commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rgo...@apache.org
Subject svn commit: r803022 - in /commons/proper/vfs/trunk/core/src: main/java/org/apache/commons/vfs/provider/ main/java/org/apache/commons/vfs/provider/http/ main/java/org/apache/commons/vfs/util/ test/java/org/apache/commons/vfs/util/
Date Tue, 11 Aug 2009 08:12:28 GMT
Author: rgoers
Date: Tue Aug 11 08:12:27 2009
New Revision: 803022

URL: http://svn.apache.org/viewvc?rev=803022&view=rev
Log:
Allow passwords in the url to be encrypted

Added:
    commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/util/EncryptDecrypt.java
    commons/proper/vfs/trunk/core/src/test/java/org/apache/commons/vfs/util/EncryptDecryptTest.java
Modified:
    commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/HostFileNameParser.java
    commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/http/HttpClientFactory.java

Modified: commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/HostFileNameParser.java
URL: http://svn.apache.org/viewvc/commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/HostFileNameParser.java?rev=803022&r1=803021&r2=803022&view=diff
==============================================================================
--- commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/HostFileNameParser.java
(original)
+++ commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/HostFileNameParser.java
Tue Aug 11 08:12:27 2009
@@ -19,6 +19,7 @@
 import org.apache.commons.vfs.FileName;
 import org.apache.commons.vfs.FileSystemException;
 import org.apache.commons.vfs.FileType;
+import org.apache.commons.vfs.util.EncryptDecrypt;
 
 /**
  * Implementation for any url based filesystem.<br />
@@ -122,6 +123,18 @@
         auth.userName = UriParser.decode(userName);
         auth.password = UriParser.decode(password);
 
+        if (auth.password != null && auth.password.startsWith("{") && auth.password.endsWith("}"))
+        {
+            try
+            {
+                auth.password = EncryptDecrypt.decrypt(auth.password.substring(1, auth.password.length()-1));
+            }
+            catch (Exception ex)
+            {
+                throw new FileSystemException("Unable to decrypt password", ex);
+            }
+        }
+
         // Extract hostname, and normalise (lowercase)
         final String hostName = extractHostName(name);
         if (hostName == null)

Modified: commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/http/HttpClientFactory.java
URL: http://svn.apache.org/viewvc/commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/http/HttpClientFactory.java?rev=803022&r1=803021&r2=803022&view=diff
==============================================================================
--- commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/http/HttpClientFactory.java
(original)
+++ commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/provider/http/HttpClientFactory.java
Tue Aug 11 08:12:27 2009
@@ -74,7 +74,7 @@
                 String proxyHost = builder.getProxyHost(fileSystemOptions);
                 int proxyPort = builder.getProxyPort(fileSystemOptions);
 
-                if (proxyHost != null && proxyPort > 0)
+                if (proxyHost != null && proxyHost.length() > 0 && proxyPort
> 0)
                 {
                     config.setProxy(proxyHost, proxyPort);
                 }

