Update license headers

[lgpl/argeo-commons.git] / basic / runtime / org.argeo.basic.nodeps / src / main / java / org / argeo / util / crypto / AbstractKeyring.java

diff --git a/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java b/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java
index 3e9da4c2cd501ee807879544a8c71b01d5625d3c..e42451325a6f970205e8dc3b9a4975ae4986c161 100644 (file)
--- a/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java
+++ b/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright (C) 2007-2012 Mathieu Baudier
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.argeo.util.crypto;
 
 import java.io.ByteArrayInputStream;
@@ -10,6 +25,7 @@ import java.io.OutputStreamWriter;
 import java.io.Reader;
 import java.io.Writer;
 import java.security.AccessController;
+import java.security.MessageDigest;
 import java.util.Arrays;
 import java.util.Iterator;
 
@@ -45,7 +61,7 @@ public abstract class AbstractKeyring implements Keyring {
         * Setup the keyring persistently, {@link #isSetup()} must return true
         * afterwards
         */
-       protected abstract void setup();
+       protected abstract void setup(char[] password);
 
        /** Populates the key spec callback */
        protected abstract void handleKeySpecCallback(PBEKeySpecCallback pbeCallback);
@@ -116,6 +132,7 @@ public abstract class AbstractKeyring implements Keyring {
                try {
                        writer = new OutputStreamWriter(out, charset);
                        writer.write(arr);
+                       writer.flush();
                        in = new ByteArrayInputStream(out.toByteArray());
                        set(path, in);
                } catch (IOException e) {
@@ -139,6 +156,32 @@ public abstract class AbstractKeyring implements Keyring {
                this.charset = charset;
        }
 
+       protected static byte[] hash(char[] password, byte[] salt,
+                       Integer iterationCount) {
+               ByteArrayOutputStream out = null;
+               OutputStreamWriter writer = null;
+               try {
+                       out = new ByteArrayOutputStream();
+                       writer = new OutputStreamWriter(out, "UTF-8");
+                       writer.write(password);
+                       MessageDigest pwDigest = MessageDigest.getInstance("SHA-256");
+                       pwDigest.reset();
+                       pwDigest.update(salt);
+                       byte[] btPass = pwDigest.digest(out.toByteArray());
+                       for (int i = 0; i < iterationCount; i++) {
+                               pwDigest.reset();
+                               btPass = pwDigest.digest(btPass);
+                       }
+                       return btPass;
+               } catch (Exception e) {
+                       throw new ArgeoException("Cannot hash", e);
+               } finally {
+                       StreamUtils.closeQuietly(out);
+                       StreamUtils.closeQuietly(writer);
+               }
+
+       }
+
        class KeyringCallbackHandler implements CallbackHandler {
                public void handle(Callback[] callbacks) throws IOException,
                                UnsupportedCallbackException {
@@ -160,13 +203,13 @@ public abstract class AbstractKeyring implements Keyring {
                        } else {// setup keyring
                                TextOutputCallback textCb1 = new TextOutputCallback(
                                                TextOutputCallback.INFORMATION,
-                                               "Enter a master password");
+                                               "Enter a master password which will protect your private data");
                                TextOutputCallback textCb2 = new TextOutputCallback(
                                                TextOutputCallback.INFORMATION,
-                                               "It will encrypt your private data");
+                                               "(for example your credentials to third-party services)");
                                TextOutputCallback textCb3 = new TextOutputCallback(
                                                TextOutputCallback.INFORMATION,
-                                               "Don't forget it or your data is lost");
+                                               "Don't forget this password since the data cannot be read without it");
                                PasswordCallback confirmPasswordCb = new PasswordCallback(
                                                "Confirm password", false);
                                // first try
@@ -186,8 +229,9 @@ public abstract class AbstractKeyring implements Keyring {
                                        defaultCallbackHandler.handle(dialogCbs);
                                }
 
-                               if (passwordCb.getPassword() != null)// not cancelled
-                                       setup();
+                               if (passwordCb.getPassword() != null) {// not cancelled
+                                       setup(passwordCb.getPassword());
+                               }
                        }
 
                        if (passwordCb.getPassword() != null)