svn commit: r1209665 - in /shiro/trunk/core/src/main/java/org/apache/shiro/crypto: AesCipherService.java BlowfishCipherService.java DefaultBlockCipherService.java

Fri, 02 Dec 2011 11:54:10 -0800 

Author: lhazlewood
Date: Fri Dec  2 19:53:43 2011
New Revision: 1209665

URL: http://svn.apache.org/viewvc?rev=1209665&view=rev
Log:
SHIRO-328: implemented change and updated RELEASE-NOTES to capture any 
potential breaking changes impacting applications.

Modified:
    shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java
    
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java
    
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java

Modified: 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java
URL: 
http://svn.apache.org/viewvc/shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java?rev=1209665&r1=1209664&r2=1209665&view=diff
==============================================================================
--- 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java 
(original)
+++ 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java 
Fri Dec  2 19:53:43 2011
@@ -24,7 +24,7 @@ package org.apache.shiro.crypto;
  * The AES algorithm can support key sizes of {@code 128}, {@code 192} and 
{@code 256} bits<b>*</b>.  This implementation
  * defaults to 128 bits.
  * <p/>
- * Note that this class retains the parent class's default {@link 
OperationMode#CFB CFB} mode of operation
+ * Note that this class retains the parent class's default {@link 
OperationMode#CBC CBC} mode of operation
  * instead of the typical JDK default of {@link OperationMode#ECB ECB}.  
{@code ECB} should not be used in
  * security-sensitive environments because {@code ECB} does not allow for 
initialization vectors, which are
  * considered necessary for strong encryption.  See the {@link 
DefaultBlockCipherService parent class}'s JavaDoc and the
@@ -59,7 +59,7 @@ public class AesCipherService extends De
      * </tr>
      * <tr>
      * <td>{@link #setMode mode}</td>
-     * <td>{@link OperationMode#CFB CFB}<b>*</b></td>
+     * <td>{@link OperationMode#CBC CBC}<b>*</b></td>
      * </tr>
      * <tr>
      * <td>{@link #setPaddingScheme paddingScheme}</td>
@@ -75,12 +75,12 @@ public class AesCipherService extends De
      * </tr>
      * </table>
      * <p/>
-     * <b>*</b> The {@link OperationMode#CFB CFB} operation mode is used 
instead of the JDK default {@code ECB} to
+     * <b>*</b> The {@link OperationMode#CBC CBC} operation mode is used 
instead of the JDK default {@code ECB} to
      * ensure strong encryption.  {@code ECB} should not be used in 
security-sensitive environments - see the
      * {@link DefaultBlockCipherService DefaultBlockCipherService} class 
JavaDoc's &quot;Operation Mode&quot; section
      * for more.
      * <p/>
-     * <b>**</b>In conjunction with the default {@code CFB} operation mode, 
initialization vectors are generated by
+     * <b>**</b>In conjunction with the default {@code CBC} operation mode, 
initialization vectors are generated by
      * default to ensure strong encryption.  See the {@link JcaCipherService 
JcaCipherService} class JavaDoc for more.
      */
     public AesCipherService() {

Modified: 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java
URL: 
http://svn.apache.org/viewvc/shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java?rev=1209665&r1=1209664&r2=1209665&view=diff
==============================================================================
--- 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java
 (original)
+++ 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java
 Fri Dec  2 19:53:43 2011
@@ -25,7 +25,7 @@ package org.apache.shiro.crypto;
  * modern cryptanalysis techniques render keys of 80 bits or less mostly 
worthless - use {@code 128} or more whenever
  * possible.
  * <p/>
- * Note that this class retains the parent class's default {@link 
OperationMode#CFB CFB} mode of operation
+ * Note that this class retains the parent class's default {@link 
OperationMode#CBC CBC} mode of operation
  * instead of the typical JDK default of {@link OperationMode#ECB ECB}.  
{@code ECB} should not be used in
  * security-sensitive environments because {@code ECB} does not allow for 
initialization vectors, which are
  * considered necessary for strong encryption.  See the {@link 
DefaultBlockCipherService parent class}'s JavaDoc and the
@@ -61,7 +61,7 @@ public class BlowfishCipherService exten
      * </tr>
      * <tr>
      * <td>{@link #setMode mode}</td>
-     * <td>{@link OperationMode#CFB CFB}<b>*</b></td>
+     * <td>{@link OperationMode#CBC CBC}<b>*</b></td>
      * </tr>
      * <tr>
      * <td>{@link #setPaddingScheme paddingScheme}</td>
@@ -77,12 +77,12 @@ public class BlowfishCipherService exten
      * </tr>
      * </table>
      * <p/>
-     * <b>*</b> The {@link OperationMode#CFB CFB} operation mode is used 
instead of the JDK default {@code ECB} to
+     * <b>*</b> The {@link OperationMode#CBC CBC} operation mode is used 
instead of the JDK default {@code ECB} to
      * ensure strong encryption.  {@code ECB} should not be used in 
security-sensitive environments - see the
      * {@link DefaultBlockCipherService DefaultBlockCipherService} class 
JavaDoc's &quot;Operation Mode&quot; section
      * for more.
      * <p/>
-     * <b>**</b>In conjunction with the default {@code CFB} operation mode, 
initialization vectors are generated by
+     * <b>**</b>In conjunction with the default {@code CBC} operation mode, 
initialization vectors are generated by
      * default to ensure strong encryption.  See the {@link JcaCipherService 
JcaCipherService} class JavaDoc for more.
      */
     public BlowfishCipherService() {

