From e312520cb1e6be3f0b7e89968ce36c4aa857ff29 Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Fri, 27 Sep 2024 22:57:19 +0200 Subject: [PATCH 1/8] Updates --- .../components/cipher/DefaultPlexusCipher.java | 16 ++++++---------- .../plexus/components/cipher/PBECipher.java | 6 +++--- .../plexus/components/cipher/PlexusCipher.java | 4 ++-- .../components/cipher/PlexusCipherException.java | 8 +------- .../cipher/DefaultPlexusCipherTest.java | 4 +++- .../plexus/components/cipher/PBECipherTest.java | 2 +- 6 files changed, 16 insertions(+), 24 deletions(-) diff --git a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java b/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java index 7a83010..a6fda72 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java @@ -22,16 +22,13 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; -import org.eclipse.sisu.Typed; - /** * Default implementation of {@link PlexusCipher}. This class is thread safe. * * @author Oleg Gusakov */ @Singleton -@Named("default") -@Typed(PlexusCipher.class) +@Named public class DefaultPlexusCipher implements PlexusCipher { private static final Pattern ENCRYPTED_STRING_PATTERN = Pattern.compile(".*?[^\\\\]?\\{(.*?[^\\\\])\\}.*"); @@ -45,7 +42,7 @@ public DefaultPlexusCipher() { // --------------------------------------------------------------- @Override public String encrypt(final String str, final String passPhrase) throws PlexusCipherException { - if (str == null || str.length() < 1) { + if (str == null || str.isEmpty()) { return str; } @@ -61,7 +58,7 @@ public String encryptAndDecorate(final String str, final String passPhrase) thro // --------------------------------------------------------------- @Override public String decrypt(final String str, final String passPhrase) throws PlexusCipherException { - if (str == null || str.length() < 1) { + if (str == null || str.isEmpty()) { return str; } @@ -71,7 +68,7 @@ public String decrypt(final String str, final String passPhrase) throws PlexusCi // --------------------------------------------------------------- @Override public String decryptDecorated(final String str, final String passPhrase) throws PlexusCipherException { - if (str == null || str.length() < 1) { + if (str == null || str.isEmpty()) { return str; } @@ -85,7 +82,7 @@ public String decryptDecorated(final String str, final String passPhrase) throws // ---------------------------------------------------------------------------- @Override public boolean isEncryptedString(final String str) { - if (str == null || str.length() < 1) { + if (str == null || str.isEmpty()) { return false; } @@ -98,11 +95,10 @@ public boolean isEncryptedString(final String str) { @Override public String unDecorate(final String str) throws PlexusCipherException { Matcher matcher = ENCRYPTED_STRING_PATTERN.matcher(str); - if (matcher.matches() || matcher.find()) { return matcher.group(1); } else { - throw new PlexusCipherException("default.plexus.cipher.badEncryptedPassword"); + throw new PlexusCipherException("Malformed decorated string"); } } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java index 590388c..1e88d4f 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java @@ -95,7 +95,7 @@ public String encrypt64(final String clearText, final String password) throws Pl return Base64.getEncoder().encodeToString(allEncryptedBytes); } catch (Exception e) { - throw new PlexusCipherException(e); + throw new PlexusCipherException(e.getMessage(), e); } } @@ -122,7 +122,7 @@ public String decrypt64(final String encryptedText, final String password) throw return new String(clearBytes, STRING_ENCODING); } catch (Exception e) { - throw new PlexusCipherException(e); + throw new PlexusCipherException(e.getMessage(), e); } } // ------------------------------------------------------------------------------- @@ -131,7 +131,7 @@ private Cipher createCipher(final char[] pwd, byte[] salt, final int mode) InvalidAlgorithmParameterException, InvalidKeySpecException { KeySpec spec = new PBEKeySpec(pwd, salt, PBE_ITERATIONS, SPICE_SIZE * 16); - SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); + SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512"); byte[] keyAndIv = factory.generateSecret(spec).getEncoded(); byte[] key = new