From 826185478b22349564145998d6e36fdff58c1af0 Mon Sep 17 00:00:00 2001 From: Julian van Dijk Date: Fri, 7 Jan 2022 23:34:29 +0100 Subject: [PATCH 01/12] Create docker.yml --- .github/workflows/docker.yml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 .github/workflows/docker.yml diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 0000000..faa8204 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,34 @@ +name: Docker +on: + push: + schedule: + - cron: '54 2 2 * *' + workflow_dispatch: +jobs: + buildDockerImage: + name: Build Docker image + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Docker meta + id: meta + uses: docker/metadata-action@v3 + with: + images: ghcr.io/wisvch/feedback-tool + tags: type=sha, prefix={{date 'YYYYMMDD'}}- + - name: Build and push Docker image + uses: docker/build-push-action@v2 + with: + context: . + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + push: ${{ github.ref == 'refs/heads/master' }} From 70c5f7bcf466405afcd154fc754b88f68807adc9 Mon Sep 17 00:00:00 2001 From: Julian van Dijk Date: Fri, 7 Jan 2022 23:34:55 +0100 Subject: [PATCH 02/12] Delete .travis.yml --- .travis.yml | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index c460259..0000000 --- a/.travis.yml +++ /dev/null @@ -1,29 +0,0 @@ -language: java -services: - - docker -jdk: -- openjdk11 -before_cache: -- rm -f $HOME/.gradle/caches/modules-2/modules-2.lock -- rm -fr $HOME/.gradle/caches/*/plugin-resolution/ -cache: - directories: - - "$HOME/.gradle/caches/" - - "$HOME/.gradle/wrapper/" -script: -- "./gradlew check" -deploy: - provider: script - script: >- - sh -c ' - docker build --no-cache --pull -t quay.io/wisvch/feedback-tool:$TRAVIS_BUILD_NUMBER .; - docker login -u "$QUAY_USERNAME" -p "$QUAY_PASSWORD" quay.io; - docker push quay.io/wisvch/feedback-tool:$TRAVIS_BUILD_NUMBER; - ' - on: - branch: master -notifications: - email: false - slack: - rooms: - secure: uCLBLnOEWsOHarQOZZTc3bXsV8vLvaZYMbXWfDFJgJ6+HPPa+XN+BbHdCyIosyGsxuON6qzFDkbiopc2mK98f3GtCKwOpgfc7y6oU0Gev621qDihnE4U+QGO88rl3Oi9Y8j6m8MbtTrA2rnywCl+mWM4wSRpIVTYscYeSibxjVe4Yznag+GaJLnPWgPK+wV/kS97wdaCygqhpW63y3hQdoT4O8nvuwQXIq/K3wqqpdGZGNMJgHQI0uI9hyAlKqzdg8ttb09wHXcImofr43tnsaAfOsxz3y4Vl1kLLyPWokCewV5idpVhyToHsRxvWJrkE4ym9g2Gav2ksQt6Jd2wHvFNhqRqlJQWmypTBp5rq81uoCyirlYT2nt57LUCXJd9gCZlKendaOS4Gxo7aBu8HYceIjwAucDIVsxIOksMjTlnEdqXG/fdEuPMsCYXJKFgvANynN6vln6fbKR16TBuwp+kZ2iBpqm6/TvVaCrkV3dir1yrzt4Car54LPzAWsR7NC49gNVxYceoYwkcFQo49FPiTrM1Jf6REkbVJcLz0xuCUmW+w7h/jupuFcba2LRJScc97U6IjoguBwuPlNAk2C2wFLtLMlqo7XeKdpdKHnFJtwRVd+ySwZpehUuDcJlK3SP9HzWebPsoEtmtpQjRHuxNClnQH8qqEgHoIorpMHk= From 91bd041b9ce33fa4ecc118baa80324978411f987 Mon Sep 17 00:00:00 2001 From: Julian van Dijk Date: Fri, 7 Jan 2022 23:36:51 +0100 Subject: [PATCH 03/12] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b8fed82..9fd7a5b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM wisvch/openjdk:11-jdk AS builder +FROM openjdk:11-jdk-buster AS builder COPY . /src WORKDIR /src RUN ./gradlew build From 842a6b6428efc27df4830475babfcfa35f0e7f8d Mon Sep 17 00:00:00 2001 From: Sven Popping Date: Sun, 4 Nov 2018 18:25:38 +0100 Subject: [PATCH 04/12] Add apache commons-lang --- build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/build.gradle b/build.gradle index 95f51c6..99b7782 100644 --- a/build.gradle +++ b/build.gradle @@ -52,6 +52,7 @@ dependencies { compile 'org.projectlombok:lombok' compile 'org.json:json:20180813' + compile 'org.apache.commons:commons-lang3:3.7' runtime 'org.postgresql:postgresql' runtime 'com.h2database:h2' From e7f1ec43c516d0d7f4670f7fcd685583f00edb42 Mon Sep 17 00:00:00 2001 From: Sven Popping Date: Sun, 4 Nov 2018 20:27:49 +0100 Subject: [PATCH 05/12] Add encryption converters --- .../converters/AbstractCryptoConverter.java | 157 ++++++++++++++++++ .../ch/wisv/converters/CipherInitializer.java | 62 +++++++ .../java/ch/wisv/converters/KeyProperty.java | 23 +++ .../converters/StringCryptoConverter.java | 54 ++++++ 4 files changed, 296 insertions(+) create mode 100644 src/main/java/ch/wisv/converters/AbstractCryptoConverter.java create mode 100644 src/main/java/ch/wisv/converters/CipherInitializer.java create mode 100644 src/main/java/ch/wisv/converters/KeyProperty.java create mode 100644 src/main/java/ch/wisv/converters/StringCryptoConverter.java diff --git a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java new file mode 100644 index 0000000..c747b67 --- /dev/null +++ b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java @@ -0,0 +1,157 @@ +package ch.wisv.converters; + +import static ch.wisv.converters.KeyProperty.DATABASE_ENCRYPTION_KEY; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.util.Base64; +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.persistence.AttributeConverter; +import static org.apache.commons.lang3.StringUtils.isNotEmpty; + +/** + * AbstractCryptoConverter class. + * + * @param + */ +abstract class AbstractCryptoConverter implements AttributeConverter { + + /** CipherInitializer. */ + private CipherInitializer cipherInitializer; + + /** + * AbstractCryptoConverter constructor. + * + * @param cipherInitializer of type CipherInitializer + */ + AbstractCryptoConverter(CipherInitializer cipherInitializer) { + this.cipherInitializer = cipherInitializer; + } + + /** + * Convert th entity attribute to the database data. + * + * @param attribute of type T + * + * @return String + */ + @Override + public String convertToDatabaseColumn(T attribute) { + if (isNotEmpty(DATABASE_ENCRYPTION_KEY) && isNotNullOrEmpty(attribute)) { + try { + Cipher cipher = cipherInitializer.prepareAndInitCipher(Cipher.ENCRYPT_MODE, DATABASE_ENCRYPTION_KEY); + + return this.encrypt(cipher, attribute); + } catch (NoSuchAlgorithmException | InvalidKeyException | InvalidAlgorithmParameterException | BadPaddingException | + NoSuchPaddingException | IllegalBlockSizeException e) { + throw new RuntimeException(e); + } + } + + return this.entityAttributeToString(attribute); + } + + /** + * Convert the database data to the entity attribute. + * + * @param dbData of type String. + * + * @return T + */ + @Override + public T convertToEntityAttribute(String dbData) { + if (isNotEmpty(DATABASE_ENCRYPTION_KEY) && isNotEmpty(dbData)) { + try { + Cipher cipher = cipherInitializer.prepareAndInitCipher(Cipher.DECRYPT_MODE, DATABASE_ENCRYPTION_KEY); + + return this.decrypt(cipher, dbData); + } catch (NoSuchAlgorithmException | InvalidKeyException | InvalidAlgorithmParameterException | BadPaddingException | + NoSuchPaddingException | IllegalBlockSizeException e) { + throw new RuntimeException(e); + } + } + + return this.stringToEntityAttribute(dbData); + } + + /** + * Do final Cipher call. + * + * @param cipher of type String + * @param bytes of type byte[] + * + * @return byte[] + * + * @throws IllegalBlockSizeException when the block size is wrong + * @throws BadPaddingException when the padding is wrong + */ + private byte[] callCipherDoFinal(Cipher cipher, byte[] bytes) throws IllegalBlockSizeException, BadPaddingException { + return cipher.doFinal(bytes); + } + + /** + * Decrypt database data with a give cipher. + * + * @param cipher of type Cipher + * @param dbData of type String + * + * @return T + * + * @throws IllegalBlockSizeException when the block size is wrong + * @throws BadPaddingException when the padding is wrong + */ + private T decrypt(Cipher cipher, String dbData) throws IllegalBlockSizeException, BadPaddingException { + byte[] encryptedBytes = Base64.getDecoder().decode(dbData); + byte[] decryptedBytes = this.callCipherDoFinal(cipher, encryptedBytes); + + return this.stringToEntityAttribute(new String(decryptedBytes)); + } + + /** + * Encrypt attribute with a give