From 51121d230116cc84039acbbba7908183c3524e73 Mon Sep 17 00:00:00 2001 From: crschnick Date: Tue, 13 Aug 2024 17:04:08 +0000 Subject: [PATCH] Rework data encryption for raw data --- .../java/io/xpipe/core/util/AesSecretValue.java | 16 ++++++++++------ .../io/xpipe/core/util/EncryptedSecretValue.java | 15 +++++++++++++++ .../io/xpipe/core/util/InPlaceSecretValue.java | 10 +++++++++- .../java/io/xpipe/core/util/SecretValue.java | 2 ++ 4 files changed, 36 insertions(+), 7 deletions(-) diff --git a/core/src/main/java/io/xpipe/core/util/AesSecretValue.java b/core/src/main/java/io/xpipe/core/util/AesSecretValue.java index ac4449e44..8df40535e 100644 --- a/core/src/main/java/io/xpipe/core/util/AesSecretValue.java +++ b/core/src/main/java/io/xpipe/core/util/AesSecretValue.java @@ -4,6 +4,12 @@ import lombok.EqualsAndHashCode; import lombok.SneakyThrows; import lombok.experimental.SuperBuilder; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.GCMParameterSpec; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; import java.nio.ByteBuffer; import java.nio.ByteOrder; import java.security.NoSuchAlgorithmException; @@ -11,12 +17,6 @@ import java.security.SecureRandom; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import java.util.Random; -import javax.crypto.Cipher; -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.GCMParameterSpec; -import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; @SuperBuilder @EqualsAndHashCode(callSuper = true) @@ -41,6 +41,10 @@ public abstract class AesSecretValue extends EncryptedSecretValue { super(secret); } + public AesSecretValue(byte[] b) { + super(b); + } + protected abstract int getIterationCount(); protected byte[] getNonce(int numBytes) { diff --git a/core/src/main/java/io/xpipe/core/util/EncryptedSecretValue.java b/core/src/main/java/io/xpipe/core/util/EncryptedSecretValue.java index f78667b6c..88d369725 100644 --- a/core/src/main/java/io/xpipe/core/util/EncryptedSecretValue.java +++ b/core/src/main/java/io/xpipe/core/util/EncryptedSecretValue.java @@ -15,6 +15,10 @@ public abstract class EncryptedSecretValue implements SecretValue { String encryptedValue; + public EncryptedSecretValue(byte[] b) { + encryptedValue = SecretValue.toBase64e(encrypt(b)); + } + public EncryptedSecretValue(char[] c) { var utf8 = StandardCharsets.UTF_8.encode(CharBuffer.wrap(c)); var bytes = new byte[utf8.limit()]; @@ -27,6 +31,17 @@ public abstract class EncryptedSecretValue implements SecretValue { return ""; } + @Override + public byte[] getSecretRaw() { + try { + var bytes = SecretValue.fromBase64e(getEncryptedValue()); + bytes = decrypt(bytes); + return bytes; + } catch (Exception ex) { + return new byte[0]; + } + } + @Override public char[] getSecret() { try { diff --git a/core/src/main/java/io/xpipe/core/util/InPlaceSecretValue.java b/core/src/main/java/io/xpipe/core/util/InPlaceSecretValue.java index 6f3f47204..1dac3f8a8 100644 --- a/core/src/main/java/io/xpipe/core/util/InPlaceSecretValue.java +++ b/core/src/main/java/io/xpipe/core/util/InPlaceSecretValue.java @@ -5,9 +5,9 @@ import lombok.EqualsAndHashCode; import lombok.experimental.SuperBuilder; import lombok.extern.jackson.Jacksonized; +import javax.crypto.SecretKey; import java.security.spec.InvalidKeySpecException; import java.util.Random; -import javax.crypto.SecretKey; @JsonTypeName("default") @SuperBuilder @@ -15,6 +15,10 @@ import javax.crypto.SecretKey; @EqualsAndHashCode(callSuper = true) public class InPlaceSecretValue extends AesSecretValue { + public InPlaceSecretValue(byte[] b) { + super(b); + } + public InPlaceSecretValue(char[] secret) { super(secret); } @@ -27,6 +31,10 @@ public class InPlaceSecretValue extends AesSecretValue { return new InPlaceSecretValue(c); } + public static InPlaceSecretValue of(byte[] b) { + return new InPlaceSecretValue(b); + } + @Override protected int getIterationCount() { return 2048; diff --git a/core/src/main/java/io/xpipe/core/util/SecretValue.java b/core/src/main/java/io/xpipe/core/util/SecretValue.java index 3e8c40932..b8940670d 100644 --- a/core/src/main/java/io/xpipe/core/util/SecretValue.java +++ b/core/src/main/java/io/xpipe/core/util/SecretValue.java @@ -41,6 +41,8 @@ public interface SecretValue { return r; } + byte[] getSecretRaw(); + char[] getSecret(); default String getSecretValue() {