rpms/plexus-cipher
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Improve randomness of PBECipher

Browse Source 
- Resolves: rhbz#880279
This commit is contained in:
Mikolaj Izdebski 2012-11-27 16:07:12 +01:00
parent b75736306d
commit 2e42ca9f03
2 changed files with 96 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
0001-Improve-randomness-of-PBECipher-salt.patch Normal file
View File

@ -0,0 +1,89 @@
From f9975b549fcb2453b1127ceccfd1f8061e35a618 Mon Sep 17 00:00:00 2001
From: Mikolaj Izdebski <mizdebsk@redhat.com>
Date: Tue, 27 Nov 2012 15:32:10 +0100
Subject: [PATCH] Improve randomness of PBECipher salt
See: https://bugzilla.redhat.com/show_bug.cgi?id=880279
---
.../plexus/components/cipher/PBECipher.java | 43 +++-------------------
1 file changed, 5 insertions(+), 38 deletions(-)
diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java
index ce6b173..c69e753 100644
--- a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java
+++ b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java
@@ -63,9 +63,8 @@ public class PBECipher
protected MessageDigest _digester;
- protected SecureRandom _secureRandom;
-
- protected boolean _onLinux = false;
+ private static final SecureRandom _secureRandom = new SecureRandom();
+
//---------------------------------------------------------------
public PBECipher()
throws PlexusCipherException
@@ -73,21 +72,6 @@ public class PBECipher
try
{
_digester = MessageDigest.getInstance( DIGEST_ALG );
-
- if( System.getProperty( "os.name", "blah" ).toLowerCase().indexOf( "linux" ) != -1 )
- {
- _onLinux = true;
- }
-
- if( _onLinux )
- {
- System.setProperty( "securerandom.source", "file:/dev/./urandom");
- }
- else
- {
- _secureRandom = new SecureRandom();
- }
-
}
catch ( NoSuchAlgorithmException e )
{
@@ -96,21 +80,10 @@ public class PBECipher
}
//---------------------------------------------------------------
private byte[] getSalt( final int sz )
- throws NoSuchAlgorithmException, NoSuchProviderException
{
- byte [] res = null;
-
- if( _secureRandom != null )
- {
- _secureRandom.setSeed( System.currentTimeMillis() );
- res = _secureRandom.generateSeed( sz );
- }
- else
- {
- res = new byte[ sz ];
- Random r = new Random( System.currentTimeMillis() );
- r.nextBytes( res );
- }
+ byte[] res = new byte[ sz ];
+
+ _secureRandom.nextBytes( res );
return res;
}
@@ -124,12 +97,6 @@ public class PBECipher
byte[] salt = getSalt( SALT_SIZE );
- // spin it :)
- if( _secureRandom != null )
- {
- new SecureRandom().nextBytes( salt );
- }
-
Cipher cipher = createCipher( password.getBytes( STRING_ENCODING ), salt, Cipher.ENCRYPT_MODE );
byte [] encryptedBytes = cipher.doFinal( clearBytes );
--
1.7.11.7

8
plexus-cipher.spec
View File

@ -1,6 +1,6 @@
Name: plexus-cipher
Version: 1.5
Release: 10%{?dist}
Release: 11%{?dist}
Summary: Plexus Cipher: encryption/decryption Component
Group: Development/Libraries
@ -12,6 +12,7 @@ Source0: %{name}-%{version}.tar.gz
Source1: http://apache.org/licenses/LICENSE-2.0.txt
Patch0: %{name}-migration-to-component-metadata.patch
Patch1: 0001-Improve-randomness-of-PBECipher-salt.patch
BuildArch: noarch
@ -55,6 +56,7 @@ API documentation for %{name}.
%setup -q
%patch0 -p1
%patch1 -p1
cp %{SOURCE1} .
@ -86,6 +88,10 @@ cp -pr target/site/api*/* %{buildroot}%{_javadocdir}/plexus/%{name}/
%{_javadocdir}/plexus/%{name}
%changelog
* Tue Nov 27 2012 Mikolaj Izdebski <mizdebsk@redhat.com> - 1.5-11
- Improve randomness of PBECipher
- Resolves: rhbz#880279
* Mon Nov 26 2012 Mikolaj Izdebski <mizdebsk@redhat.com> - 1.5-10
- Remove duplicated NOTICE file