byte[SPICE_SIZE]; diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java index efa1fa9..85e2525 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java @@ -16,9 +16,9 @@ * @author Oleg Gusakov */ public interface PlexusCipher { - char ENCRYPTED_STRING_DECORATION_START = '{'; + String ENCRYPTED_STRING_DECORATION_START = "{"; - char ENCRYPTED_STRING_DECORATION_STOP = '}'; + String ENCRYPTED_STRING_DECORATION_STOP = "}"; /** * encrypt given string with the given passPhrase and encode it into base64 diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java index 10f8f85..13cf322 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java @@ -12,17 +12,11 @@ */ package org.sonatype.plexus.components.cipher; -public class PlexusCipherException extends Exception { - public PlexusCipherException() {} - +public class PlexusCipherException extends RuntimeException { public PlexusCipherException(String message) { super(message); } - public PlexusCipherException(Throwable cause) { - super(cause); - } - public PlexusCipherException(String message, Throwable cause) { super(message, cause); } diff --git a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java index dee1ad1..8fad380 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java @@ -13,6 +13,7 @@ package org.sonatype.plexus.components.cipher; import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; @@ -31,7 +32,7 @@ class DefaultPlexusCipherTest { final String str = "my testing phrase"; - final String encStr = "cYrPoOelYU0HGlsn3nERAIyiLVVgnsn/KC5ZqeAPG0beOZCYrFwWwBTp3uyxt/yx"; + final String encStr = "t4RzIMd8AT0H3xnTd5IBX9zKE94G+D29fGBuhAJ4RblNC5zJLqYOIkVaSXJQFT7t"; PlexusCipher pc; @BeforeEach @@ -88,6 +89,7 @@ void testDefaultAlgorithmExists() throws Exception { // ------------------------------------------------------------- + @Disabled("This test is not really a test") @Test void stestFindDefaultAlgorithm() { String[] res = DefaultPlexusCipher.getServiceTypes(); diff --git a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java index 5f78c2e..4bd1b47 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java @@ -34,7 +34,7 @@ class PBECipherTest { final String clearText = "veryOpenText"; - final String encryptedText = "F7eMV2QRQF4H0ODCA1nrTGUWacCXVvPemSjaQjGbO6U="; + final String encryptedText = "0bzCbTRh5YQHZ2p7hkr6OZYrfhRqwc9ImgtYweX752k="; final String password = "testtest"; From cbe6982d690a4d7612e3eefe60b8ebecfbc335bb Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Fri, 27 Sep 2024 23:20:24 +0200 Subject: [PATCH 2/8] More fixes --- pom.xml | 2 +- .../plexus/components/cipher/PBECipher.java | 21 ++++++------------- .../cipher/DefaultPlexusCipherTest.java | 2 +- .../components/cipher/PBECipherTest.java | 2 +- 4 files changed, 9 insertions(+), 18 deletions(-) diff --git a/pom.xml b/pom.xml index 8cb200c..571986c 100644 --- a/pom.xml +++ b/pom.xml @@ -60,7 +60,7 @@ maven-surefire-plugin - utf8 + default-test test diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java index 1e88d4f..6976a76 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java @@ -22,10 +22,12 @@ Licensed to the Apache Software Foundation (ASF) under one import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.GCMParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; +import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; @@ -40,24 +42,13 @@ Licensed to the Apache Software Foundation (ASF) under one * @author Oleg Gusakov */ public class PBECipher { - protected static final String STRING_ENCODING = "UTF8"; - + protected static final Charset STRING_ENCODING = StandardCharsets.UTF_8; protected static final int SPICE_SIZE = 16; - protected static final int SALT_SIZE = 8; - protected static final int CHUNK_SIZE = 16; - - protected static final byte WIPER = 0; - - protected static final String DIGEST_ALG = "SHA-256"; - protected static final String KEY_ALG = "AES"; - - protected static final String CIPHER_ALG = "AES/CBC/PKCS5Padding"; - + protected static final String CIPHER_ALG = "AES/GCM/NoPadding"; protected static final int PBE_ITERATIONS = 310000; - private static final SecureRandom _secureRandom = new SecureRandom(); // --------------------------------------------------------------- @@ -144,7 +135,7 @@ private Cipher createCipher(final