justbk2015 commented on pull request #11440:
URL: https://github.com/apache/shardingsphere/pull/11440#issuecomment-884720630
> > > > > > > I don't see any key to use to encrypt or decrypt. Does it mean
that there is no key for password encryption.
> > > > > >
> > > > > >
> > > > > > the key is variable named secretBytes which generate by
SecureRandom, in 16 bytes.
> > > > > > we use this key to encrypt password, and saved as base64 string
in encrypt function return; in decrypt, we first extract key and iv from
base64string and run aes to decrypt the password plaint text.
> > > > >
> > > > >
> > > > > Where does the secretBytes stored?
> > > >
> > > >
> > > > the secretBytes was return by encrypt string , if you want more
security, your can implentments new algorithm and save secretBytes to safe disk
or database.
> > > > see code:
> > > > @override
> > > > public String encrypt(final byte[] content) throws Exception {
> > > > byte[] ivBytes = getRandom();
> > > > byte[] secretKeyBytes = getRandom();
> > > > byte[] encryptBytes = runAesAlgorithm(content,
> > > > ivBytes,
> > > > secretKeyBytes,
> > > > Cipher.ENCRYPT_MODE);
> > > > byte[] results = mergeAllBytes(ivBytes, secretKeyBytes,
encryptBytes);
> > > > return Base64.getEncoder().encodeToString(results); -- the encrypt
text have iv and secretKey value
> > > > }
> > >
> > >
> > > I mean that if we don't provide the key which can be input by user.
Anyone can decrypt the password from the program.
> > > This is meaningless for adding the feature.
> >
> >
> > yes, if anyone have encrypt text 、 key and the algorithm implements , he
can decrypt the plaint text.
> > in this default AES algorithm implement, we can only avoid general user
get the plaint password but not developer.
> > this feature can via SPI interface to get more security algorithm in
future.
> > etc: we can save key in different permission path by user, then only
speicial user can decrypt his password.
>
> Sure, good suggestion! But it may be an unnecessary if only implemented by
above right now.
I think this feature provide a way to protected our password not in plaint
text. And have a easy way to extend security algorithm. this pr is not
influence any function or perfermance for proxy in default config. I hope you
an accept it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
