90 lines
2.9 KiB
Diff
90 lines
2.9 KiB
Diff
From f9975b549fcb2453b1127ceccfd1f8061e35a618 Mon Sep 17 00:00:00 2001
|
|
From: Mikolaj Izdebski <mizdebsk@redhat.com>
|
|
Date: Tue, 27 Nov 2012 15:32:10 +0100
|
|
Subject: [PATCH] Improve randomness of PBECipher salt
|
|
|
|
See: https://bugzilla.redhat.com/show_bug.cgi?id=880279
|
|
---
|
|
.../plexus/components/cipher/PBECipher.java | 43 +++-------------------
|
|
1 file changed, 5 insertions(+), 38 deletions(-)
|
|
|
|
diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java
|
|
index ce6b173..c69e753 100644
|
|
--- a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java
|
|
+++ b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java
|
|
@@ -63,9 +63,8 @@ public class PBECipher
|
|
|
|
protected MessageDigest _digester;
|
|
|
|
- protected SecureRandom _secureRandom;
|
|
-
|
|
- protected boolean _onLinux = false;
|
|
+ private static final SecureRandom _secureRandom = new SecureRandom();
|
|
+
|
|
//---------------------------------------------------------------
|
|
public PBECipher()
|
|
throws PlexusCipherException
|
|
@@ -73,21 +72,6 @@ public class PBECipher
|
|
try
|
|
{
|
|
_digester = MessageDigest.getInstance( DIGEST_ALG );
|
|
-
|
|
- if( System.getProperty( "os.name", "blah" ).toLowerCase().indexOf( "linux" ) != -1 )
|
|
- {
|
|
- _onLinux = true;
|
|
- }
|
|
-
|
|
- if( _onLinux )
|
|
- {
|
|
- System.setProperty( "securerandom.source", "file:/dev/./urandom");
|
|
- }
|
|
- else
|
|
- {
|
|
- _secureRandom = new SecureRandom();
|
|
- }
|
|
-
|
|
}
|
|
catch ( NoSuchAlgorithmException e )
|
|
{
|
|
@@ -96,21 +80,10 @@ public class PBECipher
|
|
}
|
|
//---------------------------------------------------------------
|
|
private byte[] getSalt( final int sz )
|
|
- throws NoSuchAlgorithmException, NoSuchProviderException
|
|
{
|
|
- byte [] res = null;
|
|
-
|
|
- if( _secureRandom != null )
|
|
- {
|
|
- _secureRandom.setSeed( System.currentTimeMillis() );
|
|
- res = _secureRandom.generateSeed( sz );
|
|
- }
|
|
- else
|
|
- {
|
|
- res = new byte[ sz ];
|
|
- Random r = new Random( System.currentTimeMillis() );
|
|
- r.nextBytes( res );
|
|
- }
|
|
+ byte[] res = new byte[ sz ];
|
|
+
|
|
+ _secureRandom.nextBytes( res );
|
|
|
|
return res;
|
|
}
|
|
@@ -124,12 +97,6 @@ public class PBECipher
|
|
|
|
byte[] salt = getSalt( SALT_SIZE );
|
|
|
|
- // spin it :)
|
|
- if( _secureRandom != null )
|
|
- {
|
|
- new SecureRandom().nextBytes( salt );
|
|
- }
|
|
-
|
|
Cipher cipher = createCipher( password.getBytes( STRING_ENCODING ), salt, Cipher.ENCRYPT_MODE );
|
|
|
|
byte [] encryptedBytes = cipher.doFinal( clearBytes );
|
|
--
|
|
1.7.11.7
|
|
|