cayenne-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aadamc...@apache.org
Subject svn commit: r1584625 - in /cayenne/main/trunk/cayenne-crypto/src: main/java/org/apache/cayenne/crypto/transformer/bytes/ test/java/org/apache/cayenne/crypto/transformer/bytes/
Date Fri, 04 Apr 2014 12:03:13 GMT
Author: aadamchik
Date: Fri Apr  4 12:03:13 2014
New Revision: 1584625

URL: http://svn.apache.org/r1584625
Log:
CAY-1916 cayenne-crypto module that enables data encryption for certain model attributes

BytesEncryptor/BytesDecryptor to encapsulate crypto protocol .. IN PROGRESS

Modified:
    cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesDecryptor.java
    cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptor.java
    cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/DecryptorWithKeyName.java
    cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptorTest.java

Modified: cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesDecryptor.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesDecryptor.java?rev=1584625&r1=1584624&r2=1584625&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesDecryptor.java
(original)
+++ cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/BytesDecryptor.java
Fri Apr  4 12:03:13 2014
@@ -26,15 +26,9 @@ import java.security.Key;
 public interface BytesDecryptor {
 
     /**
-     * Returns the size of the transformed data in bytes. This information
-     * allows the caller to pre-size the output array.
-     */
-    int getOutputSize(int inputLength);
-
-    /**
      * Transform input bytes using provided encryption key. Note that some
      * implementations may ignore the provided key and e.g. derive the key from
      * the record.
      */
-    void decrypt(byte[] input, byte[] output, int inputOffset, Key key);
+    byte[] decrypt(byte[] input, int inputOffset, Key key);
 }

Modified: cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptor.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptor.java?rev=1584625&r1=1584624&r2=1584625&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptor.java
(original)
+++ cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptor.java
Fri Apr  4 12:03:13 2014
@@ -44,21 +44,15 @@ class CbcDecryptor implements BytesDecry
     }
 
     @Override
-    public int getOutputSize(int inputLength) {
-        // strip the IV block size from total size...
-        return cipher.getOutputSize(inputLength) - blockSize;
-    }
-
-    @Override
-    public void decrypt(byte[] input, byte[] output, int inputOffset, Key key) {
+    public byte[] decrypt(byte[] input, int inputOffset, Key key) {
         try {
-            doDecrypt(input, output, inputOffset, key);
+            return doDecrypt(input, inputOffset, key);
         } catch (Exception e) {
             throw new CayenneCryptoException("Error on decryption", e);
         }
     }
 
-    private void doDecrypt(byte[] input, byte[] output, int inputOffset, Key key) throws
InvalidKeyException,
+    private byte[] doDecrypt(byte[] input, int inputOffset, Key key) throws InvalidKeyException,
             InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException,
BadPaddingException {
 
         IvParameterSpec iv = iv(input, inputOffset);
@@ -66,7 +60,7 @@ class CbcDecryptor implements BytesDecry
         cipher.init(Cipher.DECRYPT_MODE, key, iv);
 
         int offset = inputOffset + blockSize;
-        cipher.doFinal(input, offset, input.length - offset, output, 0);
+        return cipher.doFinal(input, offset, input.length - offset);
     }
 
     IvParameterSpec iv(byte[] input, int inputOffset) {

Modified: cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/DecryptorWithKeyName.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/DecryptorWithKeyName.java?rev=1584625&r1=1584624&r2=1584625&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/DecryptorWithKeyName.java
(original)
+++ cayenne/main/trunk/cayenne-crypto/src/main/java/org/apache/cayenne/crypto/transformer/bytes/DecryptorWithKeyName.java
Fri Apr  4 12:03:13 2014
@@ -42,19 +42,13 @@ class DecryptorWithKeyName implements By
     }
 
     @Override
-    public int getOutputSize(int inputLength) {
-        // strip one block that stores the key name
-        return delegate.getOutputSize(inputLength) - blockSize;
-    }
-
-    @Override
-    public void decrypt(byte[] input, byte[] output, int inputOffset, Key key) {
+    public byte[] decrypt(byte[] input, int inputOffset, Key key) {
 
         // ignoring the parameter key... using the key from the first block
 
         String keyName = keyName(input, inputOffset);
         Key inRecordKey = keySource.getKey(keyName);
-        delegate.decrypt(input, output, inputOffset + blockSize, inRecordKey);
+        return delegate.decrypt(input, inputOffset + blockSize, inRecordKey);
     }
 
     String keyName(byte[] input, int inputOffset) {

Modified: cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptorTest.java
URL: http://svn.apache.org/viewvc/cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptorTest.java?rev=1584625&r1=1584624&r2=1584625&view=diff
==============================================================================
--- cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptorTest.java
(original)
+++ cayenne/main/trunk/cayenne-crypto/src/test/java/org/apache/cayenne/crypto/transformer/bytes/CbcDecryptorTest.java
Fri Apr  4 12:03:13 2014
@@ -21,20 +21,50 @@ package org.apache.cayenne.crypto.transf
 import static org.junit.Assert.assertArrayEquals;
 import static org.junit.Assert.assertEquals;
 
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
 import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
 
+import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
 
+import org.junit.Before;
 import org.junit.Test;
 
 public class CbcDecryptorTest {
 
-    @Test
-    public void testIv() throws NoSuchAlgorithmException, NoSuchPaddingException {
-        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+    private Cipher cipher;
+    private Key key;
+
+    private byte[] hex(String hexString) {
+        byte[] bytes = new BigInteger(hexString, 16).toByteArray();
+
+        // http://stackoverflow.com/questions/4407779/biginteger-to-byte
+        if (bytes.length > 0 && bytes[0] == 0) {
+            return Arrays.copyOfRange(bytes, 1, bytes.length);
+        } else {
+            return bytes;
+        }
+    }
+
+    @Before
+    public void before() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException
{
+        byte[] keyBytes = hex("a4cb499fa31a6a228e16b7e4741d4fa3");
+        this.key = new SecretKeySpec(keyBytes, "AES");
+
+        this.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
         assertEquals(16, cipher.getBlockSize());
+    }
+
+    @Test
+    public void testIv() {
 
         CbcDecryptor decryptor = new CbcDecryptor(cipher);
 
@@ -45,4 +75,25 @@ public class CbcDecryptorTest {
         assertArrayEquals(ivBytes, iv.getIV());
     }
 
+    @Test
+    public void testDecrypt() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
+            InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException
{
+
+        CbcDecryptor decryptor = new CbcDecryptor(cipher);
+
+        byte[] plain = { 21, 20, 19, 18, 17, 16, 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4,
3, 2, 1 };
+        byte[] ivBytes = hex("0591849d87c93414f4405d32f4d69220");
+
+        Cipher encCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        encCipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));
+
+        byte[] encrypted = encCipher.doFinal(plain);
+
+        byte[] encryptedWithIv = new byte[encrypted.length + ivBytes.length];
+        System.arraycopy(ivBytes, 0, encryptedWithIv, 0, ivBytes.length);
+        System.arraycopy(encrypted, 0, encryptedWithIv, ivBytes.length, encrypted.length);
+
+        byte[] decrypted = decryptor.decrypt(encryptedWithIv, 0, key);
+        assertArrayEquals(plain, decrypted);
+    }
 }



Mime
View raw message