diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 5a78575..0000000 --- a/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -target/ -.project -.classpath -.settings/ -bin diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 40289b1..0000000 --- a/.travis.yml +++ /dev/null @@ -1,23 +0,0 @@ -language: java -jdk: - - openjdk8 - - openjdk11 - - openjdk13 - - openjdk14 - -# No need for preliminary install step. -install: true -# -# Run all integration tests. -script: - - "mvn --show-version --errors --batch-mode clean verify" -# -cache: - directories: - - $HOME/.m2 -branches: - except: - - gh-pages -notifications: - email: - - khmarbaise@apache.org diff --git a/README.md b/README.md index edeb2f6..4f20502 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Plexus-Cipher ============ [![Build Status](https://travis-ci.org/codehaus-plexus/plexus-cipher.svg?branch=master)](https://travis-ci.org/codehaus-plexus/plexus-cipher) -[![Maven Central](https://img.shields.io/maven-central/v/org.codehaus.plexus/plexus-cipher.svg?label=Maven%20Central)](http://search.maven.org/#search%7Cga%7C1%7Cg%3A%22org.codehaus.plexus%22%20a%3A%plexus-cipher%22) +[![Maven Central](https://img.shields.io/maven-central/v/org.codehaus.plexus/plexus-cipher.svg?label=Maven%20Central)](https://search.maven.org/artifact/org.codehaus.plexus/plexus-cipher) The current master is now at https://github.com/codehaus-plexus/plexus-cipher diff --git a/debian/changelog b/debian/changelog index cb00b7e..ccc716d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +plexus-cipher (2.0-1) unstable; urgency=medium + + * Team upload. + * New upstream release + - Removed the patches + * Standards-Version updated to 4.6.0.1 + + -- Emmanuel Bourg Wed, 04 May 2022 01:31:06 +0200 + plexus-cipher (1.8-2) unstable; urgency=medium * Team upload. diff --git a/debian/control b/debian/control index 7c546cc..533ce0d 100644 --- a/debian/control +++ b/debian/control @@ -10,7 +10,7 @@ Build-Depends: libeclipse-sisu-maven-plugin-java, libplexus-container-default1.5-java, maven-debian-helper (>= 2.2) -Standards-Version: 4.5.1 +Standards-Version: 4.6.0.1 Vcs-Git: https://salsa.debian.org/java-team/plexus-cipher.git Vcs-Browser: https://salsa.debian.org/java-team/plexus-cipher Homepage: https://github.com/codehaus-plexus/plexus-cipher diff --git a/debian/copyright b/debian/copyright index c36bf29..adb6600 100644 --- a/debian/copyright +++ b/debian/copyright @@ -2,6 +2,7 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: Plexus Cipher Component Upstream-Contact: Sonatype Source: http://www.sonatype.org +Files-Excluded: .github/* Files: * Copyright: 2008, Sonatype Inc. diff --git a/debian/patches/series b/debian/patches/series deleted file mode 100644 index d698f2a..0000000 --- a/debian/patches/series +++ /dev/null @@ -1,2 +0,0 @@ -sisu-maven-plugin.patch -eclipse-sisu.patch diff --git a/pom.xml b/pom.xml index 21124f2..7039728 100644 --- a/pom.xml +++ b/pom.xml @@ -5,19 +5,19 @@ org.codehaus.plexus plexus - 5.1 + 8 plexus-cipher - 1.8 + 2.0 Plexus Cipher: encryption/decryption Component - scm:git:git@github.com:codehaus-plexus/plexus-cipher.git - scm:git:git@github.com:codehaus-plexus/plexus-cipher.git + scm:git:https://github.com/codehaus-plexus/plexus-cipher.git + scm:git:https://github.com/codehaus-plexus/plexus-cipher.git http://github.com/codehaus-plexus/plexus-cipher - plexus-cipher-1.8 + plexus-cipher-2.0 jira @@ -32,15 +32,37 @@ 7 + 0.3.4 + 2021-09-08T19:26:12Z - + + + + javax.inject + javax.inject + 1 + + + org.eclipse.sisu + org.eclipse.sisu.inject + ${sisuVersion} + provided + + + junit + junit + 4.13.2 + test + + + org.apache.maven.plugins maven-surefire-plugin - 2.22.1 + 2.22.2 org.eclipse.m2e @@ -51,9 +73,9 @@ - org.sonatype.plugins + org.eclipse.sisu sisu-maven-plugin - [1.1,) + [0.3.4,) test-index main-index @@ -82,9 +104,7 @@ test - - utf8 - + -Dfile.encoding=utf8 @@ -94,18 +114,16 @@ test - - iso8859-1 - + -Dfile.encoding=iso8859-1 - org.sonatype.plugins + org.eclipse.sisu sisu-maven-plugin - 1.1 + ${sisuVersion} @@ -118,19 +136,4 @@ - - - org.sonatype.sisu - sisu-inject-bean - 2.6.0 - provided - - - junit - junit - 4.12 - test - - - diff --git a/src/main/java/org/sonatype/plexus/components/cipher/Base64.java b/src/main/java/org/sonatype/plexus/components/cipher/Base64.java index 8420278..1ee726a 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/Base64.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/Base64.java @@ -95,7 +95,7 @@ public class Base64 * The value of undefined encodings is -1. *