cipher. + * + * @param cipher of type Cipher + * @param attribute of type T + * + * @return String + * + * @throws IllegalBlockSizeException when the block size is wrong + * @throws BadPaddingException when the padding is wrong + */ + private String encrypt(Cipher cipher, T attribute) throws IllegalBlockSizeException, BadPaddingException { + byte[] bytesToEncrypt = this.entityAttributeToString(attribute).getBytes(); + byte[] encryptedBytes = this.callCipherDoFinal(cipher, bytesToEncrypt); + + return Base64.getEncoder().encodeToString(encryptedBytes); + } + + /** + * Check attribute is not null or empty. + * + * @param attribute of type T + * + * @return boolean + */ + abstract boolean isNotNullOrEmpty(T attribute); + + /** + * Convert database data to entity attribute. + * + * @param dbData of type String + * + * @return T + */ + abstract T stringToEntityAttribute(String dbData); + + /** + * Convert entity attribute to database data. + * + * @param attribute of type T + * + * @return String + */ + abstract String entityAttributeToString(T attribute); +} diff --git a/src/main/java/ch/wisv/converters/CipherInitializer.java b/src/main/java/ch/wisv/converters/CipherInitializer.java new file mode 100644 index 0000000..628baa9 --- /dev/null +++ b/src/main/java/ch/wisv/converters/CipherInitializer.java @@ -0,0 +1,62 @@ +package ch.wisv.converters; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.spec.AlgorithmParameterSpec; +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; + +/** + * CipherInitializer. + */ +class CipherInitializer { + + /** Encryption method. */ + private static final String CIPHER_INSTANCE_NAME = "AES/CBC/PKCS5Padding"; + + /** Secret key algorithm. */ + private static final String SECRET_KEY_ALGORITHM = "AES"; + + /** + * Creates an IvParameterSpec object using the bytes in iv as the IV. + * The IV is fixed such that we do not have to save the IV. + * TODO: Random IV to improve security. + * + * @param cipher of type Cipher + * + * @return AlgorithmParameterSpec + */ + private AlgorithmParameterSpec getAlgorithmParameterSpec(Cipher cipher) { + byte[] iv = new byte[cipher.getBlockSize()]; + + return new IvParameterSpec(iv); + } + + /** + * Prepare Cipher by adding the key and creating an IV. + * + * @param encryptionMode of type int + * @param key of type String + * + * @return Cipher + * + * @throws InvalidKeyException when key is invalid + * @throws NoSuchPaddingException when padding method does not exists + * @throws NoSuchAlgorithmException when the algorithm does not exists + * @throws InvalidAlgorithmParameterException when the mode of operation does not exists + */ + Cipher prepareAndInitCipher(int encryptionMode, String key) throws InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, + InvalidAlgorithmParameterException { + Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE_NAME); + Key secretKey = new SecretKeySpec(key.getBytes(), SECRET_KEY_ALGORITHM); + + AlgorithmParameterSpec algorithmParameters = this.getAlgorithmParameterSpec(cipher); + cipher.init(encryptionMode, secretKey, algorithmParameters); + + return cipher; + } +} diff --git a/src/main/java/ch/wisv/converters/KeyProperty.java b/src/main/java/ch/wisv/converters/KeyProperty.java new file mode 100644 index 0000000..e559115 --- /dev/null +++ b/src/main/java/ch/wisv/converters/KeyProperty.java @@ -0,0 +1,23 @@ +package ch.wisv.converters; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +/** + * KeyProperty component. + */ +@Component +public class KeyProperty { + + /** Encryption key. */ + static String DATABASE_ENCRYPTION_KEY; + + /** + * Set encryption key. + */ + @Value("${wisvch.database.encryption.key}") + public void setDatabase(String databaseEncryptionKey) { + DATABASE_ENCRYPTION_KEY = databaseEncryptionKey; + } + +} \ No newline at end of file diff --git