Modified: 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java
URL: 
http://svn.apache.org/viewvc/shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java?rev=1209665&r1=1209664&r2=1209665&view=diff
==============================================================================
--- 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java
 (original)
+++ 
shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java
 Fri Dec  2 19:53:43 2011
@@ -67,7 +67,7 @@ import org.apache.shiro.util.StringUtils
  * guarantees that the mode name will be recognized by the underlying JCA 
Provider.
  * <p/>
  * <b>*</b>If no operation mode is specified, Shiro defaults all of its block 
{@code CipherService} instances to the
- * {@link OperationMode#CFB CFB} mode, specifically to support auto-generation 
of initialization vectors during
+ * {@link OperationMode#CBC CBC} mode, specifically to support auto-generation 
of initialization vectors during
  * encryption.  This is different than the JDK's default {@link 
OperationMode#ECB ECB} mode because {@code ECB} does
  * not support initialization vectors, which are necessary for strong 
encryption.  See  the
  * {@link org.apache.shiro.crypto.JcaCipherService JcaCipherService parent 
class} class JavaDoc for an extensive
@@ -117,9 +117,8 @@ import org.apache.shiro.util.StringUtils
  * for all three streaming configuration parameters.  The defaults are:
  * <ul>
  * <li>{@link #setStreamingBlockSize(int) streamingBlockSize} = {@code 8} 
(bits)</li>
- * <li>{@link #setStreamingMode streamingMode} = {@link OperationMode#CFB 
CFB}</li>
- * <li>{@link #setStreamingPaddingScheme(PaddingScheme) 
streamingPaddingScheme} = {@link PaddingScheme#NONE none} (since
- * the block size is already the most atomic size of a single byte)</li>
+ * <li>{@link #setStreamingMode streamingMode} = {@link OperationMode#CBC 
CBC}</li>
+ * <li>{@link #setStreamingPaddingScheme(PaddingScheme) 
streamingPaddingScheme} = {@link PaddingScheme#PKCS5 PKCS5}</li>
  * </ul>
  * <p/>
  * These attributes have the same meaning as the {@code mode}, {@code 
blockSize}, and {@code paddingScheme} attributes
@@ -154,7 +153,7 @@ public class DefaultBlockCipherService e
      * Creates a new {@link DefaultBlockCipherService} using the specified 
block cipher {@code algorithmName}.  Per this
      * class's JavaDoc, this constructor also sets the following defaults:
      * <ul>
-     * <li>{@code streamingMode} = {@link OperationMode#CFB CFB}</li>
+     * <li>{@code streamingMode} = {@link OperationMode#CBC CBC}</li>
      * <li>{@code streamingPaddingScheme} = {@link PaddingScheme#NONE 
none}</li>
      * <li>{@code streamingBlockSize} = 8</li>
      * </ul>
@@ -165,12 +164,12 @@ public class DefaultBlockCipherService e
     public DefaultBlockCipherService(String algorithmName) {
         super(algorithmName);
 
-        this.modeName = OperationMode.CFB.name();
+        this.modeName = OperationMode.CBC.name();
         this.paddingSchemeName = PaddingScheme.PKCS5.getTransformationName();
         this.blockSize = DEFAULT_BLOCK_SIZE; //0 = use the JCA provider's 
default
 
-        this.streamingModeName = OperationMode.CFB.name();
-        this.streamingPaddingSchemeName = 
PaddingScheme.NONE.getTransformationName();
+        this.streamingModeName = OperationMode.CBC.name();
+        this.streamingPaddingSchemeName = 
PaddingScheme.PKCS5.getTransformationName();
         this.streamingBlockSize = DEFAULT_STREAMING_BLOCK_SIZE;
     }
 
@@ -367,7 +366,7 @@ public class DefaultBlockCipherService e
      * {@link #decrypt(java.io.InputStream, java.io.OutputStream, byte[])}).
      * <p/>
      * Note that unlike the {@link #getModeName modeName} attribute, the 
default value of this attribute is not
-     * {@code null} - it is {@link OperationMode#CFB CFB} for reasons 
described in the class-level JavaDoc in the
+     * {@code null} - it is {@link OperationMode#CBC CBC} for reasons 
described in the class-level JavaDoc in the
      * {@code Streaming} section.
      *
      * @return the transformation string mode name to be used for streaming 
operations only.
@@ -384,7 +383,7 @@ public class DefaultBlockCipherService e
 
     /**
      * Sets the transformation string mode name to be used for streaming 
operations only.  The default value is
-     * {@link OperationMode#CFB CFB} for reasons described in the class-level 
JavaDoc in the {@code Streaming} section.
+     * {@link OperationMode#CBC CBC} for reasons described in the class-level 
JavaDoc in the {@code Streaming} section.
      *
      * @param streamingModeName transformation string mode name to be used for 
streaming operations only
      */
@@ -400,7 +399,7 @@ public class DefaultBlockCipherService e
 
     /**
      * Sets the transformation string mode to be used for streaming operations 
only.  The default value is
-     * {@link OperationMode#CFB CFB} for reasons described in the class-level 
JavaDoc in the {@code Streaming} section.
+     * {@link OperationMode#CBC CBC} for reasons described in the class-level 
JavaDoc in the {@code Streaming} section.
      *
      * @param mode the transformation string mode to be used for streaming 
operations only
      */
@@ -461,7 +460,7 @@ public class DefaultBlockCipherService e
     }
 
     private String buildStreamingTransformationString() {
-        return buildTransformationString(getStreamingModeName(), 
getStreamingPaddingSchemeName(), getStreamingBlockSize());
+        return buildTransformationString(getStreamingModeName(), 
getStreamingPaddingSchemeName(), 0);
     }
 
     private String buildTransformationString(String modeName, String 
paddingSchemeName, int blockSize) {

Reply via email to