char[] pwd, byte[] salt, final int mode) Cipher cipher = Cipher.getInstance(CIPHER_ALG); - cipher.init(mode, new SecretKeySpec(key, KEY_ALG), new IvParameterSpec(iv)); + cipher.init(mode, new SecretKeySpec(key, KEY_ALG), new GCMParameterSpec(128, iv)); return cipher; } diff --git a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java index 8fad380..8b71a45 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java @@ -32,7 +32,7 @@ class DefaultPlexusCipherTest { final String str = "my testing phrase"; - final String encStr = "t4RzIMd8AT0H3xnTd5IBX9zKE94G+D29fGBuhAJ4RblNC5zJLqYOIkVaSXJQFT7t"; + final String encStr = "cQupsZrOFpkGa7Ce/vdwr3a0Zun/X5VHsqXhnZOnhKB6VtTu7mfyI5gtycUsG3Fy"; PlexusCipher pc; @BeforeEach diff --git a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java index 4bd1b47..a112100 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java @@ -34,7 +34,7 @@ class PBECipherTest { final String clearText = "veryOpenText"; - final String encryptedText = "0bzCbTRh5YQHZ2p7hkr6OZYrfhRqwc9ImgtYweX752k="; + final String encryptedText = "ce/l2ofOiSELRT1WAjOyNoZbG+2FQcrlOKEdDr5mi6esyR2LfvBY855yxW5bqHZi"; final String password = "testtest"; From 188e34b8e663265b682fbb1192f2c872765b2c5a Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Fri, 27 Sep 2024 23:23:42 +0200 Subject: [PATCH 3/8] Make it 3.0.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 571986c..24c562a 100644 --- a/pom.xml +++ b/pom.xml @@ -9,7 +9,7 @@ plexus-cipher - 2.1.1-SNAPSHOT + 3.0.0-SNAPSHOT Plexus Cipher: encryption/decryption Component From 9d75fb6547c5902bc3d85d57763b1d25f4c85bd5 Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Sat, 28 Sep 2024 00:18:16 +0200 Subject: [PATCH 4/8] Rename package --- pom.xml | 1 + .../plexus/components/cipher/DefaultPlexusCipher.java | 2 +- .../plexus/components/cipher/PBECipher.java | 2 +- .../plexus/components/cipher/PlexusCipher.java | 2 +- .../plexus/components/cipher/PlexusCipherException.java | 2 +- .../plexus/components/cipher/DefaultPlexusCipherTest.java | 2 +- .../plexus/components/cipher/PBECipherTest.java | 2 +- 7 files changed, 7 insertions(+), 6 deletions(-) rename src/main/java/org/{sonatype => codehaus}/plexus/components/cipher/DefaultPlexusCipher.java (99%) rename src/main/java/org/{sonatype => codehaus}/plexus/components/cipher/PBECipher.java (99%) rename src/main/java/org/{sonatype => codehaus}/plexus/components/cipher/PlexusCipher.java (98%) rename src/main/java/org/{sonatype => codehaus}/plexus/components/cipher/PlexusCipherException.java (95%) rename src/test/java/org/{sonatype => codehaus}/plexus/components/cipher/DefaultPlexusCipherTest.java (99%) rename src/test/java/org/{sonatype => codehaus}/plexus/components/cipher/PBECipherTest.java (97%) diff --git a/pom.xml b/pom.xml index 24c562a..006215e 100644 --- a/pom.xml +++ b/pom.xml @@ -39,6 +39,7 @@ javax.inject javax.inject 1 + provided org.eclipse.sisu diff --git a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java b/src/main/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipher.java similarity index 99% rename from src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java rename to src/main/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipher.java index a6fda72..751023b 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipher.java @@ -10,7 +10,7 @@ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ -package org.sonatype.plexus.components.cipher; +package org.codehaus.plexus.components.cipher; import javax.inject.Named; import javax.inject.Singleton; diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java b/src/main/java/org/codehaus/plexus/components/cipher/PBECipher.java similarity index 99% rename from src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java rename to src/main/java/org/codehaus/plexus/components/cipher/PBECipher.java index 6976a76..7997ea0 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/PBECipher.java @@ -17,7 +17,7 @@ Licensed to the Apache Software Foundation (ASF) under one under the License. */ -package org.sonatype.plexus.components.cipher; +package org.codehaus.plexus.components.cipher; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java b/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java similarity index 98% rename from