Added: commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/util/EncryptDecrypt.java
URL: http://svn.apache.org/viewvc/commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/util/EncryptDecrypt.java?rev=803022&view=auto
==============================================================================
--- commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/util/EncryptDecrypt.java
(added)
+++ commons/proper/vfs/trunk/core/src/main/java/org/apache/commons/vfs/util/EncryptDecrypt.java
Tue Aug 11 08:12:27 2009
@@ -0,0 +1,149 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.commons.vfs.util;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+
+/**
+ * Allows passwords to be encrypted and decrypted.
+ */
+public class EncryptDecrypt
+{
+    private static char[] hexChars =
+            {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
+
+    private static byte[] keyBytes = {0x41, 0x70, 0x61, 0x63, 0x68, 0x65, 0x43, 0x6F, 0x6D,
0x6D,
+            0x6F, 0x6E, 0x73, 0x56, 0x46, 0x53};
+
+    private static int INDEX_NOT_FOUND = -1;
+
+    /**
+     * This class can be called with "encrypt" password as the arguments where encrypt is
+     * a literal and password is replaced with the clear text password to be encrypted.
+     *
+     * @param args The arguments in the form "command" parm1, parm2.
+     * @throws Exception If an error occurs.
+     */
+    public static void main(String[] args) throws Exception
+    {
+        if (args.length != 2 || !(args[0].equals("encrypt")))
+        {
+            System.err.println("Usage: \"EncryptDecrypt encrypt\" password");
+            System.err.println("     password : The clear text password to encrypt");
+            System.exit(0);
+        }
+
+        if (args[0].equals("encrypt"))
+        {
+            System.out.println(encrypt(args[1]));
+        }
+    }
+
+    /**
+     * Encrypt the plain text password.
+     * @param plainKey The password.
+     * @return The encrypted password String.
+     * @throws Exception If an error occurs.
+     */
+    public static String encrypt(String plainKey) throws Exception
+    {
+        byte[] input = plainKey.getBytes();
+        SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
+
+        Cipher cipher = Cipher.getInstance("AES");
+
+        // encryption pass
+        cipher.init(Cipher.ENCRYPT_MODE, key);
+
+        byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
+        int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
+        ctLength += cipher.doFinal(cipherText, ctLength);
+        return encode(cipherText);
+    }
+
+    /**
+     * Decrypts the password.
+     * @param encryptedKey the encrypted password.
+     * @return The plain text password.
+     * @throws Exception If an error occurs.
+     */
+    public static String decrypt(String encryptedKey) throws Exception
+    {
+        SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
+        Cipher cipher = Cipher.getInstance("AES");
+        cipher.init(Cipher.DECRYPT_MODE, key);
+        byte[] decoded = decode(encryptedKey);
+        byte[] plainText = new byte[cipher.getOutputSize(decoded.length)];
+        int ptLength = cipher.update(decoded, 0, decoded.length, plainText, 0);
+        ptLength += cipher.doFinal(plainText, ptLength);
+        return new String(plainText).substring(0, ptLength);
+    }
+
+    private static String encode(byte[] bytes)
+    {
+        StringBuffer builder = new StringBuffer();
+
+        for (int i=0; i < bytes.length; ++i)
+        {
+            builder.append(hexChars[(bytes[i] >> 4) & 0x0f]);
+            builder.append(hexChars[bytes[i] & 0x0f]);
+        }
+        return builder.toString();
+    }
+
+    private static byte[] decode(String str)
+    {
+        int length = str.length() / 2;
+        byte[] decoded = new byte[length];
+        char[] chars = str.toCharArray();
+        int index = 0;
+        for (int i = 0; i < chars.length; ++i)
+        {
+            int id1 = indexOf(hexChars, chars[i]);
+            if (id1 == -1)
+            {
+                throw new IllegalArgumentException("Character " + chars[i] + " at position
" + i +
+                        " is not a valid hexideciam character");
+            }
+            int id2 = indexOf(hexChars, chars[++i]);
+            if (id2 == -1)
+            {
+                throw new IllegalArgumentException("Character " + chars[i] + " at position
" + i +
+                        " is not a valid hexideciam character");
+            }
+            decoded[index++] = (byte) ((id1 << 4) | id2);
+        }
+        return decoded;
+    }
+
+    private static int indexOf(char[] array, char valueToFind)
+    {
+        if (array == null)
+        {
+            return INDEX_NOT_FOUND;
+        }
+        for (int i = 0; i < array.length; i++)
+        {
+            if (valueToFind == array[i])
+            {
+                return i;
+            }
+        }
+        return INDEX_NOT_FOUND;
+    }
+}

Added: commons/proper/vfs/trunk/core/src/test/java/org/apache/commons/vfs/util/EncryptDecryptTest.java
URL: http://svn.apache.org/viewvc/commons/proper/vfs/trunk/core/src/test/java/org/apache/commons/vfs/util/EncryptDecryptTest.java?rev=803022&view=auto
==============================================================================
--- commons/proper/vfs/trunk/core/src/test/java/org/apache/commons/vfs/util/EncryptDecryptTest.java
(added)
+++ commons/proper/vfs/trunk/core/src/test/java/org/apache/commons/vfs/util/EncryptDecryptTest.java
Tue Aug 11 08:12:27 2009
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.commons.vfs.util;
+
+import junit.framework.TestCase;
+
+/**
+ *
+ */
+public class EncryptDecryptTest extends TestCase
+{
+
+    public void testEncryptDecrypt() throws Exception
+    {
+        String source = "Qryp2!t&tpR59";
+        String expected = "914589F049CE3E8E3BB1A41BEAE12A9C";
+
+        String encrypted = EncryptDecrypt.encrypt(source);
+        assertEquals(expected, encrypted);
+
+        String decrypted = EncryptDecrypt.decrypt(encrypted);
+        assertEquals(source, decrypted);
+
+    }
+}



Mime
View raw message