Repository: wicket Updated Branches: refs/heads/WICKET-5768-improve-crypt 1ffc984ca -> 80bad259c
WICKET-5768 Code review with Martin. "secret key" removed from AbstractCrypt, IMHO not the right place for it. Project: http://git-wip-us.apache.org/repos/asf/wicket/repo Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/80bad259 Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/80bad259 Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/80bad259 Branch: refs/heads/WICKET-5768-improve-crypt Commit: 80bad259cde060706beebd5e8408d219aac56f8d Parents: 1ffc984 Author: Andrea Del Bene <[email protected]> Authored: Thu Nov 20 17:54:36 2014 +0100 Committer: Andrea Del Bene <[email protected]> Committed: Thu Nov 20 17:54:36 2014 +0100 ---------------------------------------------------------------------- .../crypt/AbstractKeyInSessionCryptFactory.java | 88 ++++++++++++++++++++ .../AbstractKeyInSessionJceCryptFactory.java | 88 -------------------- .../crypt/KeyInSessionSunJceCryptFactory.java | 2 +- .../apache/wicket/util/crypt/AbstractCrypt.java | 25 ------ .../org/apache/wicket/util/crypt/NoCrypt.java | 5 -- .../apache/wicket/util/crypt/SunJceCrypt.java | 23 +++-- 6 files changed, 107 insertions(+), 124 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/wicket/blob/80bad259/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionCryptFactory.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionCryptFactory.java b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionCryptFactory.java new file mode 100644 index 0000000..70d44e7 --- /dev/null +++ b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionCryptFactory.java @@ -0,0 +1,88 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.wicket.core.util.crypt; + + +import java.io.Serializable; + +import org.apache.wicket.MetaDataKey; +import org.apache.wicket.Session; +import org.apache.wicket.util.crypt.ICrypt; + +/** + * Base class to implement crypt factories that store crypt into user session. + * Note that the use of this crypt factory will result in an immediate creation of a http session. + * + * @author andrea del bene + * + * @param <T> + * the type for the secret key. + */ +public abstract class AbstractKeyInSessionCryptFactory<T extends Serializable> +{ + /** metadata-key used to store crypto-key in session metadata */ + private static final MetaDataKey<Serializable> KEY = new MetaDataKey<Serializable>() + { + private static final long serialVersionUID = 1L; + }; + + public AbstractKeyInSessionCryptFactory() + { + super(); + } + + /** + * Creates a new crypt for the current user session. If no user session is + * available, a new one is created. + * + * @return + */ + @SuppressWarnings("unchecked") + public ICrypt newCrypt() + { + Session session = Session.get(); + session.bind(); + + // retrieve or generate encryption key from session + Serializable key = session.getMetaData(KEY); + if (key == null) + { + // generate new key + key = generateKey(session); + session.setMetaData(KEY, key); + } + + // build the crypt based on session key + ICrypt crypt = createCrypt((T)key); + return crypt; + } + + /** + * Generates the secret key for a new crypt. + * + * @param session + * the current user session where crypt will be stored + * @return + * the secret key for a new crypt + */ + protected abstract T generateKey(Session session); + + /** + * @return the {@link org.apache.wicket.util.crypt.ICrypt} to use + */ + protected abstract ICrypt createCrypt(T key); +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/wicket/blob/80bad259/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionJceCryptFactory.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionJceCryptFactory.java b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionJceCryptFactory.java deleted file mode 100644 index 77ffa27..0000000 --- a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/AbstractKeyInSessionJceCryptFactory.java +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.wicket.core.util.crypt; - - -import java.io.Serializable; - -import org.apache.wicket.MetaDataKey; -import org.apache.wicket.Session; -import org.apache.wicket.util.crypt.ICrypt; - -/** - * Base class to implement crypt factories that store crypt into user session. - * Note that the use of this crypt factory will result in an immediate creation of a http session. - * - * @author andrea del bene - * - * @param <T> - * the type for the secret key. - */ -public abstract class AbstractKeyInSessionJceCryptFactory<T extends Serializable> -{ - /** metadata-key used to store crypto-key in session metadata */ - static final MetaDataKey<Serializable> KEY = new MetaDataKey<Serializable>() - { - private static final long serialVersionUID = 1L; - }; - - public AbstractKeyInSessionJceCryptFactory() - { - super(); - } - - /** - * Creates a new crypt for the current user session. If no user session is - * available, a new one is created. - * - * @return - */ - @SuppressWarnings("unchecked") - public ICrypt newCrypt() - { - Session session = Session.get(); - session.bind(); - - // retrieve or generate encryption key from session - Serializable key = session.getMetaData(KEY); - if (key == null) - { - // generate new key - key = generateKey(session); - session.setMetaData(KEY, key); - } - - // build the crypt based on session key - ICrypt crypt = createCrypt((T)key); - return crypt; - } - - /** - * Generates the secret key for a new crypt. - * - * @param session - * the current user session where crypt will be stored - * @return - * the secret key for a new crypt - */ - protected abstract T generateKey(Session session); - - /** - * @return the {@link org.apache.wicket.util.crypt.ICrypt} to use - */ - protected abstract ICrypt createCrypt(T key); -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/wicket/blob/80bad259/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java index 9158edd..69de6de 100644 --- a/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java +++ b/wicket-core/src/main/java/org/apache/wicket/core/util/crypt/KeyInSessionSunJceCryptFactory.java @@ -33,7 +33,7 @@ import org.apache.wicket.util.lang.Args; * * @author igor.vaynberg */ -public class KeyInSessionSunJceCryptFactory extends AbstractKeyInSessionJceCryptFactory<String> implements ICryptFactory +public class KeyInSessionSunJceCryptFactory extends AbstractKeyInSessionCryptFactory<String> implements ICryptFactory { final String cryptMethod; http://git-wip-us.apache.org/repos/asf/wicket/blob/80bad259/wicket-util/src/main/java/org/apache/wicket/util/crypt/AbstractCrypt.java ---------------------------------------------------------------------- diff --git a/wicket-util/src/main/java/org/apache/wicket/util/crypt/AbstractCrypt.java b/wicket-util/src/main/java/org/apache/wicket/util/crypt/AbstractCrypt.java index 5f68192..7e426c0 100644 --- a/wicket-util/src/main/java/org/apache/wicket/util/crypt/AbstractCrypt.java +++ b/wicket-util/src/main/java/org/apache/wicket/util/crypt/AbstractCrypt.java @@ -22,7 +22,6 @@ import java.security.GeneralSecurityException; import javax.crypto.Cipher; -import org.apache.wicket.util.lang.Args; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -40,30 +39,6 @@ public abstract class AbstractCrypt<T extends Serializable> implements ICrypt /** Log. */ private static final Logger log = LoggerFactory.getLogger(AbstractCrypt.class); - /** Key used to de-/encrypt the data */ - private final T encryptionKey; - - /** - * Constructor - * - * @param encryptionKey - * the encryption key to use - */ - public AbstractCrypt(final T encryptionKey) - { - this.encryptionKey = Args.notNull(encryptionKey, "encryptionKey"); - } - - /** - * Get encryption private key - * - * @return encryption private key - */ - public T getKey() - { - return encryptionKey; - } - /** * Crypts the given byte array * http://git-wip-us.apache.org/repos/asf/wicket/blob/80bad259/wicket-util/src/main/java/org/apache/wicket/util/crypt/NoCrypt.java ---------------------------------------------------------------------- diff --git a/wicket-util/src/main/java/org/apache/wicket/util/crypt/NoCrypt.java b/wicket-util/src/main/java/org/apache/wicket/util/crypt/NoCrypt.java index 7c14aa0..c9c9c8d 100644 --- a/wicket-util/src/main/java/org/apache/wicket/util/crypt/NoCrypt.java +++ b/wicket-util/src/main/java/org/apache/wicket/util/crypt/NoCrypt.java @@ -28,11 +28,6 @@ import java.security.GeneralSecurityException; */ public class NoCrypt extends AbstractCrypt<String> { - public NoCrypt() - { - super(""); - } - /** * Decrypts a string into a string. * http://git-wip-us.apache.org/repos/asf/wicket/blob/80bad259/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java ---------------------------------------------------------------------- diff --git a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java index 941ffe9..8fa4385 100644 --- a/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java +++ b/wicket-util/src/main/java/org/apache/wicket/util/crypt/SunJceCrypt.java @@ -58,6 +58,9 @@ public class SunJceCrypt extends AbstractCrypt<String> /** The name of encryption method (cipher) */ private final String cryptMethod; + + /** Key used to de-/encrypt the data */ + private final String encryptionPassword; /** * Constructor @@ -80,12 +83,12 @@ public class SunJceCrypt extends AbstractCrypt<String> this(cryptMethod, generateRandomKey()); } - public SunJceCrypt(String cryptMethod, String key) + public SunJceCrypt(String cryptMethod, String encryptionPassword) { - super(key); + this.encryptionPassword = encryptionPassword; this.cryptMethod = Args.notNull(cryptMethod, "Crypt method"); - checkChiperIsSupported(cryptMethod); + checkCipherIsSupported(cryptMethod); } /** @@ -94,7 +97,7 @@ public class SunJceCrypt extends AbstractCrypt<String> * @param cryptMethod * the name of encryption method (the cipher) */ - private void checkChiperIsSupported(String cryptMethod) + private void checkCipherIsSupported(String cryptMethod) { if (Security.getProviders("Cipher." + cryptMethod).length > 0) { @@ -192,8 +195,18 @@ public class SunJceCrypt extends AbstractCrypt<String> * * @return the random string key */ - protected static String generateRandomKey() + public static String generateRandomKey() { return UUID.randomUUID().toString(); } + + /** + * Returns the secret key used by this Crypt + * + * @return the secret key + */ + public String getKey() + { + return encryptionPassword; + } }
