git://git.nikiroo.be
/
fanfix.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
weblib: fix unauthorized detection on client
[fanfix.git]
/
src
/
be
/
nikiroo
/
utils
/
CryptUtils.java
diff --git
a/src/be/nikiroo/utils/CryptUtils.java
b/src/be/nikiroo/utils/CryptUtils.java
index ba9e7002adacabefa1bf9397934e9637bf73ffe8..638f82f298a27b6d87db29ae5324f904ccff08eb 100644
(file)
--- a/
src/be/nikiroo/utils/CryptUtils.java
+++ b/
src/be/nikiroo/utils/CryptUtils.java
@@
-11,7
+11,6
@@
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLException;
@@
-22,17
+21,15
@@
import be.nikiroo.utils.streams.Base64OutputStream;
/**
* Small utility class to do AES encryption/decryption.
* <p>
/**
* Small utility class to do AES encryption/decryption.
* <p>
- *
For the moment, i
t is multi-thread compatible, but beware:
+ *
I
t is multi-thread compatible, but beware:
* <ul>
* <li>The encrypt/decrypt calls are serialized</li>
* <ul>
* <li>The encrypt/decrypt calls are serialized</li>
- * <li>The streams are independent
and thus parallel
</li>
+ * <li>The streams are independent
(and thus parallel)
</li>
* </ul>
* <p>
* </ul>
* <p>
- * Do not assume it is actually secure, it is actually not.
- * <p>
- * It just here to offer a more-or-less protected exchange of data because
- * anonymous and self-signed certificates backed SSL is against Google wishes
- * (so, don't even try, they own Internet).
+ * Do not assume it is secure; it just here to offer a more-or-less protected
+ * exchange of data because anonymous and self-signed certificates backed SSL is
+ * against Google wishes, and I need Android support.
*
* @author niki
*/
*
* @author niki
*/
@@
-41,7
+38,7
@@
public class CryptUtils {
private Cipher ecipher;
private Cipher dcipher;
private Cipher ecipher;
private Cipher dcipher;
- private
SecretKey key
;
+ private
byte[] bytes32
;
/**
* Small and lazy-easy way to initialize a 128 bits key with
/**
* Small and lazy-easy way to initialize a 128 bits key with
@@
-66,15
+63,15
@@
public class CryptUtils {
}
/**
}
/**
- * Create a new instance of {@link CryptUtils} with the given 128 b
yte
s key.
+ * Create a new instance of {@link CryptUtils} with the given 128 b
it
s key.
* <p>
* <p>
- * The key <b>must</b> be exactly 128 b
yte
s long.
+ * The key <b>must</b> be exactly 128 b
it
s long.
*
* @param bytes32
* the 128 bits (32 bytes) of the key
*
* @throws InvalidKeyException
*
* @param bytes32
* the 128 bits (32 bytes) of the key
*
* @throws InvalidKeyException
- * if the key is not an array of 128 b
yte
s
+ * if the key is not an array of 128 b
it
s
*/
public CryptUtils(byte[] bytes32) throws InvalidKeyException {
init(bytes32);
*/
public CryptUtils(byte[] bytes32) throws InvalidKeyException {
init(bytes32);
@@
-199,7
+196,7
@@
public class CryptUtils {
}
/**
}
/**
- * This method required an array of 128 b
yte
s.
+ * This method required an array of 128 b
it
s.
*
* @param bytes32
* the array, which <b>must</b> be of 128 bits (32 bytes)
*
* @param bytes32
* the array, which <b>must</b> be of 128 bits (32 bytes)
@@
-215,9
+212,9
@@
public class CryptUtils {
+ " bytes");
}
+ " bytes");
}
-
key = new SecretKeySpec(bytes32, "AES")
;
- ecipher = newCipher(Cipher.ENCRYPT_MODE);
- dcipher = newCipher(Cipher.DECRYPT_MODE);
+
this.bytes32 = bytes32
;
+
this.
ecipher = newCipher(Cipher.ENCRYPT_MODE);
+
this.
dcipher = newCipher(Cipher.DECRYPT_MODE);
}
/**
}
/**
@@
-232,10
+229,14
@@
public class CryptUtils {
*/
private Cipher newCipher(int mode) {
try {
*/
private Cipher newCipher(int mode) {
try {
- byte[] iv = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
+ // bytes32 = 32 bytes, 32 > 16
+ byte[] iv = new byte[16];
+ for (int i = 0; i < iv.length; i++) {
+ iv[i] = bytes32[i];
+ }
IvParameterSpec ivspec = new IvParameterSpec(iv);
Cipher cipher = Cipher.getInstance(AES_NAME);
IvParameterSpec ivspec = new IvParameterSpec(iv);
Cipher cipher = Cipher.getInstance(AES_NAME);
- cipher.init(mode,
key
, ivspec);
+ cipher.init(mode,
new SecretKeySpec(bytes32, "AES")
, ivspec);
return cipher;
} catch (Exception e) {
e.printStackTrace();
return cipher;
} catch (Exception e) {
e.printStackTrace();
@@
-365,7
+366,7
@@
public class CryptUtils {
try {
return new String(decrypt(data), "UTF-8");
} catch (UnsupportedEncodingException e) {
try {
return new String(decrypt(data), "UTF-8");
} catch (UnsupportedEncodingException e) {
- // UTF-8 is required in all conf
i
rm JVMs
+ // UTF-8 is required in all conf
o
rm JVMs
e.printStackTrace();
return null;
}
e.printStackTrace();
return null;
}
@@
-416,7
+417,7
@@
public class CryptUtils {
try {
return new String(decrypt(StringUtils.unbase64(data)), "UTF-8");
} catch (UnsupportedEncodingException e) {
try {
return new String(decrypt(StringUtils.unbase64(data)), "UTF-8");
} catch (UnsupportedEncodingException e) {
- // UTF-8 is required in all conf
i
rm JVMs
+ // UTF-8 is required in all conf
o
rm JVMs
e.printStackTrace();
return null;
} catch (IOException e) {
e.printStackTrace();
return null;
} catch (IOException e) {