Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id C3D26200CD8 for ; Tue, 27 Jun 2017 21:55:17 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id C11CB160BD8; Tue, 27 Jun 2017 19:55:17 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 13100160BF9 for ; Tue, 27 Jun 2017 21:55:16 +0200 (CEST) Received: (qmail 94234 invoked by uid 500); 27 Jun 2017 19:55:09 -0000 Mailing-List: contact commits-help@geode.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@geode.apache.org Delivered-To: mailing list commits@geode.apache.org Received: (qmail 93657 invoked by uid 99); 27 Jun 2017 19:55:08 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Jun 2017 19:55:08 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id DDE3BE96E3; Tue, 27 Jun 2017 19:55:07 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: hiteshkhamesra@apache.org To: commits@geode.apache.org Date: Tue, 27 Jun 2017 19:55:51 -0000 Message-Id: In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [46/50] [abbrv] geode git commit: GEODE-1958: Rolling back changes to decrypt method archived-at: Tue, 27 Jun 2017 19:55:17 -0000 GEODE-1958: Rolling back changes to decrypt method * this closes #600 Project: http://git-wip-us.apache.org/repos/asf/geode/repo Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/137ced6b Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/137ced6b Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/137ced6b Branch: refs/heads/feature/GEODE-2804v3 Commit: 137ced6bea482209efe5db7d87b58edefd9b7222 Parents: e1c6c3a Author: YehEmily Authored: Mon Jun 26 08:55:13 2017 -0700 Committer: Jinmei Liao Committed: Mon Jun 26 17:23:32 2017 -0700 ---------------------------------------------------------------------- .../geode/internal/util/PasswordUtil.java | 49 ++++++-------------- 1 file changed, 15 insertions(+), 34 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/geode/blob/137ced6b/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java b/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java index 5cc3bcd..ac0b845 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java +++ b/geode-core/src/main/java/org/apache/geode/internal/util/PasswordUtil.java @@ -18,24 +18,8 @@ import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; /** - * Generates an encrypted password, used by the gemfire encrypt-password command. Makes use of - * Blowfish algorithm to encrypt/decrypt password string - * - *

- * This shows a sample command invocation and output (assuming password is the actual password for - * the datasource):
- *
- * bash-2.05$ $GEMFIRE/bin/gemfire encrypt-password password
- * Using system directory "/home/users/jpearson/gemfire/defaultSystem".
- * Encrypted to 83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a
- *
- * Copy the output from the gemfire command to the cache.xml file as the value of the password - * attribute of the jndi-binding tag embedded in encrypted(), just like a method parameter.
- * Enter it as encrypted, in this format: - * password="encrypted(83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a)"
- * To use a non-encrypted password, put the actual password as the value of the password attribute - * of the jndi-binding tag, like this: password="password"
- * + * Makes use of Blowfish algorithm to decrypt a pre-encrypted password string. As of June 2017, no + * longer supports encrypting a password. However, decrypting still works. */ public class PasswordUtil { @@ -44,28 +28,25 @@ public class PasswordUtil { /** * Decrypts an encrypted password string. * - * @param password String to be decrypted + * @param password String to be decrypted (format: `encrypted(password_to_decrypt)`) * @return String decrypted String */ @Deprecated public static String decrypt(String password) { - String toDecrypt; if (password.startsWith("encrypted(") && password.endsWith(")")) { - toDecrypt = password.substring(10, password.length() - 1); - } else { - toDecrypt = password; + byte[] decrypted; + try { + String toDecrypt = password.substring(10, password.length() - 1); + SecretKeySpec key = new SecretKeySpec(init, "Blowfish"); + Cipher cipher = Cipher.getInstance("Blowfish"); + cipher.init(Cipher.DECRYPT_MODE, key); + decrypted = cipher.doFinal(hexStringToByteArray(toDecrypt)); + return new String(decrypted); + } catch (Exception e) { + e.printStackTrace(); + } } - byte[] decrypted; - try { - SecretKeySpec key = new SecretKeySpec(init, "Blowfish"); - Cipher cipher = Cipher.getInstance("Blowfish"); - cipher.init(Cipher.DECRYPT_MODE, key); - decrypted = cipher.doFinal(hexStringToByteArray(toDecrypt)); - return new String(decrypted); - } catch (Exception e) { - e.printStackTrace(); - } - return toDecrypt; + return password; } private static byte[] hexStringToByteArray(String s) {