a/src/main/java/ch/wisv/converters/StringCryptoConverter.java b/src/main/java/ch/wisv/converters/StringCryptoConverter.java new file mode 100644 index 0000000..287bd22 --- /dev/null +++ b/src/main/java/ch/wisv/converters/StringCryptoConverter.java @@ -0,0 +1,54 @@ +package ch.wisv.converters; + +import static org.apache.commons.lang3.StringUtils.isNotEmpty; + +/** + * StringCryptoConverter. + */ +public class StringCryptoConverter extends AbstractCryptoConverter { + + /** + * StringCryptoConverter constructor. + * + * @param cipherInitializer of type CipherInitializer + */ + StringCryptoConverter(CipherInitializer cipherInitializer) { + super(cipherInitializer); + } + + /** + * Implementation of isNotNullOrEmpty. + * + * @param attribute of type T + * + * @return boolean + */ + @Override + boolean isNotNullOrEmpty(String attribute) { + return isNotEmpty(attribute); + } + + /** + * Implementation of stringToEntityAttribute. + * + * @param dbData of type String + * + * @return String + */ + @Override + String stringToEntityAttribute(String dbData) { + return dbData; + } + + /** + * Implementation of entityAttributeToString. + * + * @param attribute of type T + * + * @return String + */ + @Override + String entityAttributeToString(String attribute) { + return attribute; + } +} From bc579ab5c175aefdd6375cfc5ef7095e54a32b0c Mon Sep 17 00:00:00 2001 From: Sven Popping Date: Sun, 4 Nov 2018 20:28:21 +0100 Subject: [PATCH 06/12] Add instructor encryption for email and name --- src/main/java/ch/wisv/domain/course/Instructor.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/main/java/ch/wisv/domain/course/Instructor.java b/src/main/java/ch/wisv/domain/course/Instructor.java index caf6267..3f8a1be 100644 --- a/src/main/java/ch/wisv/domain/course/Instructor.java +++ b/src/main/java/ch/wisv/domain/course/Instructor.java @@ -1,7 +1,15 @@ package ch.wisv.domain.course; +import ch.wisv.converters.StringCryptoConverter; +import java.util.List; +import javax.persistence.Convert; +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.Id; +import javax.persistence.ManyToMany; import lombok.Data; +<<<<<<< HEAD import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.Id; @@ -9,6 +17,8 @@ import javax.validation.constraints.NotEmpty; import java.util.List; +======= +>>>>>>> 1e0dce1 (Add instructor encryption for email and name) /** * Created by Tom on 14/05/2017. */ @@ -20,9 +30,11 @@ public class Instructor { private long id; @NotEmpty + @Convert(converter = StringCryptoConverter.class) private String name; @NotEmpty + @Convert(converter = StringCryptoConverter.class) private String mail; @ManyToMany(mappedBy = "instructors") From 469465f081fcaeacfe79b31623551a627bc1ed44 Mon Sep 17 00:00:00 2001 From: Sven Popping Date: Mon, 5 Nov 2018 12:36:30 +0100 Subject: [PATCH 07/12] Implement random IVs to improve security --- .../converters/AbstractCryptoConverter.java | 23 ++++++++++++---- .../ch/wisv/converters/CipherInitializer.java | 13 ++++++--- .../converters/StringCryptoConverterTest.java | 27 +++++++++++++++++++ 3 files changed, 54 insertions(+), 9 deletions(-) create mode 100644 src/test/java/ch/wisv/converters/StringCryptoConverterTest.java diff --git a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java index c747b67..292a83f 100644 --- a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java +++ b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java @@ -19,6 +19,14 @@ */ abstract class AbstractCryptoConverter implements AttributeConverter { + /** + * Used for concatenating cipher text and iv together. + * This will not cause issues when the text contains hashtags, + * since a Base64 encoded string cannot contain hashtags. + * https://en.wikipedia.org/wiki/Base64#Base64_table + */ + private static final String CONCATENATION = "####"; + /** CipherInitializer. */ private CipherInitializer cipherInitializer; @@ -42,9 +50,9 @@ abstract class AbstractCryptoConverter implements AttributeConverter Date: Mon, 5 Nov 2018 12:39:00 +0100 Subject: [PATCH 08/12] Change in variable naming --- .../wisv/converters/AbstractCryptoConverter.java | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java index 292a83f..746348e 100644 --- a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java +++ b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java @@ -73,14 +73,13 @@ public String convertToDatabaseColumn(T attribute) { public T convertToEntityAttribute(String dbData) { if (isNotEmpty(DATABASE_ENCRYPTION_KEY) && isNotEmpty(dbData)) { try { - String[] test = dbData.split(CONCATENATION); - Cipher cipher = cipherInitializer.prepareAndInitCipher( - Cipher.DECRYPT_MODE, - DATABASE_ENCRYPTION_KEY, - Base64.getDecoder().decode(test[1]) - ); - - return this.decrypt(cipher, test[0]); + String[] splitDbData = dbData.split(CONCATENATION); + String cipherText = splitDbData[0]; + byte[] iv = Base64.getDecoder().decode(splitDbData[1]); + + Cipher cipher = cipherInitializer.prepareAndInitCipher(Cipher.DECRYPT_MODE, DATABASE_ENCRYPTION_KEY, iv); + + return this.decrypt(cipher, cipherText); } catch (NoSuchAlgorithmException | InvalidKeyException | InvalidAlgorithmParameterException | BadPaddingException | NoSuchPaddingException | IllegalBlockSizeException e) { throw new RuntimeException(e); From 78b41471dcb4cb4a0660bc79f035f62fe1d17679 Mon Sep 17 00:00:00 2001 From: Sven Popping Date: Mon, 5 Nov 2018 12:41:42 +0100 Subject: [PATCH 09/12] Add newlines --- src/main/java/ch/wisv/converters/KeyProperty.java | 2 +- src/test/java/ch/wisv/converters/StringCryptoConverterTest.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/ch/wisv/converters/KeyProperty.java b/src/main/java/ch/wisv/converters/KeyProperty.java index e559115..e0f0afe 100644 --- a/src/main/java/ch/wisv/converters/KeyProperty.java +++ b/src/main/java/ch/wisv/converters/KeyProperty.java @@ -20,4 +20,4 @@ public void setDatabase(String databaseEncryptionKey) { DATABASE_ENCRYPTION_KEY = databaseEncryptionKey; } -} \ No newline at end of file +} diff --git a/src/test/java/ch/wisv/converters/StringCryptoConverterTest.java b/src/test/java/ch/wisv/converters/StringCryptoConverterTest.java index d972c59..4487f0b 100644 --- a/src/test/java/ch/wisv/converters/StringCryptoConverterTest.java +++ b/src/test/java/ch/wisv/converters/StringCryptoConverterTest.java @@ -24,4 +24,4 @@ public void testEncryptDecrypt() { assertEquals(message, decryptedCipher); } -} \ No newline at end of file +} From b71f5001e1bc4dc61743f8e9b563c631f8609b19 Mon Sep 17 00:00:00 2001 From: Sven Popping Date: Mon, 5 Nov 2018 12:47:18 +0100 Subject: [PATCH 10/12] Move concatenation and splitting to own method --- .../converters/AbstractCryptoConverter.java | 40 +++++++++++++++---- 1 file changed, 33 insertions(+), 7 deletions(-) diff --git a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java index 746348e..d00a7c6 100644 --- a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java +++ b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java @@ -11,6 +11,8 @@ import javax.crypto.NoSuchPaddingException; import javax.persistence.AttributeConverter; import static org.apache.commons.lang3.StringUtils.isNotEmpty; +import org.apache.commons.lang3.tuple.ImmutablePair; +import org.apache.commons.lang3.tuple.Pair; /** * AbstractCryptoConverter class. @@ -52,7 +54,7 @@ public String convertToDatabaseColumn(T attribute) { try { Cipher cipher = cipherInitializer.prepareAndInitCipher(Cipher.ENCRYPT_MODE, DATABASE_ENCRYPTION_KEY, null); - return this.encrypt(cipher, attribute) + CONCATENATION + Base64.getEncoder().encodeToString(cipher.getIV()); + return this.concatenatedCipherTextAndIv(this.encrypt(cipher, attribute), cipher.getIV()); } catch (NoSuchAlgorithmException | InvalidKeyException | InvalidAlgorithmParameterException | BadPaddingException | NoSuchPaddingException | IllegalBlockSizeException e) { throw new RuntimeException(e); @@ -73,13 +75,10 @@ public String convertToDatabaseColumn(T attribute) { public T convertToEntityAttribute(String dbData) { if (isNotEmpty(DATABASE_ENCRYPTION_KEY) && isNotEmpty(dbData)) { try { - String[] splitDbData = dbData.split(CONCATENATION); - String cipherText = splitDbData[0]; - byte[] iv = Base64.getDecoder().decode(splitDbData[1]); + Pair cipherTextAndIv = this.splitDbData(dbData); + Cipher cipher = cipherInitializer.prepareAndInitCipher(Cipher.DECRYPT_MODE, DATABASE_ENCRYPTION_KEY, cipherTextAndIv.getRight()); - Cipher cipher = cipherInitializer.prepareAndInitCipher(Cipher.DECRYPT_MODE, DATABASE_ENCRYPTION_KEY, iv); - - return this.decrypt(cipher, cipherText); + return this.decrypt(cipher, cipherTextAndIv.getLeft()); } catch (NoSuchAlgorithmException | InvalidKeyException | InvalidAlgorithmParameterException | BadPaddingException | NoSuchPaddingException | IllegalBlockSizeException e) { throw new RuntimeException(e); @@ -89,6 +88,33 @@ public T convertToEntityAttribute(String dbData) { return this.stringToEntityAttribute(dbData); } + /** + * Concatenated cipher text and IV together. + * + * @param cipherText of type String + * @param iv of type byte[] + * + * @return String + */ + private String concatenatedCipherTextAndIv(String cipherText, byte[] iv) { + return cipherText + CONCATENATION + Base64.getEncoder().encodeToString(iv); + } + + /** + * Split db data into cipher text and IV. + * + * @param dbData of type String + * + * @return Pair + */ + private Pair splitDbData(String dbData) { + String[] splitDbData = dbData.split(CONCATENATION); + String cipherText = splitDbData[0]; + byte[] iv = Base64.getDecoder().decode(splitDbData[1]); + + return new ImmutablePair<>(cipherText, iv); + } + /** * Do final Cipher call. * From eafb232f08110ad4d0d14bf01794aba25c1d83ca Mon Sep 17 00:00:00 2001 From: Sven Popping Date: Mon, 10 Dec 2018 16:12:41 +0100 Subject: [PATCH 11/12] Fix unable to create AttributeConverter instance --- .../ch/wisv/converters/AbstractCryptoConverter.java | 9 ++++++++- .../ch/wisv/converters/StringCryptoConverter.java | 11 ++++++++++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java index d00a7c6..81a0944 100644 --- a/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java +++ b/src/main/java/ch/wisv/converters/AbstractCryptoConverter.java @@ -32,12 +32,19 @@ abstract class AbstractCryptoConverter implements AttributeConverter { + /** + * StringCryptoConverter constructor. + */ + public StringCryptoConverter() { + this(new CipherInitializer()); + } + /** * StringCryptoConverter constructor. * * @param cipherInitializer of type CipherInitializer */ - StringCryptoConverter(CipherInitializer cipherInitializer) { + public StringCryptoConverter(CipherInitializer cipherInitializer) { super(cipherInitializer); } From 8a91bddde8bfd6434e97ac4b9ee924ff21436646 Mon Sep 17 00:00:00 2001 From: Julian van Dijk Date: Fri, 7 Jan 2022 23:43:24 +0100 Subject: [PATCH 12/12] remove pushed merge conflict --- src/main/java/ch/wisv/domain/course/Instructor.java | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/src/main/java/ch/wisv/domain/course/Instructor.java b/src/main/java/ch/wisv/domain/course/Instructor.java index 3f8a1be..2bb0430 100644 --- a/src/main/java/ch/wisv/domain/course/Instructor.java +++ b/src/main/java/ch/wisv/domain/course/Instructor.java @@ -9,16 +9,6 @@ import javax.persistence.ManyToMany; import lombok.Data; -<<<<<<< HEAD -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.Id; -import javax.persistence.ManyToMany; -import javax.validation.constraints.NotEmpty; -import java.util.List; - -======= ->>>>>>> 1e0dce1 (Add instructor encryption for email and name) /** * Created by Tom on 14/05/2017. */