geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Obscuring passwords in new ways
Date Sat, 15 Sep 2007 03:56:26 GMT
Periodically users show up who want their passwords obscured in new  
ways that allow their systems to break by removing the key used to  
obscure them :-)  (how's that for a biased view of the situation :-)

They don't like SimpleEncryption because the key is hardcoded and  
thus the same for all geronimo instances.

See GERONIMO-2925

I've implemented something for this request that allows you to  
register "encryptors" with the EncryptionManager.  By default you get  
the current SimpleEncryption which uses AES with a hardcoded key.

There's also a ConfiguredEncryption gbean that will generate and save  
a key if not present or use a saved one.

You can register any number of Encryption instances with  
EncrptionManager but only the first one you register will be used for  
encryption.  Others might be used for decryption.

If you try to encrypt a string that is already encrypted under a  
different registered Encryption instance it will decrypt using the  
old Encryption and re-encrypt using the registered Encryption.  For  
instance the properties file login module used to use {Standard} as  
the prefix instead of {Simple} so I registered the SimpleEncryption  
instance under both prefixes: the property files are re-encrypted  
with the {Simple} prefix.

If you want to use the ConfiguredEncryption you can add this to  
config.xml under rmi-naming module:

<gbean name="org.apache.geronimo.configs/rmi-naming/2.1-SNAPSHOT/car? 
name=ConfiguredEncryption,j2eeType=GBean"  
gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption">
<attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
<reference name="ServerInfo"><pattern><name>ServerInfo</name></

pattern></reference>
</gbean>

I haven't tried this with app clients yet but I assume that adding  
this gbean to client would work.

I'd appreciate review on this both for the idea of pluggable  
Encryption and even more for my use of crypto which I am definitely  
not an expert in.

thanks
david jencks


Mime
View raw message