*/ - private static byte[] base64Alphabet = new byte[BASELENGTH]; + private static final byte[] base64Alphabet = new byte[BASELENGTH]; /** *

@@ -110,7 +110,7 @@ public class Base64 * For example, lookUpBase64Alphabet[62] returns '+'. *

*/ - private static byte[] lookUpBase64Alphabet = new byte[LOOKUPLENGTH]; + private static final byte[] lookUpBase64Alphabet = new byte[LOOKUPLENGTH]; // Populating the lookup and character arrays static { diff --git a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java b/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java index 379eedd..db5a9b6 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipher.java @@ -1,4 +1,4 @@ -/** +/* * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, @@ -15,35 +15,38 @@ import java.security.Provider; import java.security.Security; import java.util.HashSet; -import java.util.Iterator; import java.util.Set; import java.util.regex.Matcher; import java.util.regex.Pattern; -import javax.enterprise.inject.Typed; import javax.inject.Named; +import javax.inject.Singleton; + +import org.eclipse.sisu.Typed; /** + * Default implementation of {@link PlexusCipher}. This class is thread safe. + * * @author Oleg Gusakov */ +@Singleton @Named( "default" ) @Typed( PlexusCipher.class ) public class DefaultPlexusCipher implements PlexusCipher { - private static final Pattern ENCRYPTED_STRING_PATTERN = Pattern.compile( ".*?[^\\\\]?\\{(.*?[^\\\\])\\}.*" ); private final PBECipher _cipher; // --------------------------------------------------------------- public DefaultPlexusCipher() - throws PlexusCipherException { _cipher = new PBECipher(); } // --------------------------------------------------------------- + @Override public String encrypt( final String str, final String passPhrase ) throws PlexusCipherException { @@ -56,6 +59,7 @@ public String encrypt( final String str, final String passPhrase ) } // --------------------------------------------------------------- + @Override public String encryptAndDecorate( final String str, final String passPhrase ) throws PlexusCipherException { @@ -63,6 +67,7 @@ public String encryptAndDecorate( final String str, final String passPhrase ) } // --------------------------------------------------------------- + @Override public String decrypt( final String str, final String passPhrase ) throws PlexusCipherException { @@ -75,6 +80,7 @@ public String decrypt( final String str, final String passPhrase ) } // --------------------------------------------------------------- + @Override public String decryptDecorated( final String str, final String passPhrase ) throws PlexusCipherException { @@ -92,6 +98,7 @@ public String decryptDecorated( final String str, final String passPhrase ) } // ---------------------------------------------------------------------------- + @Override public boolean isEncryptedString( final String str ) { if ( str == null || str.length() < 1 ) @@ -105,7 +112,7 @@ public boolean isEncryptedString( final String str ) } // ---------------------------------------------------------------------------- - // ------------------- + @Override public String unDecorate( final String str ) throws PlexusCipherException { @@ -122,43 +129,39 @@ public String unDecorate( final String str ) } // ---------------------------------------------------------------------------- - // ------------------- + @Override public String decorate( final String str ) { return ENCRYPTED_STRING_DECORATION_START + ( str == null ? "" : str ) + ENCRYPTED_STRING_DECORATION_STOP; } // --------------------------------------------------------------- - // --------------------------------------------------------------- - // *************************************************************** + /** * Exploratory part. This method returns all available services types */ public static String[] getServiceTypes() { - Set result = new HashSet(); + Set result = new HashSet<>(); // All all providers Provider[] providers = Security.getProviders(); - for ( int i = 0; i < providers.length; i++ ) - { + for (Provider provider : providers) { // Get services provided by each provider - Set keys = providers[i].keySet(); - for ( Iterator it = keys.iterator(); it.hasNext(); ) - { - String key = (String) it.next(); - key = key.split( " " )[0]; - - if ( key.startsWith( "Alg.Alias." ) ) - { + Set keys = provider.keySet(); + for (Object o : keys) { + String key = (String) o; + key = key.split(" ")[0]; + + if (key.startsWith("Alg.Alias.")) { // Strip the alias - key = key.substring( 10 ); + key = key.substring(10); } - int ix = key.indexOf( '.' ); - result.add( key.substring( 0, ix ) ); + int ix = key.indexOf('.'); + result.add(key.substring(0, ix)); } } - return (String[]) result.toArray( new String[result.size()] ); + return result.toArray( new String[result.size()] ); } /** @@ -166,31 +169,27 @@ public static String[] getServiceTypes() */ public static String[] getCryptoImpls( final String serviceType ) { - Set result = new HashSet(); + Set result = new HashSet<>(); // All all providers Provider[] providers = Security.getProviders(); - for ( int i = 0; i < providers.length; i++ ) - { + for (Provider provider : providers) { // Get services provided by each provider - Set keys = providers[i].keySet(); - for ( Iterator it = keys.iterator(); it.hasNext(); ) - { - String key = (String) it.next(); - key = key.split( " " )[0]; - - if ( key.startsWith( serviceType + "." ) ) - { - result.add( key.substring( serviceType.length() + 1 ) ); + Set keys = provider.keySet(); + for (Object o : keys) { + String key = (String) o; + key = key.split(" ")[0]; + + if (key.startsWith(serviceType + ".")) { + result.add(key.substring(serviceType.length() + 1)); } - else if ( key.startsWith( "Alg.Alias." + serviceType + "." ) ) - { + else if (key.startsWith("Alg.Alias." + serviceType + ".")) { // This is an alias - result.add( key.substring( serviceType.length() + 11 ) ); + result.add(key.substring(serviceType.length() + 11)); } } } - return (String[]) result.toArray( new String[result.size()] ); + return result.toArray( new String[result.size()] ); } // --------------------------------------------------------------- @@ -201,26 +200,18 @@ public static void main( final String[] args ) String[] serviceTypes = getServiceTypes(); if ( serviceTypes != null ) { - for ( int i = 0; i < serviceTypes.length; i++ ) - { - String serviceType = serviceTypes[i]; - String[] serviceProviders = getCryptoImpls( serviceType ); - if ( serviceProviders != null ) - { - System.out.println( serviceType + ": provider list" ); - for ( int j = 0; j < serviceProviders.length; j++ ) - { - String provider = serviceProviders[j]; - System.out.println( " " + provider ); + for (String serviceType : serviceTypes) { + String[] serviceProviders = getCryptoImpls(serviceType); + if (serviceProviders != null) { + System.out.println(serviceType + ": provider list"); + for (String provider : serviceProviders) { + System.out.println(" " + provider); } } - else - { - System.out.println( serviceType + ": does not have any providers in this environment" ); + else { + System.out.println(serviceType + ": does not have any providers in this environment"); } } } } - // --------------------------------------------------------------- - // --------------------------------------------------------------- } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java index a41615d..f81d4fe 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PBECipher.java @@ -1,4 +1,4 @@ -/** +/* * createCipher routine was adopted from http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.10/src/java/org/apache/commons/ssl/OpenSSL.java * which is distributed under APL-2.0 license: http://www.apache.org/licenses/LICENSE-2.0 */ @@ -28,9 +28,7 @@ Licensed to the Apache Software Foundation (ASF) under one import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; import java.security.SecureRandom; -import java.util.Random; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; @@ -38,6 +36,8 @@ Licensed to the Apache Software Foundation (ASF) under one import javax.crypto.spec.SecretKeySpec; /** + * This class is thread-safe. + * * @author Oleg Gusakov */ public class PBECipher @@ -58,25 +58,10 @@ public class PBECipher protected static final String CIPHER_ALG = "AES/CBC/PKCS5Padding"; - protected static int PBE_ITERATIONS = 1000; + protected static final int PBE_ITERATIONS = 1000; - protected MessageDigest _digester; - private static final SecureRandom _secureRandom = new SecureRandom(); - //--------------------------------------------------------------- - public PBECipher() - throws PlexusCipherException - { - try - { - _digester = MessageDigest.getInstance( DIGEST_ALG ); - } - catch ( NoSuchAlgorithmException e ) - { - throw new PlexusCipherException(e); - } - } //--------------------------------------------------------------- private byte[] getSalt( final int sz ) { @@ -116,9 +101,7 @@ public String encrypt64( final String clearText, final String password ) byte [] encryptedTextBytes = Base64.encodeBase64( allEncryptedBytes ); - String encryptedText = new String( encryptedTextBytes, STRING_ENCODING ); - - return encryptedText; + return new String( encryptedTextBytes, STRING_ENCODING ); } catch( Exception e) { @@ -150,9 +133,7 @@ public String decrypt64( final String encryptedText, final String password ) byte [] clearBytes = cipher.doFinal( encryptedBytes ); - String clearText = new String( clearBytes, STRING_ENCODING ); - - return clearText; + return new String( clearBytes, STRING_ENCODING ); } catch( Exception e) { @@ -163,8 +144,8 @@ public String decrypt64( final String encryptedText, final String password ) private Cipher createCipher( final byte [] pwdAsBytes, byte [] salt, final int mode ) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException { - _digester.reset(); - + MessageDigest _digester = MessageDigest.getInstance( DIGEST_ALG ); + byte[] keyAndIv = new byte[ SPICE_SIZE * 2 ]; if( salt == null || salt.length == 0 ) @@ -234,6 +215,4 @@ private Cipher createCipher( final byte [] pwdAsBytes, byte [] salt, final int m return cipher; } - //------------------------------------------------------------------------------- - //------------------------------------------------------------------------------- } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java index b08886a..105dae4 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipher.java @@ -1,4 +1,4 @@ -/** +/* * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, @@ -17,16 +17,16 @@ */ public interface PlexusCipher { - public static final char ENCRYPTED_STRING_DECORATION_START = '{'; + char ENCRYPTED_STRING_DECORATION_START = '{'; - public static final char ENCRYPTED_STRING_DECORATION_STOP = '}'; + char ENCRYPTED_STRING_DECORATION_STOP = '}'; /** * encrypt given string with the given passPhrase and encode it into base64 * * @param str * @param passPhrase - * @return + * @return encrypted str * @throws PlexusCipherException */ String encrypt( String str, String passPhrase ) @@ -38,7 +38,7 @@ String encrypt( String str, String passPhrase ) * * @param str * @param passPhrase - * @return + * @return encrypted and decorated str * @throws PlexusCipherException */ String encryptAndDecorate( String str, String passPhrase ) @@ -49,7 +49,7 @@ String encryptAndDecorate( String str, String passPhrase ) * * @param str * @param passPhrase - * @return + * @return decrypted str * @throws PlexusCipherException */ String decrypt( String str, String passPhrase ) @@ -61,7 +61,7 @@ String decrypt( String str, String passPhrase ) * * @param str * @param passPhrase - * @return + * @return decrypted decorated str * @throws PlexusCipherException */ String decryptDecorated( String str, String passPhrase ) @@ -71,26 +71,25 @@ String decryptDecorated( String str, String passPhrase ) * check if given string is decorated * * @param str - * @return + * @return true if string is encrypted */ - public boolean isEncryptedString( String str ); + boolean isEncryptedString( String str ); /** * return string inside decorations * * @param str - * @return + * @return undecorated str * @throws PlexusCipherException */ - public String unDecorate( String str ) + String unDecorate( String str ) throws PlexusCipherException; /** * decorated given string with { and } * * @param str - * @return + * @return decorated str */ - public String decorate( String str ); - + String decorate( String str ); } diff --git a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java index 9fe6c26..836fd37 100644 --- a/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java +++ b/src/main/java/org/sonatype/plexus/components/cipher/PlexusCipherException.java @@ -1,4 +1,4 @@ -/** +/* * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, @@ -15,7 +15,6 @@ public class PlexusCipherException extends Exception { - public PlexusCipherException() { } @@ -34,5 +33,4 @@ public PlexusCipherException( String message, Throwable cause ) { super( message, cause ); } - } diff --git a/src/main/resources/META-INF/plexus/components.xml b/src/main/resources/META-INF/plexus/components.xml deleted file mode 100644 index 23eee11..0000000 --- a/src/main/resources/META-INF/plexus/components.