incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fmesc...@apache.org
Subject svn commit: r993004 - in /sling/trunk/bundles/auth/form/src/main: java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java java/org/apache/sling/auth/form/impl/TokenStore.java resources/OSGI-INF/metatype/metatype.properties
Date Mon, 06 Sep 2010 11:59:13 GMT
Author: fmeschbe
Date: Mon Sep  6 11:59:13 2010
New Revision: 993004

URL: http://svn.apache.org/viewvc?rev=993004&view=rev
Log:
SLING-1729 Provide a simple and faster alternative to the default SecureRandom seeding. This
might be of interest mostly for the Linux and Solaris platforms which seed SecureRandom from
the blocking /dev/random by default.

Modified:
    sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
    sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/TokenStore.java
    sling/trunk/bundles/auth/form/src/main/resources/OSGI-INF/metatype/metatype.properties

Modified: sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java?rev=993004&r1=993003&r2=993004&view=diff
==============================================================================
--- sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
(original)
+++ sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
Mon Sep  6 11:59:13 2010
@@ -153,6 +153,19 @@ public class FormAuthenticationHandler e
     @Property(value = DEFAULT_TOKEN_FILE)
     private static final String PAR_TOKEN_FILE = "form.token.file";
 
+    private static final boolean DEFAULT_TOKEN_FAST_SEED = false;
+
+    /**
+     * Whether to use a less secure but faster seeding mechanism to seed the
+     * random number generator in the {@link TokenStore}. By default the faster
+     * mechanism is disabled and the platform provided seeding is used. This may
+     * however block the startup considerably, particularly on Linux and Solaris
+     * platforms which use the (blocking but secure) <code>/dev/random</code>
+     * device for seeding.
+     */
+    @Property(boolValue = DEFAULT_TOKEN_FAST_SEED)
+    private static final String PAR_TOKEN_FAST_SEED = "form.token.fastseed";
+
     /**
      * The default include value.
      *
@@ -758,8 +771,10 @@ public class FormAuthenticationHandler e
             properties.get(PAR_TOKEN_FILE), DEFAULT_TOKEN_FILE);
         final File tokenFile = getTokenFile(tokenFileName,
             componentContext.getBundleContext());
+        final boolean fastSeed = OsgiUtil.toBoolean(
+            properties.get(PAR_TOKEN_FAST_SEED), DEFAULT_TOKEN_FAST_SEED);
         log.info("Storing tokens in {}", tokenFile.getAbsolutePath());
-        this.tokenStore = new TokenStore(tokenFile, sessionTimeout);
+        this.tokenStore = new TokenStore(tokenFile, sessionTimeout, fastSeed);
 
         this.loginModule = null;
         try {

Modified: sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/TokenStore.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/TokenStore.java?rev=993004&r1=993003&r2=993004&view=diff
==============================================================================
--- sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/TokenStore.java
(original)
+++ sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/TokenStore.java
Mon Sep  6 11:59:13 2010
@@ -25,9 +25,9 @@ import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.security.InvalidKeyException;
+import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
-
 import javax.crypto.Mac;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
@@ -109,9 +109,10 @@ class TokenStore {
      * @throws NullPointerException if <code>tokenFile</code> is
      *             <code>null</code>.
      */
-    TokenStore(final File tokenFile, final long sessionTimeout)
-            throws NoSuchAlgorithmException, InvalidKeyException,
-            IllegalStateException, UnsupportedEncodingException {
+    TokenStore(final File tokenFile, final long sessionTimeout,
+            final boolean fastSeed) throws NoSuchAlgorithmException,
+            InvalidKeyException, IllegalStateException,
+            UnsupportedEncodingException {
 
         if (tokenFile == null) {
             throw new NullPointerException("tokenfile");
@@ -126,6 +127,9 @@ class TokenStore {
         loadTokens();
 
         // warm up the crypto API
+        if (fastSeed) {
+            random.setSeed(getFastEntropy());
+        }
         byte[] b = new byte[20];
         random.nextBytes(b);
         final SecretKey secretKey = new SecretKeySpec(b, HMAC_SHA1);
@@ -377,4 +381,63 @@ class TokenStore {
         }
         return new String(c);
     }
+
+    /**
+     * Creates a byte array of entry from the current state of the system:
+     * <ul>
+     * <li>The current system time in milliseconds since the epoch</li>
+     * <li>The number of nanoseconds since system startup</li>
+     * <li>The name, size and last modification time of the files in the
+     * <code>java.io.tmpdir</code> folder.</li>
+     * </ul>
+     * <p>
+     * <b>NOTE</b> This method generates entropy fast but not necessairily
+     * secure enough for seeding the random number generator.
+     *
+     * @return bytes of entropy
+     */
+    private static byte[] getFastEntropy() {
+        final MessageDigest md;
+
+        try {
+            md = MessageDigest.getInstance("SHA");
+        } catch (NoSuchAlgorithmException nsae) {
+            throw new InternalError("internal error: SHA-1 not available.");
+        }
+
+        // update with XorShifted time values
+        update(md, System.currentTimeMillis());
+        update(md, System.nanoTime());
+
+        // scan the temp file system
+        File file = new File(System.getProperty("java.io.tmpdir"));
+        File[] entries = file.listFiles();
+        if (entries != null) {
+            for (File entry : entries) {
+                md.update(entry.getName().getBytes());
+                update(md, entry.lastModified());
+                update(md, entry.length());
+            }
+        }
+
+        return md.digest();
+    }
+
+    /**
+     * Updates the message digest with an XOR-Shifted value.
+     *
+     * @param md The MessageDigest to update
+     * @param value The original value to be XOR-Shifted first before taking the
+     *            bytes ot update the message digest
+     */
+    private static void update(final MessageDigest md, long value) {
+        value ^= (value << 21);
+        value ^= (value >>> 35);
+        value ^= (value << 4);
+
+        for (int i = 0; i < 8; i++) {
+            md.update((byte) value);
+            value >>= 8;
+        }
+    }
 }
\ No newline at end of file

Modified: sling/trunk/bundles/auth/form/src/main/resources/OSGI-INF/metatype/metatype.properties
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/form/src/main/resources/OSGI-INF/metatype/metatype.properties?rev=993004&r1=993003&r2=993004&view=diff
==============================================================================
--- sling/trunk/bundles/auth/form/src/main/resources/OSGI-INF/metatype/metatype.properties
(original)
+++ sling/trunk/bundles/auth/form/src/main/resources/OSGI-INF/metatype/metatype.properties
Mon Sep  6 11:59:13 2010
@@ -67,6 +67,13 @@ form.token.file.description = The name o
  working directory. In the future this file may be store in the JCR Repository \
  to support clustering scenarios.
 
+form.token.fastseed.name = Fast Seed Generator
+form.token.fastseed.description = Defines whether the random number generator \
+ should be seeded with a fast but less secure method. If this property is not \
+ set or is set to "false" the seed generator of the Java platform will be \
+ used. By default the secure seed generator is used, which may block startup \
+ on Linux and Solaris systems due to accessing /dev/random.
+
 service.ranking.name = Ranking
 service.ranking.description = The relative ranking of this service.
 



Mime
View raw message