garydgregory commented on code in PR #332:
URL: https://github.com/apache/commons-compress/pull/332#discussion_r1037641840
##########
src/main/java/org/apache/commons/compress/archivers/sevenz/AES256SHA256Decoder.java:
##########
@@ -126,4 +115,121 @@ public void close() throws IOException {
}
};
}
+
+ @Override
+ OutputStream encode(OutputStream out, Object options) throws IOException {
+ AES256Options opts = (AES256Options) options;
+ final byte[] aesKeyBytes = sha256Password(opts.password,
opts.numCyclesPower, opts.salt);
+ final SecretKey aesKey = new SecretKeySpec(aesKeyBytes, "AES");
+
+ final Cipher cipher;
+ try {
+ cipher = Cipher.getInstance("AES/CBC/NoPadding");
+ cipher.init(Cipher.ENCRYPT_MODE, aesKey, new
IvParameterSpec(opts.iv));
+ } catch (final GeneralSecurityException generalSecurityException) {
+ throw new IOException(
+ "Encryption error " + "(do you have the JCE Unlimited Strength
Jurisdiction Policy Files installed?)",
Review Comment:
Why is a new Random instance allocated each time?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