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - - - org.sonatype.plexus.components.cipher.PlexusCipher - default - org.sonatype.plexus.components.cipher.DefaultPlexusCipher - - false - - - diff --git a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java index dc3f3be..a259a02 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/DefaultPlexusCipherTest.java @@ -1,4 +1,4 @@ -/** +/* * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, @@ -12,7 +12,13 @@ */ package org.sonatype.plexus.components.cipher; -import org.sonatype.guice.bean.containers.InjectedTestCase; +import org.junit.Before; +import org.junit.Test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; /** * Test the Plexus Cipher container @@ -20,9 +26,8 @@ * @author Oleg Gusakov */ public class DefaultPlexusCipherTest - extends InjectedTestCase { - private String passPhrase = "testtest"; + private final String passPhrase = "testtest"; String str = "my testing phrase"; @@ -31,14 +36,14 @@ public class DefaultPlexusCipherTest DefaultPlexusCipher pc; // ------------------------------------------------------------- - public void setUp() + @Before + public void prepare() throws Exception { - super.setUp(); - pc = new DefaultPlexusCipher(); } + @Test public void testIsEncryptedString() { String noBraces = "This is a test"; @@ -55,6 +60,7 @@ public void testIsEncryptedString() assertTrue( pc.isEncryptedString( mixedBraces ) ); } + @Test public void testUnDecorate_BracesPermutations() throws PlexusCipherException { @@ -68,6 +74,8 @@ public void testUnDecorate_BracesPermutations() } // ------------------------------------------------------------- + + @Test public void testDefaultAlgorithmExists() throws Exception { @@ -92,6 +100,8 @@ public void testDefaultAlgorithmExists() } // ------------------------------------------------------------- + + @Test public void stestFindDefaultAlgorithm() throws Exception { @@ -117,6 +127,8 @@ public void stestFindDefaultAlgorithm() } // ------------------------------------------------------------- + + @Test public void testEncrypt() throws Exception { @@ -130,6 +142,8 @@ public void testEncrypt() } // ------------------------------------------------------------- + + @Test public void testEncryptVariableLengths() throws Exception { @@ -160,6 +174,8 @@ public void testDecrypt() } // ------------------------------------------------------------- + + @Test public void testDecorate() throws Exception { @@ -169,6 +185,8 @@ public void testDecorate() } // ------------------------------------------------------------- + + @Test public void testUnDecorate() throws Exception { @@ -179,6 +197,8 @@ public void testUnDecorate() } // ------------------------------------------------------------- + + @Test public void testEncryptAndDecorate() throws Exception { @@ -186,6 +206,4 @@ public void testEncryptAndDecorate() assertEquals( '{', res.charAt( 0 ) ); } - // ------------------------------------------------------------- - // ------------------------------------------------------------- } diff --git a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java index 17bc8dd..17d7700 100644 --- a/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java +++ b/src/test/java/org/sonatype/plexus/components/cipher/PBECipherTest.java @@ -19,13 +19,17 @@ Licensed to the Apache Software Foundation (ASF) under one package org.sonatype.plexus.components.cipher; -import org.sonatype.guice.bean.containers.InjectedTestCase; +import org.junit.Before; +import org.junit.Test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; /** * @author Oleg Gusakov */ public class PBECipherTest - extends InjectedTestCase { PBECipher _cipher; @@ -35,13 +39,14 @@ public class PBECipherTest String _password = "testtest"; - protected void setUp() + @Before + public void prepare() throws Exception { - super.setUp(); _cipher = new PBECipher(); } + @Test public void testEncrypt() throws Exception { @@ -60,6 +65,7 @@ public void testEncrypt() assertFalse( enc.equals( enc2 ) ); } + @Test public void testDecrypt() throws Exception { @@ -67,7 +73,8 @@ public void testDecrypt() assertEquals( _cleatText, clear ); } - + + @Test public void testEncoding() throws Exception {