ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Moole Bhaskara R <Bhaskara.R.Mo...@irs.gov>
Subject RE: How do I encrypt the properties for Ant
Date Wed, 14 May 2003 19:57:46 GMT
I started experimenting with encryption/decryption. My plan was to use <java
...> in Ant after reading password from the file. However, the following
(unfinished) code works only with JDK 1.4 (or with optional JCE and JSSE
packages installed if using other JDKs). This causes a problem with our
standard JDK being 1.2. Any solutions?

Thanks,
Bhaskara
============================================================================
=============
import java.io.*;
import java.security.*;
import javax.crypto.*;

public class CryptoTest {
	
	private String generator = "DES";
	private String cipher = "DES/ECB/PKCS5Padding";

	public static void main(String[] args) {
		try {
			
			CryptoTest ct = new CryptoTest();
			
			String cleartext1 = "This is an example.";
			
			String ciphertext = ct.encrypt(cleartext1);
			String cleartext2 = ct.decrypt(ciphertext);

			System.out.println("ClearTextIn: [" + cleartext1 +
"]");
			System.out.println("Encrypted: [" + ciphertext +
"]");
			System.out.println("ClearTextOut: [" + cleartext2 +
"]");
		} catch (Exception e) {
			System.out.println("An exception occurred: " +
e.getMessage());
		}
	}
	
	public String encrypt(String clearText) {
		String retval = null;
		try {
			KeyGenerator keygen =
KeyGenerator.getInstance(generator);
			SecretKey desKey = keygen.generateKey();

			Cipher desCipher;
			// Create the cipher
			desCipher = Cipher.getInstance(cipher);

			// Initialize the cipher for encryption
			desCipher.init(Cipher.ENCRYPT_MODE, desKey);

			// Encrypt the cleartext
			byte[] ciphertext =
desCipher.doFinal(clearText.getBytes());
			
			retval = new String(ciphertext);

		} catch (Exception e) {
			System.err.println("An exception occurred: " +
e.getMessage());
		}
		
		return retval;
	}
	
	public String decrypt(String cipherText) {
		System.out.println("decrypt in: [" + cipherText + "]");
		String retval = null;
		try {
			KeyGenerator keygen =
KeyGenerator.getInstance(generator);
			SecretKey desKey = keygen.generateKey();

			Cipher desCipher;
			// Create the cipher
			desCipher = Cipher.getInstance(cipher);

			// Initialize the same cipher for decryption
			desCipher.init(Cipher.DECRYPT_MODE, desKey);

			// Decrypt the ciphertext
			byte[] cleartext =
desCipher.doFinal(cipherText.getBytes());
			
			retval = new String(cleartext);

		} catch (Exception e) {
			System.err.println("An exception occurred: " +
e.getMessage());
		}
		
		return retval;
	}
}
============================================================================
========================
-----Original Message-----
From: Jacob Kjome [mailto:hoju@visi.com]
Sent: Wednesday, May 14, 2003 3:51 PM
To: Ant Users List
Subject: RE: How do I encrypt the properties for Ant



Sounds interesting.  I encourage you to do this and post it to the 
list.  Could be very useful!

Jake

At 01:37 PM 5/14/2003 -0600, you wrote:
>If you can't transmit passwords in plain text, then you shouldn't be using 
>ftp. The ftp protocol sends the authentication (username and password) 
>over the wire in plain text.
>
>An alternative would be using sftp, scp, or an equivalent secure file 
>transfer protocol.  It is nice that ant is finally supporting (as a 
>standard optional task in 1.6) the scp protocol.
>
>It depends on the level of security that you need for the encrypted 
>passwords to how involved it will be. If all you need is weak encryption, 
>then pick a binary file already in your distribution that won't change at 
>all, (like a graphic file) and do an XOR with a "bookcode" algorithm. If 
>the file changes, you will have to re-encrypt your password file.
>
>In my "spare" time I am attempting to write a custom task, subclassing the 
>property task, to do this.  It may take a couple of days to a week to 
>complete, but only if there is interest.
>
>-- Nathan Christiansen
>    Tahitian Noni International
>    http://www.tahitiannoni.com
>
>
>-----Original Message-----
>From: Moole Bhaskara R [mailto:Bhaskara.R.Moole@irs.gov]
>Sent: Wednesday, May 14, 2003 10:51 AM
>To: 'Ant Users List'
>Subject: RE: How do I encrypt the properties for Ant
>
>
>Thanks Nathan for clarifying digest. I am not a Cryptography expert :(
>
>My actual requirements are not make passwords readable to anybody after
>build code is completed. If the actual person / program executing the build
>script is smart enough to decrypt the passwords, it is fine. I just can not
>store or transmit passwords in plain text. I guess the right approach for
>this is to use a key and encrypt passwords and then package the key with
the
>build script for decryption.
>
>If anybody has sample code for this to do it in ant, please send it to me.
I
>appreciate any help in this regard.
>
>Thank you,
>Bhaskara.
>
>-----Original Message-----
>From: Moole Bhaskara R [mailto:Bhaskara.R.Moole@irs.gov]
>Sent: Tuesday, May 13, 2003 2:44 PM
>To: 'user@ant.apache.org'
>Subject: How do I encrypt the properties for Ant
>
>
>Hi,
>
>I am trying to create an Ant xml build file to compile, jar, sing the jars,
>ftp the jars, and deploy them to WebSphere. last three steps require
>authentication information (key store passwords, ftp user & password, WAS
>admin user and password). I am prohibited from storing them in a plain text
>file. How do I encrypt them and still make them available to Ant? I
>considered creating a taskdef java class and distribute only the class file
>to the build machines. I could not find a way to read the class attributes
>into Ant.
>
>I appreciate any information in this regard.
>
>Thank you,
>Bhaskara.
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
>For additional commands, e-mail: user-help@ant.apache.org

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message