svn commit: r687144 - /wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/util/crypt/KeyInSessionSunJceCryptFactory.java

Tue, 19 Aug 2008 13:28:10 -0700 

Author: jcompagner
Date: Tue Aug 19 13:27:18 2008
New Revision: 687144

URL: http://svn.apache.org/viewvc?rev=687144&view=rev
Log:
bad bad igor, going on vacation with a broken build!

Modified:
    
wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/util/crypt/KeyInSessionSunJceCryptFactory.java

Modified: 
wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/util/crypt/KeyInSessionSunJceCryptFactory.java
URL: 
http://svn.apache.org/viewvc/wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/util/crypt/KeyInSessionSunJceCryptFactory.java?rev=687144&r1=687143&r2=687144&view=diff
==============================================================================
--- 
wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/util/crypt/KeyInSessionSunJceCryptFactory.java
 (original)
+++ 
wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/util/crypt/KeyInSessionSunJceCryptFactory.java
 Tue Aug 19 13:27:18 2008
@@ -16,7 +16,7 @@
  */
 package org.apache.wicket.util.crypt;
 
-import java.util.UUID;
+import java.security.SecureRandom;
 
 import javax.servlet.http.HttpSession;
 
@@ -34,6 +34,8 @@
  */
 public class KeyInSessionSunJceCryptFactory implements ICryptFactory
 {
+       private static SecureRandom numberGenerator;
+
        public ICrypt newCrypt()
        {
                WebRequestCycle rc = (WebRequestCycle)RequestCycle.get();
@@ -47,7 +49,7 @@
                if (key == null)
                {
                        // generate new key
-                       key = session.getId() + "." + 
UUID.randomUUID().toString();
+                       key = session.getId() + "." + randomUUIDString();
                        session.setAttribute(keyAttr, key);
                }
 
@@ -56,4 +58,38 @@
                crypt.setKey(key);
                return crypt;
        }
+
+       private static String randomUUIDString()
+       {
+               SecureRandom ng = numberGenerator;
+               if (ng == null)
+               {
+                       numberGenerator = ng = new SecureRandom();
+               }
+
+               byte[] randomBytes = new byte[16];
+               ng.nextBytes(randomBytes);
+               randomBytes[6] &= 0x0f; /* clear version */
+               randomBytes[6] |= 0x40; /* set to version 4 */
+               randomBytes[8] &= 0x3f; /* clear variant */
+               randomBytes[8] |= 0x80; /* set to IETF variant */
+
+               long mostSigBits = 0;
+               long leastSigBits = 0;
+               for (int i = 0; i < 8; i++)
+                       mostSigBits = (mostSigBits << 8) | (randomBytes[i] & 
0xff);
+               for (int i = 8; i < 16; i++)
+                       leastSigBits = (leastSigBits << 8) | (randomBytes[i] & 
0xff);
+
+
+               return (digits(mostSigBits >> 32, 8) + "-" + digits(mostSigBits 
>> 16, 4) + "-" +
+                       digits(mostSigBits, 4) + "-" + digits(leastSigBits >> 
48, 4) + "-" + digits(
+                       leastSigBits, 12));
+       }
+
+       private static String digits(long val, int digits)
+       {
+               long hi = 1L << (digits * 4);
+               return Long.toHexString(hi | (val & (hi - 1))).substring(1);
+       }
 }

Reply via email to