src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java rename to src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java index 85e2525..b118eb5 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java @@ -10,7 +10,7 @@ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ -package org.sonatype.plexus.components.cipher; +package org.codehaus.plexus.components.cipher; /** * @author Oleg Gusakov diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java b/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipherException.java similarity index 95% rename from src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java rename to src/main/java/org/codehaus/plexus/components/cipher/PlexusCipherException.java index 13cf322..5efa15c 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipherException.java @@ -10,7 +10,7 @@ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ -package org.sonatype.plexus.components.cipher; +package org.codehaus.plexus.components.cipher; public class PlexusCipherException extends RuntimeException { public PlexusCipherException(String message) { diff --git a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java b/src/test/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipherTest.java similarity index 99% rename from src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java rename to src/test/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipherTest.java index 8b71a45..668a99a 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java +++ b/src/test/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipherTest.java @@ -10,7 +10,7 @@ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ -package org.sonatype.plexus.components.cipher; +package org.codehaus.plexus.components.cipher; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Disabled; diff --git a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java b/src/test/java/org/codehaus/plexus/components/cipher/PBECipherTest.java similarity index 97% rename from src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java rename to src/test/java/org/codehaus/plexus/components/cipher/PBECipherTest.java index a112100..790afcf 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java +++ b/src/test/java/org/codehaus/plexus/components/cipher/PBECipherTest.java @@ -17,7 +17,7 @@ Licensed to the Apache Software Foundation (ASF) under one under the License. */ -package org.sonatype.plexus.components.cipher; +package org.codehaus.plexus.components.cipher; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; From 60529c104ab155ebe345ce2ef65d416c3d41d0db Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Sat, 28 Sep 2024 00:58:38 +0200 Subject: [PATCH 5/8] Internal --- .../plexus/components/cipher/PlexusCipher.java | 4 ---- .../cipher/{ => internal}/DefaultPlexusCipher.java | 7 ++++++- .../components/cipher/{ => internal}/PBECipher.java | 4 +++- .../{ => internal}/DefaultPlexusCipherTest.java | 12 +++++------- .../cipher/{ => internal}/PBECipherTest.java | 2 +- 5 files changed, 15 insertions(+), 14 deletions(-) rename src/main/java/org/codehaus/plexus/components/cipher/{ => internal}/DefaultPlexusCipher.java (94%) rename src/main/java/org/codehaus/plexus/components/cipher/{ => internal}/PBECipher.java (97%) rename src/test/java/org/codehaus/plexus/components/cipher/{ => internal}/DefaultPlexusCipherTest.java (93%) rename src/test/java/org/codehaus/plexus/components/cipher/{ => internal}/PBECipherTest.java (97%) diff --git a/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java b/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java index b118eb5..390633b 100644 --- a/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/PlexusCipher.java @@ -16,10 +16,6 @@ * @author Oleg Gusakov */ public interface PlexusCipher { - String ENCRYPTED_STRING_DECORATION_START = "{"; - - String ENCRYPTED_STRING_DECORATION_STOP = "}"; - /** * encrypt given string with the given passPhrase and encode it into base64 * diff --git a/src/main/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipher.java b/src/main/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipher.java similarity index 94% rename from src/main/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipher.java rename to src/main/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipher.java index 751023b..328abf5 100644 --- a/src/main/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipher.