Changed SecretKey -> Key to prevent CCEs

belaban · Jan 12, 2017 · 5ffcaca · 5ffcaca
1 parent f7cf27d
commit 5ffcaca
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 11 deletions.
diff --git a/src/org/jgroups/protocols/ASYM_ENCRYPT.java b/src/org/jgroups/protocols/ASYM_ENCRYPT.java
@@ -398,7 +398,7 @@ protected void setKeys(SecretKey key, byte[] version) throws Exception {
     }
 
 
-    protected void sendSecretKey(SecretKey secret_key, PublicKey public_key, Address source) throws Exception {
+    protected void sendSecretKey(Key secret_key, PublicKey public_key, Address source) throws Exception {
         byte[] encryptedKey=encryptSecretKey(secret_key, public_key);
         Message newMsg=new Message(source, encryptedKey).src(local_addr)
           .putHeader(this.id, new EncryptHeader(EncryptHeader.SECRET_KEY_RSP, symVersion()));
@@ -407,7 +407,7 @@ protected void sendSecretKey(SecretKey secret_key, PublicKey public_key, Address
     }
 
     /** Encrypts the current secret key with the requester's public key (the requester will decrypt it with its private key) */
-    protected byte[] encryptSecretKey(SecretKey secret_key, PublicKey public_key) throws Exception {
+    protected byte[] encryptSecretKey(Key secret_key, PublicKey public_key) throws Exception {
         Cipher tmp;
         if (provider != null && !provider.trim().isEmpty())
             tmp=Cipher.getInstance(asym_algorithm, provider);

diff --git a/src/org/jgroups/protocols/Encrypt.java b/src/org/jgroups/protocols/Encrypt.java
@@ -7,7 +7,7 @@
 import org.jgroups.util.*;
 
 import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
+import java.security.Key;
 import java.security.MessageDigest;
 import java.util.Arrays;
 import java.util.Map;
@@ -70,7 +70,7 @@ public abstract class Encrypt extends Protocol {
     protected volatile byte[]               sym_version;
 
     // shared secret key to encrypt/decrypt messages
-    protected volatile SecretKey            secret_key;
+    protected volatile Key                  secret_key;
 
     // map to hold previous keys so we can decrypt some earlier messages if we need to
     protected Map<AsciiString,Cipher>       key_map;
@@ -81,8 +81,8 @@ public abstract class Encrypt extends Protocol {
     public <T extends Encrypt> T    asymKeylength(int len)          {this.asym_keylength=len; return (T)this;}
     public int                      symKeylength()                  {return sym_keylength;}
     public <T extends Encrypt> T    symKeylength(int len)           {this.sym_keylength=len; return (T)this;}
-    public SecretKey                secretKey()                     {return secret_key;}
+    public Key                      secretKey()                     {return secret_key;}
-    public <T extends Encrypt> T    secretKey(SecretKey key)        {this.secret_key=key; return (T)this;}
+    public <T extends Encrypt> T    secretKey(Key key)              {this.secret_key=key; return (T)this;}
     public String                   symAlgorithm()                  {return sym_algorithm;}
     public <T extends Encrypt> T    symAlgorithm(String alg)        {this.sym_algorithm=alg; return (T)this;}
     public String                   asymAlgorithm()                 {return asym_algorithm;}
@@ -189,7 +189,7 @@ public void up(MessageBatch batch) {
 
 
     /** Initialises the ciphers for both encryption and decryption using the generated or supplied secret key */
-    protected synchronized void initSymCiphers(String algorithm, SecretKey secret) throws Exception {
+    protected synchronized void initSymCiphers(String algorithm, Key secret) throws Exception {
         if(secret == null)
             return;
         encoding_ciphers.clear();
@@ -210,7 +210,7 @@ protected synchronized void initSymCiphers(String algorithm, SecretKey secret) t
     }
 
 
-    protected Cipher createCipher(int mode, SecretKey secret_key, String algorithm) throws Exception {
+    protected Cipher createCipher(int mode, Key secret_key, String algorithm) throws Exception {
         Cipher cipher=provider != null && !provider.trim().isEmpty()?
           Cipher.getInstance(algorithm, provider) : Cipher.getInstance(algorithm);
         cipher.init(mode, secret_key);

diff --git a/src/org/jgroups/protocols/SYM_ENCRYPT.java b/src/org/jgroups/protocols/SYM_ENCRYPT.java
@@ -4,10 +4,10 @@
 import org.jgroups.annotations.Property;
 import org.jgroups.util.Util;
 
-import javax.crypto.SecretKey;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.security.Key;
 import java.security.KeyStore;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
@@ -86,7 +86,7 @@ protected void readSecretKeyFromKeystore() throws Exception {
         // must not use default keystore type - as it does not support secret keys
         KeyStore store=KeyStore.getInstance(keystore_type != null? keystore_type : KeyStore.getDefaultType());
 
-        SecretKey tempKey=null;
+        Key tempKey=null;
         try {
             if(this.secret_key == null) { // in case the secret key was set before, e.g. via injection in a unit test
                 // load in keystore using this thread's classloader
@@ -100,7 +100,7 @@ protected void readSecretKeyFromKeystore() throws Exception {
                 try {
                     store.load(inputStream, store_password.toCharArray());
                     // loaded keystore - get the key
-                    tempKey=(SecretKey)store.getKey(alias, key_password.toCharArray());
+                    tempKey=store.getKey(alias, key_password.toCharArray());
                 }
                 catch(IOException e) {
                     throw new Exception("Unable to load keystore " + keystore_name + ": " + e);