props) {
+        byte[] result = props.getProperty(RC4_KEY, "").getBytes(StandardCharsets.UTF_8);
+        ShardingSpherePreconditions.checkState(KEY_MIN_LENGTH <= result.length && SBOX_LENGTH > result.length,
                 () -> new EncryptAlgorithmInitializationException(getType(), "Key length has to be between " + KEY_MIN_LENGTH + " and " + (SBOX_LENGTH - 1)));
-        this.key = key;
+        return result;
     }
     
     @Override
     public String encrypt(final Object plainValue, final EncryptContext encryptContext) {
-        return null == plainValue ? null : Base64.encodeBase64String(handle(String.valueOf(plainValue).getBytes(StandardCharsets.UTF_8)));
+        return null == plainValue ? null : Base64.encodeBase64String(crypt(String.valueOf(plainValue).getBytes(StandardCharsets.UTF_8)));
     }
     
     @Override
     public Object decrypt(final String cipherValue, final EncryptContext encryptContext) {
-        if (null == cipherValue) {
-            return null;
-        }
-        byte[] result = handle(Base64.decodeBase64(cipherValue));
-        return new String(result, StandardCharsets.UTF_8);
-    }
-    
-    private byte[] handle(final byte[] data) {
-        return crypt(data);
-    }
-    
-    private void reset() {
-        Arrays.fill(key, (byte) 0);
-        Arrays.fill(sBox, 0);
+        return null == cipherValue ? null : new String(crypt(Base64.decodeBase64(cipherValue)), StandardCharsets.UTF_8);
     }
     
     /*
      * @see <a href="http://en.wikipedia.org/wiki/RC4#Pseudo-random_generation_algorithm_.28PRGA.29">Pseudo-random generation algorithm</a>
      */
     private byte[] crypt(final byte[] message) {
-        sBox = initSBox(key);
+        int[] sBox = getSBox();
         byte[] result = new byte[message.length];
         int i = 0;
         int j = 0;
@@ -98,7 +82,7 @@ public final class RC4EncryptAlgorithm implements StandardEncryptAlgorithm<Objec
     /*
      * @see <a href="http://en.wikipedia.org/wiki/RC4#Key-scheduling_algorithm_.28KSA.29">Wikipedia. Init sBox</a>
      */
-    private int[] initSBox(final byte[] key) {
+    private int[] getSBox() {
         int[] result = new int[SBOX_LENGTH];
         int j = 0;
         for (int i = 0; i < SBOX_LENGTH; i++) {