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipher.java @@ -10,7 +10,7 @@ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ -package org.codehaus.plexus.components.cipher; +package org.codehaus.plexus.components.cipher.internal; import javax.inject.Named; import javax.inject.Singleton; @@ -22,6 +22,9 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; +import org.codehaus.plexus.components.cipher.PlexusCipher; +import org.codehaus.plexus.components.cipher.PlexusCipherException; + /** * Default implementation of {@link PlexusCipher}. This class is thread safe. * @@ -31,6 +34,8 @@ @Named public class DefaultPlexusCipher implements PlexusCipher { private static final Pattern ENCRYPTED_STRING_PATTERN = Pattern.compile(".*?[^\\\\]?\\{(.*?[^\\\\])\\}.*"); + private static final String ENCRYPTED_STRING_DECORATION_START = "{"; + private static final String ENCRYPTED_STRING_DECORATION_STOP = "}"; private final PBECipher _cipher; diff --git a/src/main/java/org/codehaus/plexus/components/cipher/PBECipher.java b/src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java similarity index 97% rename from src/main/java/org/codehaus/plexus/components/cipher/PBECipher.java rename to src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java index 7997ea0..326749d 100644 --- a/src/main/java/org/codehaus/plexus/components/cipher/PBECipher.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java @@ -17,7 +17,7 @@ Licensed to the Apache Software Foundation (ASF) under one under the License. */ -package org.codehaus.plexus.components.cipher; +package org.codehaus.plexus.components.cipher.internal; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; @@ -36,6 +36,8 @@ Licensed to the Apache Software Foundation (ASF) under one import java.security.spec.KeySpec; import java.util.Base64; +import org.codehaus.plexus.components.cipher.PlexusCipherException; + /** * This class is thread-safe. * diff --git a/src/test/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipherTest.java b/src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java similarity index 93% rename from src/test/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipherTest.java rename to src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java index 668a99a..ed2f3ab 100644 --- a/src/test/java/org/codehaus/plexus/components/cipher/DefaultPlexusCipherTest.java +++ b/src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java @@ -10,8 +10,10 @@ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ -package org.codehaus.plexus.components.cipher; +package org.codehaus.plexus.components.cipher.internal; +import org.codehaus.plexus.components.cipher.PlexusCipher; +import org.codehaus.plexus.components.cipher.PlexusCipherException; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; @@ -154,18 +156,14 @@ void testDecrypt() { @Test void testDecorate() { String res = pc.decorate("aaa"); - assertEquals( - PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP, - res, - "Decoration failed"); + assertEquals("{aaa}", res, "Decoration failed"); } // ------------------------------------------------------------- @Test void testUnDecorate() throws Exception { - String res = pc.unDecorate( - PlexusCipher.ENCRYPTED_STRING_DECORATION_START + "aaa" + PlexusCipher.ENCRYPTED_STRING_DECORATION_STOP); + String res = pc.unDecorate("{aaa}"); assertEquals("aaa", res, "Decoration failed"); } diff --git a/src/test/java/org/codehaus/plexus/components/cipher/PBECipherTest.java b/src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java similarity index 97% rename from src/test/java/org/codehaus/plexus/components/cipher/PBECipherTest.java rename to src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java index 790afcf..1a87410 100644 --- a/src/test/java/org/codehaus/plexus/components/cipher/PBECipherTest.java +++ b/src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java @@ -17,7 +17,7 @@ Licensed to the Apache Software Foundation (ASF) under one under the License. */ -package org.codehaus.plexus.components.cipher; +package org.codehaus.plexus.components.cipher.internal; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; From 6751836f67910074c104aeb4cde82234f315c2e4 Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Sat, 28 Sep 2024 01:34:30 +0200 Subject: [PATCH 6/8] Make this Java 17 --- .github/workflows/maven.yml | 2 ++ pom.xml | 1 + 2 files changed, 3 insertions(+) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 09feae4..571e41b 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -23,6 +23,8 @@ jobs: build: name: Build it uses: codehaus-plexus/.github/.github/workflows/maven.yml@master + with: + jdk-matrix: '[ "23", "21", "17" ]' deploy: name: Deploy diff --git a/pom.xml b/pom.xml index 006215e..1ad95f7 100644 --- a/pom.xml +++ b/pom.xml @@ -31,6 +31,7 @@ + 17 2023-10-21T21:30:57Z From 9f280f72a75e249c44e012d1f57c737a45798c07 Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Sat, 28 Sep 2024 09:32:54 +0200 Subject: [PATCH 7/8] Undo experiments --- .../plexus/components/cipher/internal/PBECipher.java | 6 +++--- .../components/cipher/internal/DefaultPlexusCipherTest.java | 2 +- .../plexus/components/cipher/internal/PBECipherTest.java | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java b/src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java index 326749d..c8a3838 100644 --- a/src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java +++ b/src/main/java/org/codehaus/plexus/components/cipher/internal/PBECipher.java @@ -22,7 +22,7 @@ Licensed to the Apache Software Foundation (ASF) under one import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.GCMParameterSpec; +import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; @@ -49,7 +49,7 @@ public class PBECipher { protected static final int SALT_SIZE = 8; protected static final int CHUNK_SIZE = 16; protected static final String KEY_ALG = "AES"; - protected static final String CIPHER_ALG = "AES/GCM/NoPadding"; + protected static final String CIPHER_ALG = "AES/CBC/PKCS5Padding"; protected static final int PBE_ITERATIONS = 310000; private static final SecureRandom _secureRandom = new SecureRandom(); @@ -137,7 +137,7 @@ private Cipher createCipher(final char[] pwd, byte[] salt, final int mode) Cipher cipher = Cipher.getInstance(CIPHER_ALG); - cipher.init(mode, new SecretKeySpec(key, KEY_ALG), new GCMParameterSpec(128, iv)); + cipher.init(mode, new SecretKeySpec(key, KEY_ALG), new IvParameterSpec(iv)); return cipher; } diff --git a/src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java b/src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java index ed2f3ab..100acda 100644 --- a/src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java +++ b/src/test/java/org/codehaus/plexus/components/cipher/internal/DefaultPlexusCipherTest.java @@ -34,7 +34,7 @@ class DefaultPlexusCipherTest { final String str = "my testing phrase"; - final String encStr = "cQupsZrOFpkGa7Ce/vdwr3a0Zun/X5VHsqXhnZOnhKB6VtTu7mfyI5gtycUsG3Fy"; + final String encStr = "RRvejxJ+wksH/kWnYfun/GeFoPKh6JHcA2dmxMOIraZiIuLISplmdyvl2Sq04rpP"; PlexusCipher pc; @BeforeEach diff --git a/src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java b/src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java index 1a87410..e263005 100644 --- a/src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java +++ b/src/test/java/org/codehaus/plexus/components/cipher/internal/PBECipherTest.java @@ -34,7 +34,7 @@ class PBECipherTest { final String clearText = "veryOpenText"; - final String encryptedText = "ce/l2ofOiSELRT1WAjOyNoZbG+2FQcrlOKEdDr5mi6esyR2LfvBY855yxW5bqHZi"; + final String encryptedText = "xnQ1RvJFoJsHoTZKyv76ej3XTGKt99ShUt/kPv4yHjw="; final String password = "testtest"; From 4ac3267e4dcd4d8064e91548a1287cb0f4688aa1 Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Sat, 28 Sep 2024 09:50:20 +0200 Subject: [PATCH 8/8] Make it back Java 8 --- .github/workflows/maven.yml | 2 -- pom.xml | 1 - 2 files changed, 3 deletions(-) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 571e41b..09feae4 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -23,8 +23,6 @@ jobs: build: name: Build it uses: codehaus-plexus/.github/.github/workflows/maven.yml@master - with: - jdk-matrix: '[ "23", "21", "17" ]' deploy: name: Deploy diff --git a/pom.xml b/pom.xml index 1ad95f7..006215e 100644 --- a/pom.xml +++ b/pom.xml @@ -31,7 +31,6 @@ - 17 2023-10-21T21:30:57Z