Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ELY-704] Create PBE utility for use in elytron and tooling #531

Merged
merged 3 commits into from
Nov 10, 2016
Merged

[ELY-704] Create PBE utility for use in elytron and tooling #531

merged 3 commits into from
Nov 10, 2016

Conversation

pskopek
Copy link
Contributor

@pskopek pskopek commented Nov 1, 2016

this PR adds PBE utility for use with tooling and credential stores. It provides compatibility with older code used in PicketBox.
https://issues.jboss.org/browse/ELY-704

@wildfly-ci
Copy link

Linux Build 1188 outcome was FAILURE using a merge of c2c164b
Summary: Tests failed: 2 (2 new), passed: 727, ignored: 8 Build time: 00:02:39

Failed tests

org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testPBKDF: java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1060)
    at javax.crypto.Cipher.implInit(Cipher.java:809)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
    at javax.crypto.Cipher.init(Cipher.java:1539)
    at javax.crypto.Cipher.init(Cipher.java:1470)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.createAndInitCipher(PasswordBasedEncryptionUtil.java:293)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.build(PasswordBasedEncryptionUtil.java:363)
    at org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testPBKDF(PasswordBasedEncryptionUtilTest.java:122)


org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testEncryptEncode: java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1060)
    at javax.crypto.Cipher.implInit(Cipher.java:809)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
    at javax.crypto.Cipher.init(Cipher.java:1539)
    at javax.crypto.Cipher.init(Cipher.java:1470)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.createAndInitCipher(PasswordBasedEncryptionUtil.java:293)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.build(PasswordBasedEncryptionUtil.java:363)
    at org.wildfly.security.util.PasswordBasedEncryptionUtilTest.doEncryptEncode(PasswordBasedEncryptionUtilTest.java:72)
    at org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testEncryptEncode(PasswordBasedEncryptionUtilTest.java:54)

@wildfly-ci
Copy link

Windows Build 1193 outcome was FAILURE using a merge of c2c164b
Summary: Tests failed: 2 (2 new), passed: 727, ignored: 8 Build time: 00:02:41

Failed tests

org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testPBKDF: java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1060)
    at javax.crypto.Cipher.implInit(Cipher.java:809)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
    at javax.crypto.Cipher.init(Cipher.java:1539)
    at javax.crypto.Cipher.init(Cipher.java:1470)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.createAndInitCipher(PasswordBasedEncryptionUtil.java:293)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.build(PasswordBasedEncryptionUtil.java:363)
    at org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testPBKDF(PasswordBasedEncryptionUtilTest.java:122)


org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testEncryptEncode: java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1060)
    at javax.crypto.Cipher.implInit(Cipher.java:809)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
    at javax.crypto.Cipher.init(Cipher.java:1539)
    at javax.crypto.Cipher.init(Cipher.java:1470)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.createAndInitCipher(PasswordBasedEncryptionUtil.java:293)
    at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.build(PasswordBasedEncryptionUtil.java:363)
    at org.wildfly.security.util.PasswordBasedEncryptionUtilTest.doEncryptEncode(PasswordBasedEncryptionUtilTest.java:72)
    at org.wildfly.security.util.PasswordBasedEncryptionUtilTest.testEncryptEncode(PasswordBasedEncryptionUtilTest.java:54)

dmlloyd
dmlloyd reviewed Nov 1, 2016
View reviewed changes
src/main/java/org/wildfly/security/util/PasswordBasedEncryptionUtil.java
private String encodedIV;
private AlgorithmParameters algorithmParameters;

Builder password(char[] initialKeyAsChars) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These methods probably should be public.

dmlloyd
dmlloyd reviewed Nov 1, 2016
View reviewed changes
src/main/java/org/wildfly/security/util/PasswordBasedEncryptionUtil.java
private final AlgorithmParameters algorithmParameters;
private final Alphabet alphabet;

private PasswordBasedEncryptionUtil(Cipher cipher, AlgorithmParameters algorithmParameters, Alphabet alphabet) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any time you have a constructor or method which is private but called from a nested or enclosing class, the compiler has to produce a "fake" member with package-private access which calls the private member. Sometimes this process goes awry. Therefore it's usually better to make such members be package-private in the first place instead of private.

@pskopek
Copy link
Contributor Author

pskopek commented Nov 1, 2016

Changes suggested by @dmlloyd incorporated.

@darranl darranl added the +1 DAL label Nov 1, 2016
@dmlloyd dmlloyd added the +1 DML label Nov 10, 2016
@dmlloyd dmlloyd merged commit f5290c3 into wildfly-security:master Nov 10, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmlloyd dmlloyd dmlloyd left review comments

Assignees
No one assigned
Labels
+1 DAL +1 DML
Projects
None yet
Milestone
No milestone
4 participants
@pskopek @wildfly-ci @dmlloyd @darranl