X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=basic%2Fruntime%2Forg.argeo.basic.nodeps%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Futil%2Fcrypto%2FAbstractKeyring.java;h=98422bdbb3f74c27f8a9892fd1731a09c767cb59;hb=70538e1286a2b47ecd58cb1cfb7ede8dddff5859;hp=3e9da4c2cd501ee807879544a8c71b01d5625d3c;hpb=4310414c41cc0b9e52866f81ec6c60bbf6686d16;p=lgpl%2Fargeo-commons.git diff --git a/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java b/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java index 3e9da4c2c..98422bdbb 100644 --- a/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java +++ b/basic/runtime/org.argeo.basic.nodeps/src/main/java/org/argeo/util/crypto/AbstractKeyring.java @@ -10,6 +10,7 @@ import java.io.OutputStreamWriter; import java.io.Reader; import java.io.Writer; import java.security.AccessController; +import java.security.MessageDigest; import java.util.Arrays; import java.util.Iterator; @@ -45,7 +46,7 @@ public abstract class AbstractKeyring implements Keyring { * Setup the keyring persistently, {@link #isSetup()} must return true * afterwards */ - protected abstract void setup(); + protected abstract void setup(char[] password); /** Populates the key spec callback */ protected abstract void handleKeySpecCallback(PBEKeySpecCallback pbeCallback); @@ -116,6 +117,7 @@ public abstract class AbstractKeyring implements Keyring { try { writer = new OutputStreamWriter(out, charset); writer.write(arr); + writer.flush(); in = new ByteArrayInputStream(out.toByteArray()); set(path, in); } catch (IOException e) { @@ -139,6 +141,32 @@ public abstract class AbstractKeyring implements Keyring { this.charset = charset; } + protected static byte[] hash(char[] password, byte[] salt, + Integer iterationCount) { + ByteArrayOutputStream out = null; + OutputStreamWriter writer = null; + try { + out = new ByteArrayOutputStream(); + writer = new OutputStreamWriter(out, "UTF-8"); + writer.write(password); + MessageDigest pwDigest = MessageDigest.getInstance("SHA-256"); + pwDigest.reset(); + pwDigest.update(salt); + byte[] btPass = pwDigest.digest(out.toByteArray()); + for (int i = 0; i < iterationCount; i++) { + pwDigest.reset(); + btPass = pwDigest.digest(btPass); + } + return btPass; + } catch (Exception e) { + throw new ArgeoException("Cannot hash", e); + } finally { + StreamUtils.closeQuietly(out); + StreamUtils.closeQuietly(writer); + } + + } + class KeyringCallbackHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { @@ -160,13 +188,13 @@ public abstract class AbstractKeyring implements Keyring { } else {// setup keyring TextOutputCallback textCb1 = new TextOutputCallback( TextOutputCallback.INFORMATION, - "Enter a master password"); + "Enter a master password which will protect your private data"); TextOutputCallback textCb2 = new TextOutputCallback( TextOutputCallback.INFORMATION, - "It will encrypt your private data"); + "(for example your credentials to third-party services)"); TextOutputCallback textCb3 = new TextOutputCallback( TextOutputCallback.INFORMATION, - "Don't forget it or your data is lost"); + "Don't forget this password since the data cannot be read without it"); PasswordCallback confirmPasswordCb = new PasswordCallback( "Confirm password", false); // first try @@ -186,8 +214,9 @@ public abstract class AbstractKeyring implements Keyring { defaultCallbackHandler.handle(dialogCbs); } - if (passwordCb.getPassword() != null)// not cancelled - setup(); + if (passwordCb.getPassword() != null) {// not cancelled + setup(passwordCb.getPassword()); + } } if (passwordCb.getPassword() != null)