[ZEPPELIN-2757] Enhance Authentication decrypting key generation. ### What is this PR for? Enhance ```Authentication``` decrypting key generation by random ```KeyGenerator```.
### What type of PR is it? Improvement ### What is the Jira issue? https://issues.apache.org/jira/browse/ZEPPELIN-2757 Author: Yanbo Liang <[email protected]> Closes #2475 from yanboliang/zeppelin-2757 and squashes the following commits: ccf1595c [Yanbo Liang] Use LOG.warn rather than printStackTrace. 60f04095 [Yanbo Liang] Enhance Authentication decrypting key generation. Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/fc02cdb1 Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/fc02cdb1 Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/fc02cdb1 Branch: refs/heads/branch-0.7 Commit: fc02cdb157fe0043fa396c44d49a4c171710483e Parents: 465b0ba Author: Yanbo Liang <[email protected]> Authored: Wed Jul 19 12:11:26 2017 +0800 Committer: Prabhjyot Singh <[email protected]> Committed: Tue Aug 15 11:08:24 2017 -0700 ---------------------------------------------------------------------- .../repo/zeppelinhub/security/Authentication.java | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/zeppelin/blob/fc02cdb1/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/security/Authentication.java ---------------------------------------------------------------------- diff --git a/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/security/Authentication.java b/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/security/Authentication.java index 76968e4..fd5142b 100644 --- a/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/security/Authentication.java +++ b/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/security/Authentication.java @@ -4,10 +4,13 @@ import java.io.IOException; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; import java.security.Key; +import java.security.SecureRandom; import java.util.Collections; import java.util.Map; import javax.crypto.Cipher; +import javax.crypto.KeyGenerator; +import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; @@ -193,7 +196,16 @@ public class Authentication implements Runnable { } private Key generateKey() { - return new SecretKeySpec(toBytes(KEY), CIPHER_ALGORITHM); + try { + KeyGenerator kgen = KeyGenerator.getInstance(CIPHER_ALGORITHM); + kgen.init(128, new SecureRandom(toBytes(KEY))); + SecretKey secretKey = kgen.generateKey(); + byte[] enCodeFormat = secretKey.getEncoded(); + return new SecretKeySpec(enCodeFormat, CIPHER_ALGORITHM); + } catch (Exception e) { + LOG.warn("Cannot generate key for decryption", e); + } + return null; } private byte[] toBytes(String value) {
