mirror of
https://github.com/xpipe-io/xpipe.git
synced 2024-11-25 00:50:31 +00:00
Rework data encryption for raw data
This commit is contained in:
parent
da42eb578f
commit
51121d2301
4 changed files with 36 additions and 7 deletions
|
@ -4,6 +4,12 @@ import lombok.EqualsAndHashCode;
|
|||
import lombok.SneakyThrows;
|
||||
import lombok.experimental.SuperBuilder;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.GCMParameterSpec;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.nio.ByteOrder;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
@ -11,12 +17,6 @@ import java.security.SecureRandom;
|
|||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.KeySpec;
|
||||
import java.util.Random;
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.GCMParameterSpec;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
|
||||
@SuperBuilder
|
||||
@EqualsAndHashCode(callSuper = true)
|
||||
|
@ -41,6 +41,10 @@ public abstract class AesSecretValue extends EncryptedSecretValue {
|
|||
super(secret);
|
||||
}
|
||||
|
||||
public AesSecretValue(byte[] b) {
|
||||
super(b);
|
||||
}
|
||||
|
||||
protected abstract int getIterationCount();
|
||||
|
||||
protected byte[] getNonce(int numBytes) {
|
||||
|
|
|
@ -15,6 +15,10 @@ public abstract class EncryptedSecretValue implements SecretValue {
|
|||
|
||||
String encryptedValue;
|
||||
|
||||
public EncryptedSecretValue(byte[] b) {
|
||||
encryptedValue = SecretValue.toBase64e(encrypt(b));
|
||||
}
|
||||
|
||||
public EncryptedSecretValue(char[] c) {
|
||||
var utf8 = StandardCharsets.UTF_8.encode(CharBuffer.wrap(c));
|
||||
var bytes = new byte[utf8.limit()];
|
||||
|
@ -27,6 +31,17 @@ public abstract class EncryptedSecretValue implements SecretValue {
|
|||
return "<encrypted secret>";
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getSecretRaw() {
|
||||
try {
|
||||
var bytes = SecretValue.fromBase64e(getEncryptedValue());
|
||||
bytes = decrypt(bytes);
|
||||
return bytes;
|
||||
} catch (Exception ex) {
|
||||
return new byte[0];
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public char[] getSecret() {
|
||||
try {
|
||||
|
|
|
@ -5,9 +5,9 @@ import lombok.EqualsAndHashCode;
|
|||
import lombok.experimental.SuperBuilder;
|
||||
import lombok.extern.jackson.Jacksonized;
|
||||
|
||||
import javax.crypto.SecretKey;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.util.Random;
|
||||
import javax.crypto.SecretKey;
|
||||
|
||||
@JsonTypeName("default")
|
||||
@SuperBuilder
|
||||
|
@ -15,6 +15,10 @@ import javax.crypto.SecretKey;
|
|||
@EqualsAndHashCode(callSuper = true)
|
||||
public class InPlaceSecretValue extends AesSecretValue {
|
||||
|
||||
public InPlaceSecretValue(byte[] b) {
|
||||
super(b);
|
||||
}
|
||||
|
||||
public InPlaceSecretValue(char[] secret) {
|
||||
super(secret);
|
||||
}
|
||||
|
@ -27,6 +31,10 @@ public class InPlaceSecretValue extends AesSecretValue {
|
|||
return new InPlaceSecretValue(c);
|
||||
}
|
||||
|
||||
public static InPlaceSecretValue of(byte[] b) {
|
||||
return new InPlaceSecretValue(b);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected int getIterationCount() {
|
||||
return 2048;
|
||||
|
|
|
@ -41,6 +41,8 @@ public interface SecretValue {
|
|||
return r;
|
||||
}
|
||||
|
||||
byte[] getSecretRaw();
|
||||
|
||||
char[] getSecret();
|
||||
|
||||
default String getSecretValue() {
|
||||
|
|
Loading…
